Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

IE hangs and when I go to Task Manger to end it, I see an extra iexplore.exe process


  • This topic is locked This topic is locked
16 replies to this topic

#1 blah321456

blah321456

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:06:12 AM

Posted 15 January 2012 - 06:40 PM

Original Post:
http://www.bleepingcomputer.com/forums/topic437955.html/page__p__2553084#entry2553084

DDS log:
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_29
Run by Me at 13:13:15 on 2012-01-15
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1527.874 [GMT -6:00]
.
AV: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: Trend Micro Titanium Maximum Security 2012 *Disabled/Updated* {7D2296BC-32CC-4519-917E-52E652474AF5}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
C:\Program Files\Qwest Personal Digital Vault\QwestPersonalDigitalVault.exe
C:\Program Files\Qwest\Quickcare\bin\sprtcmd.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
svchost.exe
C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiWatchDog.exe
C:\Program Files\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe
C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiSeAgnt.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\PSIService.exe
C:\Program Files\Common Files\supportsoft\bin\sprtlisten.exe
C:\Program Files\Qwest\Quickcare\bin\sprtsvc.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Qwest\Quickcare\bin\tgsrvc.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrobat.exe
C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uSearch Page = hxxp://www.google.com
uWindow Title = Windows Internet Explorer provided by Qwest
uInternet Settings,ProxyOverride = <local>;*.local
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
mSearchAssistant = hxxp://www.google.com/ie
uURLSearchHooks: Swag Bucks Toolbar: {8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94} - c:\program files\swag_bucks\prxtbSwag.dll
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: TmIEPlugInBHO Class: {1ca1377b-dc1d-4a52-9585-6e06050fac53} - c:\program files\trend micro\amsp\module\20004\2.0.1313\6.8.1072\TmIEPlg.dll
BHO: TSToolbarBHO: {43c6d902-a1c5-45c9-91f6-fd9e90337e18} - c:\program files\trend micro\titanium\uiframework\ToolbarIE.dll
BHO: Swag Bucks Toolbar: {8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94} - c:\program files\swag_bucks\prxtbSwag.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
BHO: DCA BHO: {b49699fc-1665-4414-a1cb-c4a2a4a13eec} - c:\program files\common files\freecause\dca\dca-bho.dll
BHO: TmBpIeBHO Class: {bbacbafd-fa5e-4079-8b33-00eb9f13d4ac} - c:\program files\trend micro\amsp\module\20002\7.0.1086\7.0.1086\TmBpIe32.dll
BHO: Shop to Win 16: {d2d09fe0-f451-45f7-a617-fabf9130c4d6} - c:\program files\shop to win 16\Shop to Win 16.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Easy-WebPrint: {327c2873-e90d-4c37-aa9d-10ac9baba46c} - c:\program files\canon\easy-webprint\Toolband.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
TB: Trend Micro Toolbar: {ccac5586-44d7-4c43-b64a-f042461a97d2} - c:\program files\trend micro\titanium\uiframework\ToolbarIE.dll
TB: Swag Bucks Toolbar: {8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94} - c:\program files\swag_bucks\prxtbSwag.dll
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Gadwin PrintScreen] c:\program files\gadwin systems\printscreen\PrintScreen.exe /nosplash
uRun: [Google Update] "c:\documents and settings\me\local settings\application data\google\update\GoogleUpdate.exe" /c
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe
mRun: [CreateCD_Reminder] c:\windows\sonysys\vaio recovery\reminder.exe
mRun: [VAIO Recovery] c:\windows\sonysys\vaio recovery\PartSeal.exe
mRun: [SoundMan] SOUNDMAN.EXE
mRun: [AlcWzrd] ALCWZRD.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [VAIO Update 2] "c:\program files\sony\vaio update 2\VAIOUpdt.exe" /Stationary
mRun: [Omnipage] c:\program files\scansoft\omnipagese\opware32.exe
mRun: [Qwest Personal Digital Vault] "c:\program files\qwest personal digital vault\QwestPersonalDigitalVault.exe" /m
mRun: [QuickCare] c:\program files\qwest\quickcare\bin\sprtcmd.exe /P QuickCare
mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 8.0\acrobat\Acrotray.exe"
mRun: [Trend Micro Client Framework] "c:\program files\trend micro\uniclient\uifrmwrk\UIWatchDog.exe"
mRun: [Trend Micro Titanium] "c:\program files\trend micro\titanium\uiframework\uiWinMgr.exe" -set Silent "1" SplashURL ""
mRun: [Corel Photo Downloader] "c:\program files\common files\corel\corel photodownloader\Corel PhotoDownloader.exe" -startup
mRun: [Corel File Shell Monitor] c:\program files\corel\corel paint shop pro photo x2\CorelIOMonitor.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} - hxxps://secure.logmein.com/activex/ractrl.cab?lmi=100
TCP: DhcpNameServer = 192.168.0.1 205.171.3.25
TCP: Interfaces\{F05C5A19-4112-45BC-A275-7C67E61F7FC6} : DhcpNameServer = 192.168.0.1 205.171.3.25
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - c:\program files\trend micro\amsp\module\20002\7.0.1086\7.0.1086\TmBpIe32.dll
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - c:\program files\trend micro\amsp\module\20004\2.0.1313\6.8.1072\TmIEPlg.dll
Handler: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - c:\program files\trend micro\titanium\uiframework\ToolbarIE.dll
Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - c:\program files\trend micro\titanium\uiframework\ProToolbarIMRatingActiveX.dll
Notify: igfxcui - igfxsrvc.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\me\application data\mozilla\firefox\profiles\3ifckl17.default\
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npCouponPrinter.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npMozCouponPrinter.dll
FF - plugin: c:\program files\nos\bin\np_gp.dll
.
============= SERVICES / DRIVERS ===============
.
R1 tmeext;tmeext;c:\windows\system32\drivers\tmeext.sys [2011-9-4 84752]
R1 tmevtmgr;tmevtmgr;c:\windows\system32\drivers\tmevtmgr.sys [2011-9-4 68368]
R2 Amazon Download Agent;Amazon Download Agent;c:\program files\amazon\amazon games & software downloader\AmazonGSDownloaderService.exe [2010-11-7 401920]
R2 Amsp;Trend Micro Solution Platform;c:\program files\trend micro\amsp\coreServiceShell.exe [2011-9-4 200632]
R2 sprtlisten;SupportSoft Listener Service;c:\program files\common files\supportsoft\bin\sprtlisten.exe [2008-1-8 1213728]
R2 sprtsvc_quickcare;SupportSoft Sprocket Service (quickcare);c:\program files\qwest\quickcare\bin\sprtsvc.exe [2010-11-5 206120]
R2 tgsrvc_quickcare;SupportSoft Repair Service (quickcare);c:\program files\qwest\quickcare\bin\tgsrvc.exe [2010-11-5 185640]
R3 tmnciesc;tmnciesc;c:\windows\system32\drivers\tmnciesc.sys [2011-9-4 171280]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 nosGetPlusHelper;getPlus® Helper 3004;c:\windows\system32\svchost.exe -k nosGetPlusHelper [2004-9-1 14336]
S3 RTLWUSB;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter NT Driver;c:\windows\system32\drivers\wg111v2.sys [2007-12-26 272128]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
UnknownUnknown LMIRfsClientNP;LMIRfsClientNP; [x]
.
=============== Created Last 30 ================
.
2012-01-15 08:23:00 -------- d-----w- c:\documents and settings\me\local settings\application data\APN
2012-01-15 08:22:48 -------- d-----w- c:\program files\FrostWire 5
2012-01-15 02:48:37 -------- d-----w- c:\program files\iPod
2012-01-15 02:48:35 -------- d-----w- c:\program files\iTunes
2012-01-15 02:45:13 -------- d-----w- c:\program files\Bonjour
2012-01-12 01:26:54 -------- d-----w- c:\documents and settings\me\application data\GetRightToGo
2012-01-12 00:15:42 -------- d-----w- c:\program files\Seagate
2012-01-11 03:03:32 -------- d-----w- C:\UBCD4Win
2012-01-10 20:00:45 89360 ----a-w- c:\windows\system32\VB5DB.DLL
2012-01-10 04:49:10 -------- d-----w- c:\program files\EASEUS
2012-01-10 02:31:33 -------- d-----w- c:\program files\Convar
2011-12-21 19:02:48 292240 ----a-r- c:\windows\system32\cpnprtuk.cid
2011-12-19 14:17:57 466944 ----a-w- c:\program files\mozilla firefox\plugins\NPcol400.dll
.
==================== Find3M ====================
.
2012-01-03 14:42:39 952 --sha-w- c:\windows\system32\KGyGaAvL.sys
2011-12-20 05:21:16 83360 ----a-w- c:\windows\system32\LMIRfsClientNP.dll.000.bak
2011-12-20 05:21:16 52096 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\LMIproc.dll
2011-12-20 05:21:14 87424 ----a-w- c:\windows\system32\LMIinit.dll
2011-12-20 05:21:14 30592 ----a-w- c:\windows\system32\LMIport.dll
2011-12-05 14:21:59 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-25 21:57:19 293376 ----a-w- c:\windows\system32\winsrv.dll
2011-11-23 13:25:32 1859584 ----a-w- c:\windows\system32\win32k.sys
2011-11-18 12:35:08 60416 ----a-w- c:\windows\system32\packager.exe
2011-11-16 14:21:44 354816 ----a-w- c:\windows\system32\winhttp.dll
2011-11-16 14:21:44 152064 ----a-w- c:\windows\system32\schannel.dll
2011-11-04 19:20:51 916992 ----a-w- c:\windows\system32\wininet.dll
2011-11-04 19:20:51 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-11-04 19:20:51 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-11-04 11:23:59 385024 ----a-w- c:\windows\system32\html.iec
2011-11-03 15:28:36 386048 ----a-w- c:\windows\system32\qdvd.dll
2011-11-03 15:28:36 1292288 ----a-w- c:\windows\system32\quartz.dll
2011-11-01 16:07:10 1288704 ----a-w- c:\windows\system32\ole32.dll
2011-10-28 05:31:48 33280 ----a-w- c:\windows\system32\csrsrv.dll
2011-10-25 13:37:08 2148864 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-10-25 12:52:02 2027008 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-10-24 20:29:02 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2011-10-24 20:29:02 69632 ----a-w- c:\windows\system32\QuickTime.qts
2011-10-18 11:13:22 186880 ----a-w- c:\windows\system32\encdec.dll
.
============= FINISH: 13:14:37.93 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:08:12 AM

Posted 19 January 2012 - 09:08 AM

Hi,

Please do the following:

Download ComboFix from one of the following locations:
Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop

* IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here
  • Double click on ComboFix.exe & follow the prompts.
As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Posted Image

  • Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Posted Image

  • Click on Yes, to continue scanning for malware.
When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.
Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#3 blah321456

blah321456
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:06:12 AM

Posted 19 January 2012 - 12:01 PM

Just an FYI when I started the log I disabled the virus protection I have on the computer (Trend Micro) but it said that AVG Antivirus Free Edition 2011 was enabled. I tried to find it and could not. I even checked Add/Remove Programs..

