Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Facebook asking for credit card


  • Please log in to reply
10 replies to this topic

#1 dcewing

dcewing

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:03:30 PM

Posted 26 June 2012 - 03:59 PM

When my daughter tries to log onto Facebook, a popup window asked for her mobile phone number. When she skipped it, a second popup window asked for her credit card number. There is no way to exit the popup window without filling in the info. We have not entered the requested information. I do not believe that this is actually Facebook asking for this info.

I have run Malwarebytes AntiMalware which found several things and said it removed them. I also ran Spy-bot Search and Destroy which claims to have found and removed another thing. After these actions, we still have the same problem. I can provide the logs if that will help.

We are using Windows XP and internet explorer.

Please advise the next step. Thank you so much for being available and helping!

Carol

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:30 PM

Posted 26 June 2012 - 04:25 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)


Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 dcewing

dcewing
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:03:30 PM

Posted 26 June 2012 - 07:25 PM

tdsskiller log

17:15:27.0222 3012 TDSS rootkit removing tool 2.7.42.0 Jun 25 2012 21:18:44
17:15:27.0831 3012 ============================================================
17:15:27.0831 3012 Current date / time: 2012/06/26 17:15:27.0831
17:15:27.0831 3012 SystemInfo:
17:15:27.0831 3012
17:15:27.0831 3012 OS Version: 5.1.2600 ServicePack: 3.0
17:15:27.0831 3012 Product type: Workstation
17:15:27.0831 3012 ComputerName: HOME-W3O9G5F1PY
17:15:27.0831 3012 UserName: Carol
17:15:27.0831 3012 Windows directory: C:\WINDOWS
17:15:27.0831 3012 System windows directory: C:\WINDOWS
17:15:27.0831 3012 Processor architecture: Intel x86
17:15:27.0831 3012 Number of processors: 2
17:15:27.0831 3012 Page size: 0x1000
17:15:27.0831 3012 Boot type: Normal boot
17:15:27.0831 3012 ============================================================
17:15:28.0956 3012 Drive \Device\Harddisk0\DR0 - Size: 0x2658AE0000 (153.39 Gb), SectorSize: 0x200, Cylinders: 0x4E37, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
17:15:28.0956 3012 ============================================================
17:15:28.0956 3012 \Device\Harddisk0\DR0:
17:15:28.0956 3012 MBR partitions:
17:15:28.0956 3012 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x132C0A77
17:15:28.0956 3012 ============================================================
17:15:28.0988 3012 C: <-> \Device\Harddisk0\DR0\Partition0
17:15:29.0003 3012 ============================================================
17:15:29.0003 3012 Initialize success
17:15:29.0003 3012 ============================================================
17:15:52.0159 3472 ============================================================
17:15:52.0159 3472 Scan started
17:15:52.0159 3472 Mode: Manual; TDLFS;
17:15:52.0159 3472 ============================================================
17:15:52.0863 3472 61883 (86d7b1e70661d754685b9ac6d749aae5) C:\WINDOWS\system32\DRIVERS\61883.sys
17:15:52.0863 3472 61883 - ok
17:15:52.0878 3472 Abiosdsk - ok
17:15:52.0878 3472 abp480n5 - ok
17:15:53.0003 3472 ACDaemon (769db4f484957cc98153b3c1b5d1162f) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
17:15:53.0003 3472 ACDaemon - ok
17:15:53.0019 3472 ACPI (a10c7534f7223f4a73a948967d00e69b) C:\WINDOWS\system32\DRIVERS\ACPI.sys
17:15:53.0034 3472 ACPI - ok
17:15:53.0066 3472 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
17:15:53.0066 3472 ACPIEC - ok
17:15:53.0144 3472 AdobeFlashPlayerUpdateSvc (990dc6edc9f933194d7cd4e65146bc94) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
17:15:53.0159 3472 AdobeFlashPlayerUpdateSvc - ok
17:15:53.0159 3472 adpu160m - ok
17:15:53.0191 3472 aec (1ee7b434ba961ef845de136224c30fec) C:\WINDOWS\system32\drivers\aec.sys
17:15:53.0206 3472 aec - ok
17:15:53.0222 3472 AFD (55e6e1c51b6d30e54335750955453702) C:\WINDOWS\System32\drivers\afd.sys
17:15:53.0222 3472 AFD - ok
17:15:53.0222 3472 Aha154x - ok
17:15:53.0238 3472 aic78u2 - ok
17:15:53.0238 3472 aic78xx - ok
17:15:53.0331 3472 ALCXWDM (35045a23957a71ba649740741e69408c) C:\WINDOWS\system32\drivers\ALCXWDM.SYS
17:15:53.0378 3472 ALCXWDM - ok
17:15:53.0425 3472 Alerter (c7ae0fd3867db0d42b03b73c18f3d671) C:\WINDOWS\system32\alrsvc.dll
17:15:53.0425 3472 Alerter - ok
17:15:53.0456 3472 ALG (f1958fbf86d5c004cf19a5951a9514b7) C:\WINDOWS\System32\alg.exe
17:15:53.0456 3472 ALG - ok
17:15:53.0472 3472 AliIde - ok
17:15:53.0503 3472 AmdK8 (efbb0956baed786e137351b5ca272aef) C:\WINDOWS\system32\DRIVERS\AmdK8.sys
17:15:53.0519 3472 AmdK8 - ok
17:15:53.0519 3472 amsint - ok
17:15:53.0628 3472 Apache2.2 (375640f39f2d613b6fdcf8c2f956205a) C:\xampp\apache\bin\httpd.exe
17:15:53.0628 3472 Apache2.2 - ok
17:15:53.0738 3472 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:15:53.0738 3472 Apple Mobile Device - ok
17:15:53.0738 3472 AppMgmt - ok
17:15:53.0769 3472 Arp1394 (f0d692b0bffb46e30eb3cea168bbc49f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
17:15:53.0769 3472 Arp1394 - ok
17:15:53.0769 3472 asc - ok
17:15:53.0784 3472 asc3350p - ok
17:15:53.0784 3472 asc3550 - ok
17:15:53.0800 3472 ASPI32 - ok
17:15:53.0909 3472 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
17:15:53.0956 3472 aspnet_state - ok
17:15:53.0972 3472 AsyncMac (02000abf34af4c218c35d257024807d6) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
17:15:53.0972 3472 AsyncMac - ok
17:15:53.0988 3472 atapi (cdfe4411a69c224bd1d11b2da92dac51) C:\WINDOWS\system32\DRIVERS\atapi.sys
17:15:53.0988 3472 atapi - ok
17:15:54.0003 3472 Atdisk - ok
17:15:54.0019 3472 Atmarpc (ec88da854ab7d7752ec8be11a741bb7f) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
17:15:54.0019 3472 Atmarpc - ok
17:15:54.0034 3472 AudioSrv (db66db626e4882ebef55f136f12c1829) C:\WINDOWS\System32\audiosrv.dll
17:15:54.0050 3472 AudioSrv - ok
17:15:54.0081 3472 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
17:15:54.0081 3472 audstub - ok
17:15:54.0113 3472 Avc (87c223adb8f7596b31caae3c67b16ddd) C:\WINDOWS\system32\DRIVERS\avc.sys
17:15:54.0113 3472 Avc - ok
17:15:54.0144 3472 AVG Anti-Spyware Driver - ok
17:15:54.0175 3472 AvgAsCln (6d4a1da6e6d522b3ebbcbff4a3589ec5) C:\WINDOWS\system32\DRIVERS\AvgAsCln.sys
17:15:54.0191 3472 AvgAsCln - ok
17:15:54.0206 3472 Beep - ok
17:15:54.0238 3472 BITS (2c69ec7e5a311334d10dd95f338fccea) C:\WINDOWS\system32\qmgr.dll
17:15:54.0284 3472 BITS - ok
17:15:54.0331 3472 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
17:15:54.0347 3472 Bonjour Service - ok
17:15:54.0394 3472 Browser (e3cfccdda4edd1d0dc9168b2e18f27b8) C:\WINDOWS\System32\browser.dll
17:15:54.0394 3472 Browser - ok
17:15:54.0425 3472 BTCFilterService (4813df77ede536a52e3737971f910baa) C:\WINDOWS\system32\DRIVERS\motfilt.sys
17:15:54.0441 3472 BTCFilterService - ok
17:15:54.0441 3472 BVRPMPR5 - ok
17:15:54.0472 3472 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
17:15:54.0488 3472 cbidf2k - ok
17:15:54.0488 3472 cd20xrnt - ok
17:15:54.0519 3472 CdaD10BA (841cefab8228ee691705d059e7f21c47) C:\WINDOWS\system32\drivers\CdaD10BA.SYS
17:15:54.0519 3472 CdaD10BA - ok
17:15:54.0550 3472 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
17:15:54.0550 3472 Cdaudio - ok
17:15:54.0581 3472 Cdfs (cd7d5152df32b47f4e36f710b35aae02) C:\WINDOWS\system32\drivers\Cdfs.sys
17:15:54.0581 3472 Cdfs - ok
17:15:54.0628 3472 cdrbsdrv (351735695e9ead93de6af85d8beb1ca8) C:\WINDOWS\system32\drivers\cdrbsdrv.sys
17:15:54.0628 3472 cdrbsdrv - ok
17:15:54.0644 3472 Cdrom (7b53584d94e9d8716b2de91d5f1cb42d) C:\WINDOWS\system32\DRIVERS\cdrom.sys
17:15:54.0644 3472 Cdrom - ok
17:15:54.0659 3472 Changer - ok
17:15:54.0691 3472 CiSvc (3192bd04d032a9c4a85a3278c268a13a) C:\WINDOWS\system32\cisvc.exe
17:15:54.0691 3472 CiSvc - ok
17:15:54.0706 3472 ClipSrv (c8dec22c4137d7a90f8bdf41ca4b82ae) C:\WINDOWS\system32\clipsrv.exe
17:15:54.0706 3472 ClipSrv - ok
17:15:54.0769 3472 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:15:54.0816 3472 clr_optimization_v2.0.50727_32 - ok
17:15:54.0894 3472 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:15:54.0972 3472 clr_optimization_v4.0.30319_32 - ok
17:15:54.0972 3472 CmdIde - ok
17:15:54.0988 3472 COMSysApp - ok
17:15:55.0003 3472 Cpqarray - ok
17:15:55.0019 3472 CryptSvc (10654f9ddcea9c46cfb77554231be73b) C:\WINDOWS\System32\cryptsvc.dll
17:15:55.0019 3472 CryptSvc - ok
17:15:55.0066 3472 ctac32k (fb06bb39860340c6fa84867f0288d1dd) C:\WINDOWS\system32\drivers\ctac32k.sys
17:15:55.0081 3472 ctac32k - ok
17:15:55.0113 3472 ctaud2k (b810fa12cf726b200e057834eaebb1ac) C:\WINDOWS\system32\drivers\ctaud2k.sys
17:15:55.0113 3472 ctaud2k - ok
17:15:55.0144 3472 ctdvda2k (c4333325d325efa668888d0d3177c6ff) C:\WINDOWS\system32\drivers\ctdvda2k.sys
17:15:55.0159 3472 ctdvda2k - ok
