Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

No Google, No Bing - using www.dogpile.com


  • This topic is locked This topic is locked
14 replies to this topic

#1 PlanetPluto

PlanetPluto

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:North Carolina, USA
  • Local time:12:34 PM

Posted 06 April 2012 - 10:54 AM

Several weeks ago, my internet stopped allowing access to Google and to Bing. Called techies for help - uh, no help. Found my own workaround - started using www.dogpile.com as my search engine. It's been a great little search engine. But, I NEED access to Bing and Google. All logical steps taken...several anti-virus/anti-spyware tried...nothing works.

Searched the internet - found other users with similar problem. One user referenced your site and the brilliant minds that help out here. User had run Combofix; and then, Bing and Google started working - like magic. Unfortunately, magic does not work for me. Ran Combofix need help interpreting the log file.

Any brilliant minds able to help a clueless pc user interpret? PLEASE. Log file below.....


ComboFix 12-04-06.02 - LSnelling 04/06/2012 10:54:08.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2037.1107 [GMT -4:00]
Running from: c:\documents and settings\LSnelling\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
AV: PC Cleaners *Disabled/Updated* {737A8864-C2D9-4337-B49A-B5E35815B9BB}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\TEMP
c:\documents and settings\All Users\Application Data\TEMP\AVG\avi7.avg
c:\documents and settings\All Users\Application Data\TEMP\AVG\crt_x64.msi
c:\documents and settings\All Users\Application Data\TEMP\AVG\files.dat
c:\documents and settings\All Users\Application Data\TEMP\AVG\incavi.avm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_cz.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_da.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_fr.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_ge.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_hu.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_id.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_in.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_it.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_jp.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_ko.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_ms.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_nl.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_pb.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_pl.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_pt.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_ru.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_sc.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_sk.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_sp.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_tr.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_us.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_zh.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_zt.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\microavi.avg
c:\documents and settings\All Users\Application Data\TEMP\AVG\miniavi.avg
c:\documents and settings\All Users\Application Data\TEMP\AVG\setup.dat
c:\documents and settings\All Users\Application Data\TEMP\AVG\setup.exe
c:\documents and settings\All Users\Application Data\TEMP\AVG\setup.ini
c:\documents and settings\All Users\Application Data\TEMP\AVG\setupcz.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\setupda.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\setupfr.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\setupge.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\setuphu.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\setupid.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\setupin.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\setupit.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\setupjp.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\setupko.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\setupms.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\setupnl.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\setuppb.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\setuppl.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\setuppt.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\setupru.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\setupsc.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\setupsk.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\setupsp.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\setuptr.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\setupus.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\setupzh.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\setupzt.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\trialkey.dat
c:\documents and settings\All Users\Application Data\TEMP\AVG\vcredis1.cab
c:\documents and settings\All Users\Application Data\TEMP\AVG\vcredist.msi
c:\windows\ST6UNST.000
c:\windows\system32\Cache
c:\windows\system32\Cache\272512937d9e61a4.fb
c:\windows\system32\Cache\287204568329e189.fb
c:\windows\system32\Cache\28bc8f716fd76a47.fb
c:\windows\system32\Cache\2c53092c95605355.fb
c:\windows\system32\Cache\3917078cb68ec657.fb
c:\windows\system32\Cache\58cc8a20029766b3.fb
c:\windows\system32\Cache\590ba23ce359fd0c.fb
c:\windows\system32\Cache\610289e025a3ee9a.fb
c:\windows\system32\Cache\651c5d3cdbfb8bd1.fb
c:\windows\system32\Cache\6c59ac5e7e7a3ad0.fb
c:\windows\system32\Cache\a8556537add6dfc5.fb
c:\windows\system32\Cache\ad10a52aff5e038d.fb
c:\windows\system32\Cache\c4d28dca2e7648be.fb
c:\windows\system32\Cache\d201ef9910cd39de.fb
c:\windows\system32\Cache\d2e94710a5708128.fb
c:\windows\system32\Cache\d79b9dfe81484ec4.fb
c:\windows\system32\Cache\e0de16f883bea794.fb
c:\windows\TEMP\GoogleToolbarInstaller_updater_signed.exe1525f89f
.
.
((((((((((((((((((((((((( Files Created from 2012-03-06 to 2012-04-06 )))))))))))))))))))))))))))))))
.
.
2012-04-06 13:08 . 2012-04-06 13:08 56200 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DB78C8A8-47A4-4057-BAF0-422903FE2382}\offreg.dll
2012-04-06 07:25 . 2012-03-14 02:15 6582328 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DB78C8A8-47A4-4057-BAF0-422903FE2382}\mpengine.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-14 02:15 . 2011-11-24 00:15 6582328 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-02-17 18:41 . 2008-04-02 05:30 499712 ----a-w- c:\windows\system32\msvcp71.dll
2012-02-17 18:41 . 2008-04-02 05:30 348160 ----a-w- c:\windows\system32\msvcr71.dll
2012-02-03 09:22 . 2004-08-11 22:00 1860096 ----a-w- c:\windows\system32\win32k.sys
2012-01-31 12:44 . 2011-11-23 15:15 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-01-24 21:02 . 2012-01-24 21:02 62736 ----a-r- c:\documents and settings\LSnelling\Application Data\Microsoft\Installer\{CDD4495B-0424-42F0-8D89-70D47E21BD69}\PullClientStartSho_CD6A27034E724245941D2EB3A8CF0DD5.exe
2012-01-24 21:02 . 2012-01-24 21:02 62736 ----a-r- c:\documents and settings\LSnelling\Application Data\Microsoft\Installer\{CDD4495B-0424-42F0-8D89-70D47E21BD69}\ParticipantStartSh_DF0BA5751BF84E0AABDD4B6DA83B3B0C.exe
2012-01-24 21:02 . 2012-01-24 21:02 62736 ----a-r- c:\documents and settings\LSnelling\Application Data\Microsoft\Installer\{CDD4495B-0424-42F0-8D89-70D47E21BD69}\NewShortcut11_0A40599CA5B444D89111273D573729A6.exe
2012-01-24 21:02 . 2012-01-24 21:02 62736 ----a-r- c:\documents and settings\LSnelling\Application Data\Microsoft\Installer\{CDD4495B-0424-42F0-8D89-70D47E21BD69}\MyATTStartShortcut_37B266125E564D7BBC298658403757C7.exe
2012-01-24 21:02 . 2012-01-24 21:02 46352 ----a-r- c:\documents and settings\LSnelling\Application Data\Microsoft\Installer\{CDD4495B-0424-42F0-8D89-70D47E21BD69}\ParticipantHelpSta_AFE5E24C07B1432883124EEC348980E5.exe
2012-01-24 21:02 . 2012-01-24 21:02 58640 ----a-r- c:\documents and settings\LSnelling\Application Data\Microsoft\Installer\{CDD4495B-0424-42F0-8D89-70D47E21BD69}\MyATTDesktopShortc_F98F597BB2C24BCA8A2E00E99FF50C40.exe
2012-01-24 21:02 . 2012-01-24 21:02 62736 ----a-r- c:\documents and settings\LSnelling\Application Data\Microsoft\Installer\{CDD4495B-0424-42F0-8D89-70D47E21BD69}\LSUStartShortcut1_0C445A24F06A4871AC024995E6B63EA6.exe
2012-01-24 21:02 . 2012-01-24 21:02 62736 ----a-r- c:\documents and settings\LSnelling\Application Data\Microsoft\Installer\{CDD4495B-0424-42F0-8D89-70D47E21BD69}\LSUDesktopShortcut_5E8B335F6B1645798E61AE17118989A8.exe
2012-01-24 21:02 . 2012-01-24 21:02 62736 ----a-r- c:\documents and settings\LSnelling\Application Data\Microsoft\Installer\{CDD4495B-0424-42F0-8D89-70D47E21BD69}\ARPPRODUCTICON.exe
2012-01-11 19:06 . 2012-02-16 05:43 3072 ------w- c:\windows\system32\iacenc.dll
2012-01-09 16:20 . 2004-08-11 22:11 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2008-04-14 00:12 . 5652F6CE1D9E9D8068B9D29BC21B5409 . 84992 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\olepro32.dll
[-] 2005-03-25 01:30 . DD4A78CCAD89DA6BEA48EE805FDF23B5 . 84480 . . [5.2.3790.1830] . . c:\windows\system32\olepro32.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2012-01-19 23:25 1811296 ----a-w- c:\program files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll" [2012-01-19 1811296]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RoboForm"="c:\program files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [2009-09-04 160592]
"Push Client"="c:\documents and settings\LSnelling\Local Settings\Application Data\ATT Connect\Participant\pull.exe" [2010-06-03 965872]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2012-04-06 3905920]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EpsonAPD4SV"="c:\program files\EPSON\EPSON Advanced Printer Driver 4\Tools\EAPSV\EAPSV.EXE" [2008-05-02 210304]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2011-08-30 624056]
