Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Strange behaviour of my browser


  • Please log in to reply
31 replies to this topic

#1 Madmah

Madmah

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:03:21 AM

Posted 26 July 2012 - 01:27 AM

Hi,

My desktop runs Win XP SP2. I have installed Kaspersky in my machine. Am using Mozilla 13.0.1 for browsing.

My issue is: Mozilla automatically opens webpages given below at a time gap of 1 hour,

http://download.guffins.com/index.jhtml?theme=guffinshalloween2011&partner=YJxdm207&sub_id=61335&ce_cid=00fMJj00000029NMsB77pdRwBJ000000

http://affiliates.tyroodr.com/ez/bvqndnfsyglg/

http://www.svaiza.com/search-results.php?id=4&net=tyroo

I tried the Malware -Antimalware, super antispyware, spybot S & D,few items detected by those softwares were killed, still the problem persists.

Tried downloading Adaware, but unable to run since it ask me to uninstall my Kaspersky, which i dont want to do since mine is a licensed version.

Also i disabled extensions like allgameshome toolbar, connect bar, deal ply, antibanner, kaspersky URL Advisor, Web assistant in Mozilla after i saw websites opening itself.

Please educate me what caused this issue.

And also help me how to stop this webpage from opening of own.

Looking forward for your support.

Thank you

Madmah

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:21 AM

Posted 26 July 2012 - 03:03 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 Madmah

Madmah
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:03:21 AM

Posted 31 July 2012 - 04:56 AM

Dear Naren,

Just now i was able to see your suggestion, Shall follow your instruction and get back to you.

Thank you for your prompt response.

Regards,
Madmah

#4 Madmah

Madmah
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:03:21 AM

Posted 31 July 2012 - 05:04 AM

Dear Naren,

TDSSKILLER -Says everything is ok, shall come back with other log files very soon