17:15:55.0175 3472 ctprxy2k (1fa95c8cf34b9911e352a07ea7a200fc) C:\WINDOWS\system32\drivers\ctprxy2k.sys
17:15:55.0175 3472 ctprxy2k - ok
17:15:55.0206 3472 ctsfm2k (400cb754b91f73bee2655686a57269d2) C:\WINDOWS\system32\drivers\ctsfm2k.sys
17:15:55.0206 3472 ctsfm2k - ok
17:15:55.0206 3472 dac2w2k - ok
17:15:55.0222 3472 dac960nt - ok
17:15:55.0269 3472 DcomLaunch (ce94a2bd25e3e9f4d46a7373ff455c6d) C:\WINDOWS\system32\rpcss.dll
17:15:55.0269 3472 DcomLaunch - ok
17:15:55.0300 3472 Dhcp (ef545e1a4b043da4c84e230dd471c55f) C:\WINDOWS\System32\dhcpcsvc.dll
17:15:55.0300 3472 Dhcp - ok
17:15:55.0331 3472 Disk (00ca44e4534865f8a3b64f7c0984bff0) C:\WINDOWS\system32\DRIVERS\disk.sys
17:15:55.0331 3472 Disk - ok
17:15:55.0331 3472 dmadmin - ok
17:15:55.0363 3472 dmboot (c0fbb516e06e243f0cf31f597e7ebf7d) C:\WINDOWS\system32\drivers\dmboot.sys
17:15:55.0378 3472 dmboot - ok
17:15:55.0394 3472 dmio (f5e7b358a732d09f4bcf2824b88b9e28) C:\WINDOWS\system32\drivers\dmio.sys
17:15:55.0409 3472 dmio - ok
17:15:55.0425 3472 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
17:15:55.0425 3472 dmload - ok
17:15:55.0456 3472 dmserver (1639d9964c9e1b2ecca95c8217d3e70d) C:\WINDOWS\System32\dmserver.dll
17:15:55.0456 3472 dmserver - ok
17:15:55.0488 3472 DMusic (a6f881284ac1150e37d9ae47ff601267) C:\WINDOWS\system32\drivers\DMusic.sys
17:15:55.0488 3472 DMusic - ok
17:15:55.0503 3472 Dnscache (aac8ffbfd61e784fa3bac851d4a0bd5f) C:\WINDOWS\System32\dnsrslvr.dll
17:15:55.0503 3472 Dnscache - ok
17:15:55.0503 3472 dpti2o - ok
17:15:55.0534 3472 drmkaud (1ed4dbbae9f5d558dbba4cc450e3eb2e) C:\WINDOWS\system32\drivers\drmkaud.sys
17:15:55.0534 3472 drmkaud - ok
17:15:55.0534 3472 easytether - ok
17:15:55.0581 3472 emupia (7bb488ec082d40645936d9e583f560dc) C:\WINDOWS\system32\drivers\emupia2k.sys
17:15:55.0581 3472 emupia - ok
17:15:55.0613 3472 ERSvc (67dff7bbbd0e80aab7b3cf061448db8a) C:\WINDOWS\System32\ersvc.dll
17:15:55.0613 3472 ERSvc - ok
17:15:55.0644 3472 Eventlog (c6ce6eec82f187615d1002bb3bb50ed4) C:\WINDOWS\system32\services.exe
17:15:55.0644 3472 Eventlog - ok
17:15:55.0659 3472 EventSystem (60d1a6342238378bfb7545c81ee3606c) C:\WINDOWS\System32\es.dll
17:15:55.0659 3472 EventSystem - ok
17:15:55.0691 3472 Fastfat (3117f595e9615e04f05a54fc15a03b20) C:\WINDOWS\system32\drivers\Fastfat.sys
17:15:55.0691 3472 Fastfat - ok
17:15:55.0722 3472 FastUserSwitchingCompatibility (6815def9b810aefac107eeaf72da6f82) C:\WINDOWS\System32\shsvcs.dll
17:15:55.0722 3472 FastUserSwitchingCompatibility - ok
17:15:55.0738 3472 Fdc (ced2e8396a8838e59d8fd529c680e02c) C:\WINDOWS\system32\DRIVERS\fdc.sys
17:15:55.0753 3472 Fdc - ok
17:15:55.0894 3472 FileZilla Server (cfc890ff6797c6c4e4c4b9ad2258af73) c:\xampp\FileZillaFTP\FileZillaServer.exe
17:15:55.0909 3472 FileZilla Server - ok
17:15:55.0925 3472 Fips (e153ab8a11de5452bcf5ac7652dbf3ed) C:\WINDOWS\system32\drivers\Fips.sys
17:15:55.0925 3472 Fips - ok
17:15:55.0956 3472 fixustor (cdb568db5e8985dcc623da808ac61042) C:\WINDOWS\system32\drivers\fixustor.sys
17:15:55.0956 3472 fixustor - ok
17:15:55.0988 3472 Flpydisk (0dd1de43115b93f4d85e889d7a86f548) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
17:15:55.0988 3472 Flpydisk - ok
17:15:56.0019 3472 FltMgr (3d234fb6d6ee875eb009864a299bea29) C:\WINDOWS\system32\drivers\fltmgr.sys
17:15:56.0019 3472 FltMgr - ok
17:15:56.0097 3472 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
17:15:56.0113 3472 FontCache3.0.0.0 - ok
17:15:56.0128 3472 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
17:15:56.0128 3472 Fs_Rec - ok
17:15:56.0144 3472 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
17:15:56.0144 3472 Ftdisk - ok
17:15:56.0159 3472 gameenum (5f92fd09e5610a5995da7d775eadcd12) C:\WINDOWS\system32\DRIVERS\gameenum.sys
17:15:56.0159 3472 gameenum - ok
17:15:56.0191 3472 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
17:15:56.0191 3472 GEARAspiWDM - ok
17:15:56.0222 3472 Gpc (c0f1d4a21de5a415df8170616703debf) C:\WINDOWS\system32\DRIVERS\msgpc.sys
17:15:56.0222 3472 Gpc - ok
17:15:56.0331 3472 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
17:15:56.0331 3472 gupdate - ok
17:15:56.0331 3472 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
17:15:56.0331 3472 gupdatem - ok
17:15:56.0378 3472 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
17:15:56.0378 3472 gusvc - ok
17:15:56.0425 3472 ha10kx2k (9bb84b1dff8bce7fdddea746f6819fcf) C:\WINDOWS\system32\drivers\ha10kx2k.sys
17:15:56.0441 3472 ha10kx2k - ok
17:15:56.0472 3472 hamachi (833051c6c6c42117191935f734cfbd97) C:\WINDOWS\system32\DRIVERS\hamachi.sys
17:15:56.0472 3472 hamachi - ok
17:15:56.0597 3472 Hamachi2Svc (fa89c0429821c7c429eec7a0ce1c02d3) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
17:15:56.0613 3472 Hamachi2Svc - ok
17:15:56.0675 3472 hap16v2k (1418833169b29780fbdab127623b8767) C:\WINDOWS\system32\drivers\hap16v2k.sys
17:15:56.0675 3472 hap16v2k - ok
17:15:56.0706 3472 hap17v2k (8b3148391dc121d96d513785d588e75b) C:\WINDOWS\system32\drivers\hap17v2k.sys
17:15:56.0706 3472 hap17v2k - ok
17:15:56.0753 3472 helpsvc (8827911a8c37e40c027cbfc88e69d967) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
17:15:56.0753 3472 helpsvc - ok
17:15:56.0769 3472 HidServ (9376e6893e52b368abc6255bf54f0b28) C:\WINDOWS\System32\hidserv.dll
17:15:56.0784 3472 HidServ - ok
17:15:56.0800 3472 HidUsb (1de6783b918f540149aa69943bdfeba8) C:\WINDOWS\system32\DRIVERS\hidusb.sys
17:15:56.0800 3472 HidUsb - ok
17:15:56.0800 3472 hpn - ok
17:15:56.0941 3472 hpqcxs08 (0a3c6aa4a9fc38c20ba4eac2c3351c05) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
17:15:56.0972 3472 hpqcxs08 - ok
17:15:57.0003 3472 hpqddsvc (ee4c7a4cf2316701ffde90f404520265) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
17:15:57.0003 3472 hpqddsvc - ok
17:15:57.0034 3472 HPZid412 (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
17:15:57.0034 3472 HPZid412 - ok
17:15:57.0066 3472 HPZipr12 (89f41658929393487b6b7d13c8528ce3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
17:15:57.0066 3472 HPZipr12 - ok
17:15:57.0097 3472 HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
17:15:57.0097 3472 HPZius12 - ok
17:15:57.0144 3472 HTTP (cb77bb47e67e84deb17ba29632501730) C:\WINDOWS\system32\Drivers\HTTP.sys
17:15:57.0144 3472 HTTP - ok
17:15:57.0175 3472 HTTPFilter (064d8581adf77c25133e7d751d917d83) C:\WINDOWS\System32\w3ssl.dll
17:15:57.0175 3472 HTTPFilter - ok
17:15:57.0175 3472 i2omgmt - ok
17:15:57.0191 3472 i2omp - ok
17:15:57.0222 3472 i8042prt (5502b58eef7486ee6f93f3f164dcb808) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
17:15:57.0222 3472 i8042prt - ok
17:15:57.0300 3472 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
17:15:57.0300 3472 IDriverT - ok
17:15:57.0409 3472 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:15:57.0425 3472 idsvc - ok
17:15:57.0456 3472 Imapi (f8aa320c6a0409c0380e5d8a99d76ec6) C:\WINDOWS\system32\DRIVERS\imapi.sys
17:15:57.0456 3472 Imapi - ok
17:15:57.0519 3472 ImapiService (fa788520bcac0f5d9d5cde5615c0d931) C:\WINDOWS\system32\imapi.exe
17:15:57.0519 3472 ImapiService - ok
17:15:57.0534 3472 ini910u - ok
17:15:57.0550 3472 IntelIde - ok
17:15:57.0566 3472 ip6fw (4448006b6bc60e6c027932cfc38d6855) C:\WINDOWS\system32\drivers\ip6fw.sys
17:15:57.0566 3472 ip6fw - ok
17:15:57.0581 3472 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
17:15:57.0581 3472 IpFilterDriver - ok
17:15:57.0597 3472 IpInIp (e1ec7f5da720b640cd8fb8424f1b14bb) C:\WINDOWS\system32\DRIVERS\ipinip.sys
17:15:57.0597 3472 IpInIp - ok
17:15:57.0628 3472 IpNat (e2168cbc7098ffe963c6f23f472a3593) C:\WINDOWS\system32\DRIVERS\ipnat.sys
17:15:57.0628 3472 IpNat - ok
17:15:57.0722 3472 iPod Service (57edb35ea2feca88f8b17c0c095c9a56) C:\Program Files\iPod\bin\iPodService.exe
17:15:57.0738 3472 iPod Service - ok
17:15:57.0769 3472 IPSec (64537aa5c003a6afeee1df819062d0d1) C:\WINDOWS\system32\DRIVERS\ipsec.sys
17:15:57.0769 3472 IPSec - ok
17:15:57.0784 3472 IRENUM (50708daa1b1cbb7d6ac1cf8f56a24410) C:\WINDOWS\system32\DRIVERS\irenum.sys
17:15:57.0784 3472 IRENUM - ok
17:15:57.0800 3472 isapnp (e504f706ccb699c2596e9a3da1596e87) C:\WINDOWS\system32\DRIVERS\isapnp.sys
17:15:57.0800 3472 isapnp - ok
17:15:57.0925 3472 JavaQuickStarterService (1834c96fb1f9280bcf6ddfa6de8338bf) C:\Program Files\Java\jre6\bin\jqs.exe
17:15:57.0925 3472 JavaQuickStarterService - ok
17:15:57.0956 3472 Kbdclass (ebdee8a2ee5393890a1acee971c4c246) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
17:15:57.0956 3472 Kbdclass - ok
17:15:57.0972 3472 kbdhid (e182fa8e49e8ee41b4adc53093f3c7e6) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
17:15:57.0972 3472 kbdhid - ok
17:15:57.0988 3472 kmixer (ba5deda4d934e6288c2f66caf58d2562) C:\WINDOWS\system32\drivers\kmixer.sys
17:15:58.0003 3472 kmixer - ok
17:15:58.0003 3472 KSecDD (eb7ffe87fd367ea8fca0506f74a87fbb) C:\WINDOWS\system32\drivers\KSecDD.sys
17:15:58.0003 3472 KSecDD - ok
17:15:58.0034 3472 L8042Kbd (58759156a6918913edd368f995be3e53) C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys
17:15:58.0034 3472 L8042Kbd - ok