"Acrobat Speed Launch"="c:\program files\Adobe\Acrobat 8.0\Acrobat\acrobat_sl.exe" [2011-08-30 46520]
"Acrobat Synchronizer"="c:\program files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe" [2011-08-30 738776]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-12-05 8523776]
"nwiz"="nwiz.exe" [2007-12-05 1626112]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-12-05 81920]
"hpbdfawep"="c:\program files\HP\Dfawep\bin\hpbdfawep.exe" [2007-04-25 954368]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2012-01-26 2077536]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]
"vProt"="c:\program files\AVG Secure Search\vprot.exe" [2012-01-19 939872]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296]
"ROC_roc_dec12"="c:\program files\AVG Secure Search\ROC_roc_dec12.exe" [2012-01-19 928096]
"TkBellExe"="c:\program files\Real\RealPlayer\update\realsched.exe" [2012-02-17 296056]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2011-10-24 421888]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2011-07-27 434080]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Scanner File Utility.lnk - c:\program files\Kyocera\FileUtility\NsCatCom.exe [2008-7-11 335872]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoWelcomeScreen"= 1 (0x1)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2011-05-04 17:54 551296 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2010-08-03 07:26 12536 ----a-w- c:\windows\system32\avgrsstx.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
2011-08-30 18:24 624056 ----a-w- c:\program files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Speed Launch]
2011-08-30 23:56 46520 ----a-w- c:\program files\Adobe\Acrobat 8.0\Acrobat\acrobat_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BuildBU]
2004-02-19 10:23 61440 ----a-w- c:\dell\bldbubg.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ECenter]
2008-01-18 01:30 17920 ----a-w- c:\dell\E-Center\EULALauncher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2007-07-17 18:23 162328 ----a-w- c:\windows\system32\hkcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]
2007-07-26 23:03 178712 ----a-w- c:\program files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2007-07-17 18:23 141848 ----a-w- c:\windows\system32\igfxtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
2004-07-27 20:50 221184 ----a-w- c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
2004-07-27 20:50 81920 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\issch.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVDDXSrv]
2007-09-17 15:56 124200 ------w- c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
2007-07-17 18:23 137752 ----a-w- c:\windows\system32\igfxpers.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxioDragToDisc]
2006-08-17 13:00 1116920 ----a-w- c:\program files\Roxio\Drag-to-Disc\DrgToDsc.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]
2007-09-25 00:12 1036288 ----a-w- c:\program files\Analog Devices\Core\smax4pnp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\CyberLink\\PowerDVD DX\\PowerDVD.exe"=
"c:\\Program Files\\CyberLink\\PowerDVD DX\\PDVDDXSrv.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
.
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [5/23/2008 10:34 AM 216400]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [5/23/2008 10:34 AM 243152]
R1 MpKsl3d156a07;MpKsl3d156a07;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DB78C8A8-47A4-4057-BAF0-422903FE2382}\MpKsl3d156a07.sys [4/6/2012 10:42 AM 29904]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [7/22/2011 12:27 PM 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [7/12/2011 5:55 PM 67664]
R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCore.exe [8/11/2011 7:38 PM 116608]
R2 ASFIPmon;Broadcom ASF IP and SMBIOS Mailbox Monitor;c:\program files\Broadcom\ASFIPMon\AsfIpMon.exe [6/20/2007 2:30 PM 79168]
R2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [3/17/2010 9:39 AM 308136]
R2 EpsonPOSLog;Epson Point of Service Log Service;c:\program files\EPSON\EPSON Advanced Printer Driver 4\EpsonPHLog.exe [4/12/2008 5:10 AM 290816]
R2 EpsonPOSPort;Epson Point of Service Port Handler;c:\program files\EPSON\EPSON Advanced Printer Driver 4\EpsonPH.exe [6/2/2008 3:03 PM 368640]
R2 Esdpdx01;Esdpdx01;c:\windows\system32\drivers\ESDPDX01.SYS [12/25/2003 12:00 PM 95485]
R2 Local Print Agent;Local Print Agent;c:\program files\Local Print Agent\Local Print Agent.exe [12/22/2010 11:09 AM 111360]
R2 vToolbarUpdater;vToolbarUpdater;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe [1/19/2012 7:25 PM 909152]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2/17/2012 2:42 PM 136176]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\AVG\AVG9\Toolbar\ToolbarBroker.exe [10/26/2010 9:16 AM 167264]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2/17/2012 2:42 PM 136176]
S3 nosGetPlusHelper;getPlus® Helper 3004;c:\windows\System32\svchost.exe -k nosGetPlusHelper [8/11/2004 6:00 PM 14336]
S3 OKI OPHD DCS Loader;OKI OPHD DCS Loader;c:\windows\system32\spool\drivers\w32x86\3\OPHDLDCS.EXE [7/27/2007 9:56 AM 24576]
S3 TMUSB;EPSON USB Device Driver for TM/BA/EU Printers;c:\windows\system32\drivers\TMUSBXP.SYS [5/23/2008 11:44 AM 46336]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - MPKSL3D156A07
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
getPlusHelper REG_MULTI_SZ getPlusHelper
nosGetPlusHelper REG_MULTI_SZ nosGetPlusHelper
.
Contents of the 'Scheduled Tasks' folder
.
2012-04-06 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 22:57]
.
2012-04-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-02-17 18:42]
.
2012-04-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-02-17 18:42]
.
2012-04-06 c:\windows\Tasks\HP WEP.job
- c:\program files\HP\Dfawep\bin\hpbdfawep.exe [2007-04-25 18:28]
.
2012-04-05 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2011-04-27 20:39]
.
2012-03-14 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1435559559-1872968729-455937231-2609.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2012-01-30 22:45]
.
2012-03-30 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1435559559-1872968729-455937231-2609.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2012-01-30 22:45]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.dogpile.com/
Trusted Zone: mstarproperties.com
TCP: DhcpNameServer = 10.0.0.250
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\10.0.6\ViProtocol.dll
DPF: {11004D63-D403-4128-BE38-BA8035F01AE4} - hxxp://www.centershift.com/csweb/components/csConsolidatedAccountManager.CAB
DPF: {1178E4A2-86B4-11D5-89FA-00C04F2FABD2} - hxxps://host01slc.centershift.com/store31/x/STANPin.CAB
DPF: {16FAC6F5-C570-4E77-9187-7ED6C9D6451C} - hxxps://host01slc.centershift.com/store31/x/csCXPlugIn.CAB
DPF: {306A3A9D-5711-468C-89E1-08B53607ADEC} - hxxp://www.centershift.com/csweb/components/Centershift_ClientManager31.CAB
DPF: {35A07B73-808D-409F-B12E-8EAE82154C78} - hxxp://www.centershift.com/csweb/components/msgPolling.CAB
DPF: {41A7F6B3-95E6-4E01-B370-DED12CA827B7} - hxxps://host01slc.centershift.com/store31/x/csPrint31.CAB
DPF: {52EEED38-6E2F-4B1D-AE39-99FBB56CF8B1} - hxxps://host01slc.centershift.com/store31/x/CSPayment.CAB
DPF: {567ACF49-8D60-4348-B92D-60BF0C2FE5E0} - hxxps://host01slc.centershift.com/store31/x/csDelProcAdmin01.CAB
DPF: {6B42B55C-583F-480C-861D-CED3FCAD3512} - hxxp://www.centershift.com/csweb/components/csAuctionAdmin.CAB
DPF: {6F27485C-ACBA-420D-AD25-44DE8FABB1EB} - hxxp://www.centershift.com/csweb/components/Project1.CAB
DPF: {7A162288-DE78-473C-A6BA-23FF17F768E9} - hxxps://attvd.uc.att.com/attvd/application/EventEntry/AxWebInstaller.cab
DPF: {846D1B10-EC6B-4334-9FFA-EABEC4E8F025} - hxxp://www.centershift.com/csweb/components/csCal.CAB
DPF: {98B2DBC7-131A-4F05-8500-AA6C457A6B58} - hxxp://www.centershift.com/csweb/components/CheckPIN.CAB
DPF: {9C2FC5A6-1D2B-434D-82D8-38652C74F43A} - hxxps://host01slc.centershift.com/store31/x/CSFSO.CAB
DPF: {9E84AFC0-6C29-43FE-8AB5-3A9701CBAB01} - hxxps://host01slc.centershift.com/store31/x/Gate31.CAB
DPF: {A61C74D0-3876-4CBD-9B75-61EC04FE31EE} - hxxp://www.centershift.com/csweb/components/csNavigator3.CAB
DPF: {A866B6B1-D925-4D7E-BDAD-B03EC0451464} - hxxp://www.centershift.com/csweb/components/csYM4.CAB
DPF: {C9BADB23-839E-48C7-BA37-4E1433F15E1C} - hxxps://host01slc.centershift.com/store31/x/STANChangeAddress.CAB
DPF: {E2DAB340-21E9-4795-8105-394CC6DF75BC} - hxxp://www.centershift.com/csweb/components/csStoSA.CAB
DPF: {E3C15E7A-56B3-4977-A76E-E9F1B2614FD8} - hxxps://host01slc.centershift.com/store31/x/ArchitectureAdmin.CAB
DPF: {EF783396-97FB-400B-A6B0-2AC5A74D65DF} - hxxps://host01slc.centershift.com/store31/x/csMap30.CAB
DPF: {F7A34E78-9C47-4B32-A425-4FF7B0E5F77F} - hxxp://www.centershift.com/csweb/components/csSearch.CAB
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
Toolbar-Locked - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)
HKLM-Run-SunJavaUpdateSched - c:\program files\Java\jre6\bin\jusched.exe
MSConfigStartUp-SunJavaUpdateSched - c:\program files\Java\jre1.5.0_06\bin\jusched.exe
AddRemove-Coupon Printer for Windows4.0 - c:\program files\Coupons\uninstall.exe
AddRemove-{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA} - c:\documents and settings\All Users\Application Data\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}\bm_installer.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-04-06 10:58
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(716)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\WININET.dll
.
Completion time: 2012-04-06 11:00:03
ComboFix-quarantined-files.txt 2012-04-06 15:00
.
Pre-Run: 47,505,915,904 bytes free
Post-Run: 48,596,250,624 bytes free
.
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - 81AB16148B24F2B757C1D9B004B923EA

