Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

redirect virus help


  • Please log in to reply
5 replies to this topic

#1 markbrut

markbrut

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:07:07 PM

Posted 18 July 2012 - 10:45 AM

Hello, I have used this forum several times before under a different user name to great success. I just re-registered under my new e-mail address today.

I have contracted quite a few re-direct viruses over the years and have gotten fairly adept at removing them myself; however recently I have contracted at least one VERY stubborn one that I can't get rid of. I am getting a variety of browser re-directs, mostly Get Answers Fast and Info Mash but others as well. I have tried numerous programs such as Combo Fix, Malwarebytes, Super Anti Spyware, etc and none are picking anything up.

I would definitely appreciate a little guidance in getting rid of this problem. Thanks in advance.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:07 PM

Posted 18 July 2012 - 03:01 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 markbrut

markbrut
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:07:07 PM

Posted 19 July 2012 - 10:26 AM

Thank you for responding.

TDSSkiller

18:18:16.0609 3440 TDSS rootkit removing tool 2.7.46.0 Jul 16 2012 22:10:11
18:18:18.0687 3440 ============================================================
18:18:18.0734 3440 Current date / time: 2012/07/18 18:18:18.0687
18:18:18.0734 3440 SystemInfo:
18:18:18.0734 3440
18:18:18.0734 3440 OS Version: 5.1.2600 ServicePack: 3.0
18:18:18.0734 3440 Product type: Workstation
18:18:18.0734 3440 ComputerName: MARKBRUT
18:18:18.0765 3440 UserName: Mark Brut
18:18:18.0765 3440 Windows directory: C:\WINDOWS
18:18:18.0765 3440 System windows directory: C:\WINDOWS
18:18:18.0765 3440 Processor architecture: Intel x86
18:18:18.0765 3440 Number of processors: 1
18:18:18.0765 3440 Page size: 0x1000
18:18:18.0765 3440 Boot type: Normal boot
18:18:18.0765 3440 ============================================================
18:19:02.0046 3440 Drive \Device\Harddisk0\DR0 - Size: 0x12A05F2000 (74.51 Gb), SectorSize: 0x200, Cylinders: 0x25FE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
18:19:02.0125 3440 Drive \Device\Harddisk1\DR1 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
18:19:02.0328 3440 Drive \Device\Harddisk2\DR5 - Size: 0xE8B6F00000 (930.86 Gb), SectorSize: 0x200, Cylinders: 0x1DAAB, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
18:19:02.0328 3440 Drive \Device\Harddisk3\DR6 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
18:19:06.0906 3440 ============================================================
18:19:06.0906 3440 \Device\Harddisk0\DR0:
18:19:06.0937 3440 MBR partitions:
18:19:06.0937 3440 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x139C5, BlocksNum 0x94EAFF8
18:19:06.0937 3440 \Device\Harddisk1\DR1:
18:19:06.0968 3440 MBR partitions:
18:19:06.0968 3440 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x950E482
18:19:06.0968 3440 \Device\Harddisk2\DR5:
18:19:06.0968 3440 MBR partitions:
18:19:06.0968 3440 \Device\Harddisk2\DR5\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x745B7000
18:19:06.0984 3440 \Device\Harddisk3\DR6:
18:19:06.0984 3440 MBR partitions:
18:19:06.0984 3440 \Device\Harddisk3\DR6\Partition0: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x74705982
18:19:06.0984 3440 ============================================================
18:19:07.0875 3440 C: <-> \Device\Harddisk0\DR0\Partition0
18:19:07.0953 3440 F: <-> \Device\Harddisk1\DR1\Partition0
18:19:08.0562 3440 G: <-> \Device\Harddisk3\DR6\Partition0
18:19:10.0406 3440 L: <-> \Device\Harddisk2\DR5\Partition0
18:19:10.0703 3440 ============================================================
18:19:10.0703 3440 Initialize success
18:19:10.0703 3440 ============================================================
18:19:20.0375 0140 ============================================================
18:19:20.0375 0140 Scan started
18:19:20.0375 0140 Mode: Manual;
18:19:20.0375 0140 ============================================================
18:19:24.0453 0140 Abiosdsk - ok
18:19:24.0562 0140 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\System32\DRIVERS\ABP480N5.SYS
18:19:24.0578 0140 abp480n5 - ok
18:19:25.0062 0140 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
18:19:25.0203 0140 ACPI - ok
18:19:25.0343 0140 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
18:19:25.0359 0140 ACPIEC - ok
18:19:26.0187 0140 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
18:19:26.0281 0140 AdobeFlashPlayerUpdateSvc - ok
18:19:26.0593 0140 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\System32\DRIVERS\adpu160m.sys
18:19:26.0609 0140 adpu160m - ok
18:19:26.0687 0140 aeaudio (11c04b17ed2abbb4833694bcd644ac90) C:\WINDOWS\system32\drivers\aeaudio.sys
18:19:26.0718 0140 aeaudio - ok
18:19:26.0984 0140 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
18:19:27.0031 0140 aec - ok
18:19:27.0171 0140 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
18:19:27.0203 0140 AFD - ok
18:19:27.0437 0140 AFS2K (0ebb674888cbdefd5773341c16dd6a07) C:\WINDOWS\system32\drivers\AFS2K.sys
18:19:27.0453 0140 AFS2K - ok
18:19:27.0562 0140 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\System32\DRIVERS\agp440.sys
18:19:27.0578 0140 agp440 - ok
18:19:27.0843 0140 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\System32\DRIVERS\agpCPQ.sys
18:19:27.0875 0140 agpCPQ - ok
18:19:27.0953 0140 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\System32\DRIVERS\aha154x.sys
18:19:27.0968 0140 Aha154x - ok
18:19:28.0140 0140 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\System32\DRIVERS\aic78u2.sys
18:19:28.0171 0140 aic78u2 - ok
18:19:28.0328 0140 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\System32\DRIVERS\aic78xx.sys
18:19:28.0343 0140 aic78xx - ok
18:19:36.0203 0140 Akamai (29584f02a43e427c4227e3b1d9ff1b22) c:\program files\common files\akamai/netsession_win_4f7fccd.dll
18:19:36.0203 0140 Suspicious file (Hidden): c:\program files\common files\akamai/netsession_win_4f7fccd.dll. md5: 29584f02a43e427c4227e3b1d9ff1b22
18:19:36.0218 0140 Akamai ( HiddenFile.Multi.Generic ) - warning
18:19:36.0218 0140 Akamai - detected HiddenFile.Multi.Generic (1)
18:19:37.0625 0140 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
18:19:37.0625 0140 Alerter - ok
18:19:37.0718 0140 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
18:19:37.0718 0140 ALG - ok
18:19:38.0000 0140 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\System32\DRIVERS\aliide.sys
18:19:38.0000 0140 AliIde - ok
18:19:38.0125 0140 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\System32\DRIVERS\alim1541.sys
18:19:38.0125 0140 alim1541 - ok
18:19:38.0312 0140 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\System32\DRIVERS\amdagp.sys
18:19:38.0312 0140 amdagp - ok
18:19:38.0437 0140 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\System32\DRIVERS\amsint.sys
18:19:38.0437 0140 amsint - ok
18:19:39.0062 0140 Apple Mobile Device (43dc4fc662df064535e30b17c8b5ab00) C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
18:19:39.0062 0140 Apple Mobile Device - ok
18:19:39.0078 0140 AppMgmt - ok
18:19:39.0421 0140 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
18:19:39.0468 0140 Arp1394 - ok
18:19:39.0593 0140 Asapi (875f9079cabee679d34b49e466b61701) C:\WINDOWS\system32\drivers\Asapi.sys
18:19:39.0593 0140 Asapi - ok
18:19:39.0656 0140 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\System32\DRIVERS\asc.sys
18:19:39.0656 0140 asc - ok
18:19:39.0703 0140 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\System32\DRIVERS\asc3350p.sys
18:19:39.0703 0140 asc3350p - ok
18:19:39.0828 0140 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\System32\DRIVERS\asc3550.sys
18:19:39.0828 0140 asc3550 - ok
18:19:39.0937 0140 Aspi32 (5b01af89d16d562825c4db4530f20cbb) C:\WINDOWS\system32\drivers\aspi32.sys
18:19:39.0953 0140 Aspi32 - ok
18:19:40.0328 0140 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
18:19:40.0562 0140 aspnet_state - ok
18:19:40.0625 0140 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
18:19:40.0625 0140 AsyncMac - ok
18:19:40.0765 0140 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
18:19:40.0765 0140 atapi - ok
18:19:40.0843 0140 Atdisk - ok
18:19:41.0000 0140 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
18:19:41.0015 0140 Atmarpc - ok
18:19:41.0109 0140 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
18:19:41.0109 0140 AudioSrv - ok
18:19:41.0171 0140 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
18:19:41.0187 0140 audstub - ok
18:19:42.0843 0140 BCMModem (41347688046d49cde0f6d138a534f73d) C:\WINDOWS\system32\DRIVERS\BCMSM.sys
18:19:43.0390 0140 BCMModem - ok
18:19:43.0515 0140 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
18:19:43.0515 0140 Beep - ok
18:19:43.0984 0140 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
18:19:44.0250 0140 BITS - ok
18:19:44.0406 0140 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
18:19:44.0421 0140 Browser - ok
18:19:44.0484 0140 bvrp_pci (73458867c8963c76260c18d7bdb15625) C:\WINDOWS\system32\drivers\bvrp_pci.sys
18:19:44.0484 0140 bvrp_pci - ok
18:19:44.0765 0140 CA561 (50ded7c73e0fb40693edab8cad7c46e7) C:\WINDOWS\system32\Drivers\SPCA561.SYS
18:19:44.0781 0140 CA561 - ok
18:19:45.0046 0140 catchme - ok
18:19:45.0140 0140 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\System32\DRIVERS\cbidf2k.sys
18:19:45.0140 0140 cbidf - ok
18:19:45.0171 0140 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
18:19:45.0171 0140 cbidf2k - ok
18:19:45.0343 0140 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
18:19:45.0343 0140 CCDECODE - ok
18:19:45.0484 0140 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\System32\DRIVERS\cd20xrnt.sys
18:19:45.0484 0140 cd20xrnt - ok
18:19:45.0593 0140 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
18:19:45.0593 0140 Cdaudio - ok
18:19:45.0750 0140 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
18:19:45.0750 0140 Cdfs - ok
18:19:45.0843 0140 Cdr4_xp (9714b7c918c6543d69074ec101f86ac4) C:\WINDOWS\system32\drivers\Cdr4_xp.sys
18:19:45.0843 0140 Cdr4_xp - ok
18:19:45.0890 0140 Cdralw2k (0d856d16c08440bfb566d6cdd9948d4e) C:\WINDOWS\system32\drivers\Cdralw2k.sys
18:19:45.0890 0140 Cdralw2k - ok
18:19:46.0000 0140 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
18:19:46.0000 0140 Cdrom - ok
18:19:46.0531 0140 cdudf_xp (a27bc139a443bf4df61a7535533927cc) C:\WINDOWS\system32\drivers\cdudf_xp.sys
18:19:46.0671 0140 cdudf_xp - ok
18:19:46.0687 0140 Changer - ok
18:19:46.0781 0140 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
18:19:46.0781 0140 CiSvc - ok
18:19:46.0921 0140 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
18:19:46.0921 0140 ClipSrv - ok
18:19:47.0265 0140 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:19:47.0921 0140 clr_optimization_v2.0.50727_32 - ok
18:19:48.0281 0140 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:19:48.0312 0140 clr_optimization_v4.0.30319_32 - ok
18:19:48.0421 0140 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\System32\DRIVERS\cmdide.sys
18:19:48.0421 0140 CmdIde - ok
18:19:48.0437 0140 COMSysApp - ok
18:19:48.0515 0140 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\System32\DRIVERS\cpqarray.sys
18:19:48.0515 0140 Cpqarray - ok
18:19:48.0703 0140 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
18:19:48.0718 0140 CryptSvc - ok
18:19:48.0953 0140 ctsfm2k (b459ae4afca570088adddbe55eabbc92) C:\WINDOWS\system32\DRIVERS\ctsfm2k.sys
18:19:49.0000 0140 ctsfm2k - ok
18:19:49.0187 0140 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\System32\DRIVERS\dac2w2k.sys