17:15:58.0066 3472 L8042mou (973f78482aa2f2760323900b3a501c40) C:\WINDOWS\system32\DRIVERS\L8042mou.Sys
17:15:58.0066 3472 L8042mou - ok
17:15:58.0081 3472 lanmanserver (0cb3af149a0bac0836022ca307c7a0f8) C:\WINDOWS\System32\srvsvc.dll
17:15:58.0097 3472 lanmanserver - ok
17:15:58.0097 3472 lanmanworkstation (3cd291a2c4909088b3d1e98ded73d4b2) C:\WINDOWS\System32\wkssvc.dll
17:15:58.0113 3472 lanmanworkstation - ok
17:15:58.0222 3472 Lavasoft Ad-Aware Service (ea38136981c61c571d52c380daad46ef) C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
17:15:58.0253 3472 Lavasoft Ad-Aware Service - ok
17:15:58.0331 3472 Lavasoft Kernexplorer (6c4a3804510ad8e0f0c07b5be3d44ddb) C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys
17:15:58.0331 3472 Lavasoft Kernexplorer - ok
17:15:58.0456 3472 Lbd (336abe8721cbc3110f1c6426da633417) C:\WINDOWS\system32\DRIVERS\Lbd.sys
17:15:58.0472 3472 Lbd - ok
17:15:58.0472 3472 lbrtfdc - ok
17:15:58.0534 3472 LBTServ (a0f7dc0080e4f97dc97de08b699e231b) C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe
17:15:58.0550 3472 LBTServ - ok
17:15:58.0597 3472 LexBceS (2a125981bb23f0a023255d39b7e1c25e) C:\WINDOWS\system32\LEXBCES.EXE
17:15:58.0597 3472 LexBceS - ok
17:15:58.0613 3472 LHidFilt (24e0ddb99aeccf86bb37702611761459) C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
17:15:58.0613 3472 LHidFilt - ok
17:15:58.0659 3472 LmHosts (b3eff6d938c572e90a07b3d87a3c7657) C:\WINDOWS\System32\lmhsvc.dll
17:15:58.0659 3472 LmHosts - ok
17:15:58.0722 3472 LMIGuardianSvc - ok
17:15:58.0738 3472 LMIInfo - ok
17:15:58.0769 3472 lmimirr (4477689e2d8ae6b78ba34c9af4cc1ed1) C:\WINDOWS\system32\DRIVERS\lmimirr.sys
17:15:58.0769 3472 lmimirr - ok
17:15:58.0769 3472 LMIRfsClientNP - ok
17:15:58.0800 3472 LMIRfsDriver (3faa563ddf853320f90259d455a01d79) C:\WINDOWS\system32\drivers\LMIRfsDriver.sys
17:15:58.0800 3472 LMIRfsDriver - ok
17:15:58.0847 3472 LMouFilt (d58b330d318361a66a9fe60d7c9b4951) C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
17:15:58.0847 3472 LMouFilt - ok
17:15:58.0863 3472 LMouKE (2a3e4db78b20b2cd2c548a48a8e6b1b7) C:\WINDOWS\system32\DRIVERS\LMouKE.Sys
17:15:58.0878 3472 LMouKE - ok
17:15:58.0878 3472 LXARScan - ok
17:15:58.0909 3472 mchInjDrv (9971aa2d16cb558358d6f6f3b5055cba) C:\WINDOWS\system32\Drivers\mchInjDrv.sys
17:15:58.0909 3472 mchInjDrv - ok
17:15:58.0909 3472 MCSTRM - ok
17:15:58.0941 3472 Messenger (95fd808e4ac22aba025a7b3eac0375d2) C:\WINDOWS\System32\msgsvc.dll
17:15:58.0956 3472 Messenger - ok
17:15:59.0034 3472 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
17:15:59.0050 3472 Microsoft Office Groove Audit Service - ok
17:15:59.0081 3472 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
17:15:59.0081 3472 mnmdd - ok
17:15:59.0097 3472 mnmsrvc (f6415361201915b9fe3896b0e4e724ff) C:\WINDOWS\System32\mnmsrvc.exe
17:15:59.0113 3472 mnmsrvc - ok
17:15:59.0128 3472 Modem (6fc6f9d7acc36dca9b914565a3aeda05) C:\WINDOWS\system32\drivers\Modem.sys
17:15:59.0128 3472 Modem - ok
17:15:59.0159 3472 motccgp (f4ea1193a52c8fe4b8a135e210abe546) C:\WINDOWS\system32\DRIVERS\motccgp.sys
17:15:59.0159 3472 motccgp - ok
17:15:59.0175 3472 motccgpfl (b812da6605caf02641312f1f65c75419) C:\WINDOWS\system32\DRIVERS\motccgpfl.sys
17:15:59.0175 3472 motccgpfl - ok
17:15:59.0191 3472 motmodem (69814acd50a9d6d28296050ef6215d46) C:\WINDOWS\system32\DRIVERS\motmodem.sys
17:15:59.0191 3472 motmodem - ok
17:15:59.0253 3472 MotoHelper (3bbc6c2402242401f791548aaebf3d39) C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe
17:15:59.0253 3472 MotoHelper - ok
17:15:59.0269 3472 MotoSwitchService (fd8c2cef7ad8b23c6714103d621fac1f) C:\WINDOWS\system32\DRIVERS\motswch.sys
17:15:59.0269 3472 MotoSwitchService - ok
17:15:59.0284 3472 Motousbnet (ddc489d40b49f443787e7ffa75373522) C:\WINDOWS\system32\DRIVERS\Motousbnet.sys
17:15:59.0284 3472 Motousbnet - ok
17:15:59.0300 3472 motusbdevice (2136cca3d1bf7c0248e5366b1a6c24e3) C:\WINDOWS\system32\DRIVERS\motusbdevice.sys
17:15:59.0300 3472 motusbdevice - ok
17:15:59.0331 3472 Mouclass (34e1f0031153e491910e12551400192c) C:\WINDOWS\system32\DRIVERS\mouclass.sys
17:15:59.0331 3472 Mouclass - ok
17:15:59.0347 3472 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
17:15:59.0347 3472 mouhid - ok
17:15:59.0378 3472 MountMgr (65653f3b4477f3c63e68a9659f85ee2e) C:\WINDOWS\system32\drivers\MountMgr.sys
17:15:59.0378 3472 MountMgr - ok
17:15:59.0394 3472 mraid35x - ok
17:15:59.0425 3472 MRxDAV (29414447eb5bde2f8397dc965dbb3156) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
17:15:59.0425 3472 MRxDAV - ok
17:15:59.0456 3472 MRxSmb (6f2d483b97b395544e59749c47963c6a) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
17:15:59.0456 3472 MRxSmb - ok
17:15:59.0519 3472 MSCamSvc (d98350792a7ce82e7459a7c36481beda) C:\Program Files\Microsoft LifeCam\MSCamS32.exe
17:15:59.0519 3472 MSCamSvc - ok
17:15:59.0550 3472 MSDTC (c7c3d89eb0a6f3dba622ea737fa335b1) C:\WINDOWS\System32\msdtc.exe
17:15:59.0550 3472 MSDTC - ok
17:15:59.0581 3472 MSDV (6dd721dfd2648f3f6d5808b5ba6cb095) C:\WINDOWS\system32\DRIVERS\msdv.sys
17:15:59.0581 3472 MSDV - ok
17:15:59.0581 3472 Msfs (561b3a4333ca2dbdba28b5b956822519) C:\WINDOWS\system32\drivers\Msfs.sys
17:15:59.0581 3472 Msfs - ok
17:15:59.0613 3472 MSHUSBVideo (5119ffc2a6b51089cdb0efdc75808c97) C:\WINDOWS\system32\Drivers\nx6000.sys
17:15:59.0613 3472 MSHUSBVideo - ok
17:15:59.0613 3472 MSIServer - ok
17:15:59.0628 3472 MSKSSRV (ae431a8dd3c1d0d0610cdbac16057ad0) C:\WINDOWS\system32\drivers\MSKSSRV.sys
17:15:59.0628 3472 MSKSSRV - ok
17:15:59.0644 3472 MSPCLOCK (13e75fef9dfeb08eeded9d0246e1f448) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
17:15:59.0644 3472 MSPCLOCK - ok
17:15:59.0659 3472 MSPQM (1988a33ff19242576c3d0ef9ce785da7) C:\WINDOWS\system32\drivers\MSPQM.sys
17:15:59.0659 3472 MSPQM - ok
17:15:59.0691 3472 mssmbios (469541f8bfd2b32659d5d463a6714bce) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
17:15:59.0691 3472 mssmbios - ok
17:15:59.0706 3472 MSTEE (bf13612142995096ab084f2db7f40f77) C:\WINDOWS\system32\drivers\MSTEE.sys
17:15:59.0706 3472 MSTEE - ok
17:15:59.0753 3472 ms_mpu401 (ca3e22598f411199adc2dfee76cd0ae0) C:\WINDOWS\system32\drivers\msmpu401.sys
17:15:59.0753 3472 ms_mpu401 - ok
17:15:59.0769 3472 MTsensor (d48659bb24c48345d926ecb45c1ebdf5) C:\WINDOWS\system32\DRIVERS\ASACPI.sys
17:15:59.0769 3472 MTsensor - ok
17:15:59.0800 3472 Mup (82035e0f41c2dd05ae41d27fe6cf7de1) C:\WINDOWS\system32\drivers\Mup.sys
17:15:59.0800 3472 Mup - ok
17:15:59.0878 3472 mysql - ok
17:15:59.0925 3472 NABTSFEC (5c8dc6429c43dc6177c1fa5b76290d1a) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
17:15:59.0925 3472 NABTSFEC - ok
17:15:59.0956 3472 NDIS (558635d3af1c7546d26067d5d9b6959e) C:\WINDOWS\system32\drivers\NDIS.sys
17:15:59.0956 3472 NDIS - ok
17:15:59.0972 3472 NdisIP (520ce427a8b298f54112857bcf6bde15) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
17:15:59.0988 3472 NdisIP - ok
17:16:00.0003 3472 NdisTapi (08d43bbdacdf23f34d79e44ed35c1b4c) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
17:16:00.0003 3472 NdisTapi - ok
17:16:00.0003 3472 Ndisuio (34d6cd56409da9a7ed573e1c90a308bf) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
17:16:00.0003 3472 Ndisuio - ok
17:16:00.0019 3472 NdisWan (0b90e255a9490166ab368cd55a529893) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:16:00.0034 3472 NdisWan - ok
17:16:00.0050 3472 NDProxy (59fc3fb44d2669bc144fd87826bb571f) C:\WINDOWS\system32\drivers\NDProxy.sys
17:16:00.0050 3472 NDProxy - ok
17:16:00.0081 3472 Net Driver HPZ12 (a081cb6fb9a12668f233eb5414be3a0e) C:\WINDOWS\system32\HPZinw12.dll
17:16:00.0081 3472 Net Driver HPZ12 - ok
17:16:00.0097 3472 NetBIOS (3a2aca8fc1d7786902ca434998d7ceb4) C:\WINDOWS\system32\DRIVERS\netbios.sys
17:16:00.0097 3472 NetBIOS - ok
17:16:00.0128 3472 NetBT (0c80e410cd2f47134407ee7dd19cc86b) C:\WINDOWS\system32\DRIVERS\netbt.sys
17:16:00.0144 3472 NetBT - ok
17:16:00.0175 3472 NetDDE (05afb5ad06462257bea7495283c86d50) C:\WINDOWS\system32\netdde.exe
17:16:00.0175 3472 NetDDE - ok
17:16:00.0175 3472 NetDDEdsdm (05afb5ad06462257bea7495283c86d50) C:\WINDOWS\system32\netdde.exe
17:16:00.0191 3472 NetDDEdsdm - ok
17:16:00.0206 3472 Netlogon (84885f9b82f4d55c6146ebf6065d75d2) C:\WINDOWS\system32\lsass.exe
17:16:00.0206 3472 Netlogon - ok
17:16:00.0222 3472 Netman (36739b39267914ba69ad0610a0299732) C:\WINDOWS\System32\netman.dll
17:16:00.0238 3472 Netman - ok
17:16:00.0347 3472 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:16:00.0378 3472 NetTcpPortSharing - ok
17:16:00.0409 3472 NIC1394 (5c5c53db4fef16cf87b9911c7e8c6fbc) C:\WINDOWS\system32\DRIVERS\nic1394.sys
17:16:00.0409 3472 NIC1394 - ok
17:16:00.0441 3472 Nla (097722f235a1fb698bf9234e01b52637) C:\WINDOWS\System32\mswsock.dll
17:16:00.0441 3472 Nla - ok
17:16:00.0456 3472 Npfs (4f601bcb8f64ea3ac0994f98fed03f8e) C:\WINDOWS\system32\drivers\Npfs.sys
17:16:00.0456 3472 Npfs - ok
17:16:00.0503 3472 Ntfs (19a811ef5f1ed5c926a028ce107ff1af) C:\WINDOWS\system32\drivers\Ntfs.sys
17:16:00.0519 3472 Ntfs - ok
