Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Is my computer infected? Please Help!


  • Please log in to reply
19 replies to this topic

#1 besscella

besscella

  • Members
  • 76 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:06:45 PM

Posted 22 July 2012 - 01:23 AM

Hi, I think my computer is infected with a virus called Check File. It's behaving in a similar fashion to the System Check virus in that it is piling up error messages on my screen. Then it's asking me to scan my computer for said viruses and then asking me to buy the product.

I can't do a restore point on my computer as I can't find it. I know how to do one but I think the system restore feature has been disabled. the control panel is not showing up when I press the start button. Oh yes it's also flashing up error messages saying things like Device cannot find enough free resources that it can use. And Hard disk failure, Critical Error, Drive sector not found error. etc. Also, I cannot access the DOS Prompt as the Run feature has been disabled.

I'm Using Windows XP.

Please help me to get rid of it. I feel sick because of this.

Thanks,
Sharon.

PS. I forgot to say that I will need some pretty detailed instructions as I'm not very computer savvy, I know a bit but nowhere near enough to sort this out. So what I'm saying in a nutshell is that I need you to hold me by the hand throughout this process, if you don't mind. Thank you.


PPS. I forgot to say that I tried to use the Task Manager to switch off the error messages by deleting a file with a odd looking name ie. random letters and numbers. However, Task Manager is not active. Also, my System Tools folder appears to be empty except for Internet Explorer so no system restore is possible, unless you know another way in?

Edited by besscella, 22 July 2012 - 01:44 AM.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:45 PM

Posted 22 July 2012 - 07:00 AM

Boot into safemode with networking


Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 besscella

besscella
  • Topic Starter

  • Members
  • 76 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:06:45 PM

Posted 22 July 2012 - 05:23 PM

Hi,

Thanks for replying so speedily.

I didn't mention earlier that while I was waiting for someone to reply to this topic, I ran Malware Bytes and it found 12 items and deleted them. It requested a restart of my computer to complete the deletion of the files. The only problem was that when the computer did restart, it wasn't much better than before. The File Check virus was still running and giving me the false negative error messages. I would have included a copy of the log file below but I can't locate Malware bytes anymore. it's normally on my desktop, but only some of my programs are visible and some appear to be hidden. If you need the log file, then I'll need your help to locate Malwarebytes again.

As for the programs you asked me to download and run, I did as you asked but I ran into some problems with the first two programs. I donwloaded and Launched TDSSKiller, but nothing happened. I did the same with the second program and again it downloaded fine, but nothing happened when I launched aswMBR.

I just continued with your instructions in spite of these setbacks and I downloaded and successfully ran Eset online Scanner. Here are the results from the log file:

C:\Documents and Settings\All Users\Application Data\eYRGUtcOXxPyGv.exe a variant of Win32/Kryptik.AITL trojan cleaned by deleting - quarantined
C:\Documents and Settings\All Users\Application Data\YNmgewtRfOqdbYh.exe a variant of Win32/Kryptik.AITL trojan cleaned by deleting - quarantined
C:\Documents and Settings\SharonC\Desktop\Unused Desktop Shortcuts\FreeYouTubeDownloaderInstaller.exe a variant of Win32/Somoto.A application cleaned by deleting - quarantined
C:\Program Files\1ClickDownload\uninst.exe Win32/Adware.1ClickDownload application cleaned by deleting - quarantined

One other thing to add here. When I launched Eset online Scanner, there were two choices. The first one said something about removing the files after they were found and this was already ticked so I didn't change it. The second one said Archive and this was not ticked and I left that as it was. I wasn't sure if this was the right thing to do, but as you hadn't instructed me otherwise, I assumed this was fine.

Thanks,

Sharon.

PS. I'm sorry I didn't boot into safemode with networking. I didn't see that comment. I'll do that now and try to relaunch those other two programs you asked me to run earlier, TDSSKiller and aswMBR.

Edited by besscella, 22 July 2012 - 05:26 PM.


#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:45 PM

Posted 22 July 2012 - 05:26 PM

Download

FIXTDSS

Launch it ,It may ask for restart,reboot the PC

On reboot,click on REPAIR

Now run both tdsskiller and aswmbr and post the logs

#5 besscella

besscella
  • Topic Starter

  • Members
  • 76 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:06:45 PM

Posted 22 July 2012 - 07:14 PM

Hi

I ran FixTDSS and when it finished it showed me the following message:
"Backdoor.Tidserv has not been found on your computer.

It then required a reboot. There was no repair request after reboot.

Then after the reboot I ran TDSSKiller. When it finished it asked me if I wanted to cure found files. It also gave the following warning: Can't cure MBR. Write standard bootcode? If you have installed bootloader (eg Acronis, Grub, Lilo) you will need to reinstall them after the treatment. I wasn't sure what the right thing to do was, so I let it cure the files. I hope I did the right thing. Anyway here is the TDSSKiller log:

23:59:57.0171 2120 TDSS rootkit removing tool 2.7.46.0 Jul 16 2012 22:10:11
23:59:57.0281 2120 ============================================================
23:59:57.0281 2120 Current date / time: 2012/07/22 23:59:57.0281
23:59:57.0281 2120 SystemInfo:
23:59:57.0281 2120
23:59:57.0281 2120 OS Version: 5.1.2600 ServicePack: 3.0
23:59:57.0281 2120 Product type: Workstation
23:59:57.0281 2120 ComputerName: SHARON
23:59:57.0281 2120 UserName: SharonC
23:59:57.0281 2120 Windows directory: C:\WINDOWS
23:59:57.0281 2120 System windows directory: C:\WINDOWS
23:59:57.0281 2120 Processor architecture: Intel x86
23:59:57.0281 2120 Number of processors: 2
23:59:57.0281 2120 Page size: 0x1000
23:59:57.0281 2120 Boot type: Normal boot
23:59:57.0281 2120 ============================================================
23:59:58.0000 2120 Drive \Device\Harddisk0\DR0 - Size: 0x2540BE4000 (149.01 Gb), SectorSize: 0x200, Cylinders: 0x4BFC, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
23:59:58.0046 2120 Drive \Device\Harddisk5\DR9 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
23:59:58.0046 2120 ============================================================
23:59:58.0046 2120 \Device\Harddisk0\DR0:
23:59:58.0046 2120 MBR partitions:
23:59:58.0046 2120 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x17886, BlocksNum 0xD62F39C
23:59:58.0062 2120 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xD646C61, BlocksNum 0x4A757BD
23:59:58.0062 2120 \Device\Harddisk5\DR9:
23:59:58.0062 2120 MBR partitions:
23:59:58.0062 2120 \Device\Harddisk5\DR9\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74705982
23:59:58.0062 2120 ============================================================
23:59:58.0078 2120 D: <-> \Device\Harddisk0\DR0\Partition1
23:59:58.0109 2120 K: <-> \Device\Harddisk5\DR9\Partition0
23:59:58.0156 2120 C: <-> \Device\Harddisk0\DR0\Partition0
23:59:58.0156 2120 ============================================================
23:59:58.0156 2120 Initialize success
23:59:58.0156 2120 ============================================================
00:00:54.0078 0168 ============================================================
00:00:54.0078 0168 Scan started
00:00:54.0078 0168 Mode: Manual; TDLFS;
00:00:54.0078 0168 ============================================================
00:01:57.0265 1720 ============================================================
00:01:57.0265 1720 Scan started
00:01:57.0265 1720 Mode: Manual; TDLFS;
00:01:57.0265 1720 ============================================================
00:01:58.0062 1720 !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
00:01:58.0078 1720 !SASCORE - ok
00:01:58.0187 1720 Abiosdsk - ok
00:01:58.0187 1720 abp480n5 - ok
00:01:58.0250 1720 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
00:01:58.0265 1720 ACPI - ok
00:01:58.0312 1720 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
00:01:58.0328 1720 ACPIEC - ok
00:01:58.0390 1720 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
00:01:58.0468 1720 AdobeFlashPlayerUpdateSvc - ok
00:01:58.0468 1720 adpu160m - ok
00:01:58.0500 1720 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
00:01:58.0515 1720 aec - ok
00:01:58.0546 1720 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
00:01:58.0562 1720 AFD - ok
00:01:58.0562 1720 Aha154x - ok
00:01:58.0578 1720 aic78u2 - ok
00:01:58.0578 1720 aic78xx - ok
00:01:58.0609 1720 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
00:01:58.0625 1720 Alerter - ok
00:01:58.0640 1720 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
00:01:58.0640 1720 ALG - ok
00:01:58.0656 1720 AliIde - ok
00:01:58.0656 1720 amsint - ok
00:01:58.0765 1720 Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
00:01:58.0765 1720 Apple Mobile Device - ok
00:01:58.0796 1720 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll
00:01:58.0859 1720 AppMgmt - ok
00:01:58.0859 1720 asc - ok
00:01:58.0875 1720 asc3350p - ok
00:01:58.0875 1720 asc3550 - ok
00:01:58.0921 1720 ASP.NET - ok
00:01:59.0031 1720 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
00:01:59.0140 1720 aspnet_state - ok
00:01:59.0171 1720 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
00:01:59.0187 1720 AsyncMac - ok
00:01:59.0218 1720 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\drivers\atapi.sys
00:01:59.0234 1720 atapi - ok
00:01:59.0234 1720 Atdisk - ok
00:01:59.0265 1720 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
00:01:59.0281 1720 Atmarpc - ok
00:01:59.0328 1720 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
00:01:59.0328 1720 AudioSrv - ok
00:01:59.0359 1720 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
00:01:59.0375 1720 audstub - ok
00:01:59.0468 1720 avg8wd (db338a6bd3976904eb0f8343f51e64eb) C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
00:01:59.0468 1720 avg8wd - ok
00:01:59.0531 1720 AvgLdx86 (bc12f2404bb6f2b6b2ff3c4c246cb752) C:\WINDOWS\System32\Drivers\avgldx86.sys
00:01:59.0562 1720 AvgLdx86 - ok
00:01:59.0593 1720 AvgMfx86 (5903d729d4f0c5bca74123c96a1b29e0) C:\WINDOWS\System32\Drivers\avgmfx86.sys
00:01:59.0593 1720 AvgMfx86 - ok
00:01:59.0625 1720 AvgRkx86 (94a16f829b1456237b7f929198ce2807) C:\WINDOWS\system32\Drivers\avgrkx86.sys
00:01:59.0640 1720 AvgRkx86 - ok
00:01:59.0671 1720 AvgTdiX (92d8e1e8502e649b60e70074eb29c380) C:\WINDOWS\System32\Drivers\avgtdix.sys
00:01:59.0687 1720 AvgTdiX - ok
00:01:59.0796 1720 BBSvc (01a24b415926bb5f772dbe12459d97de) C:\Program Files\Microsoft\BingBar\BBSvc.EXE
00:01:59.0796 1720 BBSvc - ok
00:01:59.0843 1720 BBUpdate (785de7abda13309d6065305542829e76) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
00:01:59.0843 1720 BBUpdate - ok
00:01:59.0890 1720 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
00:01:59.0890 1720 Beep - ok
00:01:59.0953 1720 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
00:02:00.0015 1720 BITS - ok
00:02:00.0093 1720 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
00:02:00.0109 1720 Bonjour Service - ok
00:02:00.0156 1720 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
00:02:00.0156 1720 Browser - ok
00:02:00.0171 1720 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
00:02:00.0187 1720 cbidf2k - ok
00:02:00.0187 1720 cd20xrnt - ok
00:02:00.0203 1720 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
00:02:00.0218 1720 Cdaudio - ok
00:02:00.0250 1720 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
00:02:00.0265 1720 Cdfs - ok
00:02:00.0312 1720 Cdr4_xp (837eef65af62d4e8a37c41d3879f7274) C:\WINDOWS\system32\drivers\Cdr4_xp.sys
00:02:00.0312 1720 Cdr4_xp - ok
00:02:00.0328 1720 Cdralw2k (579da2f9f5401f55dae2cf8779d61dfc) C:\WINDOWS\system32\drivers\Cdralw2k.sys
00:02:00.0328 1720 Cdralw2k - ok
00:02:00.0343 1720 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
00:02:00.0343 1720 Cdrom - ok
00:02:00.0390 1720 cdudf_xp (294f75a9f2c3317c61f5e51325e9976c) C:\WINDOWS\system32\drivers\cdudf_xp.sys
00:02:00.0421 1720 cdudf_xp - ok
00:02:00.0453 1720 cercsr6 (84853b3fd012251690570e9e7e43343f) C:\WINDOWS\system32\drivers\cercsr6.sys
00:02:00.0468 1720 cercsr6 - ok
00:02:00.0468 1720 Changer - ok
00:02:00.0515 1720 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
00:02:00.0531 1720 CiSvc - ok
00:02:00.0562 1720 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
00:02:00.0593 1720 ClipSrv - ok
00:02:00.0703 1720 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:02:00.0859 1720 clr_optimization_v2.0.50727_32 - ok
00:02:00.0859 1720 CmdIde - ok
00:02:00.0875 1720 COMSysApp - ok
00:02:00.0875 1720 Cpqarray - ok
00:02:00.0921 1720 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
00:02:00.0921 1720 CryptSvc - ok
00:02:00.0921 1720 dac2w2k - ok
00:02:00.0937 1720 dac960nt - ok
00:02:00.0984 1720 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
00:02:01.0000 1720 DcomLaunch - ok
00:02:01.0046 1720 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
00:02:01.0062 1720 Dhcp - ok
00:02:01.0062 1720 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
00:02:01.0078 1720 Disk - ok
00:02:01.0078 1720 dlcx_device - ok
00:02:01.0078 1720 dmadmin - ok
00:02:01.0125 1720 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
00:02:01.0187 1720 dmboot - ok
00:02:01.0203 1720 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
00:02:01.0234 1720 dmio - ok
00:02:01.0265 1720 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
00:02:01.0281 1720 dmload - ok
00:02:01.0328 1720 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
00:02:01.0328 1720 dmserver - ok
00:02:01.0343 1720 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
00:02:01.0343 1720 DMusic - ok
00:02:01.0375 1720 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
00:02:01.0375 1720 Dnscache - ok
00:02:01.0421 1720 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
00:02:01.0453 1720 Dot3svc - ok
00:02:01.0453 1720 dpti2o - ok
00:02:01.0484 1720 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
00:02:01.0484 1720 drmkaud - ok
00:02:01.0531 1720 DVDVRRdr_xp (a2abb2a771a522b9dd57ce57d9960661) C:\WINDOWS\system32\drivers\DVDVRRdr_xp.sys
00:02:01.0546 1720 DVDVRRdr_xp - ok
00:02:01.0593 1720 dvd_2K (9d6fabf24b9ac7bd2ef52d7907fd2f8e) C:\WINDOWS\system32\drivers\dvd_2K.sys
00:02:01.0609 1720 dvd_2K - ok
00:02:01.0656 1720 e1express (6f7ccd3c02b26d530900f06d98171a69) C:\WINDOWS\system32\DRIVERS\e1e5132.sys
00:02:01.0671 1720 e1express - ok
00:02:01.0718 1720 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
00:02:01.0734 1720 EapHost - ok
00:02:01.0843 1720 ehRecvr (5d1347aa5ae6e2f77d7f4f8372d95ac9) C:\WINDOWS\eHome\ehRecvr.exe
00:02:01.0843 1720 ehRecvr - ok
00:02:01.0875 1720 ehSched (a53243709439ac2a4c216b817f8d7411) C:\WINDOWS\eHome\ehSched.exe
00:02:01.0890 1720 ehSched - ok
00:02:01.0921 1720 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
00:02:01.0921 1720 ERSvc - ok
00:02:01.0968 1720 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
00:02:01.0968 1720 Eventlog - ok
00:02:02.0015 1720 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
00:02:02.0031 1720 EventSystem - ok
00:02:02.0062 1720 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
00:02:02.0093 1720 Fastfat - ok
00:02:02.0140 1720 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
00:02:02.0156 1720 FastUserSwitchingCompatibility - ok
00:02:02.0156 1720 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
00:02:02.0171 1720 Fdc - ok
00:02:02.0187 1720 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
00:02:02.0203 1720 Fips - ok
00:02:02.0296 1720 FLEXnet Licensing Service (227846995afeefa70d328bf5334a86a5) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
00:02:02.0359 1720 FLEXnet Licensing Service - ok
00:02:02.0406 1720 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
00:02:02.0406 1720 Flpydisk - ok
00:02:02.0453 1720 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
00:02:02.0484 1720 FltMgr - ok
00:02:02.0593 1720 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
00:02:02.0609 1720 FontCache3.0.0.0 - ok
00:02:02.0640 1720 fssfltr (e0087225b137e57239ff40f8ae82059b) C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys
00:02:02.0656 1720 fssfltr - ok
00:02:02.0765 1720 fsssvc (45b52394f9624237f33a8a3d73c0b221) C:\Program Files\Windows Live\Family Safety\fsssvc.exe
00:02:02.0843 1720 fsssvc - ok
00:02:02.0875 1720 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
00:02:02.0890 1720 Fs_Rec - ok
00:02:02.0906 1720 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
00:02:02.0921 1720 Ftdisk - ok
00:02:02.0953 1720 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
00:02:02.0968 1720 GEARAspiWDM - ok
00:02:03.0000 1720 Giraffic - ok
00:02:03.0046 1720 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
00:02:03.0046 1720 Gpc - ok
00:02:03.0109 1720 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
00:02:03.0156 1720 gupdate - ok
00:02:03.0156 1720 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
00:02:03.0156 1720 gupdatem - ok
00:02:03.0203 1720 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
00:02:03.0218 1720 HDAudBus - ok
00:02:03.0312 1720 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
00:02:03.0312 1720 helpsvc - ok
00:02:03.0312 1720 HidServ - ok
00:02:03.0328 1720 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
00:02:03.0328 1720 hidusb - ok
00:02:03.0375 1720 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
00:02:03.0390 1720 hkmsvc - ok
00:02:03.0406 1720 hpn - ok
00:02:03.0437 1720 HssDrv (0d6b32306c362750ec6576f1d90c52f7) C:\WINDOWS\system32\DRIVERS\HssDrv.sys
00:02:03.0437 1720 HssDrv - ok
00:02:03.0562 1720 HssSrv (5036ca3f9101df26931f177746a7f7de) C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
00:02:03.0578 1720 HssSrv - ok
00:02:03.0609 1720 HssTrayService (bf5429884ff9f8aa5193333f2344b2c4) C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE
00:02:03.0625 1720 HssTrayService - ok
00:02:03.0640 1720 HssWd - ok
00:02:03.0687 1720 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
00:02:03.0718 1720 HTTP - ok
00:02:03.0750 1720 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
00:02:03.0781 1720 HTTPFilter - ok
00:02:03.0781 1720 i2omgmt - ok
00:02:03.0781 1720 i2omp - ok
00:02:03.0812 1720 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\drivers\i8042prt.sys
00:02:03.0828 1720 i8042prt - ok
00:02:03.0906 1720 ialm (0674ce8ae167d830b871a99c677c5c59) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
00:02:04.0000 1720 ialm - ok
00:02:04.0046 1720 iastor (294110966cedd127629c5be48367c8cf) C:\WINDOWS\system32\DRIVERS\iaStor.sys
00:02:04.0046 1720 iastor - ok
00:02:04.0171 1720 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
00:02:04.0218 1720 idsvc - ok
00:02:04.0265 1720 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
00:02:04.0265 1720 Imapi - ok
00:02:04.0312 1720 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
00:02:04.0406 1720 ImapiService - ok
00:02:04.0406 1720 ini910u - ok
00:02:04.0421 1720 IntelIde - ok
00:02:04.0453 1720 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
00:02:04.0453 1720 intelppm - ok
00:02:04.0500 1720 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
00:02:04.0515 1720 Ip6Fw - ok
00:02:04.0546 1720 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
00:02:04.0562 1720 IpFilterDriver - ok
00:02:04.0578 1720 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
00:02:04.0578 1720 IpInIp - ok
00:02:04.0609 1720 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
00:02:04.0640 1720 IpNat - ok
00:02:04.0750 1720 iPod Service (e6be7a41a28d8f2db174957454d32448) C:\Program Files\iPod\bin\iPodService.exe
00:02:04.0765 1720 iPod Service - ok
00:02:04.0812 1720 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
00:02:04.0828 1720 IPSec - ok
00:02:04.0843 1720 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
00:02:04.0859 1720 IRENUM - ok
00:02:04.0875 1720 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
00:02:04.0875 1720 isapnp - ok
00:02:04.0984 1720 JavaQuickStarterService (0a5709543986843d37a92290b7838340) C:\Program Files\Java\jre6\bin\jqs.exe
00:02:05.0000 1720 JavaQuickStarterService - ok
00:02:05.0015 1720 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
00:02:05.0015 1720 Kbdclass - ok
00:02:05.0031 1720 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
00:02:05.0046 1720 kbdhid - ok
00:02:05.0078 1720 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
00:02:05.0093 1720 kmixer - ok
00:02:05.0125 1720 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
00:02:05.0156 1720 KSecDD - ok
00:02:05.0187 1720 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
00:02:05.0203 1720 lanmanserver - ok
00:02:05.0234 1720 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
00:02:05.0265 1720 lanmanworkstation - ok
00:02:05.0265 1720 Lbd - ok
00:02:05.0265 1720 lbrtfdc - ok
00:02:05.0312 1720 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
00:02:05.0312 1720 LmHosts - ok
00:02:05.0359 1720 MarvinBus (a3e700d78eec390f1208098cdca5c6b6) C:\WINDOWS\system32\DRIVERS\MarvinBus.sys
00:02:05.0375 1720 MarvinBus - ok
00:02:05.0421 1720 MBAMSwissArmy (0db7527db188c7d967a37bb51bbf3963) C:\WINDOWS\system32\drivers\mbamswissarmy.sys
00:02:05.0421 1720 MBAMSwissArmy - ok
00:02:05.0500 1720 McrdSvc (df0a511f38f16016bf658fca0090cb87) C:\WINDOWS\ehome\mcrdsvc.exe
00:02:05.0500 1720 McrdSvc - ok
00:02:05.0515 1720 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
00:02:05.0531 1720 Messenger - ok
00:02:05.0593 1720 MHN (b7521f69c0a9b29d356157229376fb21) C:\WINDOWS\System32\mhn.dll
00:02:05.0640 1720 MHN - ok
00:02:05.0671 1720 MHNDRV (7f2f1d2815a6449d346fcccbc569fbd6) C:\WINDOWS\system32\DRIVERS\mhndrv.sys
00:02:05.0671 1720 MHNDRV - ok
00:02:05.0750 1720 Microsoft SharePoint Workspace Audit Service - ok
00:02:05.0796 1720 mmc_2K (0ba70511363a4a148815c6e57a5f99c5) C:\WINDOWS\system32\drivers\mmc_2K.sys
00:02:05.0796 1720 mmc_2K - ok
00:02:05.0828 1720 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
00:02:05.0843 1720 mnmdd - ok
00:02:05.0875 1720 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
00:02:05.0890 1720 mnmsrvc - ok
00:02:05.0921 1720 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
00:02:05.0937 1720 Modem - ok
00:02:05.0937 1720 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