Here is the log:
ComboFix 12-01-19.01 - Me 01/19/2012 10:40:01.1.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1527.870 [GMT -6:00]
Running from: c:\documents and settings\Me\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: Trend Micro Titanium Maximum Security 2012 *Disabled/Updated* {7D2296BC-32CC-4519-917E-52E652474AF5}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Me\Application Data\PriceGong
c:\documents and settings\Me\Application Data\PriceGong\Data\1.xml
c:\documents and settings\Me\Application Data\PriceGong\Data\a.xml
c:\documents and settings\Me\Application Data\PriceGong\Data\b.xml
c:\documents and settings\Me\Application Data\PriceGong\Data\c.xml
c:\documents and settings\Me\Application Data\PriceGong\Data\d.xml
c:\documents and settings\Me\Application Data\PriceGong\Data\e.xml
c:\documents and settings\Me\Application Data\PriceGong\Data\f.xml
c:\documents and settings\Me\Application Data\PriceGong\Data\g.xml
c:\documents and settings\Me\Application Data\PriceGong\Data\h.xml
c:\documents and settings\Me\Application Data\PriceGong\Data\i.xml
c:\documents and settings\Me\Application Data\PriceGong\Data\J.xml
c:\documents and settings\Me\Application Data\PriceGong\Data\k.xml
c:\documents and settings\Me\Application Data\PriceGong\Data\l.xml
c:\documents and settings\Me\Application Data\PriceGong\Data\m.xml
c:\documents and settings\Me\Application Data\PriceGong\Data\mru.xml
c:\documents and settings\Me\Application Data\PriceGong\Data\n.xml
c:\documents and settings\Me\Application Data\PriceGong\Data\o.xml
c:\documents and settings\Me\Application Data\PriceGong\Data\p.xml
c:\documents and settings\Me\Application Data\PriceGong\Data\q.xml
c:\documents and settings\Me\Application Data\PriceGong\Data\r.xml
c:\documents and settings\Me\Application Data\PriceGong\Data\s.xml
c:\documents and settings\Me\Application Data\PriceGong\Data\t.xml
c:\documents and settings\Me\Application Data\PriceGong\Data\u.xml
c:\documents and settings\Me\Application Data\PriceGong\Data\v.xml
c:\documents and settings\Me\Application Data\PriceGong\Data\w.xml
c:\documents and settings\Me\Application Data\PriceGong\Data\x.xml
c:\documents and settings\Me\Application Data\PriceGong\Data\y.xml
c:\documents and settings\Me\Application Data\PriceGong\Data\z.xml
c:\documents and settings\Me\My Documents\~WRL3167.tmp
c:\documents and settings\Me\swejzmvytr.tmp
c:\program files\Internet Explorer\SETA7.tmp
c:\program files\Internet Explorer\SETA8.tmp
c:\program files\Object
c:\program files\Object\config.ini
c:\program files\Object\enable.txt
c:\program files\Object\status.txt
c:\program files\Object\status2.txt
c:\windows\kb835221.exe
c:\windows\setup.exe
c:\windows\system32\REN7C.tmp
c:\windows\system32\SET41.tmp
c:\windows\system32\SET42.tmp
c:\windows\system32\SET43.tmp
c:\windows\system32\SET55.tmp
c:\windows\system32\SET5D.tmp
c:\windows\system32\SET60E.tmp
c:\windows\system32\SET60F.tmp
c:\windows\system32\SET613.tmp
c:\windows\system32\SET61C.tmp
c:\windows\system32\SET62.tmp
c:\windows\system32\SET97.tmp
c:\windows\system32\SET98.tmp
c:\windows\system32\SET9C.tmp
c:\windows\system32\SET9D.tmp
c:\windows\system32\SET9E.tmp
c:\windows\system32\SETA2.tmp
c:\windows\system32\SETA3.tmp
c:\windows\system32\SETA4.tmp
c:\windows\windows-kb870669-x86-enu.exe
c:\windows\windowsxp-kb884018-x86-enu.exe
.
.
((((((((((((((((((((((((( Files Created from 2011-12-19 to 2012-01-19 )))))))))))))))))))))))))))))))
.
.
2012-01-15 08:23 . 2012-01-15 08:23 -------- d-----w- c:\documents and settings\Me\Local Settings\Application Data\APN
2012-01-15 08:22 . 2012-01-15 08:23 -------- d-----w- c:\program files\FrostWire 5
2012-01-15 02:48 . 2012-01-15 02:48 -------- d-----w- c:\program files\iPod
2012-01-15 02:48 . 2012-01-15 02:49 -------- d-----w- c:\program files\iTunes
2012-01-15 02:45 . 2012-01-15 02:45 -------- d-----w- c:\program files\Bonjour
2012-01-12 01:26 . 2012-01-12 01:28 -------- d-----w- c:\documents and settings\Me\Application Data\GetRightToGo
2012-01-12 00:15 . 2012-01-12 00:15 -------- d-----w- c:\program files\Seagate
2012-01-11 03:03 . 2012-01-11 14:03 -------- d-----w- C:\UBCD4Win
2012-01-10 20:00 . 1998-06-18 06:00 89360 ----a-w- c:\windows\system32\VB5DB.DLL
2012-01-10 04:49 . 2012-01-10 04:49 -------- d-----w- c:\program files\EASEUS
2012-01-10 02:31 . 2012-01-11 14:09 -------- d-----w- c:\program files\Convar
2011-12-21 19:02 . 2011-12-21 19:02 292240 ----a-r- c:\windows\system32\cpnprtuk.cid
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-05 14:21 . 2011-10-04 01:14 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-25 21:57 . 2004-09-02 01:29 293376 ----a-w- c:\windows\system32\winsrv.dll
2011-11-23 13:25 . 2004-09-02 01:29 1859584 ----a-w- c:\windows\system32\win32k.sys
2011-11-18 12:35 . 2004-09-02 01:29 60416 ----a-w- c:\windows\system32\packager.exe
2011-11-16 14:21 . 2004-09-02 01:29 354816 ----a-w- c:\windows\system32\winhttp.dll
2011-11-16 14:21 . 2004-09-02 01:29 152064 ----a-w- c:\windows\system32\schannel.dll
2011-11-04 19:20 . 2004-09-02 01:29 916992 ----a-w- c:\windows\system32\wininet.dll
2011-11-04 19:20 . 2004-09-02 01:29 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-11-04 19:20 . 2004-09-02 01:29 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-11-04 11:23 . 2004-09-02 01:29 385024 ----a-w- c:\windows\system32\html.iec
2011-11-03 15:28 . 2004-09-02 01:29 386048 ----a-w- c:\windows\system32\qdvd.dll
2011-11-03 15:28 . 2004-09-02 01:29 1292288 ----a-w- c:\windows\system32\quartz.dll
2011-11-01 16:07 . 2004-09-02 01:29 1288704 ----a-w- c:\windows\system32\ole32.dll
2011-10-28 05:31 . 2004-09-02 01:29 33280 ----a-w- c:\windows\system32\csrsrv.dll
2011-10-25 13:37 . 2004-08-03 23:18 2148864 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-10-25 12:52 . 2004-08-03 22:59 2027008 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-10-24 20:29 . 2011-10-24 20:29 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2011-10-24 20:29 . 2011-10-24 20:29 69632 ----a-w- c:\windows\system32\QuickTime.qts
2011-11-05 06:53 . 2011-11-11 19:20 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94}"= "c:\program files\Swag_Bucks\prxtbSwa0.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94}]
2011-05-09 09:49 176936 ----a-w- c:\program files\Swag_Bucks\prxtbSwa0.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94}"= "c:\program files\Swag_Bucks\prxtbSwa0.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{8BDEA9D6-6F62-45EB-8EE9-8A81AF0D2F94}"= "c:\program files\Swag_Bucks\prxtbSwa0.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Gadwin PrintScreen"="c:\program files\Gadwin Systems\PrintScreen\PrintScreen.exe" [2011-05-03 487424]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2004-07-01 155648]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2004-07-01 118784]
"High Definition Audio Property Page Shortcut"="HDAudPropShortcut.exe" [2004-03-17 61952]
"CreateCD_Reminder"="c:\windows\Sonysys\VAIO Recovery\reminder.exe" [2004-07-16 53248]
"VAIO Recovery"="c:\windows\Sonysys\VAIO Recovery\PartSeal.exe" [2003-04-20 28672]
"SoundMan"="SOUNDMAN.EXE" [2004-08-24 77824]
"AlcWzrd"="ALCWZRD.EXE" [2004-08-24 2552320]
"VAIO Update 2"="c:\program files\Sony\VAIO Update 2\VAIOUpdt.exe" [2004-01-17 135168]
"Omnipage"="c:\program files\ScanSoft\OmniPageSE\opware32.exe" [2002-06-03 49152]
"Qwest Personal Digital Vault"="c:\program files\Qwest Personal Digital Vault\QwestPersonalDigitalVault.exe" [2009-12-18 1064808]
"QuickCare"="c:\program files\Qwest\Quickcare\bin\sprtcmd.exe" [2010-01-16 206120]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2008-10-15 623992]
"Trend Micro Client Framework"="c:\program files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" [2011-09-04 129304]
"Trend Micro Titanium"="c:\program files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe" [2011-10-05 1300672]
"Corel File Shell Monitor"="c:\program files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe" [2007-10-31 16200]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-02 59240]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2011-10-24 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-12-08 421736]
.
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
Source= c:\documents and settings\Me\My Documents\My Pictures\Raelyn\December 2010\raelyn & santa2 2010.JPG
FriendlyName=
.
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\1]
Source= c:\documents and settings\Me\My Documents\My Pictures\cimg2442-3.jpg
FriendlyName=
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Event Planner Reminder.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Event Planner Reminder.lnk
backup=c:\windows\pss\Event Planner Reminder.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Event Reminder.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Event Reminder.lnk
backup=c:\windows\pss\Event Reminder.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
2008-10-15 03:38 623992 ----a-w- c:\program files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AmazonGSDownloaderTray]
2009-10-23 18:31 326144 ----a-w- c:\program files\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2011-10-24 20:28 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Qwest\\QuickConnect\\QuickConnect.exe"=
"c:\\Program Files\\FrostWire 5\\FrostWire.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\FrostWire\\App\\frostwire\\FrostWire.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
.
R1 tmeext;tmeext;c:\windows\system32\drivers\tmeext.sys [9/4/2011 10:03 AM 84752]
R1 tmevtmgr;tmevtmgr;c:\windows\system32\drivers\tmevtmgr.sys [9/4/2011 10:03 AM 68368]
R2 Amazon Download Agent;Amazon Download Agent;c:\program files\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe [11/7/2010 7:04 PM 401920]
R2 Amsp;Trend Micro Solution Platform;c:\program files\Trend Micro\AMSP\coreServiceShell.exe [9/4/2011 10:01 AM 200632]
R2 sprtlisten;SupportSoft Listener Service;c:\program files\Common Files\SupportSoft\bin\sprtlisten.exe [1/8/2008 11:02 AM 1213728]
R2 sprtsvc_quickcare;SupportSoft Sprocket Service (quickcare);c:\program files\Qwest\Quickcare\bin\sprtsvc.exe [11/5/2010 11:09 AM 206120]
R2 tgsrvc_quickcare;SupportSoft Repair Service (quickcare);c:\program files\Qwest\Quickcare\bin\tgsrvc.exe [11/5/2010 11:09 AM 185640]
R3 tmnciesc;tmnciesc;c:\windows\system32\drivers\tmnciesc.sys [9/4/2011 10:03 AM 171280]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [3/18/2010 1:16 PM 130384]
S3 nosGetPlusHelper;getPlus® Helper 3004;c:\windows\System32\svchost.exe -k nosGetPlusHelper [9/1/2004 7:29 PM 14336]
S3 RTLWUSB;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter NT Driver;c:\windows\system32\drivers\wg111v2.sys [12/26/2007 1:47 AM 272128]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [3/18/2010 1:16 PM 753504]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
nosGetPlusHelper REG_MULTI_SZ nosGetPlusHelper
.
Contents of the 'Scheduled Tasks' folder
.
2012-01-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4244992957-3027790120-1788230467-1006Core.job
- c:\documents and settings\Me\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-12-06 04:28]
.
2012-01-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4244992957-3027790120-1788230467-1006UA.job
- c:\documents and settings\Me\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-12-06 04:28]
.
2010-11-04 c:\windows\Tasks\Registration reminder 2.job
- c:\windows\system32\OOBE\oobebaln.exe [2004-09-02 00:12]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = <local>;*.local
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
TCP: DhcpNameServer = 192.168.0.1 205.171.3.25
FF - ProfilePath - c:\documents and settings\Me\Application Data\Mozilla\Firefox\Profiles\3ifckl17.default\
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKLM-Run-Corel Photo Downloader - c:\program files\Common Files\Corel\Corel PhotoDownloader\Corel PhotoDownloader.exe
MSConfigStartUp-AVG_TRAY - c:\program files\AVG\AVG10\avgtray.exe
AddRemove-CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_20030030 - c:\program files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_20030030\HXFSETUP.EXE -U -IHDAUDIO\FUNC_02&VEN_14F1&DEV_2BFA&SUBSYS_20030030
AddRemove-Marine Aquarium 2, Sharks & Carousel Bundle - c:\program files\Prolific Publishing
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-01-19 10:50
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
Completion time: 2012-01-19 10:57:15
ComboFix-quarantined-files.txt 2012-01-19 16:56
.
Pre-Run: 137,628,839,936 bytes free
Post-Run: 137,683,181,568 bytes free
.
WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
.
- - End Of File - - 8E32C77B39A4BA85030A17664D656738