15:31:15.0812 3464 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
15:31:16.0562 3464 ============================================================
15:31:16.0562 3464 Current date / time: 2012/07/31 15:31:16.0562
15:31:16.0562 3464 SystemInfo:
15:31:16.0562 3464
15:31:16.0562 3464 OS Version: 5.1.2600 ServicePack: 2.0
15:31:16.0562 3464 Product type: Workstation
15:31:16.0562 3464 ComputerName: MELURMEA
15:31:16.0562 3464 UserName: login
15:31:16.0562 3464 Windows directory: C:\WINDOWS
15:31:16.0562 3464 System windows directory: C:\WINDOWS
15:31:16.0562 3464 Processor architecture: Intel x86
15:31:16.0562 3464 Number of processors: 4
15:31:16.0562 3464 Page size: 0x1000
15:31:16.0562 3464 Boot type: Normal boot
15:31:16.0562 3464 ============================================================
15:31:17.0812 3464 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
15:31:17.0812 3464 ============================================================
15:31:17.0812 3464 \Device\Harddisk0\DR0:
15:31:17.0812 3464 MBR partitions:
15:31:17.0812 3464 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x61A7927
15:31:17.0828 3464 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x61A79A5, BlocksNum 0xC34F28D
15:31:17.0843 3464 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x124F6C71, BlocksNum 0xC34F28D
15:31:17.0859 3464 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x1E845F3D, BlocksNum 0xC34F28D
15:31:17.0875 3464 \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0x2AB95209, BlocksNum 0xF7EBB77
15:31:17.0875 3464 ============================================================
15:31:17.0890 3464 C: <-> \Device\Harddisk0\DR0\Partition0
15:31:17.0953 3464 E: <-> \Device\Harddisk0\DR0\Partition1
15:31:18.0015 3464 F: <-> \Device\Harddisk0\DR0\Partition2
15:31:18.0078 3464 G: <-> \Device\Harddisk0\DR0\Partition3
15:31:18.0109 3464 H: <-> \Device\Harddisk0\DR0\Partition4
15:31:18.0109 3464 ============================================================
15:31:18.0109 3464 Initialize success
15:31:18.0109 3464 ============================================================
15:31:42.0390 3988 ============================================================
15:31:42.0390 3988 Scan started
15:31:42.0390 3988 Mode: Manual; TDLFS;
15:31:42.0390 3988 ============================================================
15:31:42.0828 3988 !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
15:31:42.0843 3988 !SASCORE - ok
15:31:42.0921 3988 Abiosdsk - ok
15:31:42.0921 3988 abp480n5 - ok
15:31:42.0953 3988 ACPI (a10c7534f7223f4a73a948967d00e69b) C:\WINDOWS\system32\DRIVERS\ACPI.sys
15:31:42.0968 3988 ACPI - ok
15:31:42.0984 3988 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
15:31:42.0984 3988 ACPIEC - ok
15:31:43.0000 3988 adpu160m - ok
15:31:43.0015 3988 aec (841f385c6cfaf66b58fbd898722bb4f0) C:\WINDOWS\system32\drivers\aec.sys
15:31:43.0031 3988 aec - ok
15:31:43.0031 3988 AFD (5ac495f4cb807b2b98ad2ad591e6d92e) C:\WINDOWS\System32\drivers\afd.sys
15:31:43.0046 3988 AFD - ok
15:31:43.0046 3988 Aha154x - ok
15:31:43.0046 3988 aic78u2 - ok
15:31:43.0046 3988 aic78xx - ok
15:31:43.0078 3988 Alerter (c7ae0fd3867db0d42b03b73c18f3d671) C:\WINDOWS\system32\alrsvc.dll
15:31:43.0078 3988 Alerter - ok
15:31:43.0093 3988 ALG (f1958fbf86d5c004cf19a5951a9514b7) C:\WINDOWS\System32\alg.exe
15:31:43.0093 3988 ALG - ok
15:31:43.0093 3988 AliIde - ok
15:31:43.0156 3988 Ambfilt (267fc636801edc5ab28e14036349e3be) C:\WINDOWS\system32\drivers\Ambfilt.sys
15:31:43.0187 3988 Ambfilt - ok
15:31:43.0265 3988 amsint - ok
15:31:43.0281 3988 AppMgmt (9c3c12975c97119412802b181fbeeffe) C:\WINDOWS\System32\appmgmts.dll
15:31:43.0296 3988 AppMgmt - ok
15:31:43.0390 3988 arowonriiw - ok
15:31:43.0406 3988 asc - ok
15:31:43.0406 3988 asc3350p - ok
15:31:43.0406 3988 asc3550 - ok