17:16:00.0534 3472 NtLmSsp (84885f9b82f4d55c6146ebf6065d75d2) C:\WINDOWS\System32\lsass.exe
17:16:00.0534 3472 NtLmSsp - ok
17:16:00.0566 3472 NtmsSvc (b62f29c00ac55a761b2e45877d85ea0f) C:\WINDOWS\system32\ntmssvc.dll
17:16:00.0581 3472 NtmsSvc - ok
17:16:00.0597 3472 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
17:16:00.0613 3472 Null - ok
17:16:00.0878 3472 nv (cb0ce8de9f66a297cd86eb98921b8e58) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
17:16:01.0144 3472 nv - ok
17:16:01.0222 3472 nvata (dce353985c988bfb7e84fd942068151f) C:\WINDOWS\system32\DRIVERS\nvata.sys
17:16:01.0222 3472 nvata - ok
17:16:01.0253 3472 NVENETFD (720cc533eecb65553bd86b139ca04433) C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
17:16:01.0269 3472 NVENETFD - ok
17:16:01.0316 3472 nvnetbus (5f9f545cc5904dd8765f84ee1d056406) C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
17:16:01.0316 3472 nvnetbus - ok
17:16:01.0347 3472 nvsvc (1f31a588cc83a7b76715f9549515c161) C:\WINDOWS\system32\nvsvc32.exe
17:16:01.0347 3472 nvsvc - ok
17:16:01.0378 3472 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
17:16:01.0394 3472 NwlnkFlt - ok
17:16:01.0409 3472 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
17:16:01.0409 3472 NwlnkFwd - ok
17:16:01.0534 3472 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
17:16:01.0550 3472 odserv - ok
17:16:01.0566 3472 ohci1394 (0951db8e5823ea366b0e408d71e1ba2a) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
17:16:01.0566 3472 ohci1394 - ok
17:16:01.0644 3472 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:16:01.0644 3472 ose - ok
17:16:01.0659 3472 ossrv (01e1ab8249f9dde5978c6b4af18eda7c) C:\WINDOWS\system32\drivers\ctoss2k.sys
17:16:01.0675 3472 ossrv - ok
17:16:01.0691 3472 Parport (29744eb4ce659dfe3b4122deb45bc478) C:\WINDOWS\system32\DRIVERS\parport.sys
17:16:01.0691 3472 Parport - ok
17:16:01.0706 3472 PartMgr (3334430c29dc338092f79c38ef7b4cd0) C:\WINDOWS\system32\drivers\PartMgr.sys
17:16:01.0706 3472 PartMgr - ok
17:16:01.0738 3472 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
17:16:01.0738 3472 ParVdm - ok
17:16:01.0753 3472 PCI (8086d9979234b603ad5bc2f5d890b234) C:\WINDOWS\system32\DRIVERS\pci.sys
17:16:01.0769 3472 PCI - ok
17:16:01.0769 3472 PCIDump - ok
17:16:01.0800 3472 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
17:16:01.0800 3472 PCIIde - ok
17:16:01.0831 3472 Pcmcia (82a087207decec8456fbe8537947d579) C:\WINDOWS\system32\drivers\Pcmcia.sys
17:16:01.0831 3472 Pcmcia - ok
17:16:01.0847 3472 PCTCore (807ff1dd6e1bdf8e7d2062fca0daecaf) C:\WINDOWS\system32\drivers\PCTCore.sys
17:16:01.0863 3472 PCTCore - ok
17:16:01.0878 3472 pctgntdi (d15669bd3e1cf18f00b46a7949ea541f) C:\WINDOWS\system32\drivers\pctgntdi.sys
17:16:01.0894 3472 pctgntdi - ok
17:16:01.0972 3472 PCToolsSSDMonitorSvc (8ab77eea3f00c94462cffd0e1d0938f9) C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
17:16:01.0988 3472 PCToolsSSDMonitorSvc - ok
17:16:02.0003 3472 pctplsg (30c931fcb8df713bcd2fb7ce763a0b47) C:\WINDOWS\system32\drivers\pctplsg.sys
17:16:02.0003 3472 pctplsg - ok
17:16:02.0003 3472 PDCOMP - ok
17:16:02.0019 3472 PDFRAME - ok
17:16:02.0019 3472 PDRELI - ok
17:16:02.0034 3472 PDRFRAME - ok
17:16:02.0034 3472 perc2 - ok
17:16:02.0050 3472 perc2hib - ok
17:16:02.0081 3472 PlugPlay (c6ce6eec82f187615d1002bb3bb50ed4) C:\WINDOWS\system32\services.exe
17:16:02.0097 3472 PlugPlay - ok
17:16:02.0113 3472 Pml Driver HPZ12 (65bc271f337637731d3c71455ae1f476) C:\WINDOWS\system32\HPZipm12.dll
17:16:02.0113 3472 Pml Driver HPZ12 - ok
17:16:02.0144 3472 PnkBstrA (19e83b09ab8ee1d837665da941e2ac44) C:\WINDOWS\system32\PnkBstrA.exe
17:16:02.0159 3472 PnkBstrA - ok
17:16:02.0175 3472 PolicyAgent (84885f9b82f4d55c6146ebf6065d75d2) C:\WINDOWS\system32\lsass.exe
17:16:02.0175 3472 PolicyAgent - ok
17:16:02.0191 3472 PptpMiniport (1c5cc65aac0783c344f16353e60b72ac) C:\WINDOWS\system32\DRIVERS\raspptp.sys
17:16:02.0191 3472 PptpMiniport - ok
17:16:02.0206 3472 Processor (0d97d88720a4087ec93af7dbb303b30a) C:\WINDOWS\system32\DRIVERS\processr.sys
17:16:02.0222 3472 Processor - ok
17:16:02.0222 3472 ProtectedStorage (84885f9b82f4d55c6146ebf6065d75d2) C:\WINDOWS\system32\lsass.exe
17:16:02.0222 3472 ProtectedStorage - ok
17:16:02.0238 3472 PSched (48671f327553dcf1d27f6197f622a668) C:\WINDOWS\system32\DRIVERS\psched.sys
17:16:02.0238 3472 PSched - ok
17:16:02.0253 3472 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
17:16:02.0253 3472 Ptilink - ok
17:16:02.0269 3472 ql1080 - ok
17:16:02.0269 3472 Ql10wnt - ok
17:16:02.0269 3472 ql12160 - ok
17:16:02.0284 3472 ql1240 - ok
17:16:02.0284 3472 ql1280 - ok
17:16:02.0300 3472 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
17:16:02.0300 3472 RasAcd - ok
17:16:02.0347 3472 RasAuto (44db7a9bdd2fb58747d123fbf1d35adb) C:\WINDOWS\System32\rasauto.dll
17:16:02.0347 3472 RasAuto - ok
17:16:02.0363 3472 Rasl2tp (98faeb4a4dcf812ba1c6fca4aa3e115c) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
17:16:02.0363 3472 Rasl2tp - ok
17:16:02.0425 3472 RasMan (49b5eed5fb89d39456a2f616ccd8ba5d) C:\WINDOWS\System32\rasmans.dll
17:16:02.0425 3472 RasMan - ok
17:16:02.0441 3472 RasPppoe (7306eeed8895454cbed4669be9f79faa) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
17:16:02.0441 3472 RasPppoe - ok
17:16:02.0441 3472 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
17:16:02.0456 3472 Raspti - ok
17:16:02.0472 3472 Rdbss (03b965b1ca47f6ef60eb5e51cb50e0af) C:\WINDOWS\system32\DRIVERS\rdbss.sys
17:16:02.0472 3472 Rdbss - ok
17:16:02.0519 3472 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
17:16:02.0519 3472 RDPCDD - ok
17:16:02.0566 3472 RDPWD (b54cd38a9ebfbf2b3561426e3fe26f62) C:\WINDOWS\system32\drivers\RDPWD.sys
17:16:02.0566 3472 RDPWD - ok
17:16:02.0581 3472 RDSessMgr (729798e0933076b8fcfcd9934698f164) C:\WINDOWS\system32\sessmgr.exe
17:16:02.0581 3472 RDSessMgr - ok
17:16:02.0597 3472 redbook (b31b4588e4086d8d84adbf9845c2402b) C:\WINDOWS\system32\DRIVERS\redbook.sys
17:16:02.0597 3472 redbook - ok
17:16:02.0644 3472 RemoteAccess (3046db917e3cfa040632799dd9b14865) C:\WINDOWS\System32\mprdim.dll
17:16:02.0644 3472 RemoteAccess - ok
17:16:02.0659 3472 RpcLocator (793f04a09b15e7c6c11dbdffaf06c0ab) C:\WINDOWS\System32\locator.exe
17:16:02.0659 3472 RpcLocator - ok
17:16:02.0706 3472 RpcSs (ce94a2bd25e3e9f4d46a7373ff455c6d) C:\WINDOWS\System32\rpcss.dll
17:16:02.0706 3472 RpcSs - ok
17:16:02.0738 3472 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\System32\rsvp.exe
17:16:02.0753 3472 RSVP - ok
17:16:02.0769 3472 SamSs (84885f9b82f4d55c6146ebf6065d75d2) C:\WINDOWS\system32\lsass.exe
17:16:02.0769 3472 SamSs - ok
17:16:02.0800 3472 SCardSvr (25d8de134df108e3dbc8d7d23b1aa58e) C:\WINDOWS\System32\SCardSvr.exe
17:16:02.0800 3472 SCardSvr - ok
17:16:02.0831 3472 Schedule (92360854316611f6cc471612213c3d92) C:\WINDOWS\system32\schedsvc.dll
17:16:02.0831 3472 Schedule - ok
17:16:02.0925 3472 sdAuxService (a1089ac7683826e6c7c9fab9723dd80f) C:\Program Files\Spyware Doctor\pctsAuxs.exe
17:16:02.0941 3472 sdAuxService - ok
17:16:02.0988 3472 sdCoreService (06f95756353653c7d505361117186713) C:\Program Files\Spyware Doctor\pctsSvc.exe
17:16:03.0003 3472 sdCoreService - ok
17:16:03.0097 3472 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
17:16:03.0097 3472 Secdrv - ok
17:16:03.0128 3472 seclogon (b1e0ce09895376871746f36dc5773b4f) C:\WINDOWS\System32\seclogon.dll
17:16:03.0128 3472 seclogon - ok
17:16:03.0128 3472 SENS (dfd9870cf39c791d86c4c209da9fa919) C:\WINDOWS\system32\sens.dll
17:16:03.0144 3472 SENS - ok
17:16:03.0159 3472 serenum (a2d868aeeff612e70e213c451a70cafb) C:\WINDOWS\system32\DRIVERS\serenum.sys
17:16:03.0159 3472 serenum - ok
17:16:03.0191 3472 Serial (cd9404d115a00d249f70a371b46d5a26) C:\WINDOWS\system32\DRIVERS\serial.sys
17:16:03.0191 3472 Serial - ok
17:16:03.0222 3472 Sfloppy (0d13b6df6e9e101013a7afb0ce629fe0) C:\WINDOWS\system32\drivers\Sfloppy.sys
17:16:03.0238 3472 Sfloppy - ok
17:16:03.0253 3472 ShellHWDetection (6815def9b810aefac107eeaf72da6f82) C:\WINDOWS\System32\shsvcs.dll
17:16:03.0253 3472 ShellHWDetection - ok
17:16:03.0253 3472 Si3114r5 - ok
17:16:03.0269 3472 SiFilter - ok
17:16:03.0269 3472 Simbad - ok
17:16:03.0706 3472 Skype C2C Service (2a99850c2a6edd6c6602e822c716edaf) C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
17:16:03.0988 3472 Skype C2C Service - ok
17:16:04.0050 3472 SkypeUpdate (db0405d9aad62f0762e0876ac142b7e1) C:\Program Files\Skype\Updater\Updater.exe
17:16:04.0050 3472 SkypeUpdate - ok
17:16:04.0128 3472 SLIP (5caeed86821fa2c6139e32e9e05ccdc9) C:\WINDOWS\system32\DRIVERS\SLIP.sys
17:16:04.0128 3472 SLIP - ok
17:16:04.0144 3472 Sparrow - ok
17:16:04.0159 3472 splitter (0ce218578fff5f4f7e4201539c45c78f) C:\WINDOWS\system32\drivers\splitter.sys
17:16:04.0159 3472 splitter - ok
17:16:04.0191 3472 Spooler (da81ec57acd4cdc3d4c51cf3d409af9f) C:\WINDOWS\system32\spoolsv.exe
17:16:04.0191 3472 Spooler - ok
17:16:04.0206 3472 sr (e41b6d037d6cd08461470af04500dc24) C:\WINDOWS\system32\DRIVERS\sr.sys
17:16:04.0206 3472 sr - ok