Edit: Moved topic from Web Browsing/Email and Other Internet Applications to the more appropriate forum. ~ Animal

BC AdBot (Login to Remove)

 


#2 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:05:34 PM

Posted 11 April 2012 - 07:26 PM

Hi,

Welcome to Bleeping Computer. My name is m0le and I will be helping you with your log.
  • Please subscribe to this topic, if you haven't already. Click the Watch This Topic button at the top on the right.

  • Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible.

  • Please reply to this post so I know you are there.
The forum is busy and we need to have replies as soon as possible. If I haven't had a reply after 3 days I will bump the topic and if you do not reply by the following day after that then I will close the topic.

Once I receive a reply then I will return with your first instructions.

Thanks :thumbup2:
Posted Image
m0le is a proud member of UNITE

#3 PlanetPluto

PlanetPluto
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:North Carolina, USA
  • Local time:12:34 PM

Posted 12 April 2012 - 08:20 AM

Hi m0le!
I'm here. I was worried that no one would help me (since I'm one of the dumb a$$e$ that decided to run Combofix without being instructed to do it). So, I'm very happy to have your attention. Please let me know next steps. I'll do a better job of following instructions.
Thanks!
Leigh

#4 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:05:34 PM

Posted 12 April 2012 - 02:38 PM

Yes, we will still help you even though you ran Combofix.

Let's see if we can find the root cause

Please download aswMBR ( 511KB ) to your desktop.
  • Double click the aswMBR.exe icon to run it
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

Posted Image
m0le is a proud member of UNITE

#5 PlanetPluto

PlanetPluto
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:North Carolina, USA
  • Local time:12:34 PM

Posted 12 April 2012 - 03:38 PM

Hi m0le!

Turns out, I am capable of following directions! Ok - so, maybe only when I'm desperate and the soluton is as easy to me as Egyptian hieroglyphs. But, I think I got this right....thankfully, you can understand "compu-glyphs"...

Here is the log file, as requested:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-04-12 15:47:48
-----------------------------
15:47:48.284 OS Version: Windows 5.1.2600 Service Pack 3
15:47:48.284 Number of processors: 2 586 0xF0D
15:47:48.284 ComputerName: LSNELLING-DELL UserName: LSnelling
15:47:49.065 Initialize success
16:02:48.768 AVAST engine defs: 12041200
16:03:19.924 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
16:03:19.924 Disk 0 Vendor: Intel___ 1.0. Size: 76291MB BusType: 8
16:03:19.940 Disk 0 MBR read successfully
16:03:19.940 Disk 0 MBR scan
16:03:20.002 Disk 0 Windows XP default MBR code
16:03:20.002 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 47 MB offset 63
16:03:20.034 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 76238 MB offset 96390
16:03:20.049 Disk 0 scanning sectors +156232125
16:03:20.174 Disk 0 scanning C:\WINDOWS\system32\drivers
16:03:40.752 Service scanning
16:03:43.190 Service ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys **LOCKED** 32
16:04:01.830 Service MpKsl67abb2a2 c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{2D7EDA2E-1B1E-442D-8649-474DA51AA41E}\MpKsl67abb2a2.sys **LOCKED** 32
16:04:29.268 Modules scanning
16:04:38.315 Disk 0 trace - called modules:
16:04:38.315 ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys >>UNKNOWN [0x89ce21a9]<<
16:04:38.330 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a71f030]
16:04:38.330 3 CLASSPNP.SYS[ba0e8fd7] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x8a72f030]
16:04:38.768 AVAST engine scan C:\WINDOWS
16:05:16.284 AVAST engine scan C:\WINDOWS\system32
16:09:44.971 AVAST engine scan C:\WINDOWS\system32\drivers
16:10:09.143 AVAST engine scan C:\Documents and Settings\LSnelling
16:12:55.580 AVAST engine scan C:\Documents and Settings\All Users
16:14:46.502 Scan finished successfully
16:15:58.596 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\LSnelling\Desktop\MBR.dat"
16:15:58.596 The log file has been saved successfully to "C:\Documents and Settings\LSnelling\Desktop\aswMBR.txt"

Please advise on next steps.
Thanks again!
Leigh

#6 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:05:34 PM

Posted 12 April 2012 - 06:53 PM

There's an UNKNOWN showing in the log which is usually bad news.

Please run TDSSKiller

  • Download TDSSKiller and save it to your Desktop.

  • Extract its contents to your desktop and make sure TDSSKiller.exe (the contents of the zipped file) is on the Desktop itself, not within a folder on the desktop.

  • Go to Start > Run (Or you can hold down your Windows key and press R) and copy and paste the following into the text field. (make sure you include the quote marks) Then press OK.

    "%userprofile%\Desktop\TDSSKiller.exe" -l report.txt

  • Now click Start Scan.
  • If Malicious objects are found, ensure Cure is selected then click Continue > Reboot now.
  • Click Close
  • Finally press Report and copy and paste the contents into your next reply. If you've rebooted then the log will be found at C:\

Posted Image
m0le is a proud member of UNITE

#7 PlanetPluto

PlanetPluto
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:North Carolina, USA
  • Local time:12:34 PM

Posted 13 April 2012 - 08:43 AM

m0le, m0le, m0le!!!!!

You are the MAN!!! You did it!!! I can't explain how happy I am to see Google and Bing functioning again.
I'll still use www.dogpile.com as my primary search engine - simply out of loyalty (it didn't let me down when all other search engines failed) and it truly has been a good little search engine. This is wonderful. I think I'll quit my job, shave my head and skip off into the wildflowers in the countryside. Um, Ok - so I need the money, am fond of the hair and don't really care for wildflowers...but, I smiled for a minute over the thought.

Here is the log file. Microsoft Security Essentials did pop up after the scan with TDSSKiller and took credit for cleaning my computer. But I know the truth.... Please let me know if there is anything else I need to do.
Thank you, thank you, thank you.
-Leigh