00:02:05.0953 1720 Mouclass - ok
00:02:06.0000 1720 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
00:02:06.0000 1720 mouhid - ok
00:02:06.0015 1720 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
00:02:06.0031 1720 MountMgr - ok
00:02:06.0140 1720 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
00:02:06.0203 1720 MozillaMaintenance - ok
00:02:06.0203 1720 mraid35x - ok
00:02:06.0250 1720 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
00:02:06.0265 1720 MRxDAV - ok
00:02:06.0312 1720 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
00:02:06.0343 1720 MRxSmb - ok
00:02:06.0375 1720 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe
00:02:06.0390 1720 MSDTC - ok
00:02:06.0406 1720 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
00:02:06.0421 1720 Msfs - ok
00:02:06.0421 1720 MSIServer - ok
00:02:06.0453 1720 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
00:02:06.0453 1720 MSKSSRV - ok
00:02:06.0468 1720 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
00:02:06.0484 1720 MSPCLOCK - ok
00:02:06.0500 1720 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
00:02:06.0500 1720 MSPQM - ok
00:02:06.0531 1720 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
00:02:06.0531 1720 mssmbios - ok
00:02:06.0578 1720 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
00:02:06.0593 1720 Mup - ok
00:02:06.0640 1720 NAL (1e59aaed42a5e3a5ed86ec403f9c0776) C:\WINDOWS\system32\Drivers\iqvw32.sys
00:02:06.0640 1720 NAL - ok
00:02:06.0687 1720 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
00:02:06.0718 1720 napagent - ok
00:02:06.0750 1720 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
00:02:06.0781 1720 NDIS - ok
00:02:06.0812 1720 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
00:02:06.0812 1720 NdisTapi - ok
00:02:06.0828 1720 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
00:02:06.0828 1720 Ndisuio - ok
00:02:06.0843 1720 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
00:02:06.0859 1720 NdisWan - ok
00:02:06.0890 1720 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
00:02:06.0906 1720 NDProxy - ok
00:02:06.0937 1720 Netaapl (1352e1648213551923a0a822e441553c) C:\WINDOWS\system32\DRIVERS\netaapl.sys
00:02:06.0953 1720 Netaapl - ok
00:02:06.0984 1720 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
00:02:06.0984 1720 NetBIOS - ok
00:02:07.0015 1720 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
00:02:07.0031 1720 NetBT - ok
00:02:07.0062 1720 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
00:02:07.0093 1720 NetDDE - ok
00:02:07.0093 1720 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
00:02:07.0093 1720 NetDDEdsdm - ok
00:02:07.0125 1720 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
00:02:07.0125 1720 Netlogon - ok
00:02:07.0140 1720 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
00:02:07.0156 1720 Netman - ok
00:02:07.0234 1720 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
00:02:07.0250 1720 NetTcpPortSharing - ok
00:02:07.0312 1720 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
00:02:07.0312 1720 Nla - ok
00:02:07.0359 1720 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
00:02:07.0375 1720 Npfs - ok
00:02:07.0421 1720 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
00:02:07.0500 1720 Ntfs - ok
00:02:07.0515 1720 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
00:02:07.0515 1720 NtLmSsp - ok
00:02:07.0562 1720 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
00:02:07.0765 1720 NtmsSvc - ok
00:02:07.0796 1720 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
00:02:07.0812 1720 Null - ok
00:02:07.0843 1720 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
00:02:07.0859 1720 NwlnkFlt - ok
00:02:07.0859 1720 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
00:02:07.0875 1720 NwlnkFwd - ok
00:02:07.0937 1720 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
00:02:07.0968 1720 ose - ok
00:02:08.0203 1720 osppsvc (358a9cca612c68eb2f07ddad4ce1d8d7) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
00:02:08.0531 1720 osppsvc - ok
00:02:08.0671 1720 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
00:02:08.0687 1720 Parport - ok
00:02:08.0703 1720 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
00:02:08.0703 1720 PartMgr - ok
00:02:08.0750 1720 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
00:02:08.0750 1720 ParVdm - ok
00:02:08.0781 1720 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
00:02:08.0796 1720 PCI - ok
00:02:08.0796 1720 PCIDump - ok
00:02:08.0796 1720 PCIIde - ok
00:02:08.0828 1720 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
00:02:08.0843 1720 Pcmcia - ok
00:02:08.0875 1720 pcouffin (5b6c11de7e839c05248ced8825470fef) C:\WINDOWS\system32\Drivers\pcouffin.sys
00:02:08.0875 1720 pcouffin - ok
00:02:08.0890 1720 PDCOMP - ok
00:02:08.0890 1720 PDFRAME - ok
00:02:08.0890 1720 PDRELI - ok
00:02:08.0890 1720 PDRFRAME - ok
00:02:08.0906 1720 perc2 - ok
00:02:08.0906 1720 perc2hib - ok
00:02:08.0953 1720 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
00:02:08.0953 1720 PlugPlay - ok
00:02:08.0984 1720 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
00:02:08.0984 1720 PolicyAgent - ok
00:02:09.0015 1720 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
00:02:09.0031 1720 PptpMiniport - ok
00:02:09.0031 1720 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
00:02:09.0031 1720 ProtectedStorage - ok
00:02:09.0046 1720 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
00:02:09.0062 1720 PSched - ok
00:02:09.0093 1720 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
00:02:09.0093 1720 Ptilink - ok
00:02:09.0140 1720 pwd_2k (a69812bcdf900f99e3ace4c38a3aefb2) C:\WINDOWS\system32\drivers\pwd_2k.sys
00:02:09.0156 1720 pwd_2k - ok
00:02:09.0187 1720 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
00:02:09.0203 1720 PxHelp20 - ok
00:02:09.0218 1720 ql1080 - ok
00:02:09.0218 1720 Ql10wnt - ok
00:02:09.0218 1720 ql12160 - ok
00:02:09.0234 1720 ql1240 - ok
00:02:09.0234 1720 ql1280 - ok
00:02:09.0234 1720 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
00:02:09.0250 1720 RasAcd - ok
00:02:09.0265 1720 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
00:02:09.0281 1720 RasAuto - ok
00:02:09.0312 1720 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
00:02:09.0312 1720 Rasl2tp - ok
00:02:09.0359 1720 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
00:02:09.0375 1720 RasMan - ok
00:02:09.0390 1720 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
00:02:09.0406 1720 RasPppoe - ok
00:02:09.0406 1720 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
00:02:09.0421 1720 Raspti - ok
00:02:09.0468 1720 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
00:02:09.0500 1720 Rdbss - ok
00:02:09.0515 1720 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
00:02:09.0531 1720 RDPCDD - ok
00:02:09.0562 1720 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
00:02:09.0578 1720 rdpdr - ok
00:02:09.0656 1720 RDPWD (6589db6e5969f8eee594cf71171c5028) C:\WINDOWS\system32\drivers\RDPWD.sys
00:02:09.0671 1720 RDPWD - ok
00:02:09.0703 1720 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
00:02:09.0750 1720 RDSessMgr - ok
00:02:09.0765 1720 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
00:02:09.0781 1720 redbook - ok
00:02:09.0812 1720 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
00:02:09.0828 1720 RemoteAccess - ok
00:02:09.0843 1720 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINDOWS\system32\regsvc.dll
00:02:09.0859 1720 RemoteRegistry - ok
00:02:09.0875 1720 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
00:02:09.0875 1720 RpcLocator - ok
00:02:09.0937 1720 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
00:02:09.0937 1720 RpcSs - ok
00:02:09.0953 1720 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
00:02:10.0000 1720 RSVP - ok
00:02:10.0031 1720 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
00:02:10.0031 1720 SamSs - ok
00:02:10.0140 1720 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
00:02:10.0140 1720 SASDIFSV - ok
00:02:10.0156 1720 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
00:02:10.0171 1720 SASKUTIL - ok
00:02:10.0218 1720 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
00:02:10.0234 1720 SCardSvr - ok
00:02:10.0281 1720 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
00:02:10.0296 1720 Schedule - ok
00:02:10.0312 1720 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
00:02:10.0328 1720 Secdrv - ok
00:02:10.0343 1720 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
00:02:10.0343 1720 seclogon - ok
00:02:10.0359 1720 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
00:02:10.0359 1720 SENS - ok
00:02:10.0359 1720 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys
00:02:10.0375 1720 Serial - ok
00:02:10.0406 1720 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
00:02:10.0406 1720 Sfloppy - ok
00:02:10.0468 1720 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
00:02:10.0484 1720 SharedAccess - ok
00:02:10.0500 1720 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
00:02:10.0515 1720 ShellHWDetection - ok
00:02:10.0515 1720 Simbad - ok
00:02:10.0531 1720 Sparrow - ok
00:02:10.0562 1720 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
00:02:10.0562 1720 splitter - ok
00:02:10.0593 1720 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
00:02:10.0593 1720 Spooler - ok
00:02:10.0625 1720 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
00:02:10.0640 1720 sr - ok
00:02:10.0750 1720 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
00:02:10.0781 1720 srservice - ok
00:02:11.0015 1720 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
00:02:11.0062 1720 Srv - ok
00:02:11.0125 1720 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
00:02:11.0125 1720 SSDPSRV - ok
00:02:11.0531 1720 STHDA (797fcc1d859b203958e915bb82528da9) C:\WINDOWS\system32\drivers\sthda.sys
00:02:11.0671 1720 STHDA - ok
00:02:11.0734 1720 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
00:02:11.0750 1720 stisvc - ok
00:02:11.0781 1720 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
00:02:11.0796 1720 swenum - ok
00:02:11.0812 1720 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
00:02:11.0812 1720 swmidi - ok
00:02:11.0812 1720 SwPrv - ok
00:02:11.0828 1720 symc810 - ok
00:02:11.0828 1720 symc8xx - ok
00:02:11.0843 1720 sym_hi - ok
00:02:11.0843 1720 sym_u3 - ok
00:02:11.0906 1720 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
00:02:11.0906 1720 sysaudio - ok
00:02:11.0968 1720 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
00:02:12.0031 1720 SysmonLog - ok
00:02:12.0078 1720 taphss (0c3b2a9c4bd2dd9a6c2e4084314dd719) C:\WINDOWS\system32\DRIVERS\taphss.sys
00:02:12.0093 1720 taphss - ok
00:02:12.0140 1720 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
00:02:12.0140 1720 TapiSrv - ok
00:02:12.0203 1720 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
00:02:12.0234 1720 Tcpip - ok
00:02:12.0265 1720 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
00:02:12.0265 1720 TDPIPE - ok
00:02:12.0281 1720 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
00:02:12.0296 1720 TDTCP - ok
00:02:12.0312 1720 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
00:02:12.0328 1720 TermDD - ok
00:02:12.0375 1720 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
00:02:12.0390 1720 TermService - ok
00:02:12.0406 1720 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
00:02:12.0421 1720 Themes - ok
00:02:12.0437 1720 TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINDOWS\system32\tlntsvr.exe
00:02:12.0453 1720 TlntSvr - ok
00:02:12.0453 1720 TosIde - ok
00:02:12.0515 1720 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
00:02:12.0515 1720 TrkWks - ok
00:02:12.0562 1720 UdfReadr_xp (8d719ae3cc449768963a6a1f7ff4b769) C:\WINDOWS\system32\drivers\UdfReadr_xp.sys
00:02:12.0593 1720 UdfReadr_xp - ok
00:02:12.0609 1720 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
00:02:12.0625 1720 Udfs - ok
00:02:12.0625 1720 ultra - ok
00:02:12.0687 1720 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
00:02:12.0718 1720 Update - ok
00:02:12.0734 1720 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
00:02:12.0765 1720 upnphost - ok
00:02:12.0796 1720 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
00:02:12.0812 1720 UPS - ok
00:02:12.0843 1720 USBAAPL (eafe1e00739afe6c51487a050e772e17) C:\WINDOWS\system32\Drivers\usbaapl.sys
00:02:12.0859 1720 USBAAPL - ok
00:02:12.0890 1720 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
00:02:12.0906 1720 usbccgp - ok
00:02:12.0921 1720 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
00:02:12.0921 1720 usbehci - ok
00:02:12.0937 1720 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
00:02:12.0937 1720 usbhub - ok
00:02:12.0953 1720 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
00:02:12.0968 1720 usbprint - ok
00:02:12.0968 1720 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
00:02:12.0984 1720 usbscan - ok
00:02:12.0984 1720 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
00:02:13.0000 1720 usbstor - ok
00:02:13.0015 1720 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
00:02:13.0015 1720 usbuhci - ok
00:02:13.0046 1720 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
00:02:13.0046 1720 VgaSave - ok
00:02:13.0046 1720 ViaIde - ok
00:02:13.0062 1720 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
00:02:13.0078 1720 VolSnap - ok
00:02:13.0125 1720 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
00:02:13.0156 1720 VSS - ok
00:02:13.0171 1720 W32Time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
00:02:13.0187 1720 W32Time - ok
00:02:13.0218 1720 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
00:02:13.0218 1720 Wanarp - ok
00:02:13.0281 1720 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys
00:02:13.0343 1720 Wdf01000 - ok
00:02:13.0343 1720 WDICA - ok
00:02:13.0359 1720 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
00:02:13.0375 1720 wdmaud - ok
00:02:13.0421 1720 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
00:02:13.0421 1720 WebClient - ok
00:02:13.0500 1720 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
00:02:13.0515 1720 winmgmt - ok
00:02:13.0562 1720 WMDM PMSP Service (668056d5c3c11ab7d266819a96b964e8) C:\WINDOWS\system32\MsPMSPSv.exe
00:02:13.0562 1720 WMDM PMSP Service - ok
00:02:13.0593 1720 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
00:02:13.0609 1720 WmdmPmSN - ok
00:02:13.0687 1720 Wmi (e76f8807070ed04e7408a86d6d3a6137) C:\WINDOWS\System32\advapi32.dll
00:02:13.0703 1720 Wmi - ok
00:02:13.0734 1720 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
00:02:13.0765 1720 WmiApSrv - ok
00:02:13.0906 1720 WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\WMPNetwk.exe
00:02:14.0078 1720 WMPNetworkSvc - ok
00:02:14.0125 1720 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
00:02:14.0125 1720 wscsvc - ok
00:02:14.0140 1720 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
00:02:14.0140 1720 wuauserv - ok
00:02:14.0171 1720 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
00:02:14.0203 1720 WudfPf - ok
00:02:14.0234 1720 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
00:02:14.0250 1720 WudfRd - ok
00:02:14.0281 1720 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
00:02:14.0296 1720 WudfSvc - ok
00:02:14.0343 1720 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
00:02:14.0375 1720 WZCSVC - ok
00:02:14.0421 1720 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
00:02:14.0437 1720 xmlprov - ok
00:02:14.0593 1720 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
00:02:14.0609 1720 YahooAUService - ok
00:02:14.0640 1720 MBR (0x1B8) (37ea93ec08167ab88192ca2be560cb0f) \Device\Harddisk0\DR0
00:02:14.0671 1720 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.a ) - infected
00:02:14.0671 1720 \Device\Harddisk0\DR0 - detected Rootkit.Boot.SST.a (0)
00:02:14.0968 1720 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk5\DR9
00:02:15.0156 1720 \Device\Harddisk5\DR9 - ok
00:02:15.0171 1720 Boot (0x1200) (fc1f5c5a718fa76513f2386cb92b2542) \Device\Harddisk0\DR0\Partition0
00:02:15.0171 1720 \Device\Harddisk0\DR0\Partition0 - ok
00:02:15.0203 1720 Boot (0x1200) (acb134b2ae1fd41eac3607060722690c) \Device\Harddisk0\DR0\Partition1
00:02:15.0203 1720 \Device\Harddisk0\DR0\Partition1 - ok
00:02:15.0203 1720 Boot (0x1200) (d49b30040609d033c397d7f9e35676dc) \Device\Harddisk5\DR9\Partition0
00:02:15.0203 1720 \Device\Harddisk5\DR9\Partition0 - ok
00:02:15.0203 1720 ============================================================
00:02:15.0203 1720 Scan finished
00:02:15.0203 1720 ============================================================
00:02:15.0218 2484 Detected object count: 1
00:02:15.0218 2484 Actual detected object count: 1
00:02:43.0593 2484 \Device\Harddisk0\DR0\# - copied to quarantine
00:02:43.0593 2484 \Device\Harddisk0\DR0 - copied to quarantine
00:02:43.0718 2484 \Device\Harddisk0\DR0 - processing error
00:04:52.0968 2484 \Device\Harddisk0\DR0 - will be restored on reboot
00:04:53.0093 2484 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.a ) - User select action: Cure Restore
00:06:19.0750 1420 Deinitialize success