17:16:04.0222 3472 srservice (92bdf74f12d6cbec43c94d4b7f804838) C:\WINDOWS\system32\srsvc.dll
17:16:04.0238 3472 srservice - ok
17:16:04.0253 3472 Srv (ab9c79ed12d65e800aaad3d72a04792f) C:\WINDOWS\system32\DRIVERS\srv.sys
17:16:04.0253 3472 Srv - ok
17:16:04.0269 3472 SSDPSRV (4b8d61792f7175bed48859cc18ce4e38) C:\WINDOWS\System32\ssdpsrv.dll
17:16:04.0269 3472 SSDPSRV - ok
17:16:04.0300 3472 Steam Client Service - ok
17:16:04.0316 3472 stisvc (b6763f8534ac547cf1af98afdff2edc8) C:\WINDOWS\system32\wiaservc.dll
17:16:04.0331 3472 stisvc - ok
17:16:04.0347 3472 streamip (284c57df5dc7abca656bc2b96a667afb) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
17:16:04.0347 3472 streamip - ok
17:16:04.0378 3472 SWDUMon (7168ea26833301750562bfd0a16a66d3) C:\WINDOWS\system32\DRIVERS\SWDUMon.sys
17:16:04.0378 3472 SWDUMon - ok
17:16:04.0425 3472 swenum (03c1bae4766e2450219d20b993d6e046) C:\WINDOWS\system32\DRIVERS\swenum.sys
17:16:04.0425 3472 swenum - ok
17:16:04.0441 3472 swmidi (94abc808fc4b6d7d2bbf42b85e25bb4d) C:\WINDOWS\system32\drivers\swmidi.sys
17:16:04.0441 3472 swmidi - ok
17:16:04.0441 3472 SwPrv - ok
17:16:04.0456 3472 symc810 - ok
17:16:04.0472 3472 symc8xx - ok
17:16:04.0472 3472 sym_hi - ok
17:16:04.0472 3472 sym_u3 - ok
17:16:04.0488 3472 sysaudio (650ad082d46bac0e64c9c0e0928492fd) C:\WINDOWS\system32\drivers\sysaudio.sys
17:16:04.0503 3472 sysaudio - ok
17:16:04.0519 3472 SysmonLog (8b54aa346d1b1b113ffaa75501b8b1b2) C:\WINDOWS\system32\smlogsvc.exe
17:16:04.0534 3472 SysmonLog - ok
17:16:04.0566 3472 TapiSrv (fb78839b36025aa286a51289ed28b73e) C:\WINDOWS\System32\tapisrv.dll
17:16:04.0566 3472 TapiSrv - ok
17:16:04.0597 3472 Tcpip (2a5554fc5b1e04e131230e3ce035c3f9) C:\WINDOWS\system32\DRIVERS\tcpip.sys
17:16:04.0597 3472 Tcpip - ok
17:16:04.0613 3472 TDPIPE (38d437cf2d98965f239b0abcd66dcb0f) C:\WINDOWS\system32\drivers\TDPIPE.sys
17:16:04.0613 3472 TDPIPE - ok
17:16:04.0628 3472 TDTCP (ed0580af02502d00ad8c4c066b156be9) C:\WINDOWS\system32\drivers\TDTCP.sys
17:16:04.0628 3472 TDTCP - ok
17:16:04.0659 3472 TermDD (a540a99c281d933f3d69d55e48727f47) C:\WINDOWS\system32\DRIVERS\termdd.sys
17:16:04.0659 3472 TermDD - ok
17:16:04.0675 3472 TermService (b60c877d16d9c880b952fda04adf16e6) C:\WINDOWS\System32\termsrv.dll
17:16:04.0691 3472 TermService - ok
17:16:04.0722 3472 TfFsMon (d2a1cd31200a6c9d3dfad022503e4836) C:\WINDOWS\system32\drivers\TfFsMon.sys
17:16:04.0722 3472 TfFsMon - ok
17:16:04.0722 3472 TfKbMon - ok
17:16:04.0753 3472 TfNetMon (3e3a544d10b0ac1c4c133048f84390ac) C:\WINDOWS\system32\drivers\TfNetMon.sys
17:16:04.0769 3472 TfNetMon - ok
17:16:04.0784 3472 TfSysMon (706be7328a35c39dbe449e10c1ac6a38) C:\WINDOWS\system32\drivers\TfSysMon.sys
17:16:04.0784 3472 TfSysMon - ok
17:16:04.0816 3472 Themes (6815def9b810aefac107eeaf72da6f82) C:\WINDOWS\System32\shsvcs.dll
17:16:04.0816 3472 Themes - ok
17:16:04.0909 3472 ThreatFire - ok
17:16:04.0925 3472 TosIde - ok
17:16:04.0941 3472 TrkWks (6d9ac544b30f96c57f8206566c1fb6a1) C:\WINDOWS\system32\trkwks.dll
17:16:04.0941 3472 TrkWks - ok
17:16:04.0972 3472 Udfs (12f70256f140cd7d52c58c7048fde657) C:\WINDOWS\system32\drivers\Udfs.sys
17:16:04.0972 3472 Udfs - ok
17:16:04.0972 3472 ultra - ok
17:16:05.0003 3472 Update (aff2e5045961bbc0a602bb6f95eb1345) C:\WINDOWS\system32\DRIVERS\update.sys
17:16:05.0003 3472 Update - ok
17:16:05.0066 3472 Updater Service for StartNow Toolbar (7ccf424450af71461ca5aca14fb45b72) C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe
17:16:05.0066 3472 Updater Service for StartNow Toolbar - ok
17:16:05.0097 3472 upnphost (aca5d98663d879c6baafcea7e2f1b710) C:\WINDOWS\System32\upnphost.dll
17:16:05.0097 3472 upnphost - ok
17:16:05.0128 3472 UPS (3f5df65b0758675f95a2d43918a740a3) C:\WINDOWS\System32\ups.exe
17:16:05.0128 3472 UPS - ok
17:16:05.0159 3472 USBAAPL (eafe1e00739afe6c51487a050e772e17) C:\WINDOWS\system32\Drivers\usbaapl.sys
17:16:05.0159 3472 USBAAPL - ok
17:16:05.0191 3472 usbaudio (45a0d14b26c35497ad93bce7e15c9941) C:\WINDOWS\system32\drivers\usbaudio.sys
17:16:05.0191 3472 usbaudio - ok
17:16:05.0222 3472 usbccgp (bffd9f120cc63bcbaa3d840f3eef9f79) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
17:16:05.0222 3472 usbccgp - ok
17:16:05.0222 3472 usbehci (15e993ba2f6946b2bfbbfcd30398621e) C:\WINDOWS\system32\DRIVERS\usbehci.sys
17:16:05.0222 3472 usbehci - ok
17:16:05.0253 3472 usbhub (c72f40947f92cea56a8fb532edf025f1) C:\WINDOWS\system32\DRIVERS\usbhub.sys
17:16:05.0253 3472 usbhub - ok
17:16:05.0269 3472 usbohci (bdfe799a8531bad8a5a985821fe78760) C:\WINDOWS\system32\DRIVERS\usbohci.sys
17:16:05.0269 3472 usbohci - ok
17:16:05.0284 3472 usbprint (a42369b7cd8886cd7c70f33da6fcbcf5) C:\WINDOWS\system32\DRIVERS\usbprint.sys
17:16:05.0284 3472 usbprint - ok
17:16:05.0300 3472 usbscan (a6bc71402f4f7dd5b77fd7f4a8ddba85) C:\WINDOWS\system32\DRIVERS\usbscan.sys
17:16:05.0300 3472 usbscan - ok
17:16:05.0316 3472 USBSTOR (6cd7b22193718f1d17a47a1cd6d37e75) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
17:16:05.0316 3472 USBSTOR - ok
17:16:05.0331 3472 usbvideo (8968ff3973a883c49e8b564200f565b9) C:\WINDOWS\system32\Drivers\usbvideo.sys
17:16:05.0331 3472 usbvideo - ok
17:16:05.0347 3472 VgaSave (8a60edd72b4ea5aea8202daf0e427925) C:\WINDOWS\System32\drivers\vga.sys
17:16:05.0347 3472 VgaSave - ok
17:16:05.0363 3472 ViaIde - ok
17:16:05.0378 3472 VolSnap (ee4660083deba849ff6c485d944b379b) C:\WINDOWS\system32\drivers\VolSnap.sys
17:16:05.0394 3472 VolSnap - ok
17:16:05.0425 3472 VSS (3ee00364ae0fd8d604f46cbaf512838a) C:\WINDOWS\System32\vssvc.exe
17:16:05.0425 3472 VSS - ok
17:16:05.0456 3472 W32Time (2b281958f5d0cf99ed626e3ef39d5c8d) C:\WINDOWS\system32\w32time.dll
17:16:05.0472 3472 W32Time - ok
17:16:05.0503 3472 Wanarp (984ef0b9788abf89974cfed4bfbaacbc) C:\WINDOWS\system32\DRIVERS\wanarp.sys
17:16:05.0503 3472 Wanarp - ok
17:16:05.0534 3472 wceusbsh (46a247f6617526afe38b6f12f5512120) C:\WINDOWS\system32\DRIVERS\wceusbsh.sys
17:16:05.0534 3472 wceusbsh - ok
17:16:05.0581 3472 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
17:16:05.0581 3472 Wdf01000 - ok
17:16:05.0597 3472 WDICA - ok
17:16:05.0613 3472 wdmaud (efd235ca22b57c81118c1aeb4798f1c1) C:\WINDOWS\system32\drivers\wdmaud.sys
17:16:05.0613 3472 wdmaud - ok
17:16:05.0644 3472 WebClient (265f534ef76832435afbf771ec97176d) C:\WINDOWS\System32\webclnt.dll
17:16:05.0644 3472 WebClient - ok
17:16:05.0706 3472 winmgmt (f399242a80c4066fd155efa4cf96658e) C:\WINDOWS\system32\wbem\WMIsvc.dll
17:16:05.0706 3472 winmgmt - ok
17:16:05.0753 3472 WinUsb (30fc6e5448d0cbaaa95280eeef7fedae) C:\WINDOWS\system32\DRIVERS\WinUsb.sys
17:16:05.0769 3472 WinUsb - ok
17:16:05.0878 3472 wlidsvc (5144ae67d60ec653f97ddf3feed29e77) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:16:05.0909 3472 wlidsvc - ok
17:16:05.0972 3472 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
17:16:05.0972 3472 WmdmPmSN - ok
17:16:06.0034 3472 WmiApSrv (ba8cecc3e813e1f7c441b20393d4f86c) C:\WINDOWS\System32\wbem\wmiapsrv.exe
17:16:06.0034 3472 WmiApSrv - ok
17:16:06.0128 3472 WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\WMPNetwk.exe
17:16:06.0144 3472 WMPNetworkSvc - ok
17:16:06.0191 3472 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
17:16:06.0191 3472 WpdUsb - ok
17:16:06.0331 3472 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
17:16:06.0347 3472 WPFFontCache_v0400 - ok
17:16:06.0409 3472 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
17:16:06.0409 3472 WS2IFSL - ok
17:16:06.0441 3472 WSTCODEC (d5842484f05e12121c511aa93f6439ec) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
17:16:06.0456 3472 WSTCODEC - ok
17:16:06.0472 3472 wuauserv (13d72740963cba12d9ff76a7f218bcd8) C:\WINDOWS\system32\wuauserv.dll
17:16:06.0472 3472 wuauserv - ok
17:16:06.0519 3472 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
17:16:06.0519 3472 WudfPf - ok
17:16:06.0534 3472 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
17:16:06.0534 3472 WudfRd - ok
17:16:06.0550 3472 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
17:16:06.0566 3472 WudfSvc - ok
17:16:06.0581 3472 WZCSVC (5a91e6feab9f901302fa7ff768c0120f) C:\WINDOWS\System32\wzcsvc.dll
17:16:06.0597 3472 WZCSVC - ok
17:16:06.0613 3472 xmlprov (eef46dab68229a14da3d8e73c99e2959) C:\WINDOWS\System32\xmlprov.dll
17:16:06.0613 3472 xmlprov - ok
17:16:06.0644 3472 yukonwxp (a8d429e2268792638cffc57552c5e736) C:\WINDOWS\system32\DRIVERS\yk51x86.sys
17:16:06.0644 3472 yukonwxp - ok
17:16:06.0675 3472 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
17:16:07.0081 3472 \Device\Harddisk0\DR0 - ok
17:16:07.0081 3472 Boot (0x1200) (3039df2e37eb2dac6179517bdb2985c6) \Device\Harddisk0\DR0\Partition0
17:16:07.0081 3472 \Device\Harddisk0\DR0\Partition0 - ok
17:16:07.0081 3472 ============================================================
17:16:07.0081 3472 Scan finished
17:16:07.0081 3472 ============================================================
17:16:07.0097 4280 Detected object count: 0
17:16:07.0097 4280 Actual detected object count: 0
17:16:50.0784 3400 Deinitialize success