18:19:49.0187 0140 dac2w2k - ok
18:19:49.0234 0140 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\System32\DRIVERS\dac960nt.sys
18:19:49.0234 0140 dac960nt - ok
18:19:49.0343 0140 dalwdmservice (ccd37ae6d8115cc79e1f52680dbc9fac) C:\WINDOWS\system32\drivers\dalwdm.sys
18:19:49.0375 0140 dalwdmservice - ok
18:19:50.0046 0140 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
18:19:50.0187 0140 DcomLaunch - ok
18:19:50.0312 0140 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
18:19:50.0328 0140 Dhcp - ok
18:19:50.0546 0140 DigiFilter (9d9778dfe6b4731216e14c877a2d830a) C:\WINDOWS\system32\drivers\DigiFi~1.sys
18:19:50.0546 0140 DigiFilter - ok
18:19:50.0937 0140 DigiRefresh - ok
18:19:51.0234 0140 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
18:19:51.0234 0140 Disk - ok
18:19:51.0265 0140 dmadmin - ok
18:19:52.0296 0140 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
18:19:52.0718 0140 dmboot - ok
18:19:52.0921 0140 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
18:19:52.0953 0140 dmio - ok
18:19:53.0031 0140 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
18:19:53.0031 0140 dmload - ok
18:19:53.0171 0140 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
18:19:53.0187 0140 dmserver - ok
18:19:53.0218 0140 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
18:19:53.0218 0140 DMusic - ok
18:19:53.0468 0140 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
18:19:53.0468 0140 Dnscache - ok
18:19:53.0875 0140 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
18:19:53.0890 0140 Dot3svc - ok
18:19:54.0078 0140 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\System32\DRIVERS\dpti2o.sys
18:19:54.0093 0140 dpti2o - ok
18:19:54.0156 0140 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
18:19:54.0156 0140 drmkaud - ok
18:19:54.0515 0140 DSBrokerService (fe80901578e7e3da70299a5aeb2b7fbd) C:\Program Files\DellSupport\brkrsvc.exe
18:19:54.0531 0140 DSBrokerService - ok
18:19:54.0656 0140 DSproct (413f2d5f9d802688242c23b38f767ecb) C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
18:19:54.0656 0140 DSproct - ok
18:19:54.0703 0140 dsunidrv (dfeabb7cfffadea4a912ab95bdc3177a) C:\WINDOWS\system32\DRIVERS\dsunidrv.sys
18:19:54.0703 0140 dsunidrv - ok
18:19:54.0937 0140 DVDVRRdr_xp (879de97d532186cdbe749a7acd508cf0) C:\WINDOWS\system32\drivers\DVDVRRdr_xp.sys
18:19:54.0953 0140 DVDVRRdr_xp - ok
18:19:55.0015 0140 dvd_2K (6da1951e3de986f1080e6852846df0fb) C:\WINDOWS\system32\drivers\dvd_2K.sys
18:19:55.0015 0140 dvd_2K - ok
18:19:55.0312 0140 E100B (98b46b331404a951cabad8b4877e1276) C:\WINDOWS\system32\DRIVERS\e100b325.sys
18:19:55.0328 0140 E100B - ok
18:19:55.0406 0140 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
18:19:55.0406 0140 EapHost - ok
18:19:55.0953 0140 echo24 (618d43acbcb945056658695af70fa3ad) C:\WINDOWS\system32\drivers\echo24.sys
18:19:56.0156 0140 echo24 - ok
18:19:56.0203 0140 EL90XBC (6e883bf518296a40959131c2304af714) C:\WINDOWS\system32\DRIVERS\el90xbc5.sys
18:19:56.0218 0140 EL90XBC - ok
18:19:56.0437 0140 Eplpdx02 (f9472131367d39435d750f5fa3d23582) C:\WINDOWS\System32\Drivers\EPLPDX02.SYS
18:19:56.0437 0140 Eplpdx02 - ok
18:19:56.0593 0140 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
18:19:56.0609 0140 ERSvc - ok
18:19:56.0812 0140 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
18:19:56.0828 0140 Eventlog - ok
18:19:57.0093 0140 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\System32\es.dll
18:19:57.0109 0140 EventSystem - ok
18:19:57.0281 0140 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
18:19:57.0296 0140 Fastfat - ok
18:19:57.0562 0140 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
18:19:57.0593 0140 FastUserSwitchingCompatibility - ok
18:19:57.0953 0140 Fax (e97d6a8684466df94ff3bc24fb787a07) C:\WINDOWS\system32\fxssvc.exe
18:19:57.0984 0140 Fax - ok
18:19:58.0156 0140 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
18:19:58.0156 0140 Fdc - ok
18:20:00.0046 0140 File Backup (5ff231e6c44de1546f79ce44e21b1bba) C:\Program Files\Workspace\offSyncService.exe
18:20:00.0500 0140 File Backup - ok
18:20:02.0062 0140 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
18:20:02.0062 0140 Fips - ok
18:20:04.0546 0140 FLEXnet Licensing Service (abedfd48ac042c6aaad32452e77217a1) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
18:20:04.0968 0140 FLEXnet Licensing Service - ok
18:20:05.0031 0140 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
18:20:05.0031 0140 Flpydisk - ok
18:20:05.0406 0140 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
18:20:05.0453 0140 FltMgr - ok
18:20:05.0875 0140 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
18:20:05.0890 0140 FontCache3.0.0.0 - ok
18:20:05.0968 0140 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
18:20:06.0000 0140 Fs_Rec - ok
18:20:06.0437 0140 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
18:20:06.0515 0140 Ftdisk - ok
18:20:06.0593 0140 gameenum (065639773d8b03f33577f6cdaea21063) C:\WINDOWS\system32\DRIVERS\gameenum.sys
18:20:06.0593 0140 gameenum - ok
18:20:06.0687 0140 GEARAspiWDM (f2f431d1573ee632975c524418655b84) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
18:20:06.0703 0140 GEARAspiWDM - ok
18:20:07.0265 0140 GoToAssist (8f6ae606eb0cc884ee12c41948424422) C:\Program Files\Citrix\GoToAssist\615\g2aservice.exe
18:20:07.0265 0140 GoToAssist - ok
18:20:07.0390 0140 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
18:20:07.0421 0140 Gpc - ok
18:20:07.0625 0140 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
18:20:07.0625 0140 helpsvc - ok
18:20:07.0828 0140 HidServ (deb04da35cc871b6d309b77e1443c796) C:\WINDOWS\System32\hidserv.dll
18:20:07.0843 0140 HidServ - ok
18:20:07.0890 0140 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
18:20:07.0890 0140 HidUsb - ok
18:20:08.0140 0140 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
18:20:08.0156 0140 hkmsvc - ok
18:20:08.0328 0140 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\System32\DRIVERS\hpn.sys
18:20:08.0328 0140 hpn - ok
18:20:08.0718 0140 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
18:20:08.0750 0140 HTTP - ok
18:20:08.0937 0140 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
18:20:08.0937 0140 HTTPFilter - ok
18:20:09.0046 0140 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
18:20:09.0046 0140 i2omgmt - ok
18:20:09.0218 0140 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\System32\DRIVERS\i2omp.sys
18:20:09.0218 0140 i2omp - ok
18:20:09.0281 0140 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
18:20:09.0281 0140 i8042prt - ok
18:20:09.0546 0140 i81x (06b7ef73ba5f302eecc294cdf7e19702) C:\WINDOWS\system32\DRIVERS\i81xnt5.sys
18:20:09.0578 0140 i81x - ok
18:20:09.0687 0140 iAimFP0 (7b5b44efe5eb9dadfb8ee29700885d23) C:\WINDOWS\system32\DRIVERS\wADV01nt.sys
18:20:09.0687 0140 iAimFP0 - ok
18:20:09.0718 0140 iAimFP1 (eb1f6bab6c22ede0ba551b527475f7e9) C:\WINDOWS\system32\DRIVERS\wADV02NT.sys
18:20:09.0734 0140 iAimFP1 - ok
18:20:09.0781 0140 iAimFP2 (03ce989d846c1aa81145cb22fcb86d06) C:\WINDOWS\system32\DRIVERS\wADV05NT.sys
18:20:09.0796 0140 iAimFP2 - ok
18:20:09.0843 0140 iAimFP3 (525849b4469de021d5d61b4db9be3a9d) C:\WINDOWS\system32\DRIVERS\wSiINTxx.sys
18:20:09.0843 0140 iAimFP3 - ok
18:20:09.0968 0140 iAimFP4 (589c2bcdb5bd602bf7b63d210407ef8c) C:\WINDOWS\system32\DRIVERS\wVchNTxx.sys
18:20:09.0968 0140 iAimFP4 - ok
18:20:10.0031 0140 iAimTV0 (d83bdd5c059667a2f647a6be5703a4d2) C:\WINDOWS\system32\DRIVERS\wATV01nt.sys
18:20:10.0031 0140 iAimTV0 - ok
18:20:10.0109 0140 iAimTV1 (ed968d23354daa0d7c621580c012a1f6) C:\WINDOWS\system32\DRIVERS\wATV02NT.sys
18:20:10.0109 0140 iAimTV1 - ok
18:20:10.0125 0140 iAimTV2 - ok
18:20:10.0328 0140 iAimTV3 (d738273f218a224c1ddac04203f27a84) C:\WINDOWS\system32\DRIVERS\wATV04nt.sys
18:20:10.0328 0140 iAimTV3 - ok
18:20:10.0406 0140 iAimTV4 (0052d118995cbab152daabe6106d1442) C:\WINDOWS\system32\DRIVERS\wCh7xxNT.sys
18:20:10.0406 0140 iAimTV4 - ok
18:20:10.0750 0140 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
18:20:10.0781 0140 IDriverT - ok
18:20:12.0546 0140 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:20:13.0218 0140 idsvc - ok
18:20:13.0343 0140 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
18:20:13.0343 0140 Imapi - ok
18:20:13.0609 0140 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
18:20:13.0671 0140 ImapiService - ok
18:20:13.0812 0140 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\System32\DRIVERS\ini910u.sys
18:20:13.0828 0140 ini910u - ok
18:20:13.0906 0140 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\System32\DRIVERS\intelide.sys
18:20:13.0906 0140 IntelIde - ok
18:20:14.0031 0140 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
18:20:14.0031 0140 intelppm - ok
18:20:14.0390 0140 IntuitUpdateServiceV4 (1663a135865f0ba6e853353e98e67f2a) C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
18:20:14.0390 0140 IntuitUpdateServiceV4 - ok
18:20:14.0546 0140 ip6fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
18:20:14.0562 0140 ip6fw - ok
18:20:14.0687 0140 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
18:20:14.0703 0140 IpFilterDriver - ok
18:20:14.0812 0140 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
18:20:14.0828 0140 IpInIp - ok
18:20:15.0093 0140 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
18:20:15.0218 0140 IpNat - ok
18:20:16.0234 0140 iPod Service (f055c1760abfa52b159985e551ea0edc) C:\Program Files\iPod\bin\iPodService.exe
18:20:16.0484 0140 iPod Service - ok
18:20:16.0640 0140 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
18:20:16.0656 0140 IPSec - ok
18:20:16.0781 0140 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
18:20:16.0781 0140 IRENUM - ok
18:20:16.0890 0140 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
18:20:16.0906 0140 isapnp - ok
18:20:17.0312 0140 JavaQuickStarterService (1834c96fb1f9280bcf6ddfa6de8338bf) C:\Program Files\Java\jre6\bin\jqs.exe
18:20:17.0390 0140 JavaQuickStarterService - ok
18:20:17.0515 0140 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
18:20:17.0515 0140 Kbdclass - ok
18:20:17.0625 0140 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
18:20:17.0625 0140 kbdhid - ok
18:20:17.0890 0140 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
18:20:17.0906 0140 kmixer - ok
18:20:18.0093 0140 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
18:20:18.0109 0140 KSecDD - ok
18:20:18.0296 0140 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
18:20:18.0312 0140 lanmanserver - ok
18:20:18.0531 0140 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
18:20:18.0593 0140 lanmanworkstation - ok
18:20:18.0593 0140 lbrtfdc - ok
18:20:18.0687 0140 LicCtrlService (29fab5363138f6e322f4cd780ed9d337) C:\WINDOWS\runservice.exe
18:20:22.0968 0140 LicCtrlService - ok
18:20:23.0109 0140 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
18:20:23.0125 0140 LmHosts - ok
18:20:23.0359 0140 Macromedia Licensing Service (b8eac4507eb4655377b1e094fce7f12e) C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
18:20:23.0406 0140 Macromedia Licensing Service - ok
18:20:23.0515 0140 MASPINT (a2ae666cee860babe7fa6f1662b71737) C:\WINDOWS\system32\drivers\MASPINT.sys
18:20:23.0515 0140 MASPINT - ok
18:20:23.0625 0140 MBAMProtector (6dfe7f2e8e8a337263aa5c92a215f161) C:\WINDOWS\system32\drivers\mbam.sys
18:20:23.0656 0140 MBAMProtector - ok
18:20:24.0390 0140 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
18:20:24.0718 0140 MBAMService - ok
18:20:24.0796 0140 McDetect.exe - ok
18:20:24.0796 0140 McShield - ok
18:20:24.0921 0140 MCSTRM (5bb01b9f582259d1fb7653c5c1da3653) C:\WINDOWS\system32\drivers\MCSTRM.sys
18:20:25.0000 0140 MCSTRM - ok