Then I ran aswMBR and it did a 'quick scan'. I didn't change this as I wasn't told to. So here is the log file from the quick scan:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-23 00:16:07
-----------------------------
00:16:07.500 OS Version: Windows 5.1.2600 Service Pack 3
00:16:07.500 Number of processors: 2 586 0xF06
00:16:07.500 ComputerName: SHARON UserName:
00:16:17.734 Initialize success
00:18:43.093 AVAST engine defs: 12072201
00:19:17.171 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
00:19:17.171 Disk 0 Vendor: ST316081 3.AD Size: 152587MB BusType: 3
00:19:17.187 Disk 0 MBR read successfully
00:19:17.187 Disk 0 MBR scan
00:19:17.281 Disk 0 Windows XP default MBR code
00:19:17.281 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 47 MB offset 63
00:19:17.312 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 109662 MB offset 96390
00:19:17.312 Disk 0 Partition - 00 0F Extended LBA 38122 MB offset 224685090
00:19:17.343 Disk 0 Partition 3 00 DB CP/M / CTOS MSDOS5.0 4753 MB offset 302760990
00:19:17.359 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 38122 MB offset 224685153
00:19:17.359 Disk 0 scanning sectors +312496380
00:19:17.500 Disk 0 scanning C:\WINDOWS\system32\drivers
00:19:34.593 Service scanning
00:19:59.625 Modules scanning
00:20:15.296 Disk 0 trace - called modules:
00:20:15.328 ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
00:20:15.328 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86b72030]
00:20:15.328 3 CLASSPNP.SYS[f7670fd7] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x86b88030]
00:20:17.781 AVAST engine scan C:\WINDOWS
00:20:43.500 AVAST engine scan C:\WINDOWS\system32
00:25:26.359 AVAST engine scan C:\WINDOWS\system32\drivers
00:25:54.109 AVAST engine scan C:\Documents and Settings\SharonC
00:50:51.250 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\SharonC\Desktop\MBR.dat"
00:50:51.250 The log file has been saved successfully to "C:\Documents and Settings\SharonC\Desktop\aswMBR-23 July 2012.txt"

Cheers
Sharon.

Edited by besscella, 22 July 2012 - 07:18 PM.


#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:45 PM

Posted 22 July 2012 - 07:24 PM

Restart the PC and run TDSSkiller once again,let me know if it still detects Rootkit.Boot.SST.

#7 besscella

besscella
  • Topic Starter

  • Members
  • 76 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:06:45 PM

Posted 22 July 2012 - 07:55 PM

Hi

I restarted the PC and then ran TDSSKiller again. When it finished it said that there were no threats found. Here is the log report:

01:47:42.0906 3108 TDSS rootkit removing tool 2.7.46.0 Jul 16 2012 22:10:11
01:47:43.0109 3108 ============================================================
01:47:43.0109 3108 Current date / time: 2012/07/23 01:47:43.0109
01:47:43.0109 3108 SystemInfo:
01:47:43.0109 3108
01:47:43.0109 3108 OS Version: 5.1.2600 ServicePack: 3.0
01:47:43.0109 3108 Product type: Workstation
01:47:43.0109 3108 ComputerName: SHARON
01:47:43.0109 3108 UserName: SharonC
01:47:43.0109 3108 Windows directory: C:\WINDOWS
01:47:43.0109 3108 System windows directory: C:\WINDOWS
01:47:43.0109 3108 Processor architecture: Intel x86
01:47:43.0109 3108 Number of processors: 2
01:47:43.0109 3108 Page size: 0x1000
01:47:43.0109 3108 Boot type: Normal boot
01:47:43.0109 3108 ============================================================
01:47:44.0218 3108 Drive \Device\Harddisk0\DR0 - Size: 0x2540BE4000 (149.01 Gb), SectorSize: 0x200, Cylinders: 0x4BFC, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
01:47:44.0250 3108 Drive \Device\Harddisk5\DR9 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
01:47:44.0250 3108 ============================================================
01:47:44.0250 3108 \Device\Harddisk0\DR0:
01:47:44.0250 3108 MBR partitions:
01:47:44.0250 3108 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x17886, BlocksNum 0xD62F39C
01:47:44.0281 3108 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xD646C61, BlocksNum 0x4A757BD
01:47:44.0281 3108 \Device\Harddisk5\DR9:
01:47:44.0281 3108 MBR partitions:
01:47:44.0281 3108 \Device\Harddisk5\DR9\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74705982
01:47:44.0281 3108 ============================================================
01:47:44.0296 3108 D: <-> \Device\Harddisk0\DR0\Partition1
01:47:44.0515 3108 K: <-> \Device\Harddisk5\DR9\Partition0
01:47:44.0546 3108 C: <-> \Device\Harddisk0\DR0\Partition0
01:47:44.0546 3108 ============================================================
01:47:44.0546 3108 Initialize success
01:47:44.0546 3108 ============================================================
01:47:54.0062 2960 ============================================================
01:47:54.0062 2960 Scan started
01:47:54.0062 2960 Mode: Manual; TDLFS;
01:47:54.0062 2960 ============================================================
01:47:55.0484 2960 !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
01:47:55.0484 2960 !SASCORE - ok
01:47:55.0953 2960 Abiosdsk - ok
01:47:55.0953 2960 abp480n5 - ok
01:47:56.0125 2960 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
01:47:56.0125 2960 ACPI - ok
01:47:56.0187 2960 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
01:47:56.0203 2960 ACPIEC - ok
01:47:56.0765 2960 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
01:47:56.0765 2960 AdobeFlashPlayerUpdateSvc - ok
01:47:56.0781 2960 adpu160m - ok
01:47:56.0875 2960 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
01:47:56.0968 2960 aec - ok
01:47:57.0046 2960 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
01:47:57.0093 2960 AFD - ok
01:47:57.0093 2960 Aha154x - ok
01:47:57.0109 2960 aic78u2 - ok
01:47:57.0109 2960 aic78xx - ok
01:47:57.0265 2960 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
01:47:57.0296 2960 Alerter - ok
01:47:57.0515 2960 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
01:47:57.0515 2960 ALG - ok
01:47:57.0531 2960 AliIde - ok
01:47:57.0531 2960 amsint - ok
01:47:57.0859 2960 Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
01:47:57.0859 2960 Apple Mobile Device - ok
01:47:57.0890 2960 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll
01:47:57.0921 2960 AppMgmt - ok
01:47:57.0921 2960 asc - ok
01:47:57.0921 2960 asc3350p - ok
01:47:57.0937 2960 asc3550 - ok
01:47:57.0968 2960 ASP.NET - ok
01:47:58.0359 2960 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
01:47:58.0406 2960 aspnet_state - ok
01:47:58.0437 2960 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
01:47:58.0437 2960 AsyncMac - ok
01:47:58.0468 2960 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\drivers\atapi.sys
01:47:58.0484 2960 atapi - ok
01:47:58.0500 2960 Atdisk - ok
01:47:58.0890 2960 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
01:47:58.0953 2960 Atmarpc - ok
01:47:59.0000 2960 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
01:47:59.0000 2960 AudioSrv - ok
01:47:59.0046 2960 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
01:47:59.0046 2960 audstub - ok
01:47:59.0265 2960 avg8wd (db338a6bd3976904eb0f8343f51e64eb) C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
01:47:59.0265 2960 avg8wd - ok
01:47:59.0328 2960 AvgLdx86 (bc12f2404bb6f2b6b2ff3c4c246cb752) C:\WINDOWS\System32\Drivers\avgldx86.sys
01:47:59.0359 2960 AvgLdx86 - ok
01:47:59.0390 2960 AvgMfx86 (5903d729d4f0c5bca74123c96a1b29e0) C:\WINDOWS\System32\Drivers\avgmfx86.sys
01:47:59.0406 2960 AvgMfx86 - ok
01:47:59.0437 2960 AvgRkx86 (94a16f829b1456237b7f929198ce2807) C:\WINDOWS\system32\Drivers\avgrkx86.sys
01:47:59.0437 2960 AvgRkx86 - ok
01:47:59.0484 2960 AvgTdiX (92d8e1e8502e649b60e70074eb29c380) C:\WINDOWS\System32\Drivers\avgtdix.sys
01:47:59.0562 2960 AvgTdiX - ok
01:47:59.0671 2960 BBSvc (01a24b415926bb5f772dbe12459d97de) C:\Program Files\Microsoft\BingBar\BBSvc.EXE
01:47:59.0671 2960 BBSvc - ok
01:47:59.0703 2960 BBUpdate (785de7abda13309d6065305542829e76) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
01:47:59.0703 2960 BBUpdate - ok
01:47:59.0750 2960 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
01:47:59.0750 2960 Beep - ok
01:47:59.0890 2960 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
01:47:59.0953 2960 BITS - ok
01:48:00.0031 2960 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
01:48:00.0031 2960 Bonjour Service - ok
01:48:00.0156 2960 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
01:48:00.0171 2960 Browser - ok
01:48:00.0187 2960 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
01:48:00.0203 2960 cbidf2k - ok
01:48:00.0203 2960 cd20xrnt - ok
01:48:00.0234 2960 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
01:48:00.0234 2960 Cdaudio - ok
01:48:00.0296 2960 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
01:48:00.0296 2960 Cdfs - ok
01:48:00.0343 2960 Cdr4_xp (837eef65af62d4e8a37c41d3879f7274) C:\WINDOWS\system32\drivers\Cdr4_xp.sys
01:48:00.0359 2960 Cdr4_xp - ok
01:48:00.0359 2960 Cdralw2k (579da2f9f5401f55dae2cf8779d61dfc) C:\WINDOWS\system32\drivers\Cdralw2k.sys
01:48:00.0375 2960 Cdralw2k - ok
01:48:00.0390 2960 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
01:48:00.0406 2960 Cdrom - ok
01:48:00.0468 2960 cdudf_xp (294f75a9f2c3317c61f5e51325e9976c) C:\WINDOWS\system32\drivers\cdudf_xp.sys
01:48:00.0500 2960 cdudf_xp - ok
01:48:00.0531 2960 cercsr6 (84853b3fd012251690570e9e7e43343f) C:\WINDOWS\system32\drivers\cercsr6.sys
01:48:00.0546 2960 cercsr6 - ok
01:48:00.0546 2960 Changer - ok
01:48:00.0609 2960 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
01:48:00.0609 2960 CiSvc - ok
01:48:00.0656 2960 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
01:48:00.0671 2960 ClipSrv - ok
01:48:00.0859 2960 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
01:48:00.0937 2960 clr_optimization_v2.0.50727_32 - ok
01:48:00.0953 2960 CmdIde - ok
01:48:00.0953 2960 COMSysApp - ok
01:48:00.0968 2960 Cpqarray - ok
01:48:01.0015 2960 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
01:48:01.0015 2960 CryptSvc - ok
01:48:01.0031 2960 dac2w2k - ok
01:48:01.0031 2960 dac960nt - ok
01:48:01.0078 2960 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
01:48:01.0078 2960 DcomLaunch - ok
01:48:01.0125 2960 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
01:48:01.0125 2960 Dhcp - ok
01:48:01.0156 2960 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
01:48:01.0171 2960 Disk - ok
01:48:01.0171 2960 dlcx_device - ok
01:48:01.0187 2960 dmadmin - ok
01:48:01.0234 2960 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
01:48:01.0296 2960 dmboot - ok
01:48:01.0328 2960 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
01:48:01.0343 2960 dmio - ok
01:48:01.0390 2960 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
01:48:01.0406 2960 dmload - ok
01:48:01.0453 2960 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
01:48:01.0453 2960 dmserver - ok
01:48:01.0468 2960 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
01:48:01.0468 2960 DMusic - ok
01:48:01.0500 2960 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
01:48:01.0515 2960 Dnscache - ok
01:48:01.0562 2960 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
01:48:01.0593 2960 Dot3svc - ok
01:48:01.0593 2960 dpti2o - ok
01:48:01.0609 2960 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
01:48:01.0625 2960 drmkaud - ok
01:48:01.0671 2960 DVDVRRdr_xp (a2abb2a771a522b9dd57ce57d9960661) C:\WINDOWS\system32\drivers\DVDVRRdr_xp.sys
01:48:01.0687 2960 DVDVRRdr_xp - ok
01:48:01.0718 2960 dvd_2K (9d6fabf24b9ac7bd2ef52d7907fd2f8e) C:\WINDOWS\system32\drivers\dvd_2K.sys
01:48:01.0734 2960 dvd_2K - ok
01:48:01.0796 2960 e1express (6f7ccd3c02b26d530900f06d98171a69) C:\WINDOWS\system32\DRIVERS\e1e5132.sys
01:48:01.0921 2960 e1express - ok
01:48:01.0968 2960 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
01:48:01.0984 2960 EapHost - ok
01:48:02.0062 2960 ehRecvr (5d1347aa5ae6e2f77d7f4f8372d95ac9) C:\WINDOWS\eHome\ehRecvr.exe
01:48:02.0062 2960 ehRecvr - ok
01:48:02.0234 2960 ehSched (a53243709439ac2a4c216b817f8d7411) C:\WINDOWS\eHome\ehSched.exe
01:48:02.0234 2960 ehSched - ok
01:48:02.0265 2960 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
01:48:02.0281 2960 ERSvc - ok
01:48:02.0312 2960 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
01:48:02.0312 2960 Eventlog - ok
01:48:02.0484 2960 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
01:48:02.0484 2960 EventSystem - ok
01:48:02.0562 2960 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
01:48:02.0578 2960 Fastfat - ok
01:48:02.0703 2960 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
01:48:02.0718 2960 FastUserSwitchingCompatibility - ok
01:48:02.0734 2960 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
01:48:02.0750 2960 Fdc - ok
01:48:02.0765 2960 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
01:48:02.0765 2960 Fips - ok
01:48:02.0937 2960 FLEXnet Licensing Service (227846995afeefa70d328bf5334a86a5) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
01:48:03.0062 2960 FLEXnet Licensing Service - ok
01:48:03.0093 2960 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
01:48:03.0093 2960 Flpydisk - ok
01:48:03.0125 2960 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
01:48:03.0156 2960 FltMgr - ok
01:48:03.0265 2960 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
01:48:03.0265 2960 FontCache3.0.0.0 - ok
01:48:03.0312 2960 fssfltr (e0087225b137e57239ff40f8ae82059b) C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys
01:48:03.0312 2960 fssfltr - ok
01:48:03.0406 2960 fsssvc (45b52394f9624237f33a8a3d73c0b221) C:\Program Files\Windows Live\Family Safety\fsssvc.exe
01:48:03.0453 2960 fsssvc - ok
01:48:03.0609 2960 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
01:48:03.0640 2960 Fs_Rec - ok
01:48:03.0890 2960 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
01:48:03.0906 2960 Ftdisk - ok
01:48:04.0000 2960 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
01:48:04.0000 2960 GEARAspiWDM - ok
01:48:04.0031 2960 Giraffic - ok
01:48:04.0109 2960 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
01:48:04.0109 2960 Gpc - ok
01:48:04.0203 2960 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
01:48:04.0203 2960 gupdate - ok
01:48:04.0218 2960 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
01:48:04.0218 2960 gupdatem - ok
01:48:04.0312 2960 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
01:48:04.0328 2960 HDAudBus - ok
01:48:04.0484 2960 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
01:48:04.0484 2960 helpsvc - ok
01:48:04.0484 2960 HidServ - ok
01:48:04.0500 2960 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
01:48:04.0515 2960 hidusb - ok
01:48:04.0546 2960 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
01:48:04.0562 2960 hkmsvc - ok
01:48:04.0578 2960 hpn - ok
01:48:04.0593 2960 HssDrv (0d6b32306c362750ec6576f1d90c52f7) C:\WINDOWS\system32\DRIVERS\HssDrv.sys
01:48:04.0609 2960 HssDrv - ok
01:48:04.0953 2960 HssSrv (5036ca3f9101df26931f177746a7f7de) C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
01:48:04.0968 2960 HssSrv - ok
01:48:05.0015 2960 HssTrayService (bf5429884ff9f8aa5193333f2344b2c4) C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE
01:48:05.0015 2960 HssTrayService - ok
01:48:05.0031 2960 HssWd - ok
01:48:05.0062 2960 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
01:48:05.0078 2960 HTTP - ok
01:48:05.0171 2960 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
01:48:05.0187 2960 HTTPFilter - ok
01:48:05.0187 2960 i2omgmt - ok
01:48:05.0187 2960 i2omp - ok
01:48:05.0234 2960 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\drivers\i8042prt.sys
01:48:05.0234 2960 i8042prt - ok
01:48:05.0390 2960 ialm (0674ce8ae167d830b871a99c677c5c59) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
01:48:05.0531 2960 ialm - ok
01:48:05.0609 2960 iastor (294110966cedd127629c5be48367c8cf) C:\WINDOWS\system32\DRIVERS\iaStor.sys
01:48:05.0609 2960 iastor - ok
01:48:05.0765 2960 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
01:48:05.0859 2960 idsvc - ok
01:48:05.0968 2960 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
01:48:05.0968 2960 Imapi - ok
01:48:06.0031 2960 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
01:48:06.0031 2960 ImapiService - ok
01:48:06.0031 2960 ini910u - ok
01:48:06.0046 2960 IntelIde - ok
01:48:06.0093 2960 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
01:48:06.0109 2960 intelppm - ok
01:48:06.0156 2960 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
01:48:06.0171 2960 Ip6Fw - ok
01:48:06.0203 2960 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
01:48:06.0203 2960 IpFilterDriver - ok
01:48:06.0234 2960 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
01:48:06.0234 2960 IpInIp - ok
01:48:06.0281 2960 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
01:48:06.0281 2960 IpNat - ok
01:48:06.0390 2960 iPod Service (e6be7a41a28d8f2db174957454d32448) C:\Program Files\iPod\bin\iPodService.exe
01:48:06.0390 2960 iPod Service - ok
01:48:06.0453 2960 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
01:48:06.0453 2960 IPSec - ok
01:48:06.0531 2960 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
01:48:06.0546 2960 IRENUM - ok
01:48:06.0578 2960 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
01:48:06.0593 2960 isapnp - ok
01:48:07.0031 2960 JavaQuickStarterService (0a5709543986843d37a92290b7838340) C:\Program Files\Java\jre6\bin\jqs.exe
01:48:07.0031 2960 JavaQuickStarterService - ok
01:48:07.0125 2960 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
01:48:07.0125 2960 Kbdclass - ok
01:48:07.0218 2960 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
01:48:07.0218 2960 kbdhid - ok
01:48:07.0281 2960 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
01:48:07.0328 2960 kmixer - ok
01:48:07.0375 2960 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
01:48:07.0406 2960 KSecDD - ok
01:48:07.0453 2960 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
01:48:07.0453 2960 lanmanserver - ok
01:48:07.0500 2960 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
01:48:07.0531 2960 lanmanworkstation - ok
01:48:07.0531 2960 Lbd - ok
01:48:07.0531 2960 lbrtfdc - ok
01:48:07.0562 2960 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
01:48:07.0562 2960 LmHosts - ok
01:48:07.0609 2960 MarvinBus (a3e700d78eec390f1208098cdca5c6b6) C:\WINDOWS\system32\DRIVERS\MarvinBus.sys
01:48:07.0609 2960 MarvinBus - ok
01:48:07.0640 2960 MBAMSwissArmy (0db7527db188c7d967a37bb51bbf3963) C:\WINDOWS\system32\drivers\mbamswissarmy.sys
01:48:07.0656 2960 MBAMSwissArmy - ok
01:48:07.0906 2960 McrdSvc (df0a511f38f16016bf658fca0090cb87) C:\WINDOWS\ehome\mcrdsvc.exe
01:48:07.0921 2960 McrdSvc - ok
01:48:07.0953 2960 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
01:48:07.0968 2960 Messenger - ok
01:48:07.0984 2960 MHN (b7521f69c0a9b29d356157229376fb21) C:\WINDOWS\System32\mhn.dll
01:48:08.0015 2960 MHN - ok
01:48:08.0031 2960 MHNDRV (7f2f1d2815a6449d346fcccbc569fbd6) C:\WINDOWS\system32\DRIVERS\mhndrv.sys
01:48:08.0046 2960 MHNDRV - ok
01:48:08.0125 2960 Microsoft SharePoint Workspace Audit Service - ok
01:48:08.0156 2960 mmc_2K (0ba70511363a4a148815c6e57a5f99c5) C:\WINDOWS\system32\drivers\mmc_2K.sys
01:48:08.0171 2960 mmc_2K - ok
01:48:08.0203 2960 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
01:48:08.0218 2960 mnmdd - ok
01:48:08.0265 2960 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
01:48:08.0265 2960 mnmsrvc - ok
01:48:08.0312 2960 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
01:48:08.0328 2960 Modem - ok
01:48:08.0343 2960 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
01:48:08.0343 2960 Mouclass - ok
01:48:08.0375 2960 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
01:48:08.0390 2960 mouhid - ok
01:48:08.0421 2960 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
01:48:08.0437 2960 MountMgr - ok
01:48:08.0500 2960 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
01:48:08.0500 2960 MozillaMaintenance - ok
01:48:08.0500 2960 mraid35x - ok
01:48:08.0531 2960 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
01:48:08.0546 2960 MRxDAV - ok
01:48:08.0593 2960 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
01:48:08.0656 2960 MRxSmb - ok
01:48:08.0687 2960 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe
01:48:08.0703 2960 MSDTC - ok
01:48:08.0703 2960 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
01:48:08.0718 2960 Msfs - ok
01:48:08.0718 2960 MSIServer - ok
01:48:08.0750 2960 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
01:48:08.0765 2960 MSKSSRV - ok
01:48:08.0765 2960 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
01:48:08.0781 2960 MSPCLOCK - ok
01:48:08.0796 2960 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
01:48:08.0796 2960 MSPQM - ok
01:48:08.0828 2960 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
01:48:08.0828 2960 mssmbios - ok
01:48:08.0859 2960 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
01:48:08.0875 2960 Mup - ok
01:48:08.0906 2960 NAL (1e59aaed42a5e3a5ed86ec403f9c0776) C:\WINDOWS\system32\Drivers\iqvw32.sys
01:48:08.0921 2960 NAL - ok
01:48:08.0953 2960 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
01:48:08.0984 2960 napagent - ok
01:48:09.0062 2960 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
01:48:09.0093 2960 NDIS - ok
01:48:09.0109 2960 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
01:48:09.0125 2960 NdisTapi - ok
01:48:09.0125 2960 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
01:48:09.0140 2960 Ndisuio - ok
01:48:09.0140 2960 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
01:48:09.0156 2960 NdisWan - ok
01:48:09.0187 2960 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
01:48:09.0203 2960 NDProxy - ok
01:48:09.0281 2960 Netaapl (1352e1648213551923a0a822e441553c) C:\WINDOWS\system32\DRIVERS\netaapl.sys
01:48:09.0312 2960 Netaapl - ok
01:48:09.0546 2960 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
01:48:09.0562 2960 NetBIOS - ok
01:48:09.0578 2960 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
01:48:09.0593 2960 NetBT - ok
01:48:09.0656 2960 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
01:48:09.0671 2960 NetDDE - ok
01:48:09.0687 2960 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
01:48:09.0687 2960 NetDDEdsdm - ok
01:48:09.0750 2960 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
01:48:09.0765 2960 Netlogon - ok
01:48:10.0343 2960 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
01:48:10.0343 2960 Netman - ok
01:48:10.0812 2960 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
01:48:10.0953 2960 NetTcpPortSharing - ok
01:48:11.0156 2960 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
01:48:11.0156 2960 Nla - ok
01:48:11.0203 2960 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
01:48:11.0218 2960 Npfs - ok
01:48:11.0265 2960 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
01:48:11.0796 2960 Ntfs - ok
01:48:11.0796 2960 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
01:48:11.0796 2960 NtLmSsp - ok
01:48:11.0890 2960 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
01:48:11.0984 2960 NtmsSvc - ok
01:48:12.0015 2960 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
01:48:12.0046 2960 Null - ok
01:48:12.0078 2960 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
01:48:12.0093 2960 NwlnkFlt - ok
01:48:12.0093 2960 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
01:48:12.0109 2960 NwlnkFwd - ok
01:48:12.0187 2960 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
01:48:12.0218 2960 ose - ok
01:48:12.0453 2960 osppsvc (358a9cca612c68eb2f07ddad4ce1d8d7) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
01:48:12.0781 2960 osppsvc - ok
01:48:12.0921 2960 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
01:48:12.0937 2960 Parport - ok
01:48:12.0968 2960 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
01:48:12.0984 2960 PartMgr - ok
01:48:13.0015 2960 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
01:48:13.0015 2960 ParVdm - ok
01:48:13.0046 2960 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
01:48:13.0046 2960 PCI - ok
01:48:13.0046 2960 PCIDump - ok
01:48:13.0062 2960 PCIIde - ok
01:48:13.0109 2960 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
01:48:13.0125 2960 Pcmcia - ok
01:48:13.0156 2960 pcouffin (5b6c11de7e839c05248ced8825470fef) C:\WINDOWS\system32\Drivers\pcouffin.sys
01:48:13.0156 2960 pcouffin - ok
01:48:13.0171 2960 PDCOMP - ok
01:48:13.0171 2960 PDFRAME - ok
01:48:13.0171 2960 PDRELI - ok
01:48:13.0187 2960 PDRFRAME - ok
01:48:13.0187 2960 perc2 - ok
01:48:13.0203 2960 perc2hib - ok
01:48:13.0250 2960 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
01:48:13.0250 2960 PlugPlay - ok
01:48:13.0281 2960 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
01:48:13.0281 2960 PolicyAgent - ok
01:48:13.0296 2960 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
01:48:13.0312 2960 PptpMiniport - ok
01:48:13.0312 2960 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
01:48:13.0312 2960 ProtectedStorage - ok
01:48:13.0328 2960 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
01:48:13.0343 2960 PSched - ok
01:48:13.0375 2960 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
01:48:13.0390 2960 Ptilink - ok
01:48:13.0437 2960 pwd_2k (a69812bcdf900f99e3ace4c38a3aefb2) C:\WINDOWS\system32\drivers\pwd_2k.sys
01:48:13.0453 2960 pwd_2k - ok
01:48:13.0484 2960 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
01:48:13.0500 2960 PxHelp20 - ok
01:48:13.0500 2960 ql1080 - ok
01:48:13.0515 2960 Ql10wnt - ok
01:48:13.0515 2960 ql12160 - ok
01:48:13.0515 2960 ql1240 - ok
01:48:13.0531 2960 ql1280 - ok
01:48:13.0531 2960 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
01:48:13.0546 2960 RasAcd - ok
01:48:13.0578 2960 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
01:48:13.0609 2960 RasAuto - ok
01:48:13.0625 2960 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
01:48:13.0640 2960 Rasl2tp - ok
01:48:13.0687 2960 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
01:48:13.0703 2960 RasMan - ok
01:48:13.0718 2960 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
01:48:13.0734 2960 RasPppoe - ok
01:48:13.0734 2960 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
01:48:13.0750 2960 Raspti - ok
01:48:13.0796 2960 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
01:48:13.0828 2960 Rdbss - ok
01:48:13.0875 2960 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
01:48:13.0875 2960 RDPCDD - ok
01:48:13.0906 2960 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
01:48:13.0921 2960 rdpdr - ok
01:48:13.0953 2960 RDPWD (6589db6e5969f8eee594cf71171c5028) C:\WINDOWS\system32\drivers\RDPWD.sys
01:48:13.0968 2960 RDPWD - ok
01:48:14.0000 2960 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
01:48:14.0000 2960 RDSessMgr - ok
01:48:14.0015 2960 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
01:48:14.0031 2960 redbook - ok
01:48:14.0062 2960 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
01:48:14.0078 2960 RemoteAccess - ok
01:48:14.0109 2960 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINDOWS\system32\regsvc.dll
01:48:14.0109 2960 RemoteRegistry - ok
01:48:14.0125 2960 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
01:48:14.0140 2960 RpcLocator - ok
01:48:14.0187 2960 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
01:48:14.0203 2960 RpcSs - ok
01:48:14.0234 2960 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
01:48:14.0234 2960 RSVP - ok
01:48:14.0265 2960 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
01:48:14.0265 2960 SamSs - ok
01:48:14.0359 2960 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
01:48:14.0375 2960 SASDIFSV - ok
01:48:14.0390 2960 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
01:48:14.0406 2960 SASKUTIL - ok
01:48:14.0453 2960 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
01:48:14.0453 2960 SCardSvr - ok
01:48:14.0500 2960 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
01:48:14.0500 2960 Schedule - ok
01:48:14.0531 2960 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
01:48:14.0531 2960 Secdrv - ok
01:48:14.0562 2960 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
01:48:14.0562 2960 seclogon - ok
01:48:14.0578 2960 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
01:48:14.0578 2960 SENS - ok
01:48:14.0609 2960 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys
01:48:14.0625 2960 Serial - ok
01:48:14.0656 2960 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
01:48:14.0671 2960 Sfloppy - ok
01:48:14.0718 2960 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
01:48:14.0718 2960 SharedAccess - ok
01:48:14.0750 2960 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
01:48:14.0750 2960 ShellHWDetection - ok
01:48:14.0765 2960 Simbad - ok
01:48:14.0765 2960 Sparrow - ok
01:48:14.0781 2960 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
01:48:14.0781 2960 splitter - ok
01:48:14.0828 2960 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
01:48:14.0828 2960 Spooler - ok
01:48:14.0843 2960 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
01:48:14.0843 2960 sr - ok
01:48:14.0906 2960 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
01:48:14.0906 2960 srservice - ok
01:48:14.0953 2960 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
01:48:14.0968 2960 Srv - ok
01:48:15.0015 2960 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
01:48:15.0015 2960 SSDPSRV - ok
01:48:15.0140 2960 STHDA (797fcc1d859b203958e915bb82528da9) C:\WINDOWS\system32\drivers\sthda.sys
01:48:15.0234 2960 STHDA - ok
01:48:15.0296 2960 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
01:48:15.0312 2960 stisvc - ok
01:48:15.0328 2960 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
01:48:15.0343 2960 swenum - ok
01:48:15.0359 2960 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
01:48:15.0359 2960 swmidi - ok
01:48:15.0375 2960 SwPrv - ok
01:48:15.0375 2960 symc810 - ok
01:48:15.0390 2960 symc8xx - ok
01:48:15.0390 2960 sym_hi - ok
01:48:15.0390 2960 sym_u3 - ok
01:48:15.0406 2960 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
01:48:15.0421 2960 sysaudio - ok
01:48:15.0453 2960 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
01:48:15.0453 2960 SysmonLog - ok
01:48:15.0484 2960 taphss (0c3b2a9c4bd2dd9a6c2e4084314dd719) C:\WINDOWS\system32\DRIVERS\taphss.sys
01:48:15.0500 2960 taphss - ok
01:48:15.0546 2960 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
01:48:15.0546 2960 TapiSrv - ok
01:48:15.0718 2960 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
01:48:15.0750 2960 Tcpip - ok
01:48:15.0796 2960 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
01:48:15.0812 2960 TDPIPE - ok
01:48:15.0906 2960 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
01:48:15.0921 2960 TDTCP - ok
01:48:15.0937 2960 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
01:48:15.0953 2960 TermDD - ok
01:48:15.0984 2960 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
01:48:16.0000 2960 TermService - ok
01:48:16.0078 2960 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
01:48:16.0078 2960 Themes - ok
01:48:16.0109 2960 TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINDOWS\system32\tlntsvr.exe
01:48:16.0125 2960 TlntSvr - ok
01:48:16.0140 2960 TosIde - ok
01:48:16.0171 2960 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
01:48:16.0171 2960 TrkWks - ok
01:48:16.0375 2960 UdfReadr_xp (8d719ae3cc449768963a6a1f7ff4b769) C:\WINDOWS\system32\drivers\UdfReadr_xp.sys
01:48:16.0390 2960 UdfReadr_xp - ok
01:48:16.0421 2960 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
01:48:16.0437 2960 Udfs - ok
01:48:16.0437 2960 ultra - ok
01:48:16.0546 2960 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
01:48:16.0671 2960 Update - ok
01:48:16.0734 2960 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
01:48:16.0843 2960 upnphost - ok
01:48:17.0000 2960 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
01:48:17.0000 2960 UPS - ok
01:48:17.0046 2960 USBAAPL (eafe1e00739afe6c51487a050e772e17) C:\WINDOWS\system32\Drivers\usbaapl.sys
01:48:17.0062 2960 USBAAPL - ok
01:48:17.0125 2960 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
01:48:17.0140 2960 usbccgp - ok
01:48:17.0187 2960 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
01:48:17.0187 2960 usbehci - ok
01:48:17.0203 2960 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
01:48:17.0218 2960 usbhub - ok
01:48:17.0296 2960 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
01:48:17.0312 2960 usbprint - ok
01:48:17.0328 2960 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
01:48:17.0328 2960 usbscan - ok
01:48:17.0343 2960 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
01:48:17.0343 2960 usbstor - ok
01:48:17.0406 2960 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
01:48:17.0421 2960 usbuhci - ok
01:48:17.0453 2960 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
01:48:17.0468 2960 VgaSave - ok
01:48:17.0468 2960 ViaIde - ok
01:48:17.0500 2960 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
01:48:17.0515 2960 VolSnap - ok
01:48:17.0562 2960 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
01:48:17.0562 2960 VSS - ok
01:48:17.0609 2960 W32Time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
01:48:17.0609 2960 W32Time - ok
01:48:17.0625 2960 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
01:48:17.0640 2960 Wanarp - ok
01:48:17.0703 2960 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys
01:48:17.0734 2960 Wdf01000 - ok
01:48:17.0734 2960 WDICA - ok
01:48:17.0765 2960 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
01:48:17.0765 2960 wdmaud - ok
01:48:17.0781 2960 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
01:48:17.0796 2960 WebClient - ok
01:48:17.0875 2960 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
01:48:17.0875 2960 winmgmt - ok
01:48:17.0921 2960 WMDM PMSP Service (668056d5c3c11ab7d266819a96b964e8) C:\WINDOWS\system32\MsPMSPSv.exe
01:48:17.0921 2960 WMDM PMSP Service - ok
01:48:17.0953 2960 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
01:48:17.0968 2960 WmdmPmSN - ok
01:48:18.0015 2960 Wmi (e76f8807070ed04e7408a86d6d3a6137) C:\WINDOWS\System32\advapi32.dll
01:48:18.0031 2960 Wmi - ok
01:48:18.0078 2960 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
01:48:18.0078 2960 WmiApSrv - ok
01:48:18.0218 2960 WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\WMPNetwk.exe
01:48:18.0359 2960 WMPNetworkSvc - ok
01:48:18.0406 2960 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
01:48:18.0406 2960 wscsvc - ok
01:48:18.0421 2960 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
01:48:18.0437 2960 wuauserv - ok
01:48:18.0484 2960 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
01:48:18.0500 2960 WudfPf - ok
01:48:18.0562 2960 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
01:48:18.0578 2960 WudfRd - ok
01:48:18.0593 2960 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
01:48:18.0609 2960 WudfSvc - ok
01:48:18.0656 2960 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
01:48:18.0656 2960 WZCSVC - ok
01:48:18.0687 2960 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
01:48:18.0718 2960 xmlprov - ok
01:48:18.0843 2960 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
01:48:18.0843 2960 YahooAUService - ok
01:48:18.0875 2960 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
01:48:19.0390 2960 \Device\Harddisk0\DR0 - ok
01:48:19.0390 2960 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk5\DR9
01:48:19.0578 2960 \Device\Harddisk5\DR9 - ok
01:48:19.0609 2960 Boot (0x1200) (fc1f5c5a718fa76513f2386cb92b2542) \Device\Harddisk0\DR0\Partition0
01:48:19.0609 2960 \Device\Harddisk0\DR0\Partition0 - ok
01:48:19.0625 2960 Boot (0x1200) (acb134b2ae1fd41eac3607060722690c) \Device\Harddisk0\DR0\Partition1
01:48:19.0640 2960 \Device\Harddisk0\DR0\Partition1 - ok
01:48:19.0640 2960 Boot (0x1200) (d49b30040609d033c397d7f9e35676dc) \Device\Harddisk5\DR9\Partition0
01:48:19.0640 2960 \Device\Harddisk5\DR9\Partition0 - ok
01:48:19.0640 2960 ============================================================
01:48:19.0640 2960 Scan finished
01:48:19.0640 2960 ============================================================
01:48:19.0656 0388 Detected object count: 0
01:48:19.0656 0388 Actual detected object count: 0
01:48:53.0921 1416 Deinitialize success