avast results

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-06-26 16:39:07
-----------------------------
16:39:07.019 OS Version: Windows 5.1.2600 Service Pack 3
16:39:07.019 Number of processors: 2 586 0x2B01
16:39:07.019 ComputerName: HOME-W3O9G5F1PY UserName: Carol
16:39:09.972 Initialize success
16:42:27.222 AVAST engine defs: 12062601
16:46:25.831 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000007d
16:46:25.831 Disk 0 Vendor: HDT722516DLA380 V43OA96A Size: 157066MB BusType: 3
16:46:25.847 Disk 0 MBR read successfully
16:46:25.847 Disk 0 MBR scan
16:46:25.847 Disk 0 Windows XP default MBR code
16:46:25.847 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 157057 MB offset 63
16:46:25.847 Disk 0 scanning sectors +321653430
16:46:25.941 Disk 0 scanning C:\WINDOWS\system32\drivers
16:46:38.144 Service scanning
16:47:02.206 Modules scanning
16:47:11.456 Disk 0 trace - called modules:
16:47:11.488 ntkrnlpa.exe CLASSPNP.SYS disk.sys PCTCore.sys ACPI.sys hal.dll nvata.sys
16:47:11.488 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8ab91840]
16:47:11.488 3 CLASSPNP.SYS[b810905b] -> nt!IofCallDriver -> [0x8abfb900]
16:47:11.488 5 PCTCore.sys[b7ebceae] -> nt!IofCallDriver -> \Device\0000007e[0x8ac37ac0]
16:47:11.488 7 ACPI.sys[b7f5f620] -> nt!IofCallDriver -> \Device\0000007d[0x8abe3030]
16:47:12.034 AVAST engine scan C:\WINDOWS
16:47:28.972 AVAST engine scan C:\WINDOWS\system32
16:50:24.066 AVAST engine scan C:\WINDOWS\system32\drivers
16:50:43.238 AVAST engine scan C:\Documents and Settings\Carol
17:02:50.081 AVAST engine scan C:\Documents and Settings\All Users
17:11:49.097 Scan finished successfully
17:13:44.488 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Carol\Desktop\MBR.dat"
17:13:44.488 The log file has been saved successfully to "C:\Documents and Settings\Carol\Desktop\aswMBR.txt"

eset results

C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Virtumondesdn1.zip Win32/Bagle.gen.zip worm
C:\Documents and Settings\Carol\Local Settings\Application Data\{1B9F91E7-BEDA-11E1-8270-B8AC6F996F26}\chrome\content\browser.xul JS/Redirector.NIQ trojan
C:\Documents and Settings\Carol\Local Settings\Application Data\{61BCF525-BD5F-11E1-8270-B8AC6F996F26}\chrome\content\browser.xul JS/Redirector.NIQ trojan
C:\Documents and Settings\Dave\Local Settings\Temporary Internet Files\Content.IE5\BFE3CCG8\speedupmypc[1].exe Win32/SpeedUpMyPC application
C:\Documents and Settings\Dave\My Documents\klitekpp210e.exe probably a variant of Win32/TrojanDownloader.VB.IRCSLWN trojan
C:\Documents and Settings\Dave\My Documents\Setup_FreeConverter.exe Win32/Toolbar.Widgi application
C:\Documents and Settings\Kids\Application Data\anvdi.dll a variant of Win32/Medfos.AH trojan
C:\Documents and Settings\Kids\Application Data\etbds.dll a variant of Win32/Medfos.AI trojan
C:\Documents and Settings\Kids\Application Data\spati.dll a variant of Win32/Medfos.AI trojan
C:\Documents and Settings\Kids\Local Settings\Application Data\{1B9F91E7-BEDA-11E1-8270-B8AC6F996F26}\chrome\content\browser.xul JS/Redirector.NIQ trojan
C:\Documents and Settings\Kids\Local Settings\Application Data\{61BCF525-BD5F-11E1-8270-B8AC6F996F26}\chrome\content\browser.xul JS/Redirector.NIQ trojan
C:\Documents and Settings\Kids\Local Settings\temp\M.class a variant of Java/Exploit.CVE-2011-3544.BK trojan
C:\Documents and Settings\Kids\Local Settings\temp\~!#198.tmp a variant of Win32/Kryptik.AHIY trojan
C:\Documents and Settings\Kids\Local Settings\temp\~!#19B.tmp a variant of Win32/Medfos.AH trojan
C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe a variant of Win32/Toolbar.Zugo application
C:\Program Files\Uniblue\RegistryBooster\Launcher.exe a variant of Win32/RegistryBooster application
C:\Program Files\Uniblue\RegistryBooster\registrybooster.exe Win32/RegistryBooster application
C:\Program Files\Uniblue\SpeedUpMyPC\sump.exe Win32/SpeedUpMyPC application
C:\Qoobox\Quarantine\C\WINDOWS\system32\gfhkj.bak1.vir Win32/Adware.Virtumonde.NEO application
Operating memory multiple threats

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:30 PM

Posted 26 June 2012 - 11:14 PM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

MiniToolBox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

#5 dcewing

dcewing
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:03:30 PM

Posted 27 June 2012 - 06:38 PM

I had already run MBAM before posting. I did run it again, but it found no malicious items.

Here are the results of MiniToolBox:

MiniToolBox by Farbar Version: 25-06-2012
Ran by Carol (administrator) on 27-06-2012 at 16:34:58
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
ProxyServer: :0

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.no_proxies_on", "127.0.0.1"

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

::1 localhost

127.0.0.1 localhost

========================= IP Configuration: ================================

Marvell Yukon 88E8001/8003/8010 PCI Gigabit Ethernet Controller = Local Area Connection 3 (Connected)
1394 Net Adapter = 1394 Connection 2 (Connected)
Hamachi Network Interface = Hamachi (Connected)
NVIDIA nForce Networking Controller = Local Area Connection 4 (Media disconnected)
The following helper DLL cannot be loaded: NAPMONTR.DLL.
The following helper DLL cannot be loaded: DOT3CFG.DLL.