09:11:21.0968 3568 TDSS rootkit removing tool 2.7.28.0 Apr 10 2012 16:54:05
09:11:22.0437 3568 ============================================================
09:11:22.0437 3568 Current date / time: 2012/04/13 09:11:22.0437
09:11:22.0437 3568 SystemInfo:
09:11:22.0437 3568
09:11:22.0437 3568 OS Version: 5.1.2600 ServicePack: 3.0
09:11:22.0437 3568 Product type: Workstation
09:11:22.0437 3568 ComputerName: LSNELLING-DELL
09:11:22.0453 3568 UserName: LSnelling
09:11:22.0453 3568 Windows directory: C:\WINDOWS
09:11:22.0453 3568 System windows directory: C:\WINDOWS
09:11:22.0453 3568 Processor architecture: Intel x86
09:11:22.0453 3568 Number of processors: 2
09:11:22.0453 3568 Page size: 0x1000
09:11:22.0468 3568 Boot type: Normal boot
09:11:22.0468 3568 ============================================================
09:11:23.0656 3568 Drive \Device\Harddisk0\DR0 - Size: 0x12A0300000 (74.50 Gb), SectorSize: 0x200, Cylinders: 0x25FD, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
09:11:23.0687 3568 \Device\Harddisk0\DR0:
09:11:23.0718 3568 MBR used
09:11:23.0718 3568 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x17886, BlocksNum 0x94E7137
09:11:23.0797 3568 Initialize success
09:11:23.0797 3568 ============================================================
09:11:51.0140 5912 ============================================================
09:11:51.0140 5912 Scan started
09:11:51.0140 5912 Mode: Manual;
09:11:51.0140 5912 ============================================================
09:11:52.0047 5912 !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
09:11:52.0047 5912 !SASCORE - ok
09:11:52.0234 5912 Abiosdsk - ok
09:11:52.0343 5912 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
09:11:52.0343 5912 abp480n5 - ok
09:11:52.0437 5912 ACPI (d8fb7d1c3f5bfa3f53fe9cc6367e9e99) C:\WINDOWS\system32\DRIVERS\ACPI.sys
09:11:52.0500 5912 Suspicious file (Forged): C:\WINDOWS\system32\DRIVERS\ACPI.sys. Real md5: d8fb7d1c3f5bfa3f53fe9cc6367e9e99, Fake md5: 8fd99680a539792a30e97944fdaecf17
09:11:52.0500 5912 ACPI ( Virus.Win32.Rloader.a ) - infected
09:11:52.0500 5912 ACPI - detected Virus.Win32.Rloader.a (0)
09:11:52.0703 5912 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
09:11:52.0703 5912 ACPIEC - ok
09:11:52.0906 5912 ADIHdAudAddService (0f0a69496989912351284bb1baa2ce57) C:\WINDOWS\system32\drivers\ADIHdAud.sys
09:11:52.0953 5912 ADIHdAudAddService - ok
09:11:53.0093 5912 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
09:11:53.0093 5912 adpu160m - ok
09:11:53.0203 5912 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
09:11:53.0234 5912 aec - ok
09:11:53.0406 5912 AegisP (2f7f3e8da380325866e566f5d5ec23d5) C:\WINDOWS\system32\DRIVERS\AegisP.sys
09:11:53.0484 5912 AegisP - ok
09:11:53.0625 5912 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
09:11:53.0687 5912 AFD - ok
09:11:53.0859 5912 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
09:11:53.0906 5912 agp440 - ok
09:11:53.0984 5912 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
09:11:53.0984 5912 agpCPQ - ok
09:11:54.0078 5912 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
09:11:54.0078 5912 Aha154x - ok
09:11:54.0250 5912 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
09:11:54.0250 5912 aic78u2 - ok
09:11:54.0343 5912 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
09:11:54.0359 5912 aic78xx - ok
09:11:54.0437 5912 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
09:11:54.0453 5912 Alerter - ok
09:11:54.0515 5912 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
09:11:54.0515 5912 ALG - ok
09:11:54.0656 5912 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
09:11:54.0656 5912 AliIde - ok
09:11:54.0734 5912 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
09:11:54.0734 5912 alim1541 - ok
09:11:54.0812 5912 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
09:11:54.0828 5912 amdagp - ok
09:11:54.0922 5912 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
09:11:54.0937 5912 amsint - ok
09:11:55.0234 5912 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll
09:11:55.0250 5912 AppMgmt - ok
09:11:55.0406 5912 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
09:11:55.0406 5912 asc - ok
09:11:55.0484 5912 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
09:11:55.0484 5912 asc3350p - ok
09:11:55.0609 5912 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
09:11:55.0609 5912 asc3550 - ok
09:11:55.0687 5912 ASFIPmon (6295dd28d0ecbc4e6e450c279fef5ed9) C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe
09:11:55.0703 5912 ASFIPmon - ok
09:11:55.0937 5912 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
09:11:56.0093 5912 aspnet_state - ok
09:11:56.0234 5912 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
09:11:56.0234 5912 AsyncMac - ok
09:11:56.0328 5912 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
09:11:56.0343 5912 atapi - ok
09:11:56.0547 5912 Atdisk - ok
09:11:56.0593 5912 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
09:11:56.0640 5912 Atmarpc - ok
09:11:56.0734 5912 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
09:11:56.0765 5912 AudioSrv - ok
09:11:56.0828 5912 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
09:11:56.0843 5912 audstub - ok
09:11:57.0047 5912 AVG Security Toolbar Service (d45b7995761253a92ab071d576114f28) C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe
09:11:57.0062 5912 AVG Security Toolbar Service - ok
09:11:57.0172 5912 avg9wd (c4d15594db5be042d3346ea58df87d89) C:\Program Files\AVG\AVG9\avgwdsvc.exe
09:11:57.0187 5912 avg9wd - ok
09:11:57.0406 5912 AvgLdx86 (b8c187439d27aba430dd69fdcf1fa657) C:\WINDOWS\System32\Drivers\avgldx86.sys
09:11:57.0453 5912 AvgLdx86 - ok
09:11:57.0531 5912 AvgMfx86 (80ff2b1b7eeda966394f0baa895bbf4b) C:\WINDOWS\System32\Drivers\avgmfx86.sys
09:11:57.0562 5912 AvgMfx86 - ok
09:11:57.0703 5912 AvgTdiX (9a7a93388f503a34e7339ae7f9997449) C:\WINDOWS\System32\Drivers\avgtdix.sys
09:11:57.0703 5912 AvgTdiX - ok
09:11:57.0781 5912 b57w2k (d0692f7b8217e3b82d2bfac535816117) C:\WINDOWS\system32\DRIVERS\b57xp32.sys
09:11:57.0828 5912 b57w2k - ok
09:11:57.0937 5912 BASFND (5c68ac6f3e5b3e6d6a78e97d05e42c3a) C:\Program Files\Broadcom\ASFIPMon\BASFND.sys
09:11:57.0953 5912 BASFND - ok
09:11:58.0140 5912 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
09:11:58.0140 5912 Beep - ok
09:11:58.0297 5912 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
09:11:58.0343 5912 BITS - ok
09:11:58.0515 5912 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
09:11:58.0531 5912 Browser - ok
09:11:58.0968 5912 catchme - ok
09:11:59.0328 5912 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
09:11:59.0328 5912 cbidf - ok
09:11:59.0437 5912 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
09:11:59.0437 5912 cbidf2k - ok
09:11:59.0515 5912 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
09:11:59.0547 5912 cd20xrnt - ok
09:11:59.0672 5912 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
09:11:59.0672 5912 Cdaudio - ok
09:11:59.0906 5912 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
09:11:59.0937 5912 Cdfs - ok
09:12:00.0047 5912 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
09:12:00.0047 5912 Cdrom - ok
09:12:00.0172 5912 Changer - ok
09:12:00.0250 5912 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
09:12:00.0265 5912 CiSvc - ok
09:12:00.0359 5912 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
09:12:00.0359 5912 ClipSrv - ok
09:12:00.0468 5912 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:12:00.0593 5912 clr_optimization_v2.0.50727_32 - ok
09:12:00.0718 5912 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
09:12:00.0718 5912 CmdIde - ok
09:12:00.0828 5912 COMSysApp - ok
09:12:00.0984 5912 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
09:12:01.0015 5912 Cpqarray - ok
09:12:01.0156 5912 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
09:12:01.0156 5912 CryptSvc - ok
09:12:01.0312 5912 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
09:12:01.0343 5912 dac2w2k - ok
09:12:01.0468 5912 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
09:12:01.0468 5912 dac960nt - ok
09:12:01.0547 5912 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
09:12:01.0562 5912 DcomLaunch - ok
09:12:01.0625 5912 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
09:12:01.0625 5912 Dhcp - ok
09:12:01.0750 5912 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
09:12:01.0750 5912 Disk - ok
09:12:01.0875 5912 DLABMFSM (0659e6e0a95564f958d9df7313f7701e) C:\WINDOWS\system32\DLA\DLABMFSM.SYS
09:12:01.0890 5912 DLABMFSM - ok
09:12:02.0031 5912 DLABOIOM (8691c78908f0bd66170669db268369f2) C:\WINDOWS\system32\DLA\DLABOIOM.SYS
09:12:02.0140 5912 DLABOIOM - ok
09:12:02.0187 5912 DLACDBHM (76167b5eb2dffc729edc36386876b40b) C:\WINDOWS\system32\Drivers\DLACDBHM.SYS
09:12:02.0203 5912 DLACDBHM - ok
09:12:02.0234 5912 DLADResM (5615744a1056933b90e6ac54feb86f35) C:\WINDOWS\system32\DLA\DLADResM.SYS
09:12:02.0281 5912 DLADResM - ok
09:12:02.0281 5912 DLAIFS_M (1aeca2afa5005ce4a550cf8eb55a8c88) C:\WINDOWS\system32\DLA\DLAIFS_M.SYS
09:12:02.0297 5912 DLAIFS_M - ok
09:12:02.0297 5912 DLAOPIOM (840e7f6abb885c72b9ffddb022ef5b6d) C:\WINDOWS\system32\DLA\DLAOPIOM.SYS
09:12:02.0297 5912 DLAOPIOM - ok
09:12:02.0359 5912 DLAPoolM (0294d18731ac05da80132ce88f8a876b) C:\WINDOWS\system32\DLA\DLAPoolM.SYS
09:12:02.0359 5912 DLAPoolM - ok
09:12:02.0359 5912 DLARTL_M (91886fed52a3f9966207bce46cfd794f) C:\WINDOWS\system32\Drivers\DLARTL_M.SYS
09:12:02.0359 5912 DLARTL_M - ok
09:12:02.0375 5912 DLAUDFAM (cca4e121d599d7d1706a30f603731e59) C:\WINDOWS\system32\DLA\DLAUDFAM.SYS