There are files still hidden on my computer, so whenever this is finished, will you help me to restore them to visibility again please? Thanks.

Thanks,
Sharon.

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:45 PM

Posted 22 July 2012 - 08:34 PM

Press Windows+R key and type

%temp% and click ok

Copy a folder called SMTMP to a safe location

Download

UNHIDE

launch it,this should unhide the files

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Create a restore point before trying this

Download

adware cleaner

Launch it click on Delete

post the generated log

#9 besscella

besscella
  • Topic Starter

  • Members
  • 76 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:06:45 PM

Posted 22 July 2012 - 09:36 PM

Hi

I ran Unhide.exe and everything seems to be back to normal. So thanks for that.

Next I downloaded and ran Mini Toolbox and here is the result from that:

MiniToolBox by Farbar Version: 18-01-2012
Ran by SharonC (administrator) on 23-07-2012 at 03:25:47
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com

There are 15219 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

Intel® 82562V 10/100 Network Connection = Local Area Connection (Connected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp

# Interface IP Configuration for "{5038E5E3-1B39-4136-BD95-82B3DDEA868D}"

set address name="{5038E5E3-1B39-4136-BD95-82B3DDEA868D}" source=dhcp
set dns name="{5038E5E3-1B39-4136-BD95-82B3DDEA868D}" source=dhcp register=PRIMARY
set wins name="{5038E5E3-1B39-4136-BD95-82B3DDEA868D}" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : sharon

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Unknown

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No

DNS Suffix Search List. . . . . . : chello.ie



Ethernet adapter Local Area Connection:



Connection-specific DNS Suffix . : chello.ie

Description . . . . . . . . . . . : Intel® 82562V 10/100 Network Connection

Physical Address. . . . . . . . . : 00-19-D1-36-8F-DA

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 79.97.235.110

Subnet Mask . . . . . . . . . . . : 255.255.254.0

Default Gateway . . . . . . . . . : 79.97.234.1

DHCP Server . . . . . . . . . . . : 10.254.216.1

DNS Servers . . . . . . . . . . . : 89.101.160.5

89.101.160.4

Lease Obtained. . . . . . . . . . : 23 July 2012 03:18:45

Lease Expires . . . . . . . . . . : 26 July 2012 00:08:12



Ethernet adapter {5038E5E3-1B39-4136-BD95-82B3DDEA868D}:



Media State . . . . . . . . . . . : Media disconnected

Description . . . . . . . . . . . : Anchorfree HSS Adapter - Packet Scheduler Miniport

Physical Address. . . . . . . . . : 00-FF-50-38-E5-E3

Server: ie-dub01a-dns02.upc.ie
Address: 89.101.160.5

Name: google.com
Addresses: 209.85.143.101, 209.85.143.100



Pinging google.com [209.85.143.100] with 32 bytes of data:



Reply from 209.85.143.100: bytes=32 time=11ms TTL=57

Reply from 209.85.143.100: bytes=32 time=10ms TTL=57



Ping statistics for 209.85.143.100:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 10ms, Maximum = 11ms, Average = 10ms

Server: ie-dub01a-dns02.upc.ie
Address: 89.101.160.5

Name: yahoo.com
Addresses: 72.30.38.140, 98.139.183.24, 209.191.122.70



Pinging yahoo.com [209.191.122.70] with 32 bytes of data:



Reply from 209.191.122.70: bytes=32 time=147ms TTL=53

Reply from 209.191.122.70: bytes=32 time=149ms TTL=53



Ping statistics for 209.191.122.70:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 147ms, Maximum = 149ms, Average = 148ms

Server: ie-dub01a-dns02.upc.ie
Address: 89.101.160.5

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:



Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 19 d1 36 8f da ...... Intel® 82562V 10/100 Network Connection - Packet Scheduler Miniport
0x3 ...00 ff 50 38 e5 e3 ...... Anchorfree HSS Adapter - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 79.97.234.1 79.97.235.110 20
79.97.234.0 255.255.254.0 79.97.235.110 79.97.235.110 20
79.97.235.110 255.255.255.255 127.0.0.1 127.0.0.1 20
79.255.255.255 255.255.255.255 79.97.235.110 79.97.235.110 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
169.254.0.0 255.255.0.0 79.97.235.110 79.97.235.110 20
224.0.0.0 240.0.0.0 79.97.235.110 79.97.235.110 20
255.255.255.255 255.255.255.255 79.97.235.110 79.97.235.110 1
255.255.255.255 255.255.255.255 79.97.235.110 3 1
Default Gateway: 79.97.234.1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/23/2012 01:40:23 AM) (Source: Media Center Scheduler) (User: )
Description: Failed to write backup file.

Error: (07/23/2012 00:08:50 AM) (Source: Media Center Scheduler) (User: )
Description: Failed to write backup file.

Error: (07/22/2012 11:47:54 PM) (Source: Media Center Scheduler) (User: )
Description: Failed to write backup file.

Error: (07/22/2012 08:16:18 AM) (Source: Application Error) (User: )
Description: Faulting application FlashPlayerUpdateService.exe, version 11.3.300.265, faulting module ntdll.dll, version 5.1.2600.6055, fault address 0x000113b5.
Processing media-specific event for [FlashPlayerUpdateService.exe!ws!]

Error: (07/20/2012 05:16:18 AM) (Source: Application Error) (User: )
Description: Fault bucket -1233855520.
The Wep key exchange did not result in a secure connection setup after 802.1x authentication. The current setting has been marked as failed and the Wireless connection will be disconnected.

Error: (07/20/2012 05:16:06 AM) (Source: Application Error) (User: )
Description: Faulting application FlashPlayerUpdateService.exe, version 11.3.300.265, faulting module ntdll.dll, version 5.1.2600.6055, fault address 0x000113b5.
Processing media-specific event for [FlashPlayerUpdateService.exe!ws!]

Error: (07/20/2012 04:15:46 AM) (Source: Application Hang) (User: )
Description: Fault bucket 1180947459.

Error: (07/20/2012 04:14:49 AM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (07/17/2012 02:26:47 PM) (Source: Application Error) (User: )
Description: Fault bucket -1233855520.
The Wep key exchange did not result in a secure connection setup after 802.1x authentication. The current setting has been marked as failed and the Wireless connection will be disconnected.

Error: (07/17/2012 02:16:13 PM) (Source: Application Error) (User: )
Description: Faulting application FlashPlayerUpdateService.exe, version 11.3.300.265, faulting module ntdll.dll, version 5.1.2600.6055, fault address 0x000113b5.
Processing media-specific event for [FlashPlayerUpdateService.exe!ws!]


System errors:
=============
Error: (07/23/2012 03:19:27 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Lbd

Error: (07/23/2012 01:40:40 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Lbd

Error: (07/23/2012 00:08:55 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Lbd

Error: (07/22/2012 11:48:03 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Lbd

Error: (07/22/2012 11:45:46 PM) (Source: DCOM) (User: SYSTEM)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (07/22/2012 11:31:06 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
AvgLdx86
AvgMfx86
cdudf_xp
Fips
intelppm
Lbd
SASDIFSV
SASKUTIL

Error: (07/22/2012 11:30:04 PM) (Source: DCOM) (User: SYSTEM)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (07/22/2012 06:31:07 PM) (Source: 0) (User: )
Description: \Device\Ide\iaStor0

Error: (07/22/2012 02:47:19 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Lbd

Error: (07/22/2012 06:28:53 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Lbd


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

1ClickDownload (Version: 2.1 Build 26473)
ABBYY FineReader 6.0 Sprint (Version: 6.00.1784.41616)
Acrobat.com (Version: 1.6.65)
Ad-Aware Browsing Protection (Version: 0.9.0.2)
Ad-Aware Security Toolbar (Version: 0.9.1.4DBG)
Adobe AIR (Version: 1.5.0.7220)
Adobe Anchor Service CS3 (Version: 1.0)
Adobe Asset Services CS3 (Version: 3)
Adobe Bridge CS3 (Version: 2)
Adobe Bridge Start Meeting (Version: 1.0)
Adobe Camera Raw 4.0 (Version: 4.0)
Adobe CMaps (Version: 1.0)
Adobe Color - Photoshop Specific (Version: 1.0)
Adobe Color Common Settings (Version: 1.0)
Adobe Color EU Extra Settings (Version: 1.0)
Adobe Color JA Extra Settings (Version: 1.0)
Adobe Color NA Recommended Settings (Version: 1.0)
Adobe Default Language CS3 (Version: 1.0)
Adobe Device Central CS3 (Version: 1.0)
Adobe Digital Editions
Adobe ExtendScript Toolkit 2 (Version: 2.0)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.265)
Adobe Flash Player 11 Plugin (Version: 11.3.300.265)
Adobe Fonts All (Version: 1.0)
Adobe Help Viewer CS3 (Version: 1)
Adobe Linguistics CS3 (Version: 3.0.0)
Adobe PDF Library Files (Version: 8.0)
Adobe Photoshop CS3 (Version: 10)
Adobe Photoshop CS3 (Version: 10.0)
Adobe Reader X (10.1.3) (Version: 10.1.3)
Adobe Setup (Version: 1.0)
Adobe Shockwave Player 11.6 (Version: 11.6.1.629)
Adobe Stock Photos CS3 (Version: 1.5)
Adobe Type Support (Version: 1.0)
Adobe Update Manager CS3 (Version: 5.1.0)
Adobe Version Cue CS3 Client (Version: 3)
Adobe WinSoft Linguistics Plugin (Version: 1.0)
Adobe XMP Panels CS3 (Version: 1.0)
Advanced PDF Password Recovery (Version: 5.0)
Advanced RAR Password Recovery (remove only)
Amazon Kindle
Apple Application Support (Version: 2.1.9)
Apple Mobile Device Support (Version: 5.2.0.6)
Apple Software Update (Version: 2.1.3.127)
µTorrent (Version: 1.8.2)
µTorrent (Version: 3.1.3)
AVG 8.5
AVS Audio Converter version 6.3
AVS Update Manager 1.0
AVS Video Converter 8 (Version: 8)
AVS4YOU Software Navigator 1.4
Be Pyschic! CD1
Be Pyschic! CD2
Be Pyschic! CD3
Bing Bar (Version: 7.0.850.0)
Bonjour (Version: 3.0.0.10)
Complitly
Conduit Engine (Version: )
ConvertXtoDVD 4.0.9.322 (Version: 4.0.9.322)
Corel Paint Shop Pro X (Version: 10.0)
Corel Photo Album 6 (Version: 6.00)
Critical Update for Windows Media Player 11 (KB959772)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dell PC Fax
Dell Photo AIO Printer 926
Dell Resource CD (Version: 1.00.0000)
DivX Converter (Version: 7.1.0)
DivX Plus DirectShow Filters
DivX Setup (Version: 2.6.1.8)
DivX Version Checker (Version: 7.1.0.9)
Dramatica Pro 4.0
Dramatica Pro Story Wizard (Version: 2.00.0000)
DVD Shrink 3.2
Easy Burner (Version: 2.5517.00048)
Easy CD & DVD Creator 6 (Version: 6.1.1.7)
eCover Creator
ESET Online Scanner v3
ESPNMotion (Version: 2.1.6.0011)
Formula 1 Lotto System (Version: 1.00.0000)
Free Extended Task Manager (Version: 1.0.0.46)
Free YouTube Downloader 3.5.126
GameHouse Games Collection: Adventure Inlay
GameHouse Games Collection: Adventure Inlay - Safari Edition
GameHouse Games Collection: Alien Sky
GameHouse Games Collection: Aloha Solitaire
GameHouse Games Collection: Bejeweled 2
GameHouse Games Collection: Boggle Supreme
GameHouse Games Collection: Bounce Out Blitz
GameHouse Games Collection: Casino Island To Go
GameHouse Games Collection: Chainz
GameHouse Games Collection: Chainz 2 - Relinked
GameHouse Games Collection: Charm Solitaire
GameHouse Games Collection: Charm Tale
GameHouse Games Collection: Collapse! Crunch
GameHouse Games Collection: Cubis Gold 2
GameHouse Games Collection: Five Card Deluxe
GameHouse Games Collection: Flip Words
GameHouse Games Collection: Fortune Tiles Gold
GameHouse Games Collection: GameHouse Sudoku
GameHouse Games Collection: Gutterball
GameHouse Games Collection: Gutterball 2
GameHouse Games Collection: Hamsterball
GameHouse Games Collection: Invadazoid
GameHouse Games Collection: Jewel Quest
GameHouse Games Collection: Lemonade Tycoon
GameHouse Games Collection: Luxor
GameHouse Games Collection: Mad Caps
GameHouse Games Collection: Magic Ball 2
GameHouse Games Collection: Magic Ball 2 - New Worlds
GameHouse Games Collection: Magic Inlay
GameHouse Games Collection: Mah Jong Adventures
GameHouse Games Collection: Mah Jong Medley
GameHouse Games Collection: Mah Jong Quest
GameHouse Games Collection: Mahjong Garden To Go
GameHouse Games Collection: Mahjong Towers Eternity
GameHouse Games Collection: Poker Superstars
GameHouse Games Collection: Puzzle Express
GameHouse Games Collection: Puzzle Inlay
GameHouse Games Collection: Puzzle Solitaire
GameHouse Games Collection: Reader's Digest Super Word Power
GameHouse Games Collection: Saints & Sinners Bingo
GameHouse Games Collection: SCRABBLE
GameHouse Games Collection: Shape Shifter
GameHouse Games Collection: Slingo Deluxe
GameHouse Games Collection: Spelvin
GameHouse Games Collection: Super 5-Line Slots
GameHouse Games Collection: Super Blackjack!
GameHouse Games Collection: Super Bounce Out!
GameHouse Games Collection: Super Collapse!
GameHouse Games Collection: Super Collapse! II
GameHouse Games Collection: Super Collapse! II Platinum
GameHouse Games Collection: Super GameHouse Solitaire Vol. 1
GameHouse Games Collection: Super GameHouse Solitaire Vol. 2
GameHouse Games Collection: Super GameHouse Solitaire Vol. 3
GameHouse Games Collection: Super Letter Linker
GameHouse Games Collection: Super Mah Jong Solitaire
GameHouse Games Collection: Super PileUp!
GameHouse Games Collection: Super Pool
GameHouse Games Collection: Super Pop & Drop!
GameHouse Games Collection: Super Rumble Cube
GameHouse Games Collection: Super WHATword
GameHouse Games Collection: Super Wild Wild Words
GameHouse Games Collection: Ten Pin Championship Bowling Pro
GameHouse Games Collection: Trivia Machine
GameHouse Games Collection: Tumblebugs
GameHouse Games Collection: Twistingo
GameHouse Games Collection: Ultimate Dominoes
GameHouse Games Collection: Wheel of Fortune
GameHouse Games Collection: Word Jolt
GameHouse Games Collection: Word Slinger
GameHouse Games Collection: WordJong To Go
GemMaster Mystic
Google Earth Plug-in (Version: 6.2.2.6613)
Google Update Helper (Version: 1.3.21.115)
GooHay! 2.3 (Version: 2.3)
GoToMeeting 5.0.0.799 (Version: 5.0.0.799)
High Definition Audio Driver Package - KB835221 (Version: 20040219.000000)
Hotspot Shield PRO (Version: PRO)
HTML Executable IERuntime (Version: 3.2.2.2)
Hypnotic Writer's Swipe File 1.0
Hypnotic Writing Wizard 2.0
IAWP
ImgBurn (Version: 2.5.5.0)
Incredibar Toolbar on IE
Intel® Graphics Media Accelerator Driver
Intel® PRO Network Connections (Version: )
iPhone Configuration Utility (Version: 2.1.0.163)
Isohunt-vuze Toolbar (Version: )
iTunes (Version: 10.6.3.25)
J2SE Runtime Environment 5.0 Update 4 (Version: 1.5.0.40)
Java™ 6 Update 25 (Version: 6.0.250)
Java™ 6 Update 31 (Version: 6.0.310)
Junk Mail filter update (Version: 14.0.8117.416)
K-Lite Codec Pack 7.1.0 (Full) (Version: 7.1.0)
Knoll Light Factory EZ Studio
Liquid Story Binder XE version 4.93 (Version: 4.93)
Lottery Statistic Anaylser (Version: 4.7)
Magic DVD Copier V4.3.4
Magic DVD Ripper V6.0.0
Magic Match: The Genie's Journey
Malwarebytes Anti-Malware version 1.60.1.1000 (Version: 1.60.1.1000)
MasterWriter 2.0
Mavis Beacon Teaches Typing Platinum 20 (Version: 20.00.0000)
Media Star Toolbar (Version: 6.2.2.4)
MediaBar (Version: 2.5.0.100449)
MFC RunTime files (Version: 1.0.0)
Microsoft .NET Framework 1.0 Hotfix (KB2572066)
Microsoft .NET Framework 1.0 Hotfix (KB2604042)
Microsoft .NET Framework 1.0 Hotfix (KB2656378)
Microsoft .NET Framework 1.0 Hotfix (KB953295)
Microsoft .NET Framework 1.0 Hotfix (KB979904)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft National Language Support Downlevel APIs
Microsoft Office 2000 Premium (Version: 9.00.2720)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook Connector (Version: 12.0.6423.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft Software Update for Web Folders (English) 14 (Version: 14.0.6029.1000)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Sync Framework Runtime Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Sync Framework Services Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Works 6-9 Converter (Version: 9.7.0621)
MobileMe Control Panel (Version: 3.1.8.0)
Mozilla Firefox 14.0.1 (x86 en-GB) (Version: 14.0.1)
Mozilla Maintenance Service (Version: 14.0.1)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
My Journal 1.0
newnovelist
Opera 11.60 (Version: 11.60.1185)
Otto
OverDrive Media Console (Version: 3.2.5)
PDF Settings (Version: 1.0)
Pinnacle Studio 14 (Version: 14.0.0.7255)
Pinnacle Studio Ultimate Plugins (Version: 14.0.0.7255)
Pinnacle Video Driver (Version: 12.1.0.030)
PriceGong 2.5.4 (Version: 2.5.4)
QuickTime (Version: 7.69.80.9)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer
RealUpgrade 1.1 (Version: 1.1.0)
Red Giant ToonIt Studio
Safari (Version: 5.34.57.2)
Segoe UI (Version: 14.0.4327.805)
ShaPlus Bandwidth Meter 1.3.1 (Version: 1.3.1)
SigmaTel Audio (Version: 5.10.4803.0)
Skype™ 5.5 (Version: 5.5.124)
Sonic Encoders (Version: 1.00)
Spybot - Search & Destroy (Version: 1.6.2)
Stanza
Storybase (Version: 2.0)
Subliminal $SUBLIMINAL_VERSION (Version: $SUBLIMINAL_VERSION)
SUPERAntiSpyware (Version: 5.0.1128)
SureThing Express Labeler
swMSM (Version: 12.0.0.1)
Text Twist 2 1.00
The Secret Code of Abundance
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Windows Internet Explorer 8 (KB969497) (Version: 1)
Update for Windows Internet Explorer 8 (KB976662) (Version: 1)
Update for Windows Internet Explorer 8 (KB976749) (Version: 1)
Update for Windows Internet Explorer 8 (KB980182) (Version: 1)
Update for Windows Media Player 10 (KB913800)
Update for Windows Media Player 10 (KB926251)
Update for Windows XP (KB2141007) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2607712) (Version: 1)
Update for Windows XP (KB2616676) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB955839) (Version: 1)
Update for Windows XP (KB961503) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
Update Rollup 2 for Windows XP Media Center Edition 2005
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
Veoh Giraffic Video Accelerator (Version: 0.86.246.230)
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (Version: 9.0.30729.01)
Vuze (Version: 4.6)
Vuze Remote Toolbar (Version: 6.3.3.3)
Web Games Player Plugin
WebFldrs XP (Version: 9.50.7523)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Internet Explorer 7 (Version: 20070813.185237)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Live Call (Version: 14.0.8117.0416)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Essentials (Version: 14.0.8117.0416)
Windows Live Essentials (Version: 14.0.8117.416)
Windows Live Family Safety (Version: 14.0.8118.427)
Windows Live Mail (Version: 14.0.8117.0416)
Windows Live Messenger (Version: 14.0.8117.0416)
Windows Live Photo Gallery (Version: 14.0.8117.416)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Sync (Version: 14.0.8117.416)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Live Writer (Version: 14.0.8117.0416)
Windows Media Format 11 runtime
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
Windows XP Media Center Edition 2005 KB2502898
Windows XP Media Center Edition 2005 KB2619340
Windows XP Media Center Edition 2005 KB2628259
Windows XP Media Center Edition 2005 KB925766
Windows XP Media Center Edition 2005 KB973768
Windows XP Service Pack 3 (Version: 20080414.031525)
WinRAR 4.01 (32-bit) (Version: 4.01.0)
Writer's Blocks 4 (Version: 4.0.0.28200)
Yahoo! BrowserPlus 2.9.8
Yahoo! Messenger
Yahoo! Software Update
Yahoo! Toolbar
YourFileDownloader (Version: 1.0.0)
Zuma Deluxe RA