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Hamachi"

set address name="Hamachi" source=dhcp
set dns name="Hamachi" source=dhcp register=NONE
set wins name="Hamachi" source=dhcp

# Interface IP Configuration for "Local Area Connection 4"

set address name="Local Area Connection 4" source=dhcp
set dns name="Local Area Connection 4" source=dhcp register=PRIMARY
set wins name="Local Area Connection 4" source=dhcp

# Interface IP Configuration for "Local Area Connection 3"

set address name="Local Area Connection 3" source=dhcp
set dns name="Local Area Connection 3" source=dhcp register=PRIMARY
set wins name="Local Area Connection 3" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : home-w3o9g5f1py

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Unknown

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No

DNS Suffix Search List. . . . . . : westell.com



Ethernet adapter Hamachi:



Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Hamachi Network Interface

Physical Address. . . . . . . . . : 7A-79-05-84-07-88

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : No

IP Address. . . . . . . . . . . . : 5.132.7.136

Subnet Mask . . . . . . . . . . . : 255.0.0.0

Default Gateway . . . . . . . . . :

DHCP Server . . . . . . . . . . . : 5.0.0.1

Lease Obtained. . . . . . . . . . : Wednesday, June 27, 2012 1:47:38 PM

Lease Expires . . . . . . . . . . : Thursday, June 27, 2013 1:47:38 PM



Ethernet adapter Local Area Connection 4:



Media State . . . . . . . . . . . : Media disconnected

Description . . . . . . . . . . . : NVIDIA nForce Networking Controller #2

Physical Address. . . . . . . . . : 00-15-F2-90-20-3D



Ethernet adapter Local Area Connection 3:



Connection-specific DNS Suffix . : westell.com

Description . . . . . . . . . . . : Marvell Yukon 88E8001/8003/8010 PCI Gigabit Ethernet Controller #2

Physical Address. . . . . . . . . : 00-15-F2-90-B1-8A

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 10.0.0.20

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 10.0.0.1

DHCP Server . . . . . . . . . . . : 10.0.0.1

DNS Servers . . . . . . . . . . . : 10.0.0.1

Lease Obtained. . . . . . . . . . : Wednesday, June 27, 2012 1:47:44 PM

Lease Expires . . . . . . . . . . : Thursday, June 28, 2012 1:47:44 PM

Server: dslrouter.westell.com
Address: 10.0.0.1

Name: google.com
Addresses: 173.194.33.39, 173.194.33.40, 173.194.33.41, 173.194.33.46
173.194.33.32, 173.194.33.33, 173.194.33.34, 173.194.33.35, 173.194.33.36
173.194.33.37, 173.194.33.38



Pinging google.com [173.194.33.38] with 32 bytes of data:



Reply from 173.194.33.38: bytes=32 time=36ms TTL=57

Reply from 173.194.33.38: bytes=32 time=31ms TTL=57



Ping statistics for 173.194.33.38:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 31ms, Maximum = 36ms, Average = 33ms

Server: dslrouter.westell.com
Address: 10.0.0.1

Name: yahoo.com
Addresses: 209.191.122.70, 72.30.38.140, 98.139.183.24



Pinging yahoo.com [98.139.183.24] with 32 bytes of data:



Reply from 98.139.183.24: bytes=32 time=194ms TTL=50

Reply from 98.139.183.24: bytes=32 time=131ms TTL=50



Ping statistics for 98.139.183.24:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 131ms, Maximum = 194ms, Average = 162ms

Server: dslrouter.westell.com
Address: 10.0.0.1

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:



Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...7a 79 05 84 07 88 ...... Hamachi Network Interface
0x3 ...00 15 f2 90 20 3d ...... NVIDIA nForce Networking Controller #2 - Packet Scheduler Miniport
0x4 ...00 15 f2 90 b1 8a ...... Marvell Yukon 88E8001/8003/8010 PCI Gigabit Ethernet Controller #2 - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.0.0.1 10.0.0.20 20
5.0.0.0 255.0.0.0 5.132.7.136 5.132.7.136 20
5.132.7.136 255.255.255.255 127.0.0.1 127.0.0.1 20
5.255.255.255 255.255.255.255 5.132.7.136 5.132.7.136 20
10.0.0.0 255.255.255.0 10.0.0.20 10.0.0.20 20
10.0.0.20 255.255.255.255 127.0.0.1 127.0.0.1 20
10.255.255.255 255.255.255.255 10.0.0.20 10.0.0.20 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
169.254.0.0 255.255.0.0 5.132.7.136 5.132.7.136 20
224.0.0.0 240.0.0.0 5.132.7.136 5.132.7.136 20
224.0.0.0 240.0.0.0 10.0.0.20 10.0.0.20 20
255.255.255.255 255.255.255.255 5.132.7.136 5.132.7.136 1
255.255.255.255 255.255.255.255 5.132.7.136 3 1
255.255.255.255 255.255.255.255 10.0.0.20 10.0.0.20 1
Default Gateway: 10.0.0.1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Program Files\Common Files\PC Tools\LSP\PCTLsp.dll [321464] (PC Tools Research Pty Ltd.)
Catalog9 02 C:\Program Files\Common Files\PC Tools\LSP\PCTLsp.dll [321464] (PC Tools Research Pty Ltd.)
Catalog9 03 C:\Program Files\Common Files\PC Tools\LSP\PCTLsp.dll [321464] (PC Tools Research Pty Ltd.)
Catalog9 04 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\rsvpsp.dll [90112] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\rsvpsp.dll [90112] (Microsoft Corporation)
Catalog9 09 C:\Program Files\Common Files\PC Tools\LSP\PCTLsp.dll [321464] (PC Tools Research Pty Ltd.)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (06/27/2012 02:13:22 PM) (Source: Application Hang) (User: )
Description: Fault bucket 1180947459.

Error: (06/27/2012 02:13:15 PM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (06/27/2012 02:13:14 PM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (06/27/2012 02:13:14 PM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (06/27/2012 01:47:34 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 59959110

Error: (06/27/2012 01:47:34 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 59959110

Error: (06/27/2012 01:47:34 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/26/2012 09:06:16 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10325906

Error: (06/26/2012 09:06:16 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10325906

Error: (06/26/2012 09:06:16 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (06/27/2012 01:47:35 PM) (Source: Dhcp) (User: )
Description: Your computer has lost the lease to its IP address 10.0.0.20 on the
Network Card with network address 0015F290B18A.

Error: (06/26/2012 01:19:33 PM) (Source: DCOM) (User: HOME-W3O9G5F1PY)
Description: The server {0002DF01-0000-0000-C000-000000000046} did not register with DCOM within the required timeout.

Error: (06/26/2012 00:32:51 PM) (Source: DCOM) (User: HOME-W3O9G5F1PY)
Description: The server {0002DF01-0000-0000-C000-000000000046} did not register with DCOM within the required timeout.

Error: (06/26/2012 00:28:34 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
AVG Anti-Spyware Driver
Beep
Si3114r5

Error: (06/26/2012 00:28:34 PM) (Source: Service Control Manager) (User: )
Description: The MSCamSvc service hung on starting.

Error: (06/26/2012 00:28:34 PM) (Source: Service Control Manager) (User: )
Description: The HP CUE DeviceDiscovery Service service hung on starting.

Error: (06/26/2012 00:28:04 PM) (Source: Service Control Manager) (User: )
Description: The MCSTRM service failed to start due to the following error:
%%2

Error: (06/26/2012 00:28:04 PM) (Source: Service Control Manager) (User: )
Description: The LogMeIn Kernel Information Provider service failed to start due to the following error:
%%2

Error: (06/26/2012 00:28:04 PM) (Source: Service Control Manager) (User: )
Description: The LMIGuardianSvc service failed to start due to the following error:
%%2

Error: (06/26/2012 00:28:04 PM) (Source: Service Control Manager) (User: )
Description: The AVG Anti-Spyware Guard service failed to start due to the following error:
%%3


Microsoft Office Sessions:
=========================
Error: (05/29/2012 08:37:52 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 288 seconds with 240 seconds of active time. This session ended with a crash.

Error: (03/31/2012 00:39:14 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 95 seconds with 60 seconds of active time. This session ended with a crash.

Error: (02/03/2012 07:28:08 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6562.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 1581 seconds with 60 seconds of active time. This session ended with a crash.

Error: (01/26/2012 04:06:02 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6562.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 71 seconds with 60 seconds of active time. This session ended with a crash.

Error: (01/14/2012 09:13:49 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6562.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 176 seconds with 120 seconds of active time. This session ended with a crash.

Error: (12/23/2011 02:49:32 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6562.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 86 seconds with 0 seconds of active time. This session ended with a crash.

Error: (11/28/2011 01:56:24 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6562.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 130 seconds with 60 seconds of active time. This session ended with a crash.

Error: (11/19/2011 04:36:59 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6562.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 1287 seconds with 240 seconds of active time. This session ended with a crash.

Error: (08/20/2011 10:04:46 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 96 seconds with 60 seconds of active time. This session ended with a crash.

Error: (07/18/2011 10:34:52 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6557.5001, Microsoft Office Version: 12.0.6425.1000. This session lasted 178 seconds with 120 seconds of active time. This session ended with a crash.