09:12:02.0375 5912 DLAUDFAM - ok
09:12:02.0422 5912 DLAUDF_M (7dab85c33135df24419951da4e7d38e5) C:\WINDOWS\system32\DLA\DLAUDF_M.SYS
09:12:02.0515 5912 DLAUDF_M - ok
09:12:02.0578 5912 dmadmin - ok
09:12:02.0750 5912 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
09:12:02.0828 5912 dmboot - ok
09:12:03.0031 5912 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
09:12:03.0062 5912 dmio - ok
09:12:03.0172 5912 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
09:12:03.0187 5912 dmload - ok
09:12:03.0328 5912 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
09:12:03.0359 5912 dmserver - ok
09:12:03.0500 5912 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
09:12:03.0515 5912 DMusic - ok
09:12:03.0625 5912 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
09:12:03.0625 5912 Dnscache - ok
09:12:03.0734 5912 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
09:12:03.0750 5912 Dot3svc - ok
09:12:03.0828 5912 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
09:12:03.0843 5912 dpti2o - ok
09:12:04.0047 5912 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
09:12:04.0047 5912 drmkaud - ok
09:12:04.0172 5912 DRVMCDB (c00440385cf9f3d142917c63f989e244) C:\WINDOWS\system32\Drivers\DRVMCDB.SYS
09:12:04.0203 5912 DRVMCDB - ok
09:12:04.0265 5912 DRVNDDM (6e6ab29d3c06e64ce81feacda85394b5) C:\WINDOWS\system32\Drivers\DRVNDDM.SYS
09:12:04.0265 5912 DRVNDDM - ok
09:12:04.0531 5912 E100B (3fca03cbca11269f973b70fa483c88ef) C:\WINDOWS\system32\DRIVERS\e100b325.sys
09:12:04.0531 5912 E100B - ok
09:12:04.0625 5912 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
09:12:04.0640 5912 EapHost - ok
09:12:04.0797 5912 EpsonPOSLog (37a50ab52f21fd38247ab3e572e73af7) C:\Program Files\EPSON\EPSON Advanced Printer Driver 4\EpsonPHLog.exe
09:12:04.0968 5912 EpsonPOSLog - ok
09:12:05.0093 5912 EpsonPOSPort (e79992e54d054d702730288bf6cd7eb2) C:\Program Files\EPSON\EPSON Advanced Printer Driver 4\EpsonPH.exe
09:12:05.0125 5912 EpsonPOSPort - ok
09:12:05.0250 5912 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
09:12:05.0281 5912 ERSvc - ok
09:12:05.0422 5912 Esdpdx01 (b33fa05b6fdfd75115ef3e9d72cf0027) C:\WINDOWS\system32\Drivers\ESDPDX01.SYS
09:12:05.0500 5912 Esdpdx01 - ok
09:12:05.0656 5912 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
09:12:05.0703 5912 Eventlog - ok
09:12:05.0765 5912 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
09:12:05.0765 5912 EventSystem - ok
09:12:05.0906 5912 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
09:12:05.0906 5912 Fastfat - ok
09:12:06.0093 5912 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
09:12:06.0109 5912 FastUserSwitchingCompatibility - ok
09:12:06.0297 5912 Fax (e97d6a8684466df94ff3bc24fb787a07) C:\WINDOWS\system32\fxssvc.exe
09:12:06.0297 5912 Fax - ok
09:12:06.0453 5912 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
09:12:06.0468 5912 Fdc - ok
09:12:06.0672 5912 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
09:12:06.0703 5912 Fips - ok
09:12:06.0922 5912 FLEXnet Licensing Service (227846995afeefa70d328bf5334a86a5) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
09:12:06.0968 5912 FLEXnet Licensing Service - ok
09:12:07.0187 5912 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
09:12:07.0187 5912 Flpydisk - ok
09:12:07.0359 5912 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
09:12:07.0390 5912 FltMgr - ok
09:12:07.0625 5912 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
09:12:07.0687 5912 FontCache3.0.0.0 - ok
09:12:07.0843 5912 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
09:12:07.0875 5912 Fs_Rec - ok
09:12:08.0125 5912 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
09:12:08.0140 5912 Ftdisk - ok
09:12:08.0281 5912 getPlusHelper (9599a713e1776b8f69300fc9008f33c1) C:\Program Files\NOS\bin\getPlus_Helper.dll
09:12:08.0297 5912 getPlusHelper - ok
09:12:08.0453 5912 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
09:12:08.0453 5912 Gpc - ok
09:12:08.0687 5912 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
09:12:08.0687 5912 gupdate - ok
09:12:08.0718 5912 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
09:12:08.0718 5912 gupdatem - ok
09:12:08.0812 5912 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
09:12:08.0875 5912 gusvc - ok
09:12:09.0187 5912 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
09:12:09.0218 5912 HDAudBus - ok
09:12:09.0453 5912 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
09:12:09.0515 5912 helpsvc - ok
09:12:09.0609 5912 HidServ (deb04da35cc871b6d309b77e1443c796) C:\WINDOWS\System32\hidserv.dll
09:12:09.0609 5912 HidServ - ok
09:12:09.0781 5912 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
09:12:09.0812 5912 HidUsb - ok
09:12:10.0109 5912 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
09:12:10.0125 5912 hkmsvc - ok
09:12:10.0265 5912 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
09:12:10.0281 5912 hpn - ok
09:12:10.0406 5912 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
09:12:10.0422 5912 HTTP - ok
09:12:10.0593 5912 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
09:12:10.0625 5912 HTTPFilter - ok
09:12:10.0843 5912 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
09:12:10.0843 5912 i2omgmt - ok
09:12:11.0156 5912 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
09:12:11.0172 5912 i2omp - ok
09:12:11.0375 5912 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
09:12:11.0390 5912 i8042prt - ok
09:12:11.0547 5912 IAANTMON (6ac8ac8e3b413fa1ee8256e65fe0ba72) C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
09:12:11.0578 5912 IAANTMON - ok
09:12:12.0328 5912 ialm (12c7f8d581c4a9f126f5f8f5683a1c29) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
09:12:13.0015 5912 ialm - ok
09:12:13.0312 5912 iaStor (bdc361489a7f22e568060fa6fb3c960e) C:\WINDOWS\system32\drivers\iaStor.sys
09:12:13.0312 5912 iaStor - ok
09:12:13.0531 5912 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
09:12:13.0578 5912 idsvc - ok
09:12:13.0750 5912 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
09:12:13.0750 5912 Imapi - ok
09:12:13.0937 5912 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
09:12:13.0937 5912 ImapiService - ok
09:12:14.0078 5912 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
09:12:14.0093 5912 ini910u - ok
09:12:14.0156 5912 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
09:12:14.0156 5912 IntelIde - ok
09:12:14.0250 5912 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
09:12:14.0312 5912 intelppm - ok
09:12:14.0500 5912 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
09:12:14.0547 5912 Ip6Fw - ok
09:12:14.0672 5912 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
09:12:14.0687 5912 IpFilterDriver - ok
09:12:14.0812 5912 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
09:12:14.0812 5912 IpInIp - ok
09:12:14.0937 5912 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
09:12:15.0093 5912 IpNat - ok
09:12:15.0218 5912 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
09:12:15.0265 5912 IPSec - ok
09:12:15.0390 5912 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
09:12:15.0390 5912 IRENUM - ok
09:12:15.0578 5912 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
09:12:15.0609 5912 isapnp - ok
09:12:15.0797 5912 JavaQuickStarterService (9dba73c2f1e76ec4cb837e67c5743596) C:\Program Files\Java\jre6\bin\jqs.exe
09:12:15.0797 5912 JavaQuickStarterService - ok
09:12:16.0156 5912 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
09:12:16.0187 5912 Kbdclass - ok
09:12:16.0390 5912 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
09:12:16.0422 5912 kbdhid - ok
09:12:16.0484 5912 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
09:12:16.0625 5912 kmixer - ok
09:12:16.0718 5912 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
09:12:16.0734 5912 KSecDD - ok
09:12:16.0843 5912 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
09:12:16.0859 5912 lanmanserver - ok
09:12:16.0953 5912 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
09:12:17.0015 5912 lanmanworkstation - ok
09:12:17.0172 5912 lbrtfdc - ok
09:12:17.0250 5912 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
09:12:17.0265 5912 LmHosts - ok
09:12:17.0359 5912 Local Print Agent (4b191ede02cd6d1bd026ee295fdd29bc) C:\Program Files\Local Print Agent\Local Print Agent.exe
09:12:17.0390 5912 Local Print Agent - ok
09:12:17.0562 5912 MDM (11f714f85530a2bd134074dc30e99fca) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
09:12:17.0578 5912 MDM - ok
09:12:17.0765 5912 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
09:12:17.0797 5912 Messenger - ok
09:12:18.0000 5912 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
09:12:18.0031 5912 Microsoft Office Groove Audit Service - ok
09:12:18.0250 5912 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
09:12:18.0281 5912 mnmdd - ok
09:12:18.0422 5912 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
09:12:18.0437 5912 mnmsrvc - ok
09:12:18.0484 5912 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
09:12:18.0484 5912 Modem - ok
09:12:18.0562 5912 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
09:12:18.0609 5912 Mouclass - ok
09:12:18.0718 5912 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
09:12:18.0750 5912 mouhid - ok
09:12:18.0890 5912 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
09:12:18.0890 5912 MountMgr - ok
09:12:19.0078 5912 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\WINDOWS\system32\DRIVERS\MpFilter.sys
09:12:19.0093 5912 MpFilter - ok