#4 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:08:12 AM

Posted 19 January 2012 - 07:58 PM

Hi

Please do the following:

Please download Malwarebytes' Anti-Malware
  • Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish, so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected. <-- very important
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note:If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.



NEXT


Go here to run an online scanner from ESET.
  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activeX control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked and the Scan Archives option is ticked.
  • Click on Advanced Settings, ensure the options Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
  • Click Scan
  • Wait for the scan to finish
  • When the scan completes, press the LIST OF THREATS FOUND button
  • Press EXPORT TO TEXT FILE , name the file ESETSCAN and save it to your desktop
  • Include the contents of this report in your next reply.
  • Press the BACK button.
  • Press Finish

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#5 blah321456

blah321456
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:06:12 AM

Posted 20 January 2012 - 12:58 AM

Malwarebytes log:
Malwarebytes Anti-Malware 1.60.0.1800
www.malwarebytes.org

Database version: v2012.01.19.04

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Me :: DEIDRE [administrator]

1/19/2012 8:36:03 PM
mbam-log-2012-01-19 (20-36-03).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 186170
Time elapsed: 11 minute(s), 59 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 1
HKLM\SOFTWARE\Google\Chrome\Extensions\kincjchfokkeneeofpeefomkikfkiedl (PUP.FCTPlugin) -> Quarantined and deleted successfully.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


ESET log:
C:\Documents and Settings\Me\Desktop\New Folder\UBCD4WinV360.exe Win32/PrcView application deleted - quarantined
C:\System Volume Information\_restore{159753DE-EE53-486D-B525-FCDDC8F0A2EB}\RP180\A0028093.exe Win32/OpenCandy application deleted - quarantined
C:\System Volume Information\_restore{159753DE-EE53-486D-B525-FCDDC8F0A2EB}\RP205\A0032444.exe Win32/PrcView application deleted - quarantined
C:\System Volume Information\_restore{159753DE-EE53-486D-B525-FCDDC8F0A2EB}\RP214\A0036024.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined
C:\System Volume Information\_restore{159753DE-EE53-486D-B525-FCDDC8F0A2EB}\RP217\A0036956.exe Win32/PrcView application deleted - quarantined
C:\UBCD4Win\BartPE\PROGRAMS\sdfix\SDFix.exe Win32/PrcView application deleted - quarantined

#6 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:08:12 AM

Posted 20 January 2012 - 04:38 PM

Hi

Please do the following:

Posted Image Your Java is out of date.
Java™ 6 Update 29 can be updated from the Java control panel Start > Control Panel (Classic View) > Java (looks like a coffee cup) > Update Tab > Update Now.
An update should begin; > follow the prompts.


Clear Java cache

Go into the Control Panel and double-click the Java Icon. (looks like a coffee cup) If you do not see the icon, look to your left and click 'Switch to Classic View'.
  • On the General tab, under Temporary Internet Files, click the Settings button.
  • Next, click on the Delete Files button
  • There are two options in the window to clear the cache - Leave BOTH Checked
    • Applications and Applets
      Trace and Log Files
  • Click OK on Delete Temporary Files Window
    Note: This deletes ALL the Downloaded Applications and Applets from the CACHE.
  • Click OK to leave the Temporary Files Window
  • Click OK to leave the Java Control Panel.


NEXT

Please post a fresh DDS Log and advise how the computer is running now and if there are any outstanding issues.

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#7 blah321456

blah321456
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:06:12 AM

Posted 22 January 2012 - 03:56 PM

Did the Java stuff and here is the DDS logs. The computer is still hainging on IE and also when I go to task Manager I see multiple sessions of IE open even tho I only have 1 session open. I have attached a print screen that I took right as I posted this. and as you can see I only have this window open and the logs, noting else besides the Task Manager.

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_30
Run by Me at 14:43:47 on 2012-01-22
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1527.790 [GMT -6:00]
.
AV: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: Trend Micro Titanium Maximum Security 2012 *Disabled/Updated* {7D2296BC-32CC-4519-917E-52E652474AF5}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
C:\Program Files\Qwest Personal Digital Vault\QwestPersonalDigitalVault.exe
C:\Program Files\Qwest\Quickcare\bin\sprtcmd.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
svchost.exe
C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiWatchDog.exe
C:\Program Files\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe
C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiSeAgnt.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\PSIService.exe
C:\Program Files\Common Files\supportsoft\bin\sprtlisten.exe
C:\Program Files\Qwest\Quickcare\bin\sprtsvc.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Qwest\Quickcare\bin\tgsrvc.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Java\jre6\bin\jqs.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = <local>;*.local
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
uURLSearchHooks: Swag Bucks Toolbar: {8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94} - c:\program files\swag_bucks\prxtbSwa0.dll
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: TmIEPlugInBHO Class: {1ca1377b-dc1d-4a52-9585-6e06050fac53} - c:\program files\trend micro\amsp\module\20004\2.0.1313\6.8.1072\TmIEPlg.dll
BHO: TSToolbarBHO: {43c6d902-a1c5-45c9-91f6-fd9e90337e18} - c:\program files\trend micro\titanium\uiframework\ToolbarIE.dll
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Swag Bucks Toolbar: {8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94} - c:\program files\swag_bucks\prxtbSwa0.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
BHO: DCA BHO: {b49699fc-1665-4414-a1cb-c4a2a4a13eec} - c:\program files\common files\freecause\dca\dca-bho.dll
BHO: TmBpIeBHO Class: {bbacbafd-fa5e-4079-8b33-00eb9f13d4ac} - c:\program files\trend micro\amsp\module\20002\7.0.1086\7.0.1086\TmBpIe32.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Easy-WebPrint: {327c2873-e90d-4c37-aa9d-10ac9baba46c} - c:\program files\canon\easy-webprint\Toolband.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
TB: Trend Micro Toolbar: {ccac5586-44d7-4c43-b64a-f042461a97d2} - c:\program files\trend micro\titanium\uiframework\ToolbarIE.dll
TB: Swag Bucks Toolbar: {8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94} - c:\program files\swag_bucks\prxtbSwa0.dll
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
uRun: [Gadwin PrintScreen] c:\program files\gadwin systems\printscreen\PrintScreen.exe /nosplash
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe
mRun: [CreateCD_Reminder] c:\windows\sonysys\vaio recovery\reminder.exe
mRun: [VAIO Recovery] c:\windows\sonysys\vaio recovery\PartSeal.exe
mRun: [SoundMan] SOUNDMAN.EXE
mRun: [AlcWzrd] ALCWZRD.EXE
mRun: [VAIO Update 2] "c:\program files\sony\vaio update 2\VAIOUpdt.exe" /Stationary
mRun: [Omnipage] c:\program files\scansoft\omnipagese\opware32.exe
mRun: [Qwest Personal Digital Vault] "c:\program files\qwest personal digital vault\QwestPersonalDigitalVault.exe" /m
mRun: [QuickCare] c:\program files\qwest\quickcare\bin\sprtcmd.exe /P QuickCare
mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 8.0\acrobat\Acrotray.exe"
mRun: [Trend Micro Client Framework] "c:\program files\trend micro\uniclient\uifrmwrk\UIWatchDog.exe"
mRun: [Trend Micro Titanium] "c:\program files\trend micro\titanium\uiframework\uiWinMgr.exe" -set Silent "1" SplashURL ""
mRun: [Corel File Shell Monitor] c:\program files\corel\corel paint shop pro photo x2\CorelIOMonitor.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRunOnce: [Malwarebytes Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} - hxxps://secure.logmein.com/activex/ractrl.cab?lmi=100
TCP: DhcpNameServer = 192.168.0.1 205.171.3.25
TCP: Interfaces\{F05C5A19-4112-45BC-A275-7C67E61F7FC6} : DhcpNameServer = 192.168.0.1 205.171.3.25
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - c:\program files\trend micro\amsp\module\20002\7.0.1086\7.0.1086\TmBpIe32.dll
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - c:\program files\trend micro\amsp\module\20004\2.0.1313\6.8.1072\TmIEPlg.dll
Handler: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - c:\program files\trend micro\titanium\uiframework\ToolbarIE.dll
Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - c:\program files\trend micro\titanium\uiframework\ProToolbarIMRatingActiveX.dll
Notify: igfxcui - igfxsrvc.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\me\application data\mozilla\firefox\profiles\3ifckl17.default\
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npCouponPrinter.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npMozCouponPrinter.dll
FF - plugin: c:\program files\nos\bin\np_gp.dll
.
============= SERVICES / DRIVERS ===============
.
R1 tmeext;tmeext;c:\windows\system32\drivers\tmeext.sys [2011-9-4 84752]
R1 tmevtmgr;tmevtmgr;c:\windows\system32\drivers\tmevtmgr.sys [2011-9-4 68368]
R2 Amazon Download Agent;Amazon Download Agent;c:\program files\amazon\amazon games & software downloader\AmazonGSDownloaderService.exe [2010-11-7 401920]
R2 Amsp;Trend Micro Solution Platform;c:\program files\trend micro\amsp\coreServiceShell.exe [2011-9-4 200632]
R2 sprtlisten;SupportSoft Listener Service;c:\program files\common files\supportsoft\bin\sprtlisten.exe [2008-1-8 1213728]
R2 sprtsvc_quickcare;SupportSoft Sprocket Service (quickcare);c:\program files\qwest\quickcare\bin\sprtsvc.exe [2010-11-5 206120]
R2 tgsrvc_quickcare;SupportSoft Repair Service (quickcare);c:\program files\qwest\quickcare\bin\tgsrvc.exe [2010-11-5 185640]
R3 tmnciesc;tmnciesc;c:\windows\system32\drivers\tmnciesc.sys [2011-9-4 171280]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 nosGetPlusHelper;getPlus® Helper 3004;c:\windows\system32\svchost.exe -k nosGetPlusHelper [2004-9-1 14336]
S3 RTLWUSB;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter NT Driver;c:\windows\system32\drivers\wg111v2.sys [2007-12-26 272128]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2012-01-20 03:11:26 -------- d-----w- c:\program files\ESET
2012-01-20 02:34:19 -------- d-----w- c:\documents and settings\me\application data\Malwarebytes
2012-01-20 02:34:02 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
2012-01-20 02:34:00 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-01-20 02:34:00 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-01-19 16:36:24 -------- d-sha-r- C:\cmdcons
2012-01-19 16:34:00 98816 ----a-w- c:\windows\sed.exe
2012-01-19 16:34:00 518144 ----a-w- c:\windows\SWREG.exe
2012-01-19 16:34:00 256000 ----a-w- c:\windows\PEV.exe
2012-01-19 16:34:00 208896 ----a-w- c:\windows\MBR.exe
2012-01-15 08:23:00 -------- d-----w- c:\documents and settings\me\local settings\application data\APN
2012-01-15 08:22:48 -------- d-----w- c:\program files\FrostWire 5
2012-01-15 02:48:37 -------- d-----w- c:\program files\iPod
2012-01-15 02:48:35 -------- d-----w- c:\program files\iTunes
2012-01-15 02:45:13 -------- d-----w- c:\program files\Bonjour
2012-01-12 01:26:54 -------- d-----w- c:\documents and settings\me\application data\GetRightToGo
2012-01-12 00:15:42 -------- d-----w- c:\program files\Seagate
2012-01-11 03:03:32 -------- d-----w- C:\UBCD4Win
2012-01-10 20:00:45 89360 ----a-w- c:\windows\system32\VB5DB.DLL
2012-01-10 04:49:10 -------- d-----w- c:\program files\EASEUS
2012-01-10 02:31:33 -------- d-----w- c:\program files\Convar
.
==================== Find3M ====================
.
2012-01-17 06:39:42 952 --sha-w- c:\windows\system32\KGyGaAvL.sys
2011-12-21 19:02:48 292240 ----a-r- c:\windows\system32\cpnprtuk.cid
2011-12-05 14:21:59 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-25 21:57:19 293376 ----a-w- c:\windows\system32\winsrv.dll
2011-11-23 13:25:32 1859584 ----a-w- c:\windows\system32\win32k.sys
2011-11-18 12:35:08 60416 ----a-w- c:\windows\system32\packager.exe
2011-11-16 14:21:44 354816 ----a-w- c:\windows\system32\winhttp.dll
2011-11-16 14:21:44 152064 ----a-w- c:\windows\system32\schannel.dll
2011-11-10 11:54:13 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-11-10 09:27:10 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-11-04 19:20:51 916992 ----a-w- c:\windows\system32\wininet.dll
2011-11-04 19:20:51 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-11-04 19:20:51 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-11-04 11:23:59 385024 ----a-w- c:\windows\system32\html.iec
2011-11-03 15:28:36 386048 ----a-w- c:\windows\system32\qdvd.dll
2011-11-03 15:28:36 1292288 ----a-w- c:\windows\system32\quartz.dll
2011-11-01 16:07:10 1288704 ----a-w- c:\windows\system32\ole32.dll
2011-10-28 05:31:48 33280 ----a-w- c:\windows\system32\csrsrv.dll
2011-10-25 13:37:08 2148864 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-10-25 12:52:02 2027008 ----a-w- c:\windows\system32\ntkrnlpa.exe
.
============= FINISH: 14:47:15.15 ===============