18:20:25.0078 0140 McTskshd.exe - ok
18:20:25.0078 0140 mcupdmgr.exe - ok
18:20:25.0093 0140 MCVSRte - ok
18:20:25.0281 0140 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
18:20:25.0375 0140 Messenger - ok
18:20:25.0453 0140 mmc_2K (8095d2e05301aa131d966492546f1e1c) C:\WINDOWS\system32\drivers\mmc_2K.sys
18:20:25.0453 0140 mmc_2K - ok
18:20:25.0593 0140 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
18:20:25.0593 0140 mnmdd - ok
18:20:25.0640 0140 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\System32\mnmsrvc.exe
18:20:25.0640 0140 mnmsrvc - ok
18:20:25.0734 0140 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
18:20:25.0734 0140 Modem - ok
18:20:25.0796 0140 MODEMCSA (1992e0d143b09653ab0f9c5e04b0fd65) C:\WINDOWS\system32\drivers\MODEMCSA.sys
18:20:25.0828 0140 MODEMCSA - ok
18:20:25.0875 0140 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
18:20:25.0875 0140 Mouclass - ok
18:20:25.0937 0140 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
18:20:25.0937 0140 mouhid - ok
18:20:26.0015 0140 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
18:20:26.0031 0140 MountMgr - ok
18:20:26.0343 0140 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
18:20:26.0421 0140 MozillaMaintenance - ok
18:20:26.0531 0140 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\System32\DRIVERS\mraid35x.sys
18:20:26.0531 0140 mraid35x - ok
18:20:26.0828 0140 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
18:20:26.0937 0140 MRxDAV - ok
18:20:27.0703 0140 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
18:20:27.0953 0140 MRxSmb - ok
18:20:28.0015 0140 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\System32\msdtc.exe
18:20:28.0015 0140 MSDTC - ok
18:20:28.0109 0140 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
18:20:28.0109 0140 Msfs - ok
18:20:28.0140 0140 MSIServer - ok
18:20:28.0250 0140 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
18:20:28.0265 0140 MSKSSRV - ok
18:20:28.0406 0140 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
18:20:28.0406 0140 MSPCLOCK - ok
18:20:28.0468 0140 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
18:20:28.0500 0140 MSPQM - ok
18:20:28.0578 0140 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
18:20:28.0593 0140 mssmbios - ok
18:20:28.0656 0140 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
18:20:28.0656 0140 MSTEE - ok
18:20:28.0828 0140 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
18:20:28.0843 0140 Mup - ok
18:20:29.0109 0140 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
18:20:29.0109 0140 NABTSFEC - ok
18:20:29.0109 0140 NaiFiltr - ok
18:20:29.0859 0140 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
18:20:29.0937 0140 napagent - ok
18:20:30.0187 0140 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
18:20:30.0218 0140 NDIS - ok
18:20:30.0312 0140 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
18:20:30.0328 0140 NdisIP - ok
18:20:30.0390 0140 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
18:20:30.0390 0140 NdisTapi - ok
18:20:30.0515 0140 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
18:20:30.0515 0140 Ndisuio - ok
18:20:30.0734 0140 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
18:20:30.0734 0140 NdisWan - ok
18:20:30.0859 0140 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
18:20:30.0859 0140 NDProxy - ok
18:20:30.0953 0140 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
18:20:30.0953 0140 NetBIOS - ok
18:20:31.0125 0140 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
18:20:31.0140 0140 NetBT - ok
18:20:31.0421 0140 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
18:20:31.0437 0140 NetDDE - ok
18:20:31.0468 0140 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
18:20:31.0468 0140 NetDDEdsdm - ok
18:20:31.0515 0140 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
18:20:31.0515 0140 Netlogon - ok
18:20:31.0875 0140 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
18:20:31.0937 0140 Netman - ok
18:20:32.0531 0140 NetSvc (737351f39fef765234037770abdd72bd) C:\Program Files\Intel\NCS\Sync\NetSvc.exe
18:20:32.0843 0140 NetSvc - ok
18:20:33.0328 0140 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:20:33.0406 0140 NetTcpPortSharing - ok
18:20:33.0531 0140 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
18:20:33.0546 0140 NIC1394 - ok
18:20:33.0750 0140 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
18:20:33.0765 0140 Nla - ok
18:20:34.0093 0140 nosGetPlusHelper (ef7a048fe8e3f102c78c9bd7c448bb6c) C:\Program Files\NOS\bin\getPlus_Helper_3004.dll
18:20:34.0093 0140 nosGetPlusHelper - ok
18:20:34.0203 0140 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
18:20:34.0203 0140 Npfs - ok
18:20:34.0656 0140 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
18:20:34.0796 0140 Ntfs - ok
18:20:34.0875 0140 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\System32\lsass.exe
18:20:34.0875 0140 NtLmSsp - ok
18:20:35.0484 0140 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
18:20:35.0718 0140 NtmsSvc - ok
18:20:35.0859 0140 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
18:20:35.0890 0140 Null - ok
18:20:37.0109 0140 nv (225e98ae20ac0a37ee2ab89a1596b0c1) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
18:20:37.0734 0140 nv - ok
18:20:38.0015 0140 NVSvc (1b67a95f47c6ed78710b1c3b0cca8738) C:\WINDOWS\System32\nvsvc32.exe
18:20:38.0015 0140 NVSvc - ok
18:20:38.0609 0140 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
18:20:38.0625 0140 NwlnkFlt - ok
18:20:38.0796 0140 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
18:20:38.0828 0140 NwlnkFwd - ok
18:20:39.0109 0140 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
18:20:39.0109 0140 ohci1394 - ok
18:20:39.0250 0140 omci (53d5f1278d9edb21689bbbcecc09108d) C:\WINDOWS\system32\DRIVERS\omci.sys
18:20:39.0250 0140 omci - ok
18:20:39.0656 0140 ossrv (c720c25b2d0c93dc425155f5b6a707f3) C:\WINDOWS\system32\DRIVERS\ctoss2k.sys
18:20:39.0671 0140 ossrv - ok
18:20:39.0796 0140 P3 (c90018bafdc7098619a4a95b046b30f3) C:\WINDOWS\system32\DRIVERS\p3.sys
18:20:39.0796 0140 P3 - ok
18:20:44.0109 0140 PaceLicenseDServices (05e4e87619d25370eea0d368b58aa1f0) C:\Program Files\Common Files\PACE\Services\LicenseServices\LDSvc.exe
18:20:45.0359 0140 PaceLicenseDServices - ok
18:20:47.0796 0140 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
18:20:47.0828 0140 Parport - ok
18:20:47.0953 0140 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
18:20:47.0953 0140 PartMgr - ok
18:20:48.0078 0140 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
18:20:48.0093 0140 ParVdm - ok
18:20:48.0390 0140 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
18:20:48.0390 0140 PCI - ok
18:20:48.0437 0140 PCIDump - ok
18:20:48.0468 0140 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
18:20:48.0484 0140 PCIIde - ok
18:20:48.0843 0140 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
18:20:48.0937 0140 Pcmcia - ok
18:20:48.0937 0140 Pcouffin - ok
18:20:48.0953 0140 PDCOMP - ok
18:20:48.0953 0140 PDFRAME - ok
18:20:48.0968 0140 PDRELI - ok
18:20:48.0968 0140 PDRFRAME - ok
18:20:49.0125 0140 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\System32\DRIVERS\perc2.sys
18:20:49.0156 0140 perc2 - ok
18:20:49.0250 0140 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\System32\DRIVERS\perc2hib.sys
18:20:49.0265 0140 perc2hib - ok
18:20:49.0421 0140 pfc (da86016f0672ada925f589ede715f185) C:\WINDOWS\system32\drivers\pfc.sys
18:20:49.0437 0140 pfc - ok
18:20:49.0765 0140 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
18:20:49.0765 0140 PlugPlay - ok
18:20:49.0875 0140 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
18:20:49.0875 0140 PolicyAgent - ok
18:20:50.0078 0140 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
18:20:50.0093 0140 PptpMiniport - ok
18:20:50.0218 0140 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
18:20:50.0218 0140 Processor - ok
18:20:50.0234 0140 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
18:20:50.0234 0140 ProtectedStorage - ok
18:20:50.0390 0140 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
18:20:50.0421 0140 PSched - ok
18:20:50.0546 0140 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
18:20:50.0546 0140 Ptilink - ok
18:20:50.0750 0140 pwd_2k (ebae372d36658e2bcb6a347bb78c5144) C:\WINDOWS\system32\drivers\pwd_2k.sys
18:20:50.0765 0140 pwd_2k - ok
18:20:50.0890 0140 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\WINDOWS\system32\DRIVERS\PxHelp20.sys
18:20:50.0906 0140 PxHelp20 - ok
18:20:51.0109 0140 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\System32\DRIVERS\ql1080.sys
18:20:51.0109 0140 ql1080 - ok
18:20:51.0187 0140 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\System32\DRIVERS\ql10wnt.sys
18:20:51.0203 0140 Ql10wnt - ok
18:20:51.0359 0140 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\System32\DRIVERS\ql12160.sys
18:20:51.0359 0140 ql12160 - ok
18:20:51.0406 0140 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\System32\DRIVERS\ql1240.sys
18:20:51.0406 0140 ql1240 - ok
18:20:51.0500 0140 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\System32\DRIVERS\ql1280.sys
18:20:51.0500 0140 ql1280 - ok
18:20:51.0578 0140 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
18:20:51.0578 0140 RasAcd - ok
18:20:51.0703 0140 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
18:20:51.0718 0140 RasAuto - ok
18:20:51.0859 0140 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
18:20:51.0890 0140 Rasl2tp - ok
18:20:52.0000 0140 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
18:20:52.0031 0140 RasMan - ok
18:20:52.0078 0140 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
18:20:52.0078 0140 RasPppoe - ok
18:20:52.0156 0140 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
18:20:52.0156 0140 Raspti - ok
18:20:52.0515 0140 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
18:20:52.0531 0140 Rdbss - ok
18:20:52.0609 0140 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
18:20:52.0609 0140 RDPCDD - ok
18:20:52.0937 0140 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
18:20:52.0984 0140 rdpdr - ok
18:20:53.0281 0140 RDPWD (6589db6e5969f8eee594cf71171c5028) C:\WINDOWS\system32\drivers\RDPWD.sys
18:20:53.0375 0140 RDPWD - ok
18:20:53.0734 0140 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
18:20:53.0843 0140 RDSessMgr - ok
18:20:54.0031 0140 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
18:20:54.0046 0140 redbook - ok
18:20:54.0359 0140 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
18:20:54.0375 0140 RemoteAccess - ok
18:20:54.0531 0140 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\System32\locator.exe
18:20:54.0531 0140 RpcLocator - ok
18:20:55.0359 0140 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\System32\rpcss.dll
18:20:55.0359 0140 RpcSs - ok
18:20:55.0625 0140 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\System32\rsvp.exe
18:20:55.0734 0140 RSVP - ok
18:20:55.0937 0140 rtl8139 (d4453c6b7f627786bafc5ac5149b3a39) C:\WINDOWS\system32\DRIVERS\R8139n51.SYS
18:20:55.0953 0140 rtl8139 - ok
18:20:56.0031 0140 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
18:20:56.0031 0140 SamSs - ok
18:20:56.0546 0140 SASDIFSV (a3281aec37e0720a2bc28034c2df2a56) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
18:20:56.0546 0140 SASDIFSV - ok
18:20:56.0640 0140 SASENUM (7ce61c25c159f50f9eaf6d77fc83fa35) C:\Program Files\SUPERAntiSpyware\SASENUM.SYS
18:20:56.0671 0140 SASENUM - ok
18:20:56.0906 0140 SASKUTIL (61db0d0756a99506207fd724e3692b25) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
18:20:56.0921 0140 SASKUTIL - ok
18:20:57.0078 0140 sbp2port (b244960e5a1db8e9d5d17086de37c1e4) C:\WINDOWS\system32\DRIVERS\sbp2port.sys