09:12:19.0468 5912 MpKsl8beaafdb (a69630d039c38018689190234f866d77) c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{6C5A755E-4F3F-4E18-B72C-10343B45B405}\MpKsl8beaafdb.sys
09:12:19.0468 5912 MpKsl8beaafdb - ok
09:12:19.0718 5912 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
09:12:19.0718 5912 mraid35x - ok
09:12:19.0953 5912 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
09:12:19.0953 5912 MRxDAV - ok
09:12:20.0125 5912 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
09:12:20.0234 5912 MRxSmb - ok
09:12:20.0406 5912 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe
09:12:20.0422 5912 MSDTC - ok
09:12:20.0718 5912 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
09:12:20.0750 5912 Msfs - ok
09:12:20.0797 5912 MSIServer - ok
09:12:20.0968 5912 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
09:12:20.0968 5912 MSKSSRV - ok
09:12:21.0109 5912 MsMpSvc (cfce43b70ca0cc4dcc8adb62b792b173) c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
09:12:21.0109 5912 MsMpSvc - ok
09:12:21.0265 5912 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
09:12:21.0265 5912 MSPCLOCK - ok
09:12:21.0359 5912 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
09:12:21.0390 5912 MSPQM - ok
09:12:21.0500 5912 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
09:12:21.0515 5912 mssmbios - ok
09:12:21.0828 5912 MSSQL$MSSMLBIZ - ok
09:12:21.0953 5912 MSSQLServerADHelper (1d89eb4e2a99cabd4e81225f4f4c4b25) c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
09:12:21.0953 5912 MSSQLServerADHelper - ok
09:12:22.0125 5912 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
09:12:22.0203 5912 Mup - ok
09:12:22.0406 5912 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
09:12:22.0453 5912 napagent - ok
09:12:22.0703 5912 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
09:12:22.0781 5912 NDIS - ok
09:12:22.0968 5912 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
09:12:22.0984 5912 NdisTapi - ok
09:12:23.0109 5912 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
09:12:23.0156 5912 Ndisuio - ok
09:12:23.0218 5912 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
09:12:23.0234 5912 NdisWan - ok
09:12:23.0422 5912 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
09:12:23.0453 5912 NDProxy - ok
09:12:23.0547 5912 Net Driver HPZ12 (ec5e4025d3be33055da6ab09238d51bd) C:\WINDOWS\system32\HPZinw12.dll
09:12:23.0593 5912 Net Driver HPZ12 - ok
09:12:23.0640 5912 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
09:12:23.0640 5912 NetBIOS - ok
09:12:23.0765 5912 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
09:12:23.0765 5912 NetBT - ok
09:12:23.0812 5912 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
09:12:23.0828 5912 NetDDE - ok
09:12:23.0828 5912 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
09:12:23.0828 5912 NetDDEdsdm - ok
09:12:23.0922 5912 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
09:12:23.0953 5912 Netlogon - ok
09:12:24.0047 5912 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
09:12:24.0062 5912 Netman - ok
09:12:24.0218 5912 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:12:24.0265 5912 NetTcpPortSharing - ok
09:12:24.0453 5912 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
09:12:24.0453 5912 Nla - ok
09:12:24.0578 5912 nosGetPlusHelper (ef7a048fe8e3f102c78c9bd7c448bb6c) C:\Program Files\NOS\bin\getPlus_Helper_3004.dll
09:12:24.0578 5912 nosGetPlusHelper - ok
09:12:24.0890 5912 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
09:12:24.0922 5912 Npfs - ok
09:12:25.0218 5912 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
09:12:25.0250 5912 Ntfs - ok
09:12:25.0390 5912 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
09:12:25.0390 5912 NtLmSsp - ok
09:12:25.0578 5912 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
09:12:25.0578 5912 NtmsSvc - ok
09:12:25.0734 5912 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
09:12:25.0765 5912 Null - ok
09:12:26.0500 5912 nv (8c0456001b6900114bbb1c548bd8aaf5) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
09:12:27.0203 5912 nv - ok
09:12:27.0453 5912 NVSvc (472a00d2183c9e5edb3e076272741812) C:\WINDOWS\system32\nvsvc32.exe
09:12:27.0468 5912 NVSvc - ok
09:12:27.0562 5912 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
09:12:27.0562 5912 NwlnkFlt - ok
09:12:27.0609 5912 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
09:12:27.0609 5912 NwlnkFwd - ok
09:12:27.0828 5912 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
09:12:27.0843 5912 odserv - ok
09:12:28.0078 5912 OKI OPHD DCS Loader (5ef635b8440db8596248b5f93a60f355) C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\OPHDLDCS.EXE
09:12:28.0093 5912 OKI OPHD DCS Loader - ok
09:12:28.0187 5912 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:12:28.0203 5912 ose - ok
09:12:28.0547 5912 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
09:12:28.0578 5912 Parport - ok
09:12:28.0703 5912 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
09:12:28.0703 5912 PartMgr - ok
09:12:28.0922 5912 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
09:12:28.0922 5912 ParVdm - ok
09:12:29.0062 5912 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
09:12:29.0093 5912 PCI - ok
09:12:29.0156 5912 PCIDump - ok
09:12:29.0172 5912 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
09:12:29.0187 5912 PCIIde - ok
09:12:29.0297 5912 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
09:12:29.0297 5912 Pcmcia - ok
09:12:29.0343 5912 PDCOMP - ok
09:12:29.0375 5912 PDFRAME - ok
09:12:29.0422 5912 PDRELI - ok
09:12:29.0453 5912 PDRFRAME - ok
09:12:29.0531 5912 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
09:12:29.0547 5912 perc2 - ok
09:12:29.0734 5912 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
09:12:29.0734 5912 perc2hib - ok
09:12:29.0875 5912 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
09:12:29.0875 5912 PlugPlay - ok
09:12:30.0015 5912 Pml Driver HPZ12 (2b81b089d9364083f5046ad1307a65be) C:\WINDOWS\system32\HPZipm12.dll
09:12:30.0031 5912 Pml Driver HPZ12 - ok
09:12:30.0140 5912 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
09:12:30.0140 5912 PolicyAgent - ok
09:12:30.0343 5912 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
09:12:30.0359 5912 PptpMiniport - ok
09:12:30.0468 5912 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
09:12:30.0468 5912 ProtectedStorage - ok
09:12:30.0703 5912 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
09:12:30.0765 5912 PSched - ok
09:12:30.0984 5912 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
09:12:30.0984 5912 Ptilink - ok
09:12:31.0406 5912 PxHelp20 (feffcfdc528764a04c8ed63d5fa6e711) C:\WINDOWS\system32\Drivers\PxHelp20.sys
09:12:31.0468 5912 PxHelp20 - ok
09:12:31.0609 5912 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
09:12:31.0609 5912 ql1080 - ok
09:12:31.0703 5912 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
09:12:31.0734 5912 Ql10wnt - ok
09:12:31.0797 5912 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
09:12:31.0828 5912 ql12160 - ok
09:12:31.0906 5912 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
09:12:31.0937 5912 ql1240 - ok
09:12:32.0000 5912 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
09:12:32.0015 5912 ql1280 - ok
09:12:32.0265 5912 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
09:12:32.0265 5912 RasAcd - ok
09:12:32.0343 5912 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
09:12:32.0343 5912 RasAuto - ok
09:12:32.0593 5912 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
09:12:32.0625 5912 Rasl2tp - ok
09:12:32.0718 5912 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
09:12:32.0734 5912 RasMan - ok
09:12:32.0875 5912 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
09:12:32.0875 5912 RasPppoe - ok
09:12:32.0937 5912 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
09:12:33.0047 5912 Raspti - ok
09:12:33.0172 5912 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
09:12:33.0187 5912 Rdbss - ok
09:12:33.0281 5912 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
09:12:33.0297 5912 RDPCDD - ok
09:12:33.0484 5912 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
09:12:33.0547 5912 rdpdr - ok
09:12:33.0656 5912 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
09:12:33.0687 5912 RDPWD - ok
09:12:33.0718 5912 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
09:12:33.0797 5912 RDSessMgr - ok
09:12:34.0031 5912 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
09:12:34.0031 5912 redbook - ok
09:12:34.0218 5912 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
09:12:34.0234 5912 RemoteAccess - ok
09:12:34.0343 5912 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINDOWS\system32\regsvc.dll
09:12:34.0343 5912 RemoteRegistry - ok
09:12:34.0422 5912 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
09:12:34.0437 5912 RpcLocator - ok
09:12:34.0640 5912 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\System32\rpcss.dll
09:12:34.0640 5912 RpcSs - ok
09:12:34.0890 5912 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
09:12:34.0922 5912 RSVP - ok
09:12:35.0172 5912 RT61 (581e74880aeb1dba1cb5ac8e6e6c0a69) C:\WINDOWS\system32\DRIVERS\RT61.sys
09:12:35.0187 5912 RT61 - ok
09:12:35.0281 5912 SABProcEnum - ok
09:12:35.0406 5912 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
09:12:35.0406 5912 SamSs - ok
09:12:35.0484 5912 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
09:12:35.0484 5912 SASDIFSV - ok
09:12:35.0500 5912 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
09:12:35.0500 5912 SASKUTIL - ok