.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume2
Install Date: 11/3/2010 10:57:47 PM
System Uptime: 1/20/2012 11:45:27 PM (39 hours ago)
.
Motherboard: ASUSTeK Computer INC. | | PTGD2-VX
Processor: Intel® Pentium® 4 CPU 3.00GHz | CPU 1 | 2992/200mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 180 GiB total, 127.966 GiB free.
D: is FIXED (NTFS) - 106 GiB total, 40.584 GiB free.
E: is FIXED (NTFS) - 6 GiB total, 0.885 GiB free.
F: is CDROM ()
G: is CDROM ()
H: is Removable
I: is Removable
J: is Removable
K: is Removable
L: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP173: 10/24/2011 12:44:35 AM - Software Distribution Service 3.0
RP174: 10/30/2011 2:36:20 PM - System Checkpoint
RP175: 11/1/2011 11:39:44 AM - System Checkpoint
RP176: 11/11/2011 9:34:50 AM - System Checkpoint
RP177: 11/14/2011 4:13:28 PM - System Checkpoint
RP178: 11/17/2011 10:05:34 AM - System Checkpoint
RP179: 11/22/2011 6:19:54 PM - Software Distribution Service 3.0
RP180: 11/23/2011 7:47:05 PM - System Checkpoint
RP181: 11/28/2011 11:22:43 AM - System Checkpoint
RP182: 12/1/2011 12:00:55 AM - System Checkpoint
RP183: 12/2/2011 12:10:30 AM - System Checkpoint
RP184: 12/5/2011 9:50:34 PM - Installed Java™ 6 Update 29
RP185: 12/6/2011 11:24:40 PM - Installed Windows Media Player 11
RP186: 12/6/2011 11:25:45 PM - Software Distribution Service 3.0
RP187: 12/6/2011 11:37:49 PM - Installed iTunes
RP188: 12/8/2011 1:09:44 AM - System Checkpoint
RP189: 12/11/2011 11:57:57 AM - System Checkpoint
RP190: 12/12/2011 3:35:52 PM - System Checkpoint
RP191: 12/13/2011 3:52:01 PM - System Checkpoint
RP192: 12/15/2011 1:45:09 AM - Software Distribution Service 3.0
RP193: 12/16/2011 10:54:45 PM - System Checkpoint
RP194: 12/18/2011 4:10:44 PM - System Checkpoint
RP195: 12/19/2011 4:41:27 PM - System Checkpoint
RP196: 12/27/2011 2:26:25 PM - System Checkpoint
RP197: 12/27/2011 6:48:40 PM - Printer Driver LogMeIn Printer Driver Installed
RP198: 12/28/2011 8:41:52 PM - System Checkpoint
RP199: 12/30/2011 4:23:08 PM - System Checkpoint
RP200: 1/3/2012 10:04:55 PM - Software Distribution Service 3.0
RP201: 1/8/2012 8:35:09 PM - System Checkpoint
RP202: 1/9/2012 9:08:39 PM - System Checkpoint
RP203: 1/10/2012 2:00:44 PM - Installed PC Inspector smart recovery
RP204: 1/11/2012 7:55:15 AM - Removed Bonjour
RP205: 1/11/2012 8:01:26 AM - Removed PC Inspector smart recovery
RP206: 1/11/2012 6:15:41 PM - Installed SeaTools for Windows
RP207: 1/11/2012 7:28:45 PM - Installed Extension Renamer
RP208: 1/12/2012 9:36:02 PM - System Checkpoint
RP209: 1/13/2012 8:23:59 PM - Software Distribution Service 3.0
RP210: 1/15/2012 11:53:30 AM - Removed Ask Toolbar.
RP211: 1/15/2012 11:55:09 AM - Removed Extension Renamer
RP212: 1/15/2012 11:55:56 AM - Removed LogMeIn
RP213: 1/15/2012 11:57:37 AM - Removed SeaTools for Windows
RP214: 1/15/2012 12:00:09 PM - TITANUIMRES5[0x10001101]
RP215: 1/16/2012 12:51:48 PM - System Checkpoint
RP216: 1/17/2012 3:59:11 PM - System Checkpoint
RP217: 1/18/2012 9:05:03 PM - System Checkpoint
RP218: 1/22/2012 2:33:53 PM - Installed Java™ 6 Update 30
.
==== Installed Programs ======================
.
Actiontec Gateway
Adobe Acrobat 8 Standard - English, Français, Deutsch
Adobe Acrobat 8.1.4 Standard
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Shockwave Player 11.5
Amazon Games & Software Downloader
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArcSoft PhotoBase 3
ArcSoft PhotoImpression
ArcSoft PhotoStudio 5
Bonjour
Canon CanoScan Toolbox 4.1
Canon i960
Canon Utilities Easy-PhotoPrint
Canon Utilities Easy-PhotoPrint Plus
Canon Utilities PhotoStitch 3.1
Canon Utilities ZoomBrowser EX
CanoScan LiDE20,30 Manual
Choice Guard
Corel Paint Shop Pro Photo X2
Coupon Printer for Windows
DVD Decrypter (Remove Only)
DVD Shrink 3.2
EASEUS Data Recovery Wizard Free Edition 5.5.1
Easy-WebPrint
ESET Online Scanner v3
FrostWire 5.2.11
Gadwin PrintScreen
Google Chrome
Hallmark Card Studio 2006 Deluxe
High Definition Audio Driver Package - KB835221
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB954708)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB981793)
ImgBurn
Intel® Graphics Media Accelerator Driver
Intel® PRO Network Adapters and Drivers
iTunes
Java Auto Updater
Java™ 6 Update 30
Malwarebytes Anti-Malware version 1.60.0.1800
Memory Stick Formatter
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Data Access Components KB870669
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional Plus 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Software Update for Web Folders (English) 12
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Microsoft Web Publishing Wizard 1.52
Microsoft Zoo Tycoon
Mozilla Firefox 8.0 (x86 en-US)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
OmniPage SE
OpenMG Limited Patch 4.0-04-07-14-01
OpenMG Secure Module 4.0.00
PhotoStitch
Picasa 3
PrintMaster
PrintMaster® Nick Jr. Edition
QuickConnect
QuickTime
Qwest Personal Digital Vault™
Qwest QuickAssist Desktop Tools
Qwest Quickcare 2.7
Realtek High Definition Audio Driver
RipIt4Me
Roll
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2553089)
Security Update for 2007 Microsoft Office System (KB2553090)
Security Update for 2007 Microsoft Office System (KB2584063)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office InfoPath 2007 (KB2510061)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Security Update for Microsoft Windows (KB2564958)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player (KB979402)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982381)
Security Update for Windows XP (KB982665)
Segoe UI
Serif PagePlus Essentials
Shockwave
Sony Certificate PCH
Sony MPEG2-TS Splitter 1.0
Sony Video Shared Library
Swag Bucks Toolbar
Trend Micro Titanium
Trend Micro Titanium Maximum Security 2012
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596686) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2583910)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2616676-v2)
Update for Windows XP (KB2641690)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
VAIO Help and Support
VAIO System Information
VAIO Update 2
WebFldrs XP
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 8
Windows Live Essentials
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3
.
==== Event Viewer Messages From Past Week ========
.
1/18/2012 6:31:10 PM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
1/15/2012 11:54:01 AM, error: Service Control Manager [7023] - The Application Management service terminated with the following error: The specified module could not be found.
1/15/2012 1:57:26 AM, error: HTTP [15005] - Unable to bind to the underlying transport for 0.0.0.0:2869. The IP Listen-Only list may contain a reference to an interface which may not exist on this machine. The data field contains the error number.
.
==== End Of File ===========================