18:20:57.0109 0140 sbp2port - ok
18:20:57.0421 0140 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
18:20:57.0515 0140 SCardSvr - ok
18:20:57.0750 0140 SCDEmu (20b2751cd4c8f3fd989739ca661b9f30) C:\WINDOWS\system32\drivers\SCDEmu.sys
18:20:57.0781 0140 SCDEmu - ok
18:20:58.0375 0140 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
18:20:58.0468 0140 Schedule - ok
18:20:58.0546 0140 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
18:20:58.0546 0140 Secdrv - ok
18:20:58.0640 0140 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
18:20:58.0656 0140 seclogon - ok
18:20:58.0765 0140 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
18:20:58.0765 0140 SENS - ok
18:20:58.0812 0140 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
18:20:58.0812 0140 serenum - ok
18:20:58.0968 0140 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
18:20:58.0968 0140 Serial - ok
18:20:59.0109 0140 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
18:20:59.0125 0140 Sfloppy - ok
18:20:59.0828 0140 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
18:20:59.0984 0140 SharedAccess - ok
18:21:00.0359 0140 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
18:21:00.0359 0140 ShellHWDetection - ok
18:21:00.0375 0140 Simbad - ok
18:21:00.0515 0140 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\System32\DRIVERS\sisagp.sys
18:21:00.0515 0140 sisagp - ok
18:21:00.0625 0140 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
18:21:00.0640 0140 SLIP - ok
18:21:01.0859 0140 smwdm (31fd0707c7dbe715234f2823b27214fe) C:\WINDOWS\system32\drivers\smwdm.sys
18:21:02.0093 0140 smwdm - ok
18:21:02.0171 0140 SONYPVU1 (a1eceeaa5c5e74b2499eb51d38185b84) C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
18:21:02.0171 0140 SONYPVU1 - ok
18:21:02.0343 0140 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\System32\DRIVERS\sparrow.sys
18:21:02.0359 0140 Sparrow - ok
18:21:02.0390 0140 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
18:21:02.0406 0140 splitter - ok
18:21:02.0546 0140 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
18:21:02.0578 0140 Spooler - ok
18:21:02.0765 0140 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
18:21:02.0796 0140 sr - ok
18:21:03.0000 0140 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
18:21:03.0031 0140 srservice - ok
18:21:03.0703 0140 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
18:21:03.0859 0140 Srv - ok
18:21:04.0000 0140 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
18:21:04.0015 0140 SSDPSRV - ok
18:21:04.0703 0140 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
18:21:04.0843 0140 stisvc - ok
18:21:04.0906 0140 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
18:21:04.0921 0140 streamip - ok
18:21:05.0437 0140 Subsonic (2ae06c18d28d161c1696741d2c2efff8) C:\Program Files\Subsonic\subsonic-service.exe
18:21:05.0562 0140 Subsonic - ok
18:21:05.0656 0140 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
18:21:05.0656 0140 swenum - ok
18:21:05.0843 0140 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
18:21:05.0890 0140 swmidi - ok
18:21:05.0906 0140 SwPrv - ok
18:21:06.0078 0140 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\System32\DRIVERS\symc810.sys
18:21:06.0078 0140 symc810 - ok
18:21:06.0234 0140 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\System32\DRIVERS\symc8xx.sys
18:21:06.0265 0140 symc8xx - ok
18:21:06.0390 0140 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\System32\DRIVERS\sym_hi.sys
18:21:06.0390 0140 sym_hi - ok
18:21:06.0468 0140 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\System32\DRIVERS\sym_u3.sys
18:21:06.0468 0140 sym_u3 - ok
18:21:06.0625 0140 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
18:21:06.0625 0140 sysaudio - ok
18:21:06.0812 0140 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
18:21:06.0843 0140 SysmonLog - ok
18:21:07.0265 0140 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
18:21:07.0359 0140 TapiSrv - ok
18:21:07.0843 0140 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
18:21:08.0000 0140 Tcpip - ok
18:21:08.0093 0140 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
18:21:08.0093 0140 TDPIPE - ok
18:21:08.0171 0140 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
18:21:08.0203 0140 TDTCP - ok
18:21:08.0328 0140 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
18:21:08.0328 0140 TermDD - ok
18:21:08.0890 0140 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
18:21:08.0984 0140 TermService - ok
18:21:09.0281 0140 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
18:21:09.0281 0140 Themes - ok
18:21:09.0390 0140 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\System32\DRIVERS\toside.sys
18:21:09.0390 0140 TosIde - ok
18:21:09.0609 0140 TPkd (a685ea497fb6a6f4ffee705caf185096) C:\WINDOWS\system32\drivers\TPkd.sys
18:21:09.0625 0140 TPkd - ok
18:21:09.0812 0140 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
18:21:09.0828 0140 TrkWks - ok
18:21:10.0156 0140 UdfReadr_xp (91bfde97fc50ee92158f9106e4e00b6b) C:\WINDOWS\system32\drivers\UdfReadr_xp.sys
18:21:10.0187 0140 UdfReadr_xp - ok
18:21:10.0234 0140 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
18:21:10.0281 0140 Udfs - ok
18:21:10.0453 0140 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\System32\DRIVERS\ultra.sys
18:21:10.0484 0140 ultra - ok
18:21:11.0062 0140 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
18:21:11.0187 0140 Update - ok
18:21:11.0578 0140 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
18:21:11.0593 0140 upnphost - ok
18:21:11.0718 0140 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
18:21:11.0718 0140 UPS - ok
18:21:11.0796 0140 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
18:21:11.0796 0140 usbccgp - ok
18:21:11.0906 0140 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
18:21:11.0906 0140 usbehci - ok
18:21:11.0968 0140 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
18:21:11.0984 0140 usbhub - ok
18:21:12.0078 0140 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
18:21:12.0078 0140 usbscan - ok
18:21:12.0171 0140 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
18:21:12.0187 0140 USBSTOR - ok
18:21:12.0296 0140 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
18:21:12.0312 0140 usbuhci - ok
18:21:12.0500 0140 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
18:21:12.0515 0140 usbvideo - ok
18:21:12.0625 0140 USB_RNDIS (bee793d4a059caea55d6ac20e19b3a8f) C:\WINDOWS\system32\DRIVERS\usb8023.sys
18:21:12.0625 0140 USB_RNDIS - ok
18:21:12.0828 0140 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
18:21:12.0828 0140 VgaSave - ok
18:21:13.0000 0140 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\System32\DRIVERS\viaagp.sys
18:21:13.0000 0140 viaagp - ok
18:21:13.0109 0140 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\System32\DRIVERS\viaide.sys
18:21:13.0109 0140 ViaIde - ok
18:21:13.0375 0140 Viewpoint Manager Service (5f974fde801c73952770736becde11e7) C:\Program Files\Viewpoint\Common\ViewpointService.exe
18:21:13.0375 0140 Viewpoint Manager Service - ok
18:21:13.0515 0140 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
18:21:13.0515 0140 VolSnap - ok
18:21:14.0031 0140 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
18:21:14.0125 0140 VSS - ok
18:21:14.0406 0140 w32time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
18:21:14.0468 0140 w32time - ok
18:21:14.0625 0140 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
18:21:14.0640 0140 Wanarp - ok
18:21:14.0734 0140 WDC_SAM (d6efaf429fd30c5df613d220e344cce7) C:\WINDOWS\system32\DRIVERS\wdcsam.sys
18:21:14.0750 0140 WDC_SAM - ok
18:21:15.0031 0140 WDDMService (8530b35284aa20d9c614ccb3725cef37) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
18:21:15.0031 0140 WDDMService - ok
18:21:15.0046 0140 WDICA - ok
18:21:15.0359 0140 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
18:21:15.0375 0140 wdmaud - ok
18:21:15.0531 0140 WDSmartWareBackgroundService (138ab06adbbf300aa804d7974a5aec82) C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
18:21:15.0531 0140 WDSmartWareBackgroundService - ok
18:21:15.0671 0140 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
18:21:15.0671 0140 WebClient - ok
18:21:15.0781 0140 WinDefend (f45dd1e1365d857dd08bc23563370d0e) C:\Program Files\Windows Defender\MsMpEng.exe
18:21:15.0796 0140 WinDefend - ok
18:21:16.0125 0140 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
18:21:16.0140 0140 winmgmt - ok
18:21:16.0234 0140 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
18:21:16.0234 0140 WmdmPmSN - ok
18:21:16.0328 0140 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\System32\wbem\wmiapsrv.exe
18:21:16.0328 0140 WmiApSrv - ok
18:21:17.0656 0140 WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\WMPNetwk.exe
18:21:18.0109 0140 WMPNetworkSvc - ok
18:21:19.0234 0140 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
18:21:19.0500 0140 WPFFontCache_v0400 - ok
18:21:20.0234 0140 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
18:21:20.0234 0140 WS2IFSL - ok
18:21:20.0421 0140 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
18:21:20.0421 0140 wscsvc - ok
18:21:20.0562 0140 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
18:21:20.0562 0140 WSTCODEC - ok
18:21:20.0671 0140 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
18:21:20.0703 0140 wuauserv - ok
18:21:20.0937 0140 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
18:21:20.0937 0140 WudfPf - ok
18:21:21.0093 0140 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
18:21:21.0109 0140 WudfRd - ok
18:21:21.0156 0140 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
18:21:21.0171 0140 WudfSvc - ok
18:21:21.0468 0140 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
18:21:21.0546 0140 WZCSVC - ok
18:21:21.0593 0140 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
18:21:21.0609 0140 xmlprov - ok
18:21:21.0796 0140 {B154377D-700F-42cc-9474-23858FBDF4BD} (556b5cfe8d21b256add7f87d7f4b4123) C:\Program Files\CyberLink\PowerDVD9\000.fcl
18:21:21.0796 0140 {B154377D-700F-42cc-9474-23858FBDF4BD} - ok
18:21:21.0859 0140 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
18:21:22.0781 0140 \Device\Harddisk0\DR0 - ok
18:21:22.0796 0140 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1
18:21:22.0796 0140 \Device\Harddisk1\DR1 - ok
18:21:22.0812 0140 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk2\DR5
18:21:22.0812 0140 \Device\Harddisk2\DR5 - ok
18:21:23.0281 0140 MBR (0x1B8) (671b81004fdd1588fa9ed1331c9ceca9) \Device\Harddisk3\DR6
18:21:23.0296 0140 \Device\Harddisk3\DR6 - ok
18:21:23.0375 0140 Boot (0x1200) (ebac4c5b3cf67022f36641859d6806f6) \Device\Harddisk0\DR0\Partition0
18:21:23.0375 0140 \Device\Harddisk0\DR0\Partition0 - ok
18:21:23.0375 0140 Boot (0x1200) (fb24e13e99885681765b882809b88ee0) \Device\Harddisk1\DR1\Partition0
18:21:23.0375 0140 \Device\Harddisk1\DR1\Partition0 - ok
18:21:23.0390 0140 Boot (0x1200) (ee3dc49bbc7bdfb67117d318e9b51aa1) \Device\Harddisk2\DR5\Partition0
18:21:23.0390 0140 \Device\Harddisk2\DR5\Partition0 - ok
18:21:23.0406 0140 Boot (0x1200) (7cd99e5ded800744b0b7e9b7e2ea82eb) \Device\Harddisk3\DR6\Partition0
18:21:23.0421 0140 \Device\Harddisk3\DR6\Partition0 - ok
18:21:23.0421 0140 ============================================================
18:21:23.0421 0140 Scan finished
18:21:23.0421 0140 ============================================================
18:21:23.0437 3852 Detected object count: 1
18:21:23.0437 3852 Actual detected object count: 1
18:21:45.0796 3852 Akamai ( HiddenFile.Multi.Generic ) - skipped by user
18:21:45.0796 3852 Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip


ASWMBR

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-18 18:22:55
-----------------------------
18:22:55.359 OS Version: Windows 5.1.2600 Service Pack 3
18:22:55.359 Number of processors: 1 586 0x209
18:22:55.359 ComputerName: MARKBRUT UserName:
18:23:45.531 Initialize success
18:27:48.828 AVAST engine defs: 12071800
18:28:01.187 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4
18:28:01.187 Disk 0 Vendor: WDC_WD800BB-75CAA0 16.06V16 Size: 76293MB BusType: 3
18:28:01.187 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP0T1L0-c
18:28:01.187 Disk 1 Vendor: WDC_WD800JB-00JJA0 05.01C05 Size: 76319MB BusType: 3
18:28:01.218 Disk 0 MBR read successfully
18:28:01.218 Disk 0 MBR scan
18:28:01.312 Disk 0 Windows XP default MBR code
18:28:01.312 Disk 0 Partition 1 00 DE Dell Utility Dell 4.1 39 MB offset 63
18:28:01.375 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 76245 MB offset 80325
18:28:01.375 Disk 0 scanning sectors +156232125
18:28:01.500 Disk 0 scanning C:\WINDOWS\system32\drivers
18:28:21.265 Service scanning
18:29:18.921 Modules scanning
18:29:35.656 Disk 0 trace - called modules:
18:29:35.718 ntoskrnl.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll pciide.sys
18:29:35.718 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x83fcbab8]
18:29:35.734 3 CLASSPNP.SYS[f7574fd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-4[0x83fd2b00]
18:29:37.968 AVAST engine scan C:\WINDOWS
18:30:08.078 AVAST engine scan C:\WINDOWS\system32
18:35:43.578 AVAST engine scan C:\WINDOWS\system32\drivers
18:36:12.750 AVAST engine scan C:\Documents and Settings\Mark Brut
19:19:24.375 AVAST engine scan C:\Documents and Settings\All Users
19:23:11.140 Scan finished successfully
19:53:46.359 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Mark Brut\Desktop\MBR.dat"
19:53:46.406 The log file has been saved successfully to "C:\Documents and Settings\Mark Brut\Desktop\aswMBR.txt"