09:12:35.0547 5912 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
09:12:35.0562 5912 SCardSvr - ok
09:12:35.0672 5912 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
09:12:35.0750 5912 Schedule - ok
09:12:35.0984 5912 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
09:12:35.0984 5912 Secdrv - ok
09:12:36.0140 5912 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
09:12:36.0156 5912 seclogon - ok
09:12:36.0359 5912 SenFiltService (b6a6b409fda9d9ebd3aadb838d3d7173) C:\WINDOWS\system32\drivers\Senfilt.sys
09:12:36.0375 5912 SenFiltService - ok
09:12:36.0531 5912 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
09:12:36.0531 5912 SENS - ok
09:12:36.0672 5912 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
09:12:36.0672 5912 serenum - ok
09:12:36.0718 5912 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
09:12:36.0734 5912 Serial - ok
09:12:36.0937 5912 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
09:12:36.0937 5912 Sfloppy - ok
09:12:37.0047 5912 SFUSVC (5944ecbcf555dedd7f48f9982d5ddff4) C:\Program Files\Kyocera\FileUtility\SFUSVC.exe
09:12:37.0062 5912 SFUSVC - ok
09:12:37.0250 5912 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
09:12:37.0265 5912 SharedAccess - ok
09:12:37.0437 5912 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
09:12:37.0437 5912 ShellHWDetection - ok
09:12:37.0453 5912 Simbad - ok
09:12:37.0562 5912 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
09:12:37.0562 5912 sisagp - ok
09:12:37.0718 5912 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
09:12:37.0750 5912 Sparrow - ok
09:12:37.0984 5912 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
09:12:38.0047 5912 splitter - ok
09:12:38.0250 5912 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
09:12:38.0281 5912 Spooler - ok
09:12:38.0453 5912 SQLBrowser (86ebd8b1f23e743aad21f4d5b4d40985) c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
09:12:38.0453 5912 SQLBrowser - ok
09:12:38.0547 5912 SQLWriter (d89083c4eb02daca8f944b0e05e57f9d) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
09:12:38.0578 5912 SQLWriter - ok
09:12:38.0875 5912 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
09:12:38.0875 5912 sr - ok
09:12:39.0047 5912 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
09:12:39.0078 5912 srservice - ok
09:12:39.0297 5912 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
09:12:39.0375 5912 Srv - ok
09:12:39.0468 5912 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
09:12:39.0500 5912 SSDPSRV - ok
09:12:39.0672 5912 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
09:12:39.0859 5912 stisvc - ok
09:12:39.0953 5912 stllssvr (51778fd315c9882f1cbd932743e62a72) C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
09:12:39.0968 5912 stllssvr - ok
09:12:40.0203 5912 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
09:12:40.0250 5912 swenum - ok
09:12:40.0390 5912 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
09:12:40.0390 5912 swmidi - ok
09:12:40.0453 5912 SwPrv - ok
09:12:40.0609 5912 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
09:12:40.0656 5912 symc810 - ok
09:12:40.0765 5912 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
09:12:40.0781 5912 symc8xx - ok
09:12:40.0875 5912 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
09:12:40.0875 5912 sym_hi - ok
09:12:41.0047 5912 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
09:12:41.0047 5912 sym_u3 - ok
09:12:41.0375 5912 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
09:12:41.0390 5912 sysaudio - ok
09:12:41.0468 5912 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
09:12:41.0468 5912 SysmonLog - ok
09:12:41.0593 5912 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
09:12:41.0625 5912 TapiSrv - ok
09:12:41.0797 5912 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
09:12:41.0828 5912 Tcpip - ok
09:12:42.0109 5912 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
09:12:42.0109 5912 TDPIPE - ok
09:12:42.0172 5912 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
09:12:42.0172 5912 TDTCP - ok
09:12:42.0297 5912 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
09:12:42.0328 5912 TermDD - ok
09:12:42.0437 5912 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
09:12:42.0453 5912 TermService - ok
09:12:42.0547 5912 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
09:12:42.0562 5912 Themes - ok
09:12:42.0734 5912 TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINDOWS\system32\tlntsvr.exe
09:12:42.0750 5912 TlntSvr - ok
09:12:42.0843 5912 TMUSB (d21ae9fff1d3fc7cab601f6ac86408e6) C:\WINDOWS\system32\DRIVERS\TMUSBXP.SYS
09:12:42.0875 5912 TMUSB - ok
09:12:43.0062 5912 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
09:12:43.0062 5912 TosIde - ok
09:12:43.0234 5912 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
09:12:43.0265 5912 TrkWks - ok
09:12:43.0406 5912 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
09:12:43.0437 5912 Udfs - ok
09:12:43.0500 5912 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
09:12:43.0515 5912 ultra - ok
09:12:43.0718 5912 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
09:12:43.0937 5912 Update - ok
09:12:44.0312 5912 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
09:12:44.0343 5912 upnphost - ok
09:12:44.0500 5912 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
09:12:44.0500 5912 UPS - ok
09:12:44.0656 5912 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
09:12:44.0656 5912 usbehci - ok
09:12:44.0718 5912 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
09:12:44.0734 5912 usbhub - ok
09:12:44.0843 5912 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
09:12:44.0890 5912 usbprint - ok
09:12:45.0047 5912 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
09:12:45.0078 5912 usbscan - ok
09:12:45.0140 5912 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
09:12:45.0140 5912 USBSTOR - ok
09:12:45.0312 5912 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
09:12:45.0359 5912 usbuhci - ok
09:12:45.0515 5912 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
09:12:45.0531 5912 VgaSave - ok
09:12:45.0687 5912 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
09:12:45.0687 5912 viaagp - ok
09:12:45.0859 5912 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
09:12:45.0875 5912 ViaIde - ok
09:12:46.0000 5912 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
09:12:46.0015 5912 VolSnap - ok
09:12:46.0172 5912 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
09:12:46.0187 5912 VSS - ok
09:12:46.0437 5912 vToolbarUpdater10.2.0 (3080f1f093869a19fb3d1f0226c73809) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe
09:12:46.0547 5912 vToolbarUpdater10.2.0 - ok
09:12:46.0812 5912 w32time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
09:12:46.0828 5912 w32time - ok
09:12:46.0937 5912 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
09:12:47.0000 5912 Wanarp - ok
09:12:47.0328 5912 WDICA - ok
09:12:47.0484 5912 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
09:12:47.0515 5912 wdmaud - ok
09:12:47.0656 5912 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
09:12:47.0672 5912 WebClient - ok
09:12:47.0890 5912 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
09:12:47.0906 5912 winmgmt - ok
09:12:48.0156 5912 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
09:12:48.0156 5912 WmdmPmSN - ok
09:12:48.0281 5912 Wmi (e76f8807070ed04e7408a86d6d3a6137) C:\WINDOWS\System32\advapi32.dll
09:12:48.0281 5912 Wmi - ok
09:12:48.0437 5912 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
09:12:48.0453 5912 WmiApSrv - ok
09:12:48.0593 5912 WMP54Gv4SVC (e8c30ef9bbc6ddb71f0f77fa3a96515f) C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
09:12:48.0609 5912 WMP54Gv4SVC - ok
09:12:48.0781 5912 WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\WMPNetwk.exe
09:12:48.0922 5912 WMPNetworkSvc - ok
09:12:49.0218 5912 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
09:12:49.0234 5912 WS2IFSL - ok
09:12:49.0422 5912 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
09:12:49.0422 5912 wscsvc - ok
09:12:49.0484 5912 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
09:12:49.0515 5912 wuauserv - ok
09:12:49.0625 5912 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
09:12:49.0625 5912 WudfPf - ok
09:12:49.0718 5912 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
09:12:49.0734 5912 WudfRd - ok
09:12:49.0875 5912 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
09:12:49.0875 5912 WudfSvc - ok
09:12:50.0000 5912 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
09:12:50.0187 5912 WZCSVC - ok
09:12:50.0281 5912 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
09:12:50.0281 5912 xmlprov - ok
09:12:50.0312 5912 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
09:12:50.0547 5912 \Device\Harddisk0\DR0 - ok
09:12:50.0562 5912 Boot (0x1200) (d03432aaa3ce6eef57dd6e0c9f919b50) \Device\Harddisk0\DR0\Partition0
09:12:50.0562 5912 \Device\Harddisk0\DR0\Partition0 - ok
09:12:50.0562 5912 ============================================================
09:12:50.0562 5912 Scan finished
09:12:50.0562 5912 ============================================================
09:12:50.0578 2876 Detected object count: 1
09:12:50.0578 2876 Actual detected object count: 1
09:13:26.0437 2876 C:\WINDOWS\system32\DRIVERS\ACPI.sys - copied to quarantine
09:13:30.0390 2876 Backup copy found, using it..
09:13:30.0468 2876 C:\WINDOWS\system32\DRIVERS\ACPI.sys - will be cured on reboot
09:13:30.0500 2876 ACPI ( Virus.Win32.Rloader.a ) - User select action: Cure
09:14:37.0265 3732 Deinitialize success