Attached Files



#8 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:08:12 AM

Posted 22 January 2012 - 07:42 PM

Hi,

Please do the following:

Please download TDSSKiller.zip
  • Extract it to your desktop
  • Double click TDSSKiller.exe
  • Press Start Scan
    • Only if Malicious objects are found then ensure Cure is selected
    • Then click Continue > Reboot now
  • Copy and paste the log in your next reply
    • A copy of the log will be saved automatically to the root of the drive (typically C:\)

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#9 blah321456

blah321456
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:06:12 AM

Posted 22 January 2012 - 08:04 PM

It said it found no threats but here it the log:

18:55:57.0578 4944 TDSS rootkit removing tool 2.7.6.0 Jan 19 2012 13:09:04
18:55:58.0062 4944 ============================================================
18:55:58.0062 4944 Current date / time: 2012/01/22 18:55:58.0062
18:55:58.0062 4944 SystemInfo:
18:55:58.0062 4944
18:55:58.0062 4944 OS Version: 5.1.2600 ServicePack: 3.0
18:55:58.0062 4944 Product type: Workstation
18:55:58.0062 4944 ComputerName: DEIDRE
18:55:58.0062 4944 UserName: Me
18:55:58.0062 4944 Windows directory: C:\WINDOWS
18:55:58.0062 4944 System windows directory: C:\WINDOWS
18:55:58.0062 4944 Processor architecture: Intel x86
18:55:58.0062 4944 Number of processors: 2
18:55:58.0062 4944 Page size: 0x1000
18:55:58.0062 4944 Boot type: Normal boot
18:55:58.0062 4944 ============================================================
18:56:01.0093 4944 Drive \Device\Harddisk0\DR0 - Size: 0x2E93E36000 (186.31 Gb), SectorSize: 0x200, Cylinders: 0x5F01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
18:56:01.0125 4944 Drive \Device\Harddisk1\DR1 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
18:56:01.0406 4944 Initialize success
18:56:07.0687 3812 ============================================================
18:56:07.0687 3812 Scan started
18:56:07.0687 3812 Mode: Manual;
18:56:07.0687 3812 ============================================================
18:56:08.0484 3812 Abiosdsk - ok
18:56:08.0500 3812 abp480n5 - ok
18:56:08.0562 3812 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
18:56:08.0578 3812 ACPI - ok
18:56:08.0625 3812 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
18:56:08.0625 3812 ACPIEC - ok
18:56:08.0625 3812 adpu160m - ok
18:56:08.0671 3812 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
18:56:08.0687 3812 aec - ok
18:56:08.0750 3812 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
18:56:08.0750 3812 AFD - ok
18:56:08.0750 3812 Aha154x - ok
18:56:08.0765 3812 aic78u2 - ok
18:56:08.0781 3812 aic78xx - ok
18:56:08.0796 3812 AliIde - ok
18:56:08.0812 3812 amsint - ok
18:56:08.0843 3812 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
18:56:08.0843 3812 Arp1394 - ok
18:56:08.0859 3812 asc - ok
18:56:08.0875 3812 asc3350p - ok
18:56:08.0890 3812 asc3550 - ok
18:56:08.0937 3812 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
18:56:08.0937 3812 AsyncMac - ok
18:56:08.0953 3812 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
18:56:08.0953 3812 atapi - ok
18:56:08.0968 3812 Atdisk - ok
18:56:08.0984 3812 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
18:56:08.0984 3812 Atmarpc - ok
18:56:09.0031 3812 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
18:56:09.0031 3812 audstub - ok
18:56:09.0093 3812 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
18:56:09.0093 3812 Beep - ok
18:56:09.0250 3812 catchme - ok
18:56:09.0281 3812 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
18:56:09.0296 3812 cbidf2k - ok
18:56:09.0296 3812 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
18:56:09.0312 3812 CCDECODE - ok
18:56:09.0312 3812 cd20xrnt - ok
18:56:09.0343 3812 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
18:56:09.0343 3812 Cdaudio - ok
18:56:09.0359 3812 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
18:56:09.0359 3812 Cdfs - ok
18:56:09.0390 3812 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
18:56:09.0390 3812 Cdrom - ok
18:56:09.0406 3812 Changer - ok
18:56:09.0437 3812 CmdIde - ok
18:56:09.0468 3812 Cpqarray - ok
18:56:09.0484 3812 dac2w2k - ok
18:56:09.0500 3812 dac960nt - ok
18:56:09.0515 3812 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
18:56:09.0515 3812 Disk - ok
18:56:09.0593 3812 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
18:56:09.0625 3812 dmboot - ok
18:56:09.0718 3812 DMICall (526192bf7696f72e29777bf4a180513a) C:\WINDOWS\system32\DRIVERS\DMICall.sys
18:56:09.0718 3812 DMICall - ok
18:56:09.0765 3812 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
18:56:09.0765 3812 dmio - ok
18:56:09.0843 3812 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
18:56:09.0843 3812 dmload - ok
18:56:09.0890 3812 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
18:56:09.0890 3812 DMusic - ok
18:56:09.0921 3812 dpti2o - ok
18:56:09.0953 3812 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
18:56:09.0953 3812 drmkaud - ok
18:56:10.0031 3812 E100B (7d91dc6342248369f94d6eba0cf42e99) C:\WINDOWS\system32\DRIVERS\e100b325.sys
18:56:10.0031 3812 E100B - ok
18:56:10.0093 3812 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
18:56:10.0109 3812 Fastfat - ok
18:56:10.0125 3812 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
18:56:10.0125 3812 Fdc - ok
18:56:10.0140 3812 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
18:56:10.0140 3812 Fips - ok
18:56:10.0171 3812 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
18:56:10.0171 3812 Flpydisk - ok
18:56:10.0203 3812 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
18:56:10.0203 3812 FltMgr - ok
18:56:10.0234 3812 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
18:56:10.0234 3812 Fs_Rec - ok
18:56:10.0265 3812 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
18:56:10.0265 3812 Ftdisk - ok
18:56:10.0312 3812 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
18:56:10.0312 3812 GEARAspiWDM - ok
18:56:10.0343 3812 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
18:56:10.0343 3812 Gpc - ok
18:56:10.0390 3812 HdAudAddService (160b24fd894e79e71c983ea403a6e6e7) C:\WINDOWS\system32\drivers\HdAudio.sys
18:56:10.0406 3812 HdAudAddService - ok
18:56:10.0437 3812 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
18:56:10.0437 3812 HDAudBus - ok
18:56:10.0468 3812 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
18:56:10.0468 3812 HidUsb - ok
18:56:10.0484 3812 hpn - ok
18:56:10.0562 3812 HSFHWAZL (dfadd76b2efdf49b81e5ebfa691d5131) C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
18:56:10.0562 3812 HSFHWAZL - ok
18:56:10.0625 3812 HSF_DP (a5997c70a8df5f4e5c60fff7429823e9) C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
18:56:10.0656 3812 HSF_DP - ok
18:56:10.0734 3812 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
18:56:10.0734 3812 HTTP - ok
18:56:10.0765 3812 i2omgmt - ok
18:56:10.0781 3812 i2omp - ok
18:56:10.0796 3812 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
18:56:10.0796 3812 i8042prt - ok
18:56:10.0890 3812 ialm (16f8de7a7f9023aac04dec6a8a264441) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
18:56:10.0906 3812 ialm - ok
18:56:10.0984 3812 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
18:56:10.0984 3812 Imapi - ok
18:56:11.0000 3812 ini910u - ok
18:56:11.0125 3812 IntcAzAudAddService (6364d8679b751e388036b517ae897b1c) C:\WINDOWS\system32\drivers\RtkHDAud.sys
18:56:11.0171 3812 IntcAzAudAddService - ok
18:56:11.0234 3812 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
18:56:11.0234 3812 IntelIde - ok
18:56:11.0296 3812 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
18:56:11.0296 3812 intelppm - ok
18:56:11.0328 3812 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
18:56:11.0343 3812 Ip6Fw - ok
18:56:11.0375 3812 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
18:56:11.0375 3812 IpFilterDriver - ok
18:56:11.0390 3812 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
18:56:11.0390 3812 IpInIp - ok
18:56:11.0437 3812 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
18:56:11.0453 3812 IpNat - ok
18:56:11.0468 3812 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
18:56:11.0484 3812 IPSec - ok
18:56:11.0484 3812 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
18:56:11.0484 3812 IRENUM - ok
18:56:11.0515 3812 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
18:56:11.0515 3812 isapnp - ok
18:56:11.0562 3812 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
18:56:11.0562 3812 Kbdclass - ok
18:56:11.0578 3812 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
18:56:11.0593 3812 kmixer - ok
18:56:11.0625 3812 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
18:56:11.0640 3812 KSecDD - ok
18:56:11.0656 3812 lbrtfdc - ok
18:56:11.0671 3812 lmimirr - ok
18:56:11.0718 3812 mdmxsdk (3c318b9cd391371bed62126581ee9961) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
18:56:11.0718 3812 mdmxsdk - ok
18:56:11.0781 3812 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
18:56:11.0781 3812 mnmdd - ok
18:56:11.0812 3812 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
18:56:11.0812 3812 Modem - ok
18:56:11.0859 3812 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
18:56:11.0859 3812 Mouclass - ok
18:56:11.0937 3812 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
18:56:11.0937 3812 mouhid - ok
18:56:11.0953 3812 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
18:56:11.0953 3812 MountMgr - ok
18:56:11.0968 3812 mraid35x - ok
18:56:11.0984 3812 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
18:56:11.0984 3812 MRxDAV - ok
18:56:12.0078 3812 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
18:56:12.0093 3812 MRxSmb - ok
18:56:12.0156 3812 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
18:56:12.0156 3812 Msfs - ok
18:56:12.0187 3812 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
18:56:12.0187 3812 MSKSSRV - ok
18:56:12.0234 3812 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
18:56:12.0234 3812 MSPCLOCK - ok
18:56:12.0250 3812 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
18:56:12.0250 3812 MSPQM - ok
18:56:12.0312 3812 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
18:56:12.0312 3812 mssmbios - ok
18:56:12.0359 3812 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
18:56:12.0359 3812 MSTEE - ok
18:56:12.0421 3812 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
18:56:12.0421 3812 Mup - ok
18:56:12.0468 3812 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
18:56:12.0468 3812 NABTSFEC - ok
18:56:12.0515 3812 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
18:56:12.0515 3812 NDIS - ok
18:56:12.0562 3812 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
18:56:12.0562 3812 NdisIP - ok
18:56:12.0609 3812 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
18:56:12.0609 3812 NdisTapi - ok
18:56:12.0625 3812 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
18:56:12.0625 3812 Ndisuio - ok
18:56:12.0656 3812 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
18:56:12.0656 3812 NdisWan - ok
18:56:12.0687 3812 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
18:56:12.0687 3812 NDProxy - ok
18:56:12.0703 3812 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
18:56:12.0703 3812 NetBIOS - ok
18:56:12.0750 3812 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
18:56:12.0750 3812 NetBT - ok
18:56:12.0796 3812 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
18:56:12.0796 3812 NIC1394 - ok
18:56:12.0812 3812 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
18:56:12.0812 3812 Npfs - ok
18:56:12.0843 3812 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
18:56:12.0859 3812 Ntfs - ok
18:56:12.0937 3812 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
18:56:12.0937 3812 Null - ok
18:56:12.0968 3812 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
18:56:12.0968 3812 NwlnkFlt - ok
18:56:12.0984 3812 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
18:56:12.0984 3812 NwlnkFwd - ok
18:56:13.0031 3812 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
18:56:13.0031 3812 ohci1394 - ok
18:56:13.0062 3812 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
18:56:13.0062 3812 Parport - ok
18:56:13.0078 3812 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
18:56:13.0078 3812 PartMgr - ok
18:56:13.0140 3812 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
18:56:13.0140 3812 ParVdm - ok
18:56:13.0140 3812 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
18:56:13.0156 3812 PCI - ok
18:56:13.0156 3812 PCIDump - ok
18:56:13.0187 3812 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
18:56:13.0203 3812 PCIIde - ok
18:56:13.0234 3812 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
18:56:13.0234 3812 Pcmcia - ok
18:56:13.0250 3812 PDCOMP - ok
18:56:13.0265 3812 PDFRAME - ok
18:56:13.0281 3812 PDRELI - ok
18:56:13.0281 3812 PDRFRAME - ok
18:56:13.0296 3812 perc2 - ok
18:56:13.0312 3812 perc2hib - ok