ESET - I didn't realize the quarantine function was on so this is the end result from that:

C:\Documents and Settings\Mark Brut\Application Data\Sun\Java\Deployment\cache\6.0\13\3b1d81cd-709d7a6b a variant of Java/Exploit.CVE-2012-0507.AH trojan deleted - quarantined
C:\Documents and Settings\Mark Brut\Application Data\Sun\Java\Deployment\cache\6.0\25\2c516359-61e44ea6 multiple threats deleted - quarantined
C:\Documents and Settings\Mark Brut\Application Data\Sun\Java\Deployment\cache\6.0\3\1b99f03-3255b59d a variant of Java/Exploit.CVE-2010-4452.B trojan cleaned by deleting - quarantined
C:\Documents and Settings\Mark Brut\Application Data\Sun\Java\Deployment\cache\6.0\3\1b99f03-36c1cb3f a variant of Java/Exploit.CVE-2010-4452.B trojan cleaned by deleting - quarantined
C:\Documents and Settings\Mark Brut\Application Data\Sun\Java\Deployment\cache\6.0\3\1b99f03-3b7777d9 a variant of Java/Exploit.CVE-2010-4452.B trojan cleaned by deleting - quarantined
C:\Documents and Settings\Mark Brut\Application Data\Sun\Java\Deployment\cache\6.0\3\1b99f03-427ab6dd a variant of Java/Exploit.CVE-2010-4452.B trojan cleaned by deleting - quarantined
C:\Documents and Settings\Mark Brut\Application Data\Sun\Java\Deployment\cache\6.0\3\1b99f03-4cafd6fa a variant of Java/Exploit.CVE-2010-4452.B trojan cleaned by deleting - quarantined
C:\Documents and Settings\Mark Brut\Application Data\Sun\Java\Deployment\cache\6.0\3\1b99f03-56ec9ee3 a variant of Java/Exploit.CVE-2010-4452.B trojan cleaned by deleting - quarantined
C:\Documents and Settings\Mark Brut\Application Data\Sun\Java\Deployment\cache\6.0\3\5544783-2abd84df a variant of Java/Exploit.CVE-2012-0507.AH trojan deleted - quarantined
C:\Documents and Settings\Mark Brut\Application Data\Sun\Java\Deployment\cache\6.0\39\2f0c6f27-156ce57d a variant of Java/TrojanDownloader.OpenConnection.AQ trojan deleted - quarantined
C:\Documents and Settings\Mark Brut\Application Data\Sun\Java\Deployment\cache\6.0\42\67fc9aea-6f832069 multiple threats deleted - quarantined
C:\Documents and Settings\Mark Brut\Application Data\Sun\Java\Deployment\cache\6.0\54\469d6db6-2aefe24e a variant of Java/Exploit.CVE-2011-3544.AQ trojan deleted - quarantined
C:\Documents and Settings\Mark Brut\Application Data\Sun\Java\Deployment\cache\6.0\59\49784c7b-5d94d34b multiple threats deleted - quarantined
C:\Documents and Settings\Mark Brut\Application Data\Sun\Java\Deployment\cache\6.0\61\4e19d1fd-577480c1 multiple threats deleted - quarantined
C:\Documents and Settings\Mark Brut\Application Data\Sun\Java\Deployment\cache\6.0\8\4c324188-4bd4c937 a variant of Java/Exploit.Agent.NAC trojan deleted - quarantined
C:\Documents and Settings\Mark Brut\Local Settings\Application Data\{95D2BB0F-75DD-11E1-826D-B8AC6F996F26}\chrome\content\browser.xul JS/Redirector.NIQ trojan cleaned by deleting - quarantined

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:07 PM

Posted 19 July 2012 - 01:19 PM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete,system should reboot

post the generated log

#5 markbrut

markbrut
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:07:07 PM

Posted 20 July 2012 - 09:00 AM

MBAM was clean on first run

Mini Toolbox results:

MiniToolBox by Farbar Version: 15-07-2012
Ran by Mark Brut (administrator) on 20-07-2012 at 07:35:55
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.http", "127.0.0.1"
"network.proxy.http_port", 53333
"network.proxy.no_proxies_on", "localhost,127.0.0.1"
"network.proxy.type", 4

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Realtek RTL8139/810x Family Fast Ethernet NIC = Local Area Connection 5 (Connected)
Intel® PRO/100 VE Network Connection = Local Area Connection 4 (Media disconnected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection 4"

set address name="Local Area Connection 4" source=dhcp
set dns name="Local Area Connection 4" source=dhcp register=PRIMARY
set wins name="Local Area Connection 4" source=dhcp

# Interface IP Configuration for "Local Area Connection 5"

set address name="Local Area Connection 5" source=dhcp
set dns name="Local Area Connection 5" source=dhcp register=PRIMARY
set wins name="Local Area Connection 5" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : markbrut

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Hybrid

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No

DNS Suffix Search List. . . . . . : hsd1.co.comcast.net.



Ethernet adapter Local Area Connection 4:



Media State . . . . . . . . . . . : Media disconnected

Description . . . . . . . . . . . : Intel® PRO/100 VE Network Connection

Physical Address. . . . . . . . . : 00-07-E9-6D-D5-A6



Ethernet adapter Local Area Connection 5:



Connection-specific DNS Suffix . : hsd1.co.comcast.net.

Description . . . . . . . . . . . : Realtek RTL8139/810x Family Fast Ethernet NIC #2

Physical Address. . . . . . . . . : 00-40-F4-CB-39-CA

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.1.148

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.1.1

DHCP Server . . . . . . . . . . . : 192.168.1.1

DNS Servers . . . . . . . . . . . : 75.75.75.75

75.75.76.76

Lease Obtained. . . . . . . . . . : Thursday, July 19, 2012 9:08:50 PM

Lease Expires . . . . . . . . . . : Friday, July 20, 2012 9:08:50 PM

Server: cdns01.comcast.net
Address: 75.75.75.75

Name: google.com
Addresses: 74.125.225.163, 74.125.225.160, 74.125.225.169, 74.125.225.166
74.125.225.162, 74.125.225.174, 74.125.225.165, 74.125.225.168, 74.125.225.167
74.125.225.164, 74.125.225.161



Pinging google.com [74.125.225.197] with 32 bytes of data:



Reply from 74.125.225.197: bytes=32 time=18ms TTL=55

Reply from 74.125.225.197: bytes=32 time=11ms TTL=55



Ping statistics for 74.125.225.197:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 11ms, Maximum = 18ms, Average = 14ms

Server: cdns01.comcast.net
Address: 75.75.75.75

Name: yahoo.com
Addresses: 72.30.38.140, 98.139.183.24, 209.191.122.70



Pinging yahoo.com [98.139.183.24] with 32 bytes of data:



Reply from 98.139.183.24: bytes=32 time=568ms TTL=49

Reply from 98.139.183.24: bytes=32 time=546ms TTL=49



Ping statistics for 98.139.183.24:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 546ms, Maximum = 568ms, Average = 557ms

Server: cdns01.comcast.net
Address: 75.75.75.75

DNS request timed out.
timeout was 2 seconds.
Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:



Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 07 e9 6d d5 a6 ...... Intel® PRO/100 VE Network Connection - Packet Scheduler Miniport
0x3 ...00 40 f4 cb 39 ca ...... Realtek RTL8139/810x Family Fast Ethernet NIC #2 - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.148 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.1.0 255.255.255.0 192.168.1.148 192.168.1.148 20
192.168.1.148 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.1.255 255.255.255.255 192.168.1.148 192.168.1.148 20
224.0.0.0 240.0.0.0 192.168.1.148 192.168.1.148 20
255.255.255.255 255.255.255.255 192.168.1.148 2 1
255.255.255.255 255.255.255.255 192.168.1.148 192.168.1.148 1
Default Gateway: 192.168.1.1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 30 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 31 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 32 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 33 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 34 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 35 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/20/2012 03:01:36 AM) (Source: NativeWrapper) (User: )
Description: visualstudio7x80updatemsiexec.exe1.0.1701.5039kb26563531033643finstallx865.1.2600.2.3.0.7680

Error: (07/20/2012 03:01:36 AM) (Source: MsiInstaller) (User: NT AUTHORITY)NT AUTHORITY
Description: Product: Microsoft .NET Framework 1.1 - Update '{0213C6AF-5562-4D09-884C-2ADCFC8C2F35}' could not be installed. Error code 1603. Additional information is available in the log file C:\WINDOWS\TEMP\NDP1.1sp1-KB2656353-X86\NDP1.1sp1-KB2656353-X86-msi.0.log.