#8 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:05:34 PM

Posted 13 April 2012 - 07:38 PM

Hey, thanks. That's why I do this :thumbup2:

Please run an ESET scan next, to pick off anything else you may have caught - this can take a while but it's a very through search

I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Under scan settings, check Posted Image and check Remove found threats
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • Copy and paste the resulting log in your next reply
If no log is generated that means nothing was found. Please let me know if this happens.

If you think a log should have been generated then go to C:\Program Files\ESET\ESET Online Scanner\log.txt to find it.
Posted Image
m0le is a proud member of UNITE

#9 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:05:34 PM

Posted 18 April 2012 - 07:21 PM

Are you still there, PlanetPluto?
Posted Image
m0le is a proud member of UNITE

#10 PlanetPluto

PlanetPluto
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:North Carolina, USA
  • Local time:12:34 PM

Posted 19 April 2012 - 08:27 AM

Hi m0le!
Sorry for the MIA status...
Every two weeks, I am very busy on Monday and Tuesday due to deadlines with my job. This was the week....it rolled into Wednesday and was still insanely busy. But, I've got the job under control today and can breathe again.
Now that I know how great you are at fixing things, can you add 2 more hours to my day? A 26 hour day would be awesome... Please don't bump me...will do the scan right now and post reply.
I am very appreciative of your help. Truly, life just kicked me in the clock this week.
Be back as soon as the scan completes.....
Leigh

Edited by m0le, 19 April 2012 - 05:35 PM.


#11 PlanetPluto

PlanetPluto
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:North Carolina, USA
  • Local time:12:34 PM

Posted 19 April 2012 - 10:21 AM

Hi m0le!

You were right again... There was one more virus on my computer. ESET seems to have found it and cleaned the computer. Here is the log file.

I misspelled TRULY in earlier post. Insert the R for me. Also, just noticed you are in UK, so 'MIA' may not make sense to you. It means 'Missing In Action'. Acronym common in US language and a throw back to Vietnam War 1960's/70's when many US soldiers disappeared and did not return. (Your "Mind the Gap" would confuse most Americans, but is very common place to you).

Thanks again for your help.
Leigh


ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=0ec51e157204f94b8e5ac2999874045e
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2012-04-19 02:59:32
# local_time=2012-04-19 10:59:32 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=1024 16777175 100 0 66471705 66471705 0 0
# compatibility_mode=5891 16776533 42 87 0 30820739 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=65605
# found=1
# cleaned=1
# scan_time=3789
C:\Documents and Settings\LSnelling\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\oyeblmla.jar-7a83b422-5a2389dd.zip Java/Agent.AA trojan (deleted - quarantined) 00000000000000000000000000000000 C

#12 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:05:34 PM

Posted 19 April 2012 - 05:46 PM

I misspelled TRULY in earlier post.

Edited. :)

Also, just noticed you are in UK, so 'MIA' may not make sense to you.

That may have been true in the past but the UK gets plenty of US TV and film material and I love it!

Your "Mind the Gap" would confuse most Americans, but is very common place to you.

That's probably still true...


The ESET scan marks the end of this topic, except we need to clear up and I need to give you some useful tips and links which should help you stay safe in the future.

You're clean. Good stuff! :thumbup2:

Let's do some clearing up

If you used DeFogger now is the time to enable your CD emulation software again.

We Need to Clean Up our Mess
Download and Run OTC

We will now remove the tools we used during this fix using OTC.

  • Download OTC by OldTimer and save it to your desktop.
  • Double click Posted Image icon to start the program. If you are using Vista, please right-click and choose run as administrator
  • Then Click the big Posted Image button.
  • You will get a prompt saying "Being Cleanup Process". Please select Yes.
  • Restart your computer when prompted.
If you still have any tools or logs leftover on your computer you can go ahead and delete those off of your computer now.

Now you should Set a New Restore Point to prevent possible reinfection from an old one. Some of the malware you picked up could have been saved in System Restore. Since System Restore is a protected directory, your tools can not access it to delete these bad files which sometimes can reinfect your system. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state.

The easiest and safest way to do this is:
  • Go to Start > Programs > Accessories > System Tools and click "System Restore".
  • Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
  • Then go to Start > Run and type: Cleanmgr
  • Click "OK".
  • Click the "More Options" Tab.
  • Click "Clean Up" in the System Restore section to remove all previous restore points except the newly created one.
------------------------------------------------------------------------------------------------------------------------

Here's some advice on how you can keep your PC clean


Use and update your AntiVirus Software

You must have a good antivirus. There are plenty to choose from but I personally recommend the free options of Avast and Avira Antivir - though if you choose Avira you should make sure that you uncheck the box offering to install the Ask toolbar. If you want to purchase a security program then I recommend any of the following: AVG, Norton, McAfee, Kaspersky and ESET Nod32.

It is imperative that you update your Antivirus software at least once a week (Even more if you wish). If you do not update your antivirus software then it will not be able to catch any of the new variants that may come out. If you use a commercial antivirus program you must make sure you keep renewing your subscription. Otherwise, once your subscription runs out, you may not be able to update the programs virus definitions.


Make sure your applications have all of their updates

Use this next program to check for updates for programs already on your system. Download Security Check by screen317 from here or here.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically, make sure that updates on any that are flagged are carried out as soon as possible

It is also possible for other programs on your computer to have security vulnerability that can allow malware to infect you. Therefore, it is also a good idea to check for the latest versions of commonly installed applications that are regularly patched to fix vulnerabilities. You can check these by visiting Secunia Software Inspector and Calendar of Updates.


Install an AntiSpyware Program

A highly recommended AntiSpyware program is SuperAntiSpyware. You can download the free Home Version. or the Pro version for a 15 day trial period.

Installing this or another recommended program will provide spyware & hijacker protection on your computer alongside your virus protection. You should scan your computer with an AntiSpyware program on a regular basis just as you would an antivirus software.


Finally, here's a treasure trove of antivirus, antimalware and antispyware resources


That's it PlanetPluto (aren't you called DwarfPlanetPluto now.. :lol:) , happy surfing!

Cheers.

m0le
Posted Image
m0le is a proud member of UNITE

#13 PlanetPluto

PlanetPluto
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:North Carolina, USA
  • Local time:12:34 PM

Posted 20 April 2012 - 08:59 AM

m0le:

So, this is good-bye. Thank you so very much for your help. My computer is working perfectly.

The daily frustration of my computer not co-operating with me was actually impacting my personality and making me angry. My inability to fix my own problem made me even angrier. (I'm an abnormally happy person, so this is not a good thing).

Your brilliance didn't just fix my computer, you fixed my attitude! I will make sure to donate to UNITE. Please know that you were worth a lot more than I'll be able to contribute. Even though I'll not be able to repay you for your help, I sincerely hope that something good comes your way.

You are appreciated.
Have a wonderful life.

Leigh (dwarf planet pluto)

#14 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:05:34 PM

Posted 20 April 2012 - 05:50 PM

Thank you for those kind words, they mean a lot. :thumbup2:
Posted Image
m0le is a proud member of UNITE

#15 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:05:34 PM

Posted 23 April 2012 - 06:17 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.
Posted Image
m0le is a proud member of UNITE




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users