18:56:13.0375 3812 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
18:56:13.0375 3812 PptpMiniport - ok
18:56:13.0390 3812 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
18:56:13.0390 3812 PSched - ok
18:56:13.0437 3812 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
18:56:13.0437 3812 Ptilink - ok
18:56:13.0453 3812 PxHelp20 (d7e32c33c08ccdbd21d47d291f30d35b) C:\WINDOWS\system32\Drivers\PxHelp20.sys
18:56:13.0453 3812 PxHelp20 - ok
18:56:13.0468 3812 ql1080 - ok
18:56:13.0468 3812 Ql10wnt - ok
18:56:13.0484 3812 ql12160 - ok
18:56:13.0500 3812 ql1240 - ok
18:56:13.0515 3812 ql1280 - ok
18:56:13.0546 3812 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
18:56:13.0562 3812 RasAcd - ok
18:56:13.0578 3812 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
18:56:13.0578 3812 Rasl2tp - ok
18:56:13.0593 3812 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
18:56:13.0593 3812 RasPppoe - ok
18:56:13.0609 3812 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
18:56:13.0609 3812 Raspti - ok
18:56:13.0640 3812 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
18:56:13.0640 3812 Rdbss - ok
18:56:13.0703 3812 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
18:56:13.0703 3812 RDPCDD - ok
18:56:13.0750 3812 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
18:56:13.0750 3812 RDPWD - ok
18:56:13.0765 3812 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
18:56:13.0781 3812 redbook - ok
18:56:13.0890 3812 RTLWUSB (c3880bf1bad0b8eb69efb07a9c3fa7d9) C:\WINDOWS\system32\DRIVERS\wg111v2.sys
18:56:13.0890 3812 RTLWUSB - ok
18:56:14.0015 3812 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
18:56:14.0015 3812 Secdrv - ok
18:56:14.0062 3812 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys
18:56:14.0062 3812 Serial - ok
18:56:14.0093 3812 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
18:56:14.0109 3812 Sfloppy - ok
18:56:14.0125 3812 Simbad - ok
18:56:14.0171 3812 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
18:56:14.0171 3812 SLIP - ok
18:56:14.0250 3812 smrt (f5929f7d3f383a43f255b53989c01462) C:\WINDOWS\system32\DRIVERS\smrt.sys
18:56:14.0281 3812 smrt - ok
18:56:14.0296 3812 Sparrow - ok
18:56:14.0328 3812 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
18:56:14.0328 3812 splitter - ok
18:56:14.0359 3812 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
18:56:14.0359 3812 sr - ok
18:56:14.0421 3812 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
18:56:14.0437 3812 Srv - ok
18:56:14.0484 3812 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
18:56:14.0484 3812 streamip - ok
18:56:14.0515 3812 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
18:56:14.0515 3812 swenum - ok
18:56:14.0546 3812 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
18:56:14.0546 3812 swmidi - ok
18:56:14.0562 3812 symc810 - ok
18:56:14.0578 3812 symc8xx - ok
18:56:14.0593 3812 sym_hi - ok
18:56:14.0609 3812 sym_u3 - ok
18:56:14.0625 3812 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
18:56:14.0625 3812 sysaudio - ok
18:56:14.0703 3812 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
18:56:14.0703 3812 Tcpip - ok
18:56:14.0750 3812 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
18:56:14.0750 3812 TDPIPE - ok
18:56:14.0765 3812 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
18:56:14.0765 3812 TDTCP - ok
18:56:14.0796 3812 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
18:56:14.0812 3812 TermDD - ok
18:56:14.0890 3812 tmactmon (e8e528896ff2595cfada88749cd72ef8) C:\WINDOWS\system32\DRIVERS\tmactmon.sys
18:56:14.0890 3812 tmactmon - ok
18:56:14.0906 3812 tmcomm (1837512d4aab862bd297a2ef035fba14) C:\WINDOWS\system32\DRIVERS\tmcomm.sys
18:56:14.0921 3812 tmcomm - ok
18:56:14.0968 3812 tmeext (12755ab9039a91bf170c537d0c16a51b) C:\WINDOWS\system32\DRIVERS\tmeext.sys
18:56:14.0968 3812 tmeext - ok
18:56:14.0984 3812 tmevtmgr (dbac510d1c7cc66b7a78eb2264f3072e) C:\WINDOWS\system32\DRIVERS\tmevtmgr.sys
18:56:15.0000 3812 tmevtmgr - ok
18:56:15.0031 3812 tmnciesc (2e078184034a179c47787f87f238d5ba) C:\WINDOWS\system32\DRIVERS\tmnciesc.sys
18:56:15.0031 3812 tmnciesc - ok
18:56:15.0046 3812 tmtdi (a6e20b094a8d3e3f46d10bbe7e1ebb82) C:\WINDOWS\system32\DRIVERS\tmtdi.sys
18:56:15.0046 3812 tmtdi - ok
18:56:15.0093 3812 TosIde - ok
18:56:15.0125 3812 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
18:56:15.0125 3812 Udfs - ok
18:56:15.0140 3812 ultra - ok
18:56:15.0203 3812 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
18:56:15.0218 3812 Update - ok
18:56:15.0296 3812 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\WINDOWS\system32\Drivers\usbaapl.sys
18:56:15.0296 3812 USBAAPL - ok
18:56:15.0328 3812 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
18:56:15.0328 3812 usbehci - ok
18:56:15.0343 3812 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
18:56:15.0343 3812 usbhub - ok
18:56:15.0359 3812 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
18:56:15.0359 3812 usbprint - ok
18:56:15.0375 3812 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
18:56:15.0375 3812 usbscan - ok
18:56:15.0390 3812 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
18:56:15.0390 3812 usbstor - ok
18:56:15.0406 3812 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
18:56:15.0406 3812 usbuhci - ok
18:56:15.0421 3812 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
18:56:15.0421 3812 VgaSave - ok
18:56:15.0437 3812 ViaIde - ok
18:56:15.0453 3812 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
18:56:15.0453 3812 VolSnap - ok
18:56:15.0484 3812 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
18:56:15.0484 3812 Wanarp - ok
18:56:15.0500 3812 WDICA - ok
18:56:15.0531 3812 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
18:56:15.0531 3812 wdmaud - ok
18:56:15.0578 3812 winachsf (cdc87dc4d727a1c0c7cfaf82e58b0e7c) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
18:56:15.0593 3812 winachsf - ok
18:56:15.0703 3812 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
18:56:15.0703 3812 WS2IFSL - ok
18:56:15.0718 3812 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
18:56:15.0718 3812 WSTCODEC - ok
18:56:15.0765 3812 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
18:56:15.0781 3812 WudfPf - ok
18:56:15.0796 3812 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
18:56:15.0796 3812 WudfRd - ok
18:56:15.0843 3812 MBR (0x1B8) (671b81004fdd1588fa9ed1331c9ceca9) \Device\Harddisk0\DR0
18:56:16.0046 3812 \Device\Harddisk0\DR0 - ok
18:56:16.0078 3812 MBR (0x1B8) (21b7cef0a6c72738dc08a22ad6aa4ef6) \Device\Harddisk1\DR1
18:56:16.0109 3812 \Device\Harddisk1\DR1 - ok
18:56:16.0125 3812 Boot (0x1200) (9ede5d9b27c79e71f2c53148dee79086) \Device\Harddisk0\DR0\Partition0
18:56:16.0125 3812 \Device\Harddisk0\DR0\Partition0 - ok
18:56:16.0125 3812 Boot (0x1200) (c0f372d74cb1d1c79e02dcc43d5b9a99) \Device\Harddisk1\DR1\Partition0
18:56:16.0125 3812 \Device\Harddisk1\DR1\Partition0 - ok
18:56:16.0140 3812 Boot (0x1200) (cb5824a667ccdd9cfa3208d9e854d390) \Device\Harddisk1\DR1\Partition1
18:56:16.0140 3812 \Device\Harddisk1\DR1\Partition1 - ok
18:56:16.0140 3812 ============================================================
18:56:16.0140 3812 Scan finished
18:56:16.0140 3812 ============================================================
18:56:16.0156 5740 Detected object count: 0
18:56:16.0156 5740 Actual detected object count: 0
18:56:44.0531 4608 ============================================================
18:56:44.0531 4608 Scan started
18:56:44.0531 4608 Mode: Manual;
18:56:44.0531 4608 ============================================================
18:56:44.0984 4608 Abiosdsk - ok
18:56:45.0000 4608 abp480n5 - ok
18:56:45.0062 4608 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
18:56:45.0062 4608 ACPI - ok
18:56:45.0093 4608 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
18:56:45.0093 4608 ACPIEC - ok
18:56:45.0109 4608 adpu160m - ok
18:56:45.0156 4608 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
18:56:45.0156 4608 aec - ok
18:56:45.0218 4608 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
18:56:45.0218 4608 AFD - ok
18:56:45.0234 4608 Aha154x - ok
18:56:45.0250 4608 aic78u2 - ok
18:56:45.0265 4608 aic78xx - ok
18:56:45.0281 4608 AliIde - ok
18:56:45.0296 4608 amsint - ok
18:56:45.0312 4608 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
18:56:45.0312 4608 Arp1394 - ok
18:56:45.0328 4608 asc - ok
18:56:45.0343 4608 asc3350p - ok
18:56:45.0359 4608 asc3550 - ok
18:56:45.0406 4608 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
18:56:45.0406 4608 AsyncMac - ok
18:56:45.0421 4608 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
18:56:45.0421 4608 atapi - ok
18:56:45.0437 4608 Atdisk - ok
18:56:45.0453 4608 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
18:56:45.0453 4608 Atmarpc - ok
18:56:45.0484 4608 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
18:56:45.0484 4608 audstub - ok
18:56:45.0562 4608 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
18:56:45.0562 4608 Beep - ok
18:56:45.0703 4608 catchme - ok
18:56:45.0750 4608 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
18:56:45.0750 4608 cbidf2k - ok
18:56:45.0765 4608 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
18:56:45.0765 4608 CCDECODE - ok
18:56:45.0781 4608 cd20xrnt - ok
18:56:45.0796 4608 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
18:56:45.0796 4608 Cdaudio - ok
18:56:45.0812 4608 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
18:56:45.0812 4608 Cdfs - ok
18:56:45.0859 4608 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
18:56:45.0859 4608 Cdrom - ok
18:56:45.0875 4608 Changer - ok
18:56:45.0890 4608 CmdIde - ok
18:56:45.0921 4608 Cpqarray - ok
18:56:45.0937 4608 dac2w2k - ok
18:56:45.0953 4608 dac960nt - ok
18:56:45.0968 4608 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
18:56:45.0968 4608 Disk - ok
18:56:46.0015 4608 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
18:56:46.0031 4608 dmboot - ok
18:56:46.0125 4608 DMICall (526192bf7696f72e29777bf4a180513a) C:\WINDOWS\system32\DRIVERS\DMICall.sys
18:56:46.0125 4608 DMICall - ok
18:56:46.0171 4608 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
18:56:46.0171 4608 dmio - ok
18:56:46.0187 4608 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
18:56:46.0203 4608 dmload - ok
18:56:46.0234 4608 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
18:56:46.0250 4608 DMusic - ok
18:56:46.0265 4608 dpti2o - ok
18:56:46.0296 4608 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
18:56:46.0296 4608 drmkaud - ok
18:56:46.0375 4608 E100B (7d91dc6342248369f94d6eba0cf42e99) C:\WINDOWS\system32\DRIVERS\e100b325.sys
18:56:46.0375 4608 E100B - ok
18:56:46.0437 4608 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
18:56:46.0437 4608 Fastfat - ok
18:56:46.0453 4608 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
18:56:46.0453 4608 Fdc - ok
18:56:46.0468 4608 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
18:56:46.0484 4608 Fips - ok
18:56:46.0500 4608 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
18:56:46.0500 4608 Flpydisk - ok
18:56:46.0531 4608 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
18:56:46.0531 4608 FltMgr - ok
18:56:46.0562 4608 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
18:56:46.0562 4608 Fs_Rec - ok
18:56:46.0593 4608 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
18:56:46.0593 4608 Ftdisk - ok
18:56:46.0625 4608 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
18:56:46.0625 4608 GEARAspiWDM - ok
18:56:46.0671 4608 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
18:56:46.0671 4608 Gpc - ok
18:56:46.0734 4608 HdAudAddService (160b24fd894e79e71c983ea403a6e6e7) C:\WINDOWS\system32\drivers\HdAudio.sys
18:56:46.0734 4608 HdAudAddService - ok
18:56:46.0781 4608 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
18:56:46.0781 4608 HDAudBus - ok
18:56:46.0796 4608 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
18:56:46.0812 4608 HidUsb - ok
18:56:46.0812 4608 hpn - ok
18:56:46.0890 4608 HSFHWAZL (dfadd76b2efdf49b81e5ebfa691d5131) C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
18:56:46.0890 4608 HSFHWAZL - ok
18:56:46.0937 4608 HSF_DP (a5997c70a8df5f4e5c60fff7429823e9) C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
18:56:46.0953 4608 HSF_DP - ok
18:56:47.0015 4608 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
18:56:47.0031 4608 HTTP - ok
18:56:47.0031 4608 i2omgmt - ok
18:56:47.0046 4608 i2omp - ok
18:56:47.0093 4608 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
18:56:47.0093 4608 i8042prt - ok
18:56:47.0187 4608 ialm (16f8de7a7f9023aac04dec6a8a264441) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
18:56:47.0203 4608 ialm - ok
18:56:47.0250 4608 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
18:56:47.0250 4608 Imapi - ok
18:56:47.0265 4608 ini910u - ok
18:56:47.0406 4608 IntcAzAudAddService (6364d8679b751e388036b517ae897b1c) C:\WINDOWS\system32\drivers\RtkHDAud.sys