Error: (07/20/2012 03:01:36 AM) (Source: MsiInstaller) (User: NT AUTHORITY)NT AUTHORITY
Description: Product: Microsoft .NET Framework 1.1 -- Internal Error 2705. Directory

Error: (07/20/2012 03:01:13 AM) (Source: NativeWrapper) (User: )
Description: visualstudio7x80updatemsiexec.exe1.0.1705.5046kb26563701033643finstallx865.1.2600.2.3.0.7680

Error: (07/20/2012 03:01:12 AM) (Source: MsiInstaller) (User: NT AUTHORITY)NT AUTHORITY
Description: Product: Microsoft .NET Framework 1.1 - Update '{A38B334A-A0A2-436D-BAA0-34FE5E517E44}' could not be installed. Error code 1603. Additional information is available in the log file C:\WINDOWS\TEMP\NDP1.1sp1-KB2656370-X86\NDP1.1sp1-KB2656370-X86-msi.0.log.

Error: (07/20/2012 03:01:12 AM) (Source: MsiInstaller) (User: NT AUTHORITY)NT AUTHORITY
Description: Product: Microsoft .NET Framework 1.1 -- Internal Error 2705. Directory

Error: (07/19/2012 03:01:40 AM) (Source: NativeWrapper) (User: )
Description: visualstudio7x80updatemsiexec.exe1.0.1701.5039kb26563531033643finstallx865.1.2600.2.3.0.7680

Error: (07/19/2012 03:01:40 AM) (Source: MsiInstaller) (User: NT AUTHORITY)NT AUTHORITY
Description: Product: Microsoft .NET Framework 1.1 - Update '{0213C6AF-5562-4D09-884C-2ADCFC8C2F35}' could not be installed. Error code 1603. Additional information is available in the log file C:\WINDOWS\TEMP\NDP1.1sp1-KB2656353-X86\NDP1.1sp1-KB2656353-X86-msi.0.log.

Error: (07/19/2012 03:01:40 AM) (Source: MsiInstaller) (User: NT AUTHORITY)NT AUTHORITY
Description: Product: Microsoft .NET Framework 1.1 -- Internal Error 2705. Directory

Error: (07/19/2012 03:01:16 AM) (Source: NativeWrapper) (User: )
Description: visualstudio7x80updatemsiexec.exe1.0.1705.5046kb26563701033643finstallx865.1.2600.2.3.0.7680


System errors:
=============
Error: (07/20/2012 03:03:28 AM) (Source: Windows Update Agent) (User: )
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 1.1 SP1 on Windows XP, Windows Vista, and Windows Server 2008 x86 (KB2656353).

Error: (07/20/2012 03:01:19 AM) (Source: Windows Update Agent) (User: )
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 1.1 SP1 on Windows XP, Windows Vista, and Windows Server 2008 x86 (KB2656370).

Error: (07/19/2012 09:09:02 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Cdr4_xp

Error: (07/19/2012 09:09:00 PM) (Source: Service Control Manager) (User: )
Description: The McAfee.com VirusScan Online Realtime Engine service failed to start due to the following error:
%%3

Error: (07/19/2012 09:09:00 PM) (Source: Service Control Manager) (User: )
Description: The McAfee Task Scheduler service failed to start due to the following error:
%%3

Error: (07/19/2012 09:09:00 PM) (Source: Service Control Manager) (User: )
Description: The McAfee WSC Integration service failed to start due to the following error:
%%2

Error: (07/19/2012 03:04:01 AM) (Source: Windows Update Agent) (User: )
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 1.1 SP1 on Windows XP, Windows Vista, and Windows Server 2008 x86 (KB2656353).

Error: (07/19/2012 03:01:24 AM) (Source: Windows Update Agent) (User: )
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 1.1 SP1 on Windows XP, Windows Vista, and Windows Server 2008 x86 (KB2656370).

Error: (07/18/2012 08:26:51 PM) (Source: 0) (User: )
Description: \Device\Ide\IdePort0

Error: (07/18/2012 06:08:44 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Cdr4_xp


Microsoft Office Sessions:
=========================
Error: (07/20/2012 03:01:36 AM) (Source: NativeWrapper)(User: )
Description: visualstudio7x80updatemsiexec.exe1.0.1701.5039kb26563531033643finstallx865.1.2600.2.3.0.7680

Error: (07/20/2012 03:01:36 AM) (Source: MsiInstaller)(User: NT AUTHORITY)NT AUTHORITY
Description: Microsoft .NET Framework 1.1{0213C6AF-5562-4D09-884C-2ADCFC8C2F35}1603C:\WINDOWS\TEMP\NDP1.1sp1-KB2656353-X86\NDP1.1sp1-KB2656353-X86-msi.0.log

Error: (07/20/2012 03:01:36 AM) (Source: MsiInstaller)(User: NT AUTHORITY)NT AUTHORITY
Description: Product: Microsoft .NET Framework 1.1 -- Internal Error 2705. Directory(NULL)(NULL)(NULL)

Error: (07/20/2012 03:01:13 AM) (Source: NativeWrapper)(User: )
Description: visualstudio7x80updatemsiexec.exe1.0.1705.5046kb26563701033643finstallx865.1.2600.2.3.0.7680

Error: (07/20/2012 03:01:12 AM) (Source: MsiInstaller)(User: NT AUTHORITY)NT AUTHORITY
Description: Microsoft .NET Framework 1.1{A38B334A-A0A2-436D-BAA0-34FE5E517E44}1603C:\WINDOWS\TEMP\NDP1.1sp1-KB2656370-X86\NDP1.1sp1-KB2656370-X86-msi.0.log

Error: (07/20/2012 03:01:12 AM) (Source: MsiInstaller)(User: NT AUTHORITY)NT AUTHORITY
Description: Product: Microsoft .NET Framework 1.1 -- Internal Error 2705. Directory(NULL)(NULL)(NULL)

Error: (07/19/2012 03:01:40 AM) (Source: NativeWrapper)(User: )
Description: visualstudio7x80updatemsiexec.exe1.0.1701.5039kb26563531033643finstallx865.1.2600.2.3.0.7680

Error: (07/19/2012 03:01:40 AM) (Source: MsiInstaller)(User: NT AUTHORITY)NT AUTHORITY
Description: Microsoft .NET Framework 1.1{0213C6AF-5562-4D09-884C-2ADCFC8C2F35}1603C:\WINDOWS\TEMP\NDP1.1sp1-KB2656353-X86\NDP1.1sp1-KB2656353-X86-msi.0.log

Error: (07/19/2012 03:01:40 AM) (Source: MsiInstaller)(User: NT AUTHORITY)NT AUTHORITY
Description: Product: Microsoft .NET Framework 1.1 -- Internal Error 2705. Directory(NULL)(NULL)(NULL)

Error: (07/19/2012 03:01:16 AM) (Source: NativeWrapper)(User: )
Description: visualstudio7x80updatemsiexec.exe1.0.1705.5046kb26563701033643finstallx865.1.2600.2.3.0.7680