15:31:43.0421 3988 AsyncMac (02000abf34af4c218c35d257024807d6) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
15:31:43.0421 3988 AsyncMac - ok
15:31:43.0437 3988 atapi (cdfe4411a69c224bd1d11b2da92dac51) C:\WINDOWS\system32\DRIVERS\atapi.sys
15:31:43.0453 3988 atapi - ok
15:31:43.0453 3988 Atdisk - ok
15:31:43.0453 3988 Atmarpc (ec88da854ab7d7752ec8be11a741bb7f) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
15:31:43.0453 3988 Atmarpc - ok
15:31:43.0500 3988 AudioSrv (db66db626e4882ebef55f136f12c1829) C:\WINDOWS\System32\audiosrv.dll
15:31:43.0500 3988 AudioSrv - ok
15:31:43.0515 3988 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
15:31:43.0531 3988 audstub - ok
15:31:43.0531 3988 auffjuttqdaoyo - ok
15:31:43.0609 3988 AVP (946d70667b0119f2beeae0849e1d46a2) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
15:31:43.0609 3988 AVP - ok
15:31:43.0609 3988 axejgnkl - ok
15:31:43.0609 3988 ayoou05eeutn - ok
15:31:43.0640 3988 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
15:31:43.0640 3988 Beep - ok
15:31:43.0671 3988 BITS (2c69ec7e5a311334d10dd95f338fccea) C:\WINDOWS\system32\qmgr.dll
15:31:43.0671 3988 BITS - ok
15:31:43.0671 3988 biuaheplqfoeu - ok
15:31:43.0687 3988 bprsqtyuvnn - ok
15:31:43.0687 3988 bpwcqvruzdbr - ok
15:31:43.0703 3988 Browser (e3cfccdda4edd1d0dc9168b2e18f27b8) C:\WINDOWS\System32\browser.dll
15:31:43.0703 3988 Browser - ok
15:31:43.0734 3988 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
15:31:43.0734 3988 cbidf2k - ok
15:31:43.0750 3988 CCDECODE (6163ed60b684bab19d3352ab22fc48b2) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
15:31:43.0765 3988 CCDECODE - ok
15:31:43.0765 3988 cd20xrnt - ok
15:31:43.0765 3988 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
15:31:43.0781 3988 Cdaudio - ok
15:31:43.0796 3988 Cdfs (cd7d5152df32b47f4e36f710b35aae02) C:\WINDOWS\system32\drivers\Cdfs.sys
15:31:43.0812 3988 Cdfs - ok
15:31:43.0828 3988 Cdrom (7b53584d94e9d8716b2de91d5f1cb42d) C:\WINDOWS\system32\DRIVERS\cdrom.sys
15:31:43.0843 3988 Cdrom - ok
15:31:43.0843 3988 Changer - ok
15:31:43.0843 3988 CiSvc (3192bd04d032a9c4a85a3278c268a13a) C:\WINDOWS\system32\cisvc.exe
15:31:43.0859 3988 CiSvc - ok
15:31:43.0859 3988 ClipSrv (c8dec22c4137d7a90f8bdf41ca4b82ae) C:\WINDOWS\system32\clipsrv.exe
15:31:43.0859 3988 ClipSrv - ok
15:31:43.0859 3988 CmdIde - ok
15:31:43.0875 3988 cmyxdjtg - ok
15:31:43.0875 3988 COMSysApp - ok
15:31:43.0875 3988 Cpqarray - ok
15:31:43.0890 3988 CryptSvc (10654f9ddcea9c46cfb77554231be73b) C:\WINDOWS\System32\cryptsvc.dll
15:31:43.0890 3988 CryptSvc - ok
15:31:43.0906 3988 dac2w2k - ok
15:31:43.0906 3988 dac960nt - ok
15:31:43.0921 3988 DcomLaunch (5c83a4408604f737717ab96371201680) C:\WINDOWS\system32\rpcss.dll
15:31:43.0937 3988 DcomLaunch - ok
15:31:44.0000 3988 DCService.exe (cc8b5c964b777f4ec3e89f13b4b5ff0f) C:\Documents and Settings\All Users\Application Data\DatacardService\DCService.exe
15:31:44.0000 3988 DCService.exe - ok
15:31:44.0031 3988 Dhcp (cb6ca3e5261d65f6f809eed23bf167aa) C:\WINDOWS\System32\dhcpcsvc.dll
15:31:44.0046 3988 Dhcp - ok
15:31:44.0062 3988 Disk (00ca44e4534865f8a3b64f7c0984bff0) C:\WINDOWS\system32\DRIVERS\disk.sys
15:31:44.0062 3988 Disk - ok
15:31:44.0062 3988 dmadmin - ok
15:31:44.0109 3988 dmboot (c0fbb516e06e243f0cf31f597e7ebf7d) C:\WINDOWS\system32\drivers\dmboot.sys
15:31:44.0125 3988 dmboot - ok
15:31:44.0156 3988 dmio (f5e7b358a732d09f4bcf2824b88b9e28) C:\WINDOWS\system32\drivers\dmio.sys
15:31:44.0187 3988 dmio - ok
15:31:44.0203 3988 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
15:31:44.0203 3988 dmload - ok
15:31:44.0234 3988 dmserver (1639d9964c9e1b2ecca95c8217d3e70d) C:\WINDOWS\System32\dmserver.dll
15:31:44.0234 3988 dmserver - ok
15:31:44.0265 3988 DMusic (a6f881284ac1150e37d9ae47ff601267) C:\WINDOWS\system32\drivers\DMusic.sys
15:31:44.0265 3988 DMusic - ok
15:31:44.0281 3988 Dnscache (7379de06fd196e396a