18:56:47.0421 4608 IntcAzAudAddService - ok
18:56:47.0468 4608 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
18:56:47.0468 4608 IntelIde - ok
18:56:47.0531 4608 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
18:56:47.0531 4608 intelppm - ok
18:56:47.0562 4608 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
18:56:47.0562 4608 Ip6Fw - ok
18:56:47.0625 4608 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
18:56:47.0625 4608 IpFilterDriver - ok
18:56:47.0640 4608 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
18:56:47.0640 4608 IpInIp - ok
18:56:47.0687 4608 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
18:56:47.0687 4608 IpNat - ok
18:56:47.0718 4608 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
18:56:47.0718 4608 IPSec - ok
18:56:47.0718 4608 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
18:56:47.0718 4608 IRENUM - ok
18:56:47.0750 4608 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
18:56:47.0750 4608 isapnp - ok
18:56:47.0765 4608 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
18:56:47.0765 4608 Kbdclass - ok
18:56:47.0781 4608 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
18:56:47.0796 4608 kmixer - ok
18:56:47.0828 4608 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
18:56:47.0828 4608 KSecDD - ok
18:56:47.0843 4608 lbrtfdc - ok
18:56:47.0875 4608 lmimirr - ok
18:56:47.0906 4608 mdmxsdk (3c318b9cd391371bed62126581ee9961) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
18:56:47.0906 4608 mdmxsdk - ok
18:56:47.0984 4608 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
18:56:47.0984 4608 mnmdd - ok
18:56:48.0000 4608 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
18:56:48.0000 4608 Modem - ok
18:56:48.0031 4608 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
18:56:48.0031 4608 Mouclass - ok
18:56:48.0093 4608 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
18:56:48.0093 4608 mouhid - ok
18:56:48.0109 4608 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
18:56:48.0109 4608 MountMgr - ok
18:56:48.0125 4608 mraid35x - ok
18:56:48.0140 4608 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
18:56:48.0140 4608 MRxDAV - ok
18:56:48.0218 4608 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
18:56:48.0218 4608 MRxSmb - ok
18:56:48.0296 4608 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
18:56:48.0296 4608 Msfs - ok
18:56:48.0328 4608 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
18:56:48.0328 4608 MSKSSRV - ok
18:56:48.0375 4608 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
18:56:48.0375 4608 MSPCLOCK - ok
18:56:48.0421 4608 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
18:56:48.0421 4608 MSPQM - ok
18:56:48.0484 4608 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
18:56:48.0484 4608 mssmbios - ok
18:56:48.0515 4608 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
18:56:48.0515 4608 MSTEE - ok
18:56:48.0578 4608 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
18:56:48.0578 4608 Mup - ok
18:56:48.0625 4608 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
18:56:48.0625 4608 NABTSFEC - ok
18:56:48.0656 4608 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
18:56:48.0671 4608 NDIS - ok
18:56:48.0718 4608 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
18:56:48.0718 4608 NdisIP - ok
18:56:48.0765 4608 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
18:56:48.0765 4608 NdisTapi - ok
18:56:48.0781 4608 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
18:56:48.0781 4608 Ndisuio - ok
18:56:48.0796 4608 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
18:56:48.0812 4608 NdisWan - ok
18:56:48.0843 4608 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
18:56:48.0843 4608 NDProxy - ok
18:56:48.0859 4608 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
18:56:48.0859 4608 NetBIOS - ok
18:56:48.0906 4608 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
18:56:48.0906 4608 NetBT - ok
18:56:48.0937 4608 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
18:56:48.0937 4608 NIC1394 - ok
18:56:48.0953 4608 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
18:56:48.0968 4608 Npfs - ok
18:56:49.0000 4608 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
18:56:49.0000 4608 Ntfs - ok
18:56:49.0046 4608 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
18:56:49.0046 4608 Null - ok
18:56:49.0078 4608 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
18:56:49.0078 4608 NwlnkFlt - ok
18:56:49.0093 4608 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
18:56:49.0093 4608 NwlnkFwd - ok
18:56:49.0140 4608 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
18:56:49.0140 4608 ohci1394 - ok
18:56:49.0171 4608 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
18:56:49.0171 4608 Parport - ok
18:56:49.0187 4608 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
18:56:49.0187 4608 PartMgr - ok
18:56:49.0250 4608 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
18:56:49.0250 4608 ParVdm - ok
18:56:49.0265 4608 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
18:56:49.0265 4608 PCI - ok
18:56:49.0281 4608 PCIDump - ok
18:56:49.0312 4608 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
18:56:49.0312 4608 PCIIde - ok
18:56:49.0343 4608 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
18:56:49.0343 4608 Pcmcia - ok
18:56:49.0359 4608 PDCOMP - ok
18:56:49.0375 4608 PDFRAME - ok
18:56:49.0390 4608 PDRELI - ok
18:56:49.0406 4608 PDRFRAME - ok
18:56:49.0406 4608 perc2 - ok
18:56:49.0421 4608 perc2hib - ok
18:56:49.0484 4608 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
18:56:49.0484 4608 PptpMiniport - ok
18:56:49.0500 4608 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
18:56:49.0500 4608 PSched - ok
18:56:49.0546 4608 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
18:56:49.0546 4608 Ptilink - ok
18:56:49.0562 4608 PxHelp20 (d7e32c33c08ccdbd21d47d291f30d35b) C:\WINDOWS\system32\Drivers\PxHelp20.sys
18:56:49.0562 4608 PxHelp20 - ok
18:56:49.0578 4608 ql1080 - ok
18:56:49.0593 4608 Ql10wnt - ok
18:56:49.0609 4608 ql12160 - ok
18:56:49.0609 4608 ql1240 - ok
18:56:49.0625 4608 ql1280 - ok
18:56:49.0671 4608 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
18:56:49.0671 4608 RasAcd - ok
18:56:49.0703 4608 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
18:56:49.0703 4608 Rasl2tp - ok
18:56:49.0718 4608 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
18:56:49.0718 4608 RasPppoe - ok
18:56:49.0734 4608 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
18:56:49.0734 4608 Raspti - ok
18:56:49.0765 4608 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
18:56:49.0765 4608 Rdbss - ok
18:56:49.0812 4608 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
18:56:49.0812 4608 RDPCDD - ok
18:56:49.0875 4608 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
18:56:49.0875 4608 RDPWD - ok
18:56:49.0890 4608 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
18:56:49.0890 4608 redbook - ok
18:56:49.0968 4608 RTLWUSB (c3880bf1bad0b8eb69efb07a9c3fa7d9) C:\WINDOWS\system32\DRIVERS\wg111v2.sys
18:56:49.0968 4608 RTLWUSB - ok
18:56:50.0062 4608 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
18:56:50.0062 4608 Secdrv - ok
18:56:50.0109 4608 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys
18:56:50.0109 4608 Serial - ok
18:56:50.0218 4608 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
18:56:50.0218 4608 Sfloppy - ok
18:56:50.0234 4608 Simbad - ok
18:56:50.0281 4608 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
18:56:50.0281 4608 SLIP - ok
18:56:50.0375 4608 smrt (f5929f7d3f383a43f255b53989c01462) C:\WINDOWS\system32\DRIVERS\smrt.sys
18:56:50.0390 4608 smrt - ok
18:56:50.0406 4608 Sparrow - ok
18:56:50.0421 4608 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
18:56:50.0421 4608 splitter - ok
18:56:50.0468 4608 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
18:56:50.0468 4608 sr - ok
18:56:50.0531 4608 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
18:56:50.0531 4608 Srv - ok
18:56:50.0578 4608 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
18:56:50.0578 4608 streamip - ok
18:56:50.0625 4608 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
18:56:50.0625 4608 swenum - ok
18:56:50.0640 4608 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
18:56:50.0656 4608 swmidi - ok
18:56:50.0671 4608 symc810 - ok
18:56:50.0687 4608 symc8xx - ok
18:56:50.0687 4608 sym_hi - ok
18:56:50.0703 4608 sym_u3 - ok
18:56:50.0734 4608 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
18:56:50.0734 4608 sysaudio - ok
18:56:50.0796 4608 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
18:56:50.0812 4608 Tcpip - ok
18:56:50.0859 4608 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
18:56:50.0859 4608 TDPIPE - ok
18:56:50.0875 4608 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
18:56:50.0875 4608 TDTCP - ok
18:56:50.0921 4608 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
18:56:50.0921 4608 TermDD - ok
18:56:50.0984 4608 tmactmon (e8e528896ff2595cfada88749cd72ef8) C:\WINDOWS\system32\DRIVERS\tmactmon.sys
18:56:50.0984 4608 tmactmon - ok
18:56:51.0015 4608 tmcomm (1837512d4aab862bd297a2ef035fba14) C:\WINDOWS\system32\DRIVERS\tmcomm.sys
18:56:51.0015 4608 tmcomm - ok
18:56:51.0031 4608 tmeext (12755ab9039a91bf170c537d0c16a51b) C:\WINDOWS\system32\DRIVERS\tmeext.sys
18:56:51.0031 4608 tmeext - ok
18:56:51.0046 4608 tmevtmgr (dbac510d1c7cc66b7a78eb2264f3072e) C:\WINDOWS\system32\DRIVERS\tmevtmgr.sys
18:56:51.0046 4608 tmevtmgr - ok
18:56:51.0093 4608 tmnciesc (2e078184034a179c47787f87f238d5ba) C:\WINDOWS\system32\DRIVERS\tmnciesc.sys
18:56:51.0093 4608 tmnciesc - ok
18:56:51.0109 4608 tmtdi (a6e20b094a8d3e3f46d10bbe7e1ebb82) C:\WINDOWS\system32\DRIVERS\tmtdi.sys
18:56:51.0109 4608 tmtdi - ok
18:56:51.0109 4608 TosIde - ok
18:56:51.0156 4608 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
18:56:51.0156 4608 Udfs - ok
18:56:51.0171 4608 ultra - ok
18:56:51.0250 4608 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
18:56:51.0250 4608 Update - ok
18:56:51.0375 4608 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\WINDOWS\system32\Drivers\usbaapl.sys
18:56:51.0375 4608 USBAAPL - ok
18:56:51.0421 4608 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
18:56:51.0421 4608 usbehci - ok
18:56:51.0468 4608 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
18:56:51.0468 4608 usbhub - ok
18:56:51.0484 4608 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
18:56:51.0484 4608 usbprint - ok
18:56:51.0500 4608 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
18:56:51.0500 4608 usbscan - ok
18:56:51.0515 4608 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
18:56:51.0515 4608 usbstor - ok
18:56:51.0531 4608 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
18:56:51.0531 4608 usbuhci - ok
18:56:51.0546 4608 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
18:56:51.0546 4608 VgaSave - ok
18:56:51.0562 4608 ViaIde - ok
18:56:51.0593 4608 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
18:56:51.0593 4608 VolSnap - ok
18:56:51.0609 4608 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
18:56:51.0625 4608 Wanarp - ok
18:56:51.0625 4608 WDICA - ok
18:56:51.0671 4608 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
18:56:51.0687 4608 wdmaud - ok
18:56:51.0765 4608 winachsf (cdc87dc4d727a1c0c7cfaf82e58b0e7c) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
18:56:51.0781 4608 winachsf - ok
18:56:51.0921 4608 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
18:56:51.0937 4608 WS2IFSL - ok
18:56:52.0062 4608 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
18:56:52.0062 4608 WSTCODEC - ok
18:56:52.0156 4608 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
18:56:52.0156 4608 WudfPf - ok
18:56:52.0453 4608 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
18:56:52.0453 4608 WudfRd - ok
18:56:52.0531 4608 MBR (0x1B8) (671b81004fdd1588fa9ed1331c9ceca9) \Device\Harddisk0\DR0
18:56:52.0906 4608 \Device\Harddisk0\DR0 - ok
18:56:52.0937 4608 MBR (0x1B8) (21b7cef0a6c72738dc08a22ad6aa4ef6) \Device\Harddisk1\DR1
18:56:52.0937 4608 \Device\Harddisk1\DR1 - ok
18:56:52.0953 4608 Boot (0x1200) (9ede5d9b27c79e71f2c53148dee79086) \Device\Harddisk0\DR0\Partition0
18:56:52.0953 4608 \Device\Harddisk0\DR0\Partition0 - ok
18:56:52.0953 4608 Boot (0x1200) (c0f372d74cb1d1c79e02dcc43d5b9a99) \Device\Harddisk1\DR1\Partition0
18:56:52.0953 4608 \Device\Harddisk1\DR1\Partition0 - ok
18:56:52.0984 4608 Boot (0x1200) (cb5824a667ccdd9cfa3208d9e854d390) \Device\Harddisk1\DR1\Partition1
18:56:53.0000 4608 \Device\Harddisk1\DR1\Partition1 - ok
18:56:53.0000 4608 ============================================================
18:56:53.0000 4608 Scan finished
18:56:53.0000 4608 ============================================================
18:56:53.0000 3488 Detected object count: 0
18:56:53.0000 3488 Actual detected object count: 0
18:56:55.0765 3464 Deinitialize success