=========================== Installed Programs ============================

µTorrent (Version: 1.8.2)
32 Bit HP CIO Components Installer (Version: 7.1.8)
7-Zip 9.20
Ad-Aware (Version: 9.6.0)
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742) (Version: 8.1.2)
Adobe AIR (Version: 3.1.0.4880)
Adobe Flash Player 11 ActiveX (Version: 11.2.202.235)
Adobe Flash Player 11 Plugin (Version: 11.3.300.262)
Adobe Reader 8.1.2 (Version: 8.1.2)
Adobe Reader 8.1.2 Security Update 1 (KB403742)
Adobe Shockwave Player 11.6 (Version: 11.6.1.629)
Amazon MP3 Downloader 1.0.15 (Version: 1.0.15)
Apple Application Support (Version: 2.1.7)
Apple Mobile Device Support (Version: 5.1.1.4)
Apple Software Update (Version: 2.1.3.127)
Bejeweled 3
Bejeweled Twist 1.0 (Version: 1.0)
Big Fish Games: Game Manager (Version: 3.0.1.60)
Bonjour (Version: 3.0.0.10)
Bookworm Adventures Deluxe 1.0
Bookworm Adventures Vol. 2
BufferChm (Version: 110.0.180.000)
Cards_Calendar_OrderGift_DoMorePlugout (Version: 2.03.0000)
CDDRV_Installer (Version: 4.60)
Cesar Millan's Dog Whisperer™ (remove only)
Cheat Engine 6.1
Chuzzle Deluxe
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Copy (Version: 110.0.180.000)
Cosmic Bugs 1.05
dcmsvc 1.0
Destination Component (Version: 110.0.0.0)
DeviceDiscovery (Version: 110.0.180.000)
DeviceManagementQFolder (Version: 1.00.0000)
Diner Dash - Flo on the Go
Disk Manager
DJ_AIO_03_F4200_ProductContext (Version: 110.0.206.000)
DJ_AIO_03_F4200_Software (Version: 110.0.206.000)
DJ_AIO_03_F4200_Software_Min (Version: 110.0.206.000)
Dungeon Defenders
Escape Whisper Valley
ESET Online Scanner v3
eSupportQFolder (Version: 1.00.0000)
F4200 (Version: 110.0.206.000)
F4200_Help (Version: 110.0.206.000)
Facebook Video Calling 1.2.0.159 (Version: 1.2.159)
Feeding Frenzy 2 1.0
FileZilla Client 3.2.6 (Version: 3.2.6)
Google Earth Plug-in (Version: 6.1.0.5001)
Google Update Helper (Version: 1.3.21.111)
GPBaseService (Version: 110.0.180.000)
GPBaseService2 (Version: 130.0.371.000)
Greetings Workshop Deluxe
H&R Block Basic + Efile 2009 (Version: 09.02.6401)
H&R Block Basic + Efile 2010 (Version: 10.02.6402)
H&R Block Basic + Efile 2011 (Version: 11.02.6203)
Hammer Heads
Hoyle Card Games 2005 (Version: 1.2.0.0)
HP Deskjet F4200 All-In-One Driver Software 11.0 Rel .3 (Version: 11.0)
HP Imaging Device Functions 11.0 (Version: 11.0)
HP Photosmart Essential 2.5 (Version: 1.03.0000)
HP Photosmart Essential 3.0 (Version: 3.0)
HP Smart Web Printing 4.60 (Version: 4.60)
HP Solution Center 13.0 (Version: 13.0)
HP Update (Version: 5.003.001.001)
HPProductAssistant (Version: 130.0.371.000)
ieSpell (Version: 2.5.1 (build 106))
Image Resizer Powertoy for Windows XP (Version: 1.00.0001)
InterActual Player
IrfanView (remove only)
Java Auto Updater (Version: 2.0.2.1)
Java™ 6 Update 20 (Version: 6.0.200)
KhalSetup (Version: 3.30.165)
LIMBO
Lizard Safeguard - PDF Viewer 2.6.9
Logitech SetPoint (Version: 4.60)
Logitech Updater (Version: 1.70)
LogMeIn Hamachi (Version: 2.1.0.166)
Malwarebytes Anti-Malware version 1.61.0.1400 (Version: 1.61.0.1400)
Marvell Miniport Driver (Version: 7.21.1.3)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Corporation (Version: 9.0.30729.1)
Microsoft IntelliType Pro 6.2 (Version: 6.20.182.0)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft LifeCam (Version: 3.22.270.0)
Microsoft National Language Support Downlevel APIs
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft Software Update for Web Folders (English) 12 (Version: 12.0.6612.1000)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C Runtime (Version: 8.0.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft WinUsb 2.0
Microsoft XNA Framework Redistributable 4.0 (Version: 4.0.20823.0)
MotoHelper 2.0.51 Driver 5.1.0 (Version: 2.0.51)
MotoHelper MergeModules (Version: 1.2.0)
Motorola Mobile Drivers Installation 5.1.0 (Version: 5.1.0)
Mozilla Firefox (2.0) (Version: 2.0 (en-US))
MSVCSetup (Version: 1.00.0000)
MSXML 4.0 SP2 (KB925672) (Version: 4.20.9839.0)
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
MSXML 6 Service Pack 2 (KB954459) (Version: 6.20.1099.0)
Musicnotes Software Suite 1.7.2 (Version: 1.7.2)
Mystery P.I. - The London Caper
Nero 7 Essentials (Version: 7.02.0839)
Nikon Message Center (Version: 0.91.000)
NVIDIA Display Control Panel (Version: 6.14.11.9621)
NVIDIA Drivers (Version: 1.10)
NVIDIA nView Desktop Manager (Version: 6.14.10.00)
Orban/Coding Technologies AAC/aacPlus Player Plugin™ 1.0
OverDrive Media Console (Version: 3.2.5)
PayPal Plug-In (Version: 2.2.26.0)
PayPal Plug-In (Version: 2.2.3.0)
Pdf995 (installed by H&R Block)
PdfEdit995 (installed by H&R Block)
Peggle Deluxe 1.0
Peggle Nights Deluxe 1.0 (Version: 1.0)
Peggle World of Warcraft Edition
Photodex Presenter
Picasa 3 (Version: 3.8)
Plants vs. Zombies
PrimoPDF -- brought to you by Nitro PDF Software (Version: 5)
PSSWCORE (Version: 2.03.0000)
Python 2.6.4 (Version: 2.6.4150)
QuickTime (Version: 7.72.80.56)
RealPlayer
Realtek AC'97 Audio (Version: 5.12)
Registry Mechanic 9.0 (Version: 9.0)
Return of Arcade Anniversary Edition
Scan (Version: 11.0.0.0)
Sibelius Scorch (ActiveX Only) (Version: 6.2.0)
Skype Click to Call (Version: 6.0.10297)
Skype™ 5.1 (Version: 5.1.112)
Skype™ 5.8 (Version: 5.8.158)
SmartWebPrinting (Version: 140.0.186.000)
Snail Mail Online
Soldier of Fortune II - Double Helix GOLD (Version: 1.02)
SolutionCenter (Version: 130.0.373.000)
Sonic CinePlayer DVD Pack (Version: 2.3.1)
Spybot - Search & Destroy (Version: 1.6.2)
Spyware Doctor 7.0 (Version: 7.0)
StartNow Toolbar (Version: 2.3.0)
Status (Version: 110.0.180.000)
Steam (Version: 1.0.0.0)
swMSM (Version: 12.0.0.1)
TaxCut Basic + Efile 2008 (Version: 08.03.5901)
TaxCut Basic 2006
TaxCut Premium 2007 (Version: 07.03.0000)
Terraria
The Spider-Man 2 Demo (Version: 1.00.0000)
Toolbox (Version: 110.0.180.000)
TrayApp (Version: 110.0.180.000)
TuneUp Companion 2.4.2 (Version: 2.4.2)
Uniblue DriverScanner
Uniblue PowerSuite
Uniblue RegistryBooster
Uniblue SpeedUpMyPC
Uniblue System Tweaker
Unity Web Player (Version: 2.6.1f3_31223)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687267) 32-Bit Edition
Update for Windows XP (KB898461) (Version: 1)
Update for Windows XP (KB900485) (Version: 2)
Update for Windows XP (KB904942) (Version: 2)
Update for Windows XP (KB908531) (Version: 2)
Update for Windows XP (KB910437) (Version: 1)
Update for Windows XP (KB911280) (Version: 2)
Update for Windows XP (KB916595) (Version: 1)
Update for Windows XP (KB920872) (Version: 1)
Update for Windows XP (KB922582) (Version: 1)
Update for Windows XP (KB927891) (Version: 3)
Update for Windows XP (KB929338) (Version: 1)
Update for Windows XP (KB930916) (Version: 1)
Update for Windows XP (KB931836) (Version: 1)
Update for Windows XP (KB932823-v3) (Version: 3)
Update for Windows XP (KB933360) (Version: 1)
Update for Windows XP (KB938828) (Version: 1)
Update for Windows XP (KB942763) (Version: 1)
Update for Windows XP (KB951072-v2) (Version: 2)
Update for Windows XP (KB955839) (Version: 1)
Update for Windows XP (KB960763) (Version: 1)
USB Mass Storage Toolbox
VideoToolkit01 (Version: 110.0.171.000)
Virtual Families (Version: 32.0.0.0)
Virtual Villagers 4: The Tree of Life (Version: 32.0.0.0)
Virtual Villagers: New Believers
Virtual Villagers® - The Secret City (Version: 32.0.0.0)
Visual Basic for Applications ® Core - English (Version: 6.4.99.69)
Visual Basic for Applications ® Core (Version: 6.4.99.69)
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (Version: 9.0.30729.01)
Warner Bros. Digital Copy Manager (Version: 1.70)
WebFldrs XP (Version: 9.50.6513)
WebReg (Version: 110.0.180.000)
Windows Driver Package - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0) (Version: 05/27/2006 1.3.2.0)
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray (Version: 1.0)
Windows Genuine Advantage Notifications (KB905474) (Version: 1.7.0018.5)
Windows Imaging Component (Version: 3.0.0.0)
Windows Installer 3.1 (KB893803) (Version: 3.1)
Windows Internet Explorer 7 (Version: 20061107.210142)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
Windows Media Encoder 9 Series
Windows Media Encoder 9 Series (Version: 9.00.2980)
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Hotfix - KB873339 (Version: 20041117.092459)
Windows XP Hotfix - KB885835 (Version: 20041027.181713)
Windows XP Hotfix - KB885836 (Version: 20041028.173203)
Windows XP Hotfix - KB885884 (Version: 20040924.025457)
Windows XP Hotfix - KB886185 (Version: 20041021.090540)
Windows XP Hotfix - KB887472 (Version: 20041014.162858)
Windows XP Hotfix - KB888113 (Version: 20041116.131036)
Windows XP Hotfix - KB888302 (Version: 20041207.111426)
Windows XP Hotfix - KB890859 (Version: 1)
Windows XP Hotfix - KB891781 (Version: 20050110.165439)
Windows XP Service Pack 3 (Version: 20080414.031525)
World of Warcraft (Version: 4.3.4.15595)
Writing Aids (Version: 2010.1028)
XAMPP 1.7.1
Year 2 Curriculum (Version: 2010.1018)
Year 2 Evaluations
Year 2 Interface (Version: 2010.0218)
Year 2 MapAids
Zuma's Revenge!

========================= Memory info: ===================================

Percentage of memory in use: 54%
Total physical RAM: 2047.48 MB
Available physical RAM: 941.06 MB
Total Pagefile: 4963.62 MB
Available Pagefile: 3500.72 MB
Total Virtual: 2047.88 MB
Available Virtual: 1970.11 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:153.38 GB) (Free:1.6 GB) NTFS
4 Drive e: (AEM_ECB2_v8.1) (CDROM) (Total:0.63 GB) (Free:0 GB) CDFS

========================= Users: ========================================

User accounts for \\HOME-W3O9G5F1PY

Administrator ASPNET Carol
Dave Guest HelpAssistant
Kids SUPPORT_388945a0


**** End of log ****

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:30 PM

Posted 27 June 2012 - 07:08 PM

Reset Internet explorer

http://support.microsoft.com/kb/923737

Now let me know if you still have issues

Edited by narenxp, 28 June 2012 - 03:38 AM.


#7 dcewing

dcewing
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:03:30 PM

Posted 27 June 2012 - 11:51 PM

I've done all that and yet, facebook still asks for a credit card when my daughter tries to go there. What now? When I check her facebook from my android phone, going to the desktop site, I do not get this message. So this confirms that it is not a facebook request but something else.

Help?

Carol

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:30 PM

Posted 28 June 2012 - 03:41 AM

I have edited my previous instructions.Please try that and let me know

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:30 PM

Posted 28 June 2012 - 09:40 AM

Run ESET scanner and make sure to delete all the threats

Previous log shows that you didnot remove them.

Edited by narenxp, 28 June 2012 - 09:47 AM.


#10 dcewing

dcewing
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:03:30 PM

Posted 28 June 2012 - 01:24 PM

I actually realized last night that I had not deleted the threats, so did run it. I checked for the problem after running it and it was still happening last night. However, this morning when I turned on the computer to check for your reply, the problem seems to be fixed. Maybe shutting it off instead of just restarting the computer helped?

So I think my problem is resolved! Thank you so much for your time.

Very thankfully,
Carol

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:30 PM

Posted 28 June 2012 - 01:27 PM

Download

TFC


Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://support.microsoft.com/kb/310405

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp


Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

Edited by narenxp, 28 June 2012 - 08:15 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users