=========================== Installed Programs ============================

µTorrent (Version: 1.8.1)
µTorrent (Version: 2.2.0)
42 Bit Scanner
Ad-Aware SE Personal
Adobe AIR (Version: 1.5.2.8870)
Adobe Atmosphere Player for Acrobat and Adobe Reader
Adobe Download Manager (Version: 1.6.2.90)
Adobe Flash Player 11 Plugin (Version: 11.3.300.265)
Adobe Flash Player 9 ActiveX (Version: 9.0.124.0)
Adobe Flash Player ActiveX (Version: 9.0.124.0)
Adobe Photoshop Album 2.0 Starter Edition (Version: 2.00.000)
Adobe Reader X (10.1.3) (Version: 10.1.3)
Ahead Nero Burning ROM
Akamai NetSession Interface Service
Amazon MP3 Downloader 1.0.10
AnalogX DXMan
AnswerWorks 5.0 English Runtime (Version: 5.0.7)
Antares Tube v1.02 RTAS
Apple Application Support (Version: 1.4.1)
Apple Mobile Device Support (Version: 2.4.1.7)
Apple Software Update (Version: 2.1.1.116)
ASAPI Update
Audacity 1.3.13 (Unicode)
AutocompletePro
BCM V.92 56K Modem
Bowl Bound College Football Demo
Cakewalk.Pro.Audio.9.03-TcC
CCleaner (remove only)
CD Wave Editor version 1.72 (Version: 1.72)
Cisco Connect (Version: 1.4.11200.0)
Citrix online plug-in (Web) (Version: 12.0.3.6)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Coupon Printer for Windows (Version: 5.0.0.1)
Critical Update for Windows Media Player 11 (KB959772)
CyberLink PowerDVD 9 (Version: 9.0.1501)
DAO (Version: 3.50)
Data Lifeguard Tools
Deal Info (Version: 2005.1.57.0)
Dell Solution Center (Version: 1.00.0000)
DellSupport (Version: 6.0.3062)
Digi MME Helper (Version: 1.2.0)
DigiDesign Focusrite D2 1.71.345
DigiDesign Focusrite D3 AudioSuite 1.51.345
Digidesign Pro Tools® LE 6.4
Digidesign Shared Plug-Ins
Digidesign WaveDriver
Dropbox (Version: 1.4.7)
DVDSentry (Version: 1.00.0001)
EarthLink Common (Version: 2005.1.57.0)
EarthLink FastLane (Version: 5.5.100)
EarthLink Free Trial (Version: 1.00.0000)
EarthLink IM (Version: 2005.1.57.0)
EarthLink MailBox (Version: 2005.1.57.0)
EarthLink MDAC (Version: 2003.2.92.0)
EarthLink Redistributed (Version: 2005.1.57.0)
EarthLink Setup (Version: 2005.1.57.0)
EarthLink Spyware Blocker (Version: 2005.1.45.0)
EarthLink TaskPanel (Version: 2005.1.57.0)
EarthLink Toolbar (Version: 2005.1.55.0)
EarthLink Update Manager (Version: 2005.1.57.0)
EarthLink Webspace (Version: 2005.1.57.0)
Easy CD & DVD Creator 6 (Version: 6.2.0.110)
Echo24 PCI (Version: 7.3)
ELNBonus (Version: 2005.1.57.0)
EPSON Printer Software
ESET Online Scanner v3
ESPNMotion (Version: 2.1.4.0001)
Exact Audio Copy 0.99pb5 (Version: 0.99pb5)
Exact Audio Copy v0.9 beta 4 (Version: 0.9 beta 4)
Facebook Desktop
Facebook Plug-In
FileZilla Client 3.3.2.1 (Version: 3.3.2.1)
Filzip 3.06 (Version: 3.0.6)
FLAC 1.2.1b (remove only) (Version: 1.2.1b)
Flux_BitterSweetII (Version: 2.0.31.3064)
Foxit PhantomPDF (Version: 5.0.3.811)
FoxTab PDF Converter
Free Bomb Factory Plug-Ins
Gentium 1.02
GentiumBasic 1.100
GoToAssist Corporate (Version: 9.1.0.615)
Help and Support Customization (Version: 1.00.0000)
HighMAT Extension to Microsoft Windows XP CD Writing Wizard (Version: 1.1.1905.1)
HijackThis 1.99.1 (Version: 1.99.1)
hp instant support (Version: 4.03.03)
HP Memories Disc (Version: 1.0.4.805)
HP Photo and Imaging 1.2 - Scanjet 4570c Series (Version: 1.2.0000)
HP Photo and Imaging 2.0 - Scanners (Version: 2.0.0000)
ICatch (VI) PC Camera
Image Transfer
ImageMixer for Sony
Intel® PRO Network Adapters and Drivers
Intel® PROSet (Version: 6.05.2001)
iSEEK AnswerWorks English Runtime (Version: 010.000.0101)
iTunes (Version: 8.1.1.10)
Jasc Paint Shop Photo Album (Version: 4.0.4)
Java 2 Runtime Environment, SE v1.4.1_02
Java Auto Updater (Version: 2.0.2.1)
Java Web Start
Java™ 6 Update 2 (Version: 1.6.0.20)
Java™ 6 Update 20 (Version: 6.0.200)
Java™ 6 Update 5 (Version: 1.6.0.50)
jlGui 3.0
Keynote Connector
LAME v3.98.3 for Audacity
License Support (Version: 1.00.0000)
Macromedia Dreamweaver MX 2004 (Version: 7.0)
Macromedia Extension Manager (Version: 1.5)
Macromedia Flash MX (Version: 6)
Macromedia Shockwave Player (Version: 10.1.0.11)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
Media Player Codec Pack 3.8.0
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2572067)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Data Access Components KB870669
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Money 2005 (Version: 14)
Microsoft National Language Support Downlevel APIs
Microsoft Office XP Media Content (Version: 10.0.2619.0)
Microsoft Office XP Professional (Version: 10.0.6626.0)
Microsoft Outlook Personal Folders Backup (Version: 1.10.0.0)
Microsoft Publisher 2002 (Version: 10.0.6626.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Windows XP Video Decoder Checkup Utility
MicroStaff WINASPI
mkw Audio Compression Toolkit
Modem Helper
Move Media Player
Move Networks Player for Firefox
Mozilla Firefox 14.0.1 (x86 en-US) (Version: 14.0.1)
Mozilla Maintenance Service (Version: 14.0.1)
Mp3tag v2.45a (Version: v2.45a)
MSN Music Assistant
MSSoap (Version: 2003.2.1.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 6 Service Pack 2 (KB973686) (Version: 6.20.2003.0)
MyScribe (Version: 20101118)
NHL Eastside Hockey Manager (Version: 1.0.11)
NHL Eastside Hockey Manager 2007 (Version: 3.0.0)
NVIDIA Windows 2000/XP Display Drivers
oggcodecs 0.71.0946 (Version: 0.71.0946)
PACE System Files
PhotoScape
PowerISO (Version: 4.7)
Qualxserve Service Agreement (Version: 1.00.0004)
Quicken 2011 (Version: 20.1.8.6)
QuickTime (Version: 7.69.80.9)
RealOne Player
Reason 3.0 (Version: 3.0)
Replay Music 3.35
Rhapsody Player Engine (Version: 1.0.690)
RogueRemover 1.20 (Version: 1.20)
ShareIns (Version: 1.00.0000)
SimCity 4 Deluxe
Skype™ 4.1 (Version: 4.1.179)
SmartFTP Client (Version: 3.0.1026.32)
SmartFTP Client 3.0 Setup Files (remove only) (Version: 3.0)
Sony Inflator RTAS v1.0
Sony Media Manager 2.0 (Version: 2.0.30)
Sony Vegas 6.0 (Version: 6.0.99)
Spotify (Version: 0.5.2)
Spotify (Version: 0.8.3.222.g317ab79d)
Spybot - Search & Destroy 1.4 (Version: 1.4)
Subsonic
SUPERAntiSpyware (Version: 4.47.1000)
Trillian
TurboTax 2011 wcopbpm (Version: 011.000.0392)
TurboTax 2011 WinBizFedFormset (Version: 011.000.1662)
TurboTax 2011 WinBizReleaseEngine (Version: 011.000.0441)
TurboTax 2011 WinBizTaxSupport (Version: 011.000.1263)
TurboTax 2011 wrapper (Version: 011.000.0121)
TurboTax Business 2011
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Windows Internet Explorer 7 (KB976749) (Version: 1)
Update for Windows Internet Explorer 7 (KB980182) (Version: 1)
Update for Windows Internet Explorer 8 (KB976662) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2616676-v2) (Version: 2)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB896727) (Version: 1)
Update for Windows XP (KB898461) (Version: 1)
Update for Windows XP (KB951072-v2) (Version: 2)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB955839) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
Viewpoint Manager (Remove Only)
Visual C++ Redistributables (Version: 1.00.0000)
WaveLab 4.0e
Waves Diamond Bundle 4.05
WD SmartWare (Version: 1.1.1.6)
WebEx
WebFldrs XP (Version: 9.50.6513)
Winamp (Version: 5.541 )
Windows Blaster Worm Removal Tool (KB833330)
Windows Defender (Version: 1.1.1593.21)
Windows Genuine Advantage v1.3.0254.0 (Version: 1.3.0254.0)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Imaging Component (Version: 3.0.0.0)
Windows Internet Explorer 7 (Version: 20070813.185237)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Live Messenger (Version: 8.1.0178.00)
Windows Media Format 11 runtime
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
Windows Movie Maker 2.0 (Version: 2.0.0000)
Windows PowerShell™ 1.0 (Version: 2)
Windows XP Service Pack 3 (Version: 20080414.031525)
WinRAR archiver
Workspace Desktop
XviD MPEG-4 Video Codec (Version: XviD-1.0.3-20122004)

========================= Memory info: ===================================

Percentage of memory in use: 62%
Total physical RAM: 766.98 MB
Available physical RAM: 289.48 MB
Total Pagefile: 1877.02 MB
Available Pagefile: 1065.42 MB
Total Virtual: 2047.88 MB
Available Virtual: 1972.64 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:74.46 GB) (Free:1.92 GB) NTFS
5 Drive f: (New Volume) (Fixed) (Total:74.53 GB) (Free:7.09 GB) NTFS
6 Drive g: (MY BOOK) (Fixed) (Total:931.28 GB) (Free:0.87 GB) FAT32
7 Drive h: (WD SmartWare) (CDROM) (Total:0.63 GB) (Free:0 GB) UDF
8 Drive l: ( backup) (Fixed) (Total:930.86 GB) (Free:541.18 GB) NTFS

========================= Users: ========================================

User accounts for \\MARKBRUT

Administrator ASPNET Guest
HelpAssistant Mark Brut SUPPORT_388945a0
SUPPORT_3f151ab9


**** End of log ****


FSS

Farbar Service Scanner Version: 19-07-2012
Ran by Mark Brut (administrator) on 20-07-2012 at 07:38:51
Running from "C:\Documents and Settings\Mark Brut\My Documents\Downloads"
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall"=DWORD:0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
Gpc(6) IPSec(4) NetBT(5) PSched(7) Tcpip(3)
0x0700000004000000010000000200000003000000050000000600000007000000
IpSec Tag value is correct.

**** End of log ****




# AdwCleaner v1.703 - Logfile created 07/20/2012 at 07:41:16
# Updated 20/07/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Mark Brut - MARKBRUT
# Running from : C:\Documents and Settings\Mark Brut\My Documents\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****

Stopped & Deleted : Viewpoint Manager Service

***** [Files / Folders] *****

Folder Deleted : C:\Documents and Settings\Mark Brut\Application Data\Viewpoint
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Viewpoint
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Winamp Toolbar
Deleted on reboot : C:\Program Files\Viewpoint
File Deleted : C:\Documents and Settings\Mark Brut\Start Menu\eBay.lnk

***** [Registry] *****

Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\AskToolbar
Key Deleted : HKCU\Software\AutocompleteProBHO
Key Deleted : HKCU\Software\Viewpoint
Key Deleted : HKLM\SOFTWARE\Classes\AppID\AutocompletePro.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\defdhglnppeioeflggkmglipcecffkhk
Key Deleted : HKLM\SOFTWARE\MetaStream
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AutocompletePro3_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Viewpoint Manager
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Key Deleted : HKLM\SOFTWARE\Viewpoint
Key Deleted : HKLM\SOFTWARE\Wise Solutions

***** [Registre - GUID] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{442F13BC-2031-42D5-9520-437F65271153}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A3F2A195-0D11-463b-96BB-D2FF1B7490A1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A7327C09-B521-4EDB-8509-7D2660C9EC98}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E1164984-B567-47BD-A7FF-240C2594404A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ECD0ECC6-DCA4-4013-A915-12355AB70999}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{01BCB858-2F62-4F06-A8F4-48F927C15333}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9DBB28C1-1925-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7327C09-B521-4EDB-8509-7D2660C9EC98}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7327C09-B521-4EDB-8509-7D2660C9EC98}

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

-\\ Mozilla Firefox v14.0.1 (en-US)

Profile name : default
File : C:\Documents and Settings\Mark Brut\Application Data\Mozilla\Firefox\Profiles\ogxxy8lt.default\prefs.js

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [4199 octets] - [20/07/2012 07:41:16]

########## EOF - C:\AdwCleaner[S1].txt - [4327 octets] ##########

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:07 PM

Posted 20 July 2012 - 09:34 AM

Any current issues?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users