#10 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:08:12 AM

Posted 22 January 2012 - 08:22 PM

Please reset IE back to default:

1. Open Internet Explorer.
2. Click Tools from the Command Bar and select Internet Options.
3. Select the Advanced tab.
4. Go to the Reset Internet Explorer settings section and click the Reset button.

5. You will then see a window that outlines the impact of resetting IE8. A basic reset will disable toolbars and add-ons, and reset default web browser settings, advanced options, tabbed browsing settings, privacy settings, pop-up settings and security settings.
If you check the Delete personal settings checkbox, it will reset the home page(s), search providers and Accelerators to their default values. It will also delete the temp internet files, history, cookies, passwords and InPrivate Blocking data.

When you have it set to reset the desired information, click the Reset button.

Restart Internet Explorer.


NEXT



Temp File Cleaner

Download TFC to your desktop
Mirror
  • Close any open windows.
  • Double click the TFC icon to run the program
  • TFC will close all open programs itself in order to run,
  • Click the Start button to begin the process.
  • Allow TFC to run uninterrupted.
  • The program should not take long to finish it's job
  • Once its finished it should automatically reboot your machine,
  • if it doesn't, manually reboot to ensure a complete clean


NEXT

  • Open My Computer.
  • Right-click the local disk volume that you want to defragment (usually your C:\ drive) > then click Properties.
  • On the Tools tab > click Defragment Now.
  • Click Defragment.


NEXT



Please advise if there are any outstanding issues

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#11 blah321456

blah321456
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:06:12 AM

Posted 24 January 2012 - 06:05 PM

Still hanging with IE and sounds like the computer is gong to take off.

#12 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:08:12 AM

Posted 24 January 2012 - 07:47 PM

Is it just IE or does the computer hang with FireFox too?

Nothing else is showing in the logs, but lets have another look with a different ARK


  • Please download aswMBR.exe and save it to your desktop.
  • Double click aswMBR.exe to start the tool. (Vista/Windows 7 users - right click to run as administrator)
  • When asked if you want to download Avast's virus definitions please select Yes.
  • Click Scan

  • Upon completion of the scan, click Save log and save it to your desktop, and post that log in your next reply for review. Note - do NOT attempt any Fix yet.
  • You will also notice another file created on the desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) file. Attach that zipped file in your next reply as well.

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#13 blah321456

blah321456
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:06:12 AM

Posted 25 January 2012 - 03:42 PM

Do you think if I upgrade to IE9 that it will help??

Here is the log:

aswMBR version 0.9.9.1509 Copyright© 2011 AVAST Software
Run date: 2012-01-25 14:07:24
-----------------------------
14:07:24.484 OS Version: Windows 5.1.2600 Service Pack 3
14:07:24.484 Number of processors: 2 586 0x304
14:07:24.484 ComputerName: DEIDRE UserName: Me
14:07:26.062 Initialize success
14:09:53.953 AVAST engine defs: 12012500
14:16:34.562 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-17
14:16:34.562 Disk 0 Vendor: WDC_WD2000JD-98HBB0 08.02D08 Size: 190782MB BusType: 3
14:16:34.562 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP2T0L0-22
14:16:34.562 Disk 1 Vendor: ST3120213AS 3.AHL Size: 114473MB BusType: 3
14:16:34.578 Disk 0 MBR read successfully
14:16:34.593 Disk 0 MBR scan
14:16:34.640 Disk 0 unknown MBR code
14:16:34.640 Disk 0 Partition 1 00 12 Compaq diag NTFS 6149 MB offset 63
14:16:34.656 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 184629 MB offset 12594960
14:16:34.656 Disk 0 scanning sectors +390716865
14:16:34.765 Disk 0 scanning C:\WINDOWS\system32\drivers
14:16:47.890 Service scanning
14:16:49.187 Modules scanning
14:16:53.531 Disk 0 trace - called modules:
14:16:53.562 ntoskrnl.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll pciide.sys PCIIDEX.SYS
14:16:53.562 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a356ab8]
14:16:53.562 3 CLASSPNP.SYS[f7657fd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-17[0x8a347d98]
14:16:54.250 AVAST engine scan C:\WINDOWS
14:17:07.203 AVAST engine scan C:\WINDOWS\system32
14:19:13.796 AVAST engine scan C:\WINDOWS\system32\drivers
14:19:33.140 AVAST engine scan C:\Documents and Settings\Me
14:33:13.500 AVAST engine scan C:\Documents and Settings\All Users
14:34:07.421 Scan finished successfully
14:37:25.812 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Me\Desktop\MBR.dat"
14:37:25.812 The log file has been saved successfully to "C:\Documents and Settings\Me\Desktop\aswMBR.txt"

#14 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:08:12 AM

Posted 25 January 2012 - 08:58 PM

Give upgrading a try, you can always roll back if it makes no difference

the aswMBR log looks clean

let me know if you are still having issues

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#15 blah321456

blah321456
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:06:12 AM

Posted 26 January 2012 - 10:29 AM

Windows XP doesnt allow IE 9 to be installed.. :( I guess I just deal with it.. I dont know what else to do...

Thanks for your time!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users