========================= Memory info: ===================================

Percentage of memory in use: 74%
Total physical RAM: 1013.84 MB
Available physical RAM: 263 MB
Total Pagefile: 2440.11 MB
Available Pagefile: 1798.83 MB
Total Virtual: 2047.88 MB
Available Virtual: 1970.07 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:107.09 GB) (Free:30.74 GB) NTFS
2 Drive d: (Backup) (Fixed) (Total:37.23 GB) (Free:37.16 GB) NTFS
9 Drive k: (Iomega HDD) (Fixed) (Total:931.51 GB) (Free:98.62 GB) NTFS

========================= Users: ========================================

User accounts for \\SHARON

Administrator ASPNET Guest
HelpAssistant SharonC SUPPORT_388945a0


**** End of log ****

I have not run FSS or adware cleaner as of yet. I thought I'd post this much to you first while I create a restore point and after I run both of those programs I'll post here again shortly.

Cheers,
Sharon.

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:45 PM

Posted 22 July 2012 - 09:38 PM

Please check your startmenu programs.Do they look empty.Did you find the SMTMP folder?

#11 besscella

besscella
  • Topic Starter

  • Members
  • 76 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:06:45 PM

Posted 22 July 2012 - 10:38 PM

HI

I checked my start menu programs and they all seem to be fine. I found the SMTMP folder. I wasn't sure where a safe location was so I copied it into my My Documents folder. If you have any better suggestions on safe locations, I'd be glad to hear them.

Now, I skipped one of your steps by mistake. I forgot to run the malwarebytes program before running the mini toolbox program. so I'm going to run it now and then run the mini toolbox after that. I'll post here later on when these are done.

It's late here in Ireland now, its' 04:36am, so I'm going to head into bed, and I'll be in touch again in the morning.

Thanks,

Sharon.

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:45 PM

Posted 22 July 2012 - 10:39 PM

I checked my start menu programs and they all seem to be fine. I found the SMTMP folder. I wasn't sure where a safe location was so I copied it into my My Documents folder. If you have any better suggestions on safe locations, I'd be glad to hear them.


If your startmenu programs are not empty then we dont need SMTMP

I will see you later :thumbup2:

#13 besscella

besscella
  • Topic Starter

  • Members
  • 76 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:06:45 PM

Posted 23 July 2012 - 11:12 AM

Hi,

I downloaded and ran Malwarebytes. It found 2 malicious items the first time I ran it, so I removed those then restarted my computer and ran malwarebytes again. Thankfully this time it came back with a clean log - no malicious items found.

So then I ran Mini Toolbox and here is the log result of that:

MiniToolBox by Farbar Version: 18-01-2012
Ran by SharonC (administrator) on 23-07-2012 at 17:01:20
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com

There are 15219 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

Intel® 82562V 10/100 Network Connection = Local Area Connection (Connected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp

# Interface IP Configuration for "{5038E5E3-1B39-4136-BD95-82B3DDEA868D}"

set address name="{5038E5E3-1B39-4136-BD95-82B3DDEA868D}" source=dhcp
set dns name="{5038E5E3-1B39-4136-BD95-82B3DDEA868D}" source=dhcp register=PRIMARY
set wins name="{5038E5E3-1B39-4136-BD95-82B3DDEA868D}" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : sharon

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Unknown

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No

DNS Suffix Search List. . . . . . : chello.ie



Ethernet adapter Local Area Connection:



Connection-specific DNS Suffix . : chello.ie

Description . . . . . . . . . . . : Intel® 82562V 10/100 Network Connection

Physical Address. . . . . . . . . : 00-19-D1-36-8F-DA

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 79.97.235.110

Subnet Mask . . . . . . . . . . . : 255.255.254.0

Default Gateway . . . . . . . . . : 79.97.234.1

DHCP Server . . . . . . . . . . . : 10.254.216.1

DNS Servers . . . . . . . . . . . : 89.101.160.5

89.101.160.4

Lease Obtained. . . . . . . . . . : 23 July 2012 13:08:19

Lease Expires . . . . . . . . . . : 26 July 2012 00:08:10



Ethernet adapter {5038E5E3-1B39-4136-BD95-82B3DDEA868D}:



Media State . . . . . . . . . . . : Media disconnected

Description . . . . . . . . . . . : Anchorfree HSS Adapter - Packet Scheduler Miniport

Physical Address. . . . . . . . . : 00-FF-50-38-E5-E3

Server: ie-dub01a-dns02.upc.ie
Address: 89.101.160.5

Name: google.com
Addresses: 209.85.143.100, 209.85.143.101



Pinging google.com [209.85.143.100] with 32 bytes of data:



Reply from 209.85.143.100: bytes=32 time=10ms TTL=57

Reply from 209.85.143.100: bytes=32 time=10ms TTL=57



Ping statistics for 209.85.143.100:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 10ms, Maximum = 10ms, Average = 10ms

Server: ie-dub01a-dns02.upc.ie
Address: 89.101.160.5

Name: yahoo.com
Addresses: 72.30.38.140, 209.191.122.70, 98.139.183.24



Pinging yahoo.com [209.191.122.70] with 32 bytes of data:



Reply from 209.191.122.70: bytes=32 time=140ms TTL=53

Reply from 209.191.122.70: bytes=32 time=141ms TTL=53



Ping statistics for 209.191.122.70:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 140ms, Maximum = 141ms, Average = 140ms

Server: ie-dub01a-dns02.upc.ie
Address: 89.101.160.5

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:



Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 19 d1 36 8f da ...... Intel® 82562V 10/100 Network Connection - Packet Scheduler Miniport
0x3 ...00 ff 50 38 e5 e3 ...... Anchorfree HSS Adapter - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 79.97.234.1 79.97.235.110 20
79.97.234.0 255.255.254.0 79.97.235.110 79.97.235.110 20
79.97.235.110 255.255.255.255 127.0.0.1 127.0.0.1 20
79.255.255.255 255.255.255.255 79.97.235.110 79.97.235.110 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
169.254.0.0 255.255.0.0 79.97.235.110 79.97.235.110 20
224.0.0.0 240.0.0.0 79.97.235.110 79.97.235.110 20
255.255.255.255 255.255.255.255 79.97.235.110 79.97.235.110 1
255.255.255.255 255.255.255.255 79.97.235.110 3 1
Default Gateway: 79.97.234.1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/23/2012 01:40:23 AM) (Source: Media Center Scheduler) (User: )
Description: Failed to write backup file.

Error: (07/23/2012 00:08:50 AM) (Source: Media Center Scheduler) (User: )
Description: Failed to write backup file.

Error: (07/22/2012 11:47:54 PM) (Source: Media Center Scheduler) (User: )
Description: Failed to write backup file.

Error: (07/22/2012 08:16:18 AM) (Source: Application Error) (User: )
Description: Faulting application FlashPlayerUpdateService.exe, version 11.3.300.265, faulting module ntdll.dll, version 5.1.2600.6055, fault address 0x000113b5.
Processing media-specific event for [FlashPlayerUpdateService.exe!ws!]

Error: (07/20/2012 05:16:18 AM) (Source: Application Error) (User: )
Description: Fault bucket -1233855520.
The Wep key exchange did not result in a secure connection setup after 802.1x authentication. The current setting has been marked as failed and the Wireless connection will be disconnected.

Error: (07/20/2012 05:16:06 AM) (Source: Application Error) (User: )
Description: Faulting application FlashPlayerUpdateService.exe, version 11.3.300.265, faulting module ntdll.dll, version 5.1.2600.6055, fault address 0x000113b5.
Processing media-specific event for [FlashPlayerUpdateService.exe!ws!]

Error: (07/20/2012 04:15:46 AM) (Source: Application Hang) (User: )
Description: Fault bucket 1180947459.

Error: (07/20/2012 04:14:49 AM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (07/17/2012 02:26:47 PM) (Source: Application Error) (User: )
Description: Fault bucket -1233855520.
The Wep key exchange did not result in a secure connection setup after 802.1x authentication. The current setting has been marked as failed and the Wireless connection will be disconnected.

Error: (07/17/2012 02:16:13 PM) (Source: Application Error) (User: )
Description: Faulting application FlashPlayerUpdateService.exe, version 11.3.300.265, faulting module ntdll.dll, version 5.1.2600.6055, fault address 0x000113b5.
Processing media-specific event for [FlashPlayerUpdateService.exe!ws!]


System errors:
=============
Error: (07/23/2012 01:08:57 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Lbd

Error: (07/23/2012 04:21:47 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Lbd

Error: (07/23/2012 04:10:17 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Lbd

Error: (07/23/2012 04:00:53 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Lbd

Error: (07/23/2012 03:51:07 AM) (Source: System Error) (User: )
Description: Error code 1000008e, parameter1 c0000005, parameter2 bf2cf595, parameter3 9cff7ba4, parameter4 00000000.

Error: (07/23/2012 03:51:05 AM) (Source: System Error) (User: )
Description: Error code 1000008e, parameter1 e0000001, parameter2 94b6f925, parameter3 92007050, parameter4 00000000.

Error: (07/23/2012 03:50:49 AM) (Source: System Error) (User: )
Description: Error code 1000008e, parameter1 c0000005, parameter2 bf2cf595, parameter3 9337eba4, parameter4 00000000.

Error: (07/23/2012 03:50:03 AM) (Source: System Error) (User: )
Description: Error code 1000008e, parameter1 c0000005, parameter2 bf2cf595, parameter3 92e1eba4, parameter4 00000000.

Error: (07/23/2012 03:47:02 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Lbd

Error: (07/23/2012 03:19:27 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Lbd


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

1ClickDownload (Version: 2.1 Build 26473)
ABBYY FineReader 6.0 Sprint (Version: 6.00.1784.41616)
Acrobat.com (Version: 1.6.65)
Ad-Aware Browsing Protection (Version: 0.9.0.2)
Ad-Aware Security Toolbar (Version: 0.9.1.4DBG)
Adobe AIR (Version: 1.5.0.7220)
Adobe Anchor Service CS3 (Version: 1.0)
Adobe Asset Services CS3 (Version: 3)
Adobe Bridge CS3 (Version: 2)
Adobe Bridge Start Meeting (Version: 1.0)
Adobe Camera Raw 4.0 (Version: 4.0)
Adobe CMaps (Version: 1.0)
Adobe Color - Photoshop Specific (Version: 1.0)
Adobe Color Common Settings (Version: 1.0)
Adobe Color EU Extra Settings (Version: 1.0)
Adobe Color JA Extra Settings (Version: 1.0)
Adobe Color NA Recommended Settings (Version: 1.0)
Adobe Default Language CS3 (Version: 1.0)
Adobe Device Central CS3 (Version: 1.0)
Adobe Digital Editions
Adobe ExtendScript Toolkit 2 (Version: 2.0)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.265)
Adobe Flash Player 11 Plugin (Version: 11.3.300.265)
Adobe Fonts All (Version: 1.0)
Adobe Help Viewer CS3 (Version: 1)
Adobe Linguistics CS3 (Version: 3.0.0)
Adobe PDF Library Files (Version: 8.0)
Adobe Photoshop CS3 (Version: 10)
Adobe Photoshop CS3 (Version: 10.0)
Adobe Reader X (10.1.3) (Version: 10.1.3)
Adobe Setup (Version: 1.0)
Adobe Shockwave Player 11.6 (Version: 11.6.1.629)
Adobe Stock Photos CS3 (Version: 1.5)
Adobe Type Support (Version: 1.0)
Adobe Update Manager CS3 (Version: 5.1.0)
Adobe Version Cue CS3 Client (Version: 3)
Adobe WinSoft Linguistics Plugin (Version: 1.0)
Adobe XMP Panels CS3 (Version: 1.0)
Advanced PDF Password Recovery (Version: 5.0)
Advanced RAR Password Recovery (remove only)
Amazon Kindle
Apple Application Support (Version: 2.1.9)
Apple Mobile Device Support (Version: 5.2.0.6)
Apple Software Update (Version: 2.1.3.127)
µTorrent (Version: 1.8.2)
µTorrent (Version: 3.1.3)
AVG 8.5
AVS Audio Converter version 6.3
AVS Update Manager 1.0
AVS Video Converter 8 (Version: 8)
AVS4YOU Software Navigator 1.4
Be Pyschic! CD1
Be Pyschic! CD2
Be Pyschic! CD3
Bing Bar (Version: 7.0.850.0)
Bonjour (Version: 3.0.0.10)
Complitly
Conduit Engine (Version: )
ConvertXtoDVD 4.0.9.322 (Version: 4.0.9.322)
Corel Paint Shop Pro X (Version: 10.0)
Corel Photo Album 6 (Version: 6.00)
Critical Update for Windows Media Player 11 (KB959772)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dell PC Fax
Dell Photo AIO Printer 926
Dell Resource CD (Version: 1.00.0000)
DivX Converter (Version: 7.1.0)
DivX Plus DirectShow Filters
DivX Setup (Version: 2.6.1.8)
DivX Version Checker (Version: 7.1.0.9)
Dramatica Pro 4.0
Dramatica Pro Story Wizard (Version: 2.00.0000)
DVD Shrink 3.2
Easy Burner (Version: 2.5517.00048)
Easy CD & DVD Creator 6 (Version: 6.1.1.7)
eCover Creator
ESET Online Scanner v3
ESPNMotion (Version: 2.1.6.0011)
Formula 1 Lotto System (Version: 1.00.0000)
Free Extended Task Manager (Version: 1.0.0.46)
Free YouTube Downloader 3.5.126
GameHouse Games Collection: Adventure Inlay
GameHouse Games Collection: Adventure Inlay - Safari Edition
GameHouse Games Collection: Alien Sky
GameHouse Games Collection: Aloha Solitaire
GameHouse Games Collection: Bejeweled 2
GameHouse Games Collection: Boggle Supreme
GameHouse Games Collection: Bounce Out Blitz
GameHouse Games Collection: Casino Island To Go
GameHouse Games Collection: Chainz
GameHouse Games Collection: Chainz 2 - Relinked
GameHouse Games Collection: Charm Solitaire
GameHouse Games Collection: Charm Tale
GameHouse Games Collection: Collapse! Crunch
GameHouse Games Collection: Cubis Gold 2
GameHouse Games Collection: Five Card Deluxe
GameHouse Games Collection: Flip Words
GameHouse Games Collection: Fortune Tiles Gold
GameHouse Games Collection: GameHouse Sudoku
GameHouse Games Collection: Gutterball
GameHouse Games Collection: Gutterball 2
GameHouse Games Collection: Hamsterball
GameHouse Games Collection: Invadazoid
GameHouse Games Collection: Jewel Quest
GameHouse Games Collection: Lemonade Tycoon
GameHouse Games Collection: Luxor
GameHouse Games Collection: Mad Caps
GameHouse Games Collection: Magic Ball 2
GameHouse Games Collection: Magic Ball 2 - New Worlds
GameHouse Games Collection: Magic Inlay
GameHouse Games Collection: Mah Jong Adventures
GameHouse Games Collection: Mah Jong Medley
GameHouse Games Collection: Mah Jong Quest
GameHouse Games Collection: Mahjong Garden To Go
GameHouse Games Collection: Mahjong Towers Eternity
GameHouse Games Collection: Poker Superstars
GameHouse Games Collection: Puzzle Express
GameHouse Games Collection: Puzzle Inlay
GameHouse Games Collection: Puzzle Solitaire
GameHouse Games Collection: Reader's Digest Super Word Power
GameHouse Games Collection: Saints & Sinners Bingo
GameHouse Games Collection: SCRABBLE
GameHouse Games Collection: Shape Shifter
GameHouse Games Collection: Slingo Deluxe
GameHouse Games Collection: Spelvin
GameHouse Games Collection: Super 5-Line Slots
GameHouse Games Collection: Super Blackjack!
GameHouse Games Collection: Super Bounce Out!
GameHouse Games Collection: Super Collapse!
GameHouse Games Collection: Super Collapse! II
GameHouse Games Collection: Super Collapse! II Platinum
GameHouse Games Collection: Super GameHouse Solitaire Vol. 1
GameHouse Games Collection: Super GameHouse Solitaire Vol. 2
GameHouse Games Collection: Super GameHouse Solitaire Vol. 3
GameHouse Games Collection: Super Letter Linker
GameHouse Games Collection: Super Mah Jong Solitaire
GameHouse Games Collection: Super PileUp!
GameHouse Games Collection: Super Pool
GameHouse Games Collection: Super Pop & Drop!
GameHouse Games Collection: Super Rumble Cube
GameHouse Games Collection: Super WHATword
GameHouse Games Collection: Super Wild Wild Words
GameHouse Games Collection: Ten Pin Championship Bowling Pro
GameHouse Games Collection: Trivia Machine
GameHouse Games Collection: Tumblebugs
GameHouse Games Collection: Twistingo
GameHouse Games Collection: Ultimate Dominoes
GameHouse Games Collection: Wheel of Fortune
GameHouse Games Collection: Word Jolt
GameHouse Games Collection: Word Slinger
GameHouse Games Collection: WordJong To Go
GemMaster Mystic
Google Earth Plug-in (Version: 6.2.2.6613)
Google Update Helper (Version: 1.3.21.115)
GooHay! 2.3 (Version: 2.3)
GoToMeeting 5.0.0.799 (Version: 5.0.0.799)
High Definition Audio Driver Package - KB835221 (Version: 20040219.000000)
Hotspot Shield PRO (Version: PRO)
HTML Executable IERuntime (Version: 3.2.2.2)
Hypnotic Writer's Swipe File 1.0
Hypnotic Writing Wizard 2.0
IAWP
ImgBurn (Version: 2.5.5.0)
Incredibar Toolbar on IE
Intel® Graphics Media Accelerator Driver
Intel® PRO Network Connections (Version: )
iPhone Configuration Utility (Version: 2.1.0.163)
Isohunt-vuze Toolbar (Version: )
iTunes (Version: 10.6.3.25)
J2SE Runtime Environment 5.0 Update 4 (Version: 1.5.0.40)
Java™ 6 Update 25 (Version: 6.0.250)
Java™ 6 Update 31 (Version: 6.0.310)
Junk Mail filter update (Version: 14.0.8117.416)
K-Lite Codec Pack 7.1.0 (Full) (Version: 7.1.0)
Knoll Light Factory EZ Studio
Liquid Story Binder XE version 4.93 (Version: 4.93)
Lottery Statistic Anaylser (Version: 4.7)
Magic DVD Copier V4.3.4
Magic DVD Ripper V6.0.0
Magic Match: The Genie's Journey
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
MasterWriter 2.0
Mavis Beacon Teaches Typing Platinum 20 (Version: 20.00.0000)
Media Star Toolbar (Version: 6.2.2.4)
MediaBar (Version: 2.5.0.100449)
MFC RunTime files (Version: 1.0.0)
Microsoft .NET Framework 1.0 Hotfix (KB2572066)
Microsoft .NET Framework 1.0 Hotfix (KB2604042)
Microsoft .NET Framework 1.0 Hotfix (KB2656378)
Microsoft .NET Framework 1.0 Hotfix (KB953295)
Microsoft .NET Framework 1.0 Hotfix (KB979904)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft National Language Support Downlevel APIs
Microsoft Office 2000 Premium (Version: 9.00.2720)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook Connector (Version: 12.0.6423.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft Software Update for Web Folders (English) 14 (Version: 14.0.6029.1000)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Sync Framework Runtime Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Sync Framework Services Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Works 6-9 Converter (Version: 9.7.0621)
MobileMe Control Panel (Version: 3.1.8.0)
Mozilla Firefox 14.0.1 (x86 en-GB) (Version: 14.0.1)
Mozilla Maintenance Service (Version: 14.0.1)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
My Journal 1.0
newnovelist
Opera 11.60 (Version: 11.60.1185)
Otto
OverDrive Media Console (Version: 3.2.5)
PDF Settings (Version: 1.0)
Pinnacle Studio 14 (Version: 14.0.0.7255)
Pinnacle Studio Ultimate Plugins (Version: 14.0.0.7255)
Pinnacle Video Driver (Version: 12.1.0.030)
PriceGong 2.5.4 (Version: 2.5.4)
QuickTime (Version: 7.69.80.9)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer
RealUpgrade 1.1 (Version: 1.1.0)
Red Giant ToonIt Studio
Safari (Version: 5.34.57.2)
Segoe UI (Version: 14.0.4327.805)
ShaPlus Bandwidth Meter 1.3.1 (Version: 1.3.1)
SigmaTel Audio (Version: 5.10.4803.0)
Skype™ 5.5 (Version: 5.5.124)
Sonic Encoders (Version: 1.00)
Spybot - Search & Destroy (Version: 1.6.2)
Stanza
Storybase (Version: 2.0)
Subliminal $SUBLIMINAL_VERSION (Version: $SUBLIMINAL_VERSION)
SUPERAntiSpyware (Version: 5.0.1128)
SureThing Express Labeler
swMSM (Version: 12.0.0.1)
Text Twist 2 1.00
The Secret Code of Abundance
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Windows Internet Explorer 8 (KB969497) (Version: 1)
Update for Windows Internet Explorer 8 (KB976662) (Version: 1)
Update for Windows Internet Explorer 8 (KB976749) (Version: 1)
Update for Windows Internet Explorer 8 (KB980182) (Version: 1)
Update for Windows Media Player 10 (KB913800)
Update for Windows Media Player 10 (KB926251)
Update for Windows XP (KB2141007) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2607712) (Version: 1)
Update for Windows XP (KB2616676) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB955839) (Version: 1)
Update for Windows XP (KB961503) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
Update Rollup 2 for Windows XP Media Center Edition 2005
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
Veoh Giraffic Video Accelerator (Version: 0.86.246.230)
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (Version: 9.0.30729.01)
Vuze (Version: 4.6)
Vuze Remote Toolbar (Version: 6.3.3.3)
Web Games Player Plugin
WebFldrs XP (Version: 9.50.7523)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Internet Explorer 7 (Version: 20070813.185237)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Live Call (Version: 14.0.8117.0416)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Essentials (Version: 14.0.8117.0416)
Windows Live Essentials (Version: 14.0.8117.416)
Windows Live Family Safety (Version: 14.0.8118.427)
Windows Live Mail (Version: 14.0.8117.0416)
Windows Live Messenger (Version: 14.0.8117.0416)
Windows Live Photo Gallery (Version: 14.0.8117.416)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Sync (Version: 14.0.8117.416)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Live Writer (Version: 14.0.8117.0416)
Windows Media Format 11 runtime
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
Windows XP Media Center Edition 2005 KB2502898
Windows XP Media Center Edition 2005 KB2619340
Windows XP Media Center Edition 2005 KB2628259
Windows XP Media Center Edition 2005 KB925766
Windows XP Media Center Edition 2005 KB973768
Windows XP Service Pack 3 (Version: 20080414.031525)
WinRAR 4.01 (32-bit) (Version: 4.01.0)
Writer's Blocks 4 (Version: 4.0.0.28200)
Yahoo! BrowserPlus 2.9.8
Yahoo! Messenger
Yahoo! Software Update
Yahoo! Toolbar
YourFileDownloader (Version: 1.0.0)
Zuma Deluxe RA

========================= Memory info: ===================================

Percentage of memory in use: 75%
Total physical RAM: 1013.84 MB
Available physical RAM: 250.9 MB
Total Pagefile: 2440.06 MB
Available Pagefile: 1722.57 MB
Total Virtual: 2047.88 MB
Available Virtual: 1974.07 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:107.09 GB) (Free:30.5 GB) NTFS
2 Drive d: (Backup) (Fixed) (Total:37.23 GB) (Free:37.16 GB) NTFS
9 Drive k: (Iomega HDD) (Fixed) (Total:931.51 GB) (Free:98.62 GB) NTFS

========================= Users: ========================================

User accounts for \\SHARON

Administrator ASPNET Guest
HelpAssistant SharonC SUPPORT_388945a0


**** End of log ****

Last night when i tried to set a restore point on my computer, I kept getting an error message saying that the restoration was incomplete and that the restore point I'd chosen couldn't be used as a restore point and that I was to choose a different date. I tried changing the date about 4 times but none of them worked and I've no idea why. this all happened before I ran malwarebytes so I'm going to try it again and see if it will work this time.

If I'm successful I will then run FSS and adware cleaner. If however I can't restore my computer to an earlier date, then I'll post that here and seek further help from you before running FSS or adware cleaner.

Talk to you soon.

Cheers,
Sharon.

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:45 PM

Posted 23 July 2012 - 11:16 AM

Ignore creating restore point and run the scans

#15 besscella

besscella
  • Topic Starter

  • Members
  • 76 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:06:45 PM

Posted 23 July 2012 - 11:36 AM

Hi,

I just tried to restore my computer to an earlier date, but I'm having the exact same problem as last night. Any ideas on how to fix this?

Because I wasn't able to restore my computer, I'm feeling a bit apprehensive about running the FSS and adware cleaner programs without a restore point to fall back on so I haven't run them yet. I thought I should check in with you first to see what you thought. So what do I do now?

Thanks,
Sharon.

Edited by besscella, 23 July 2012 - 11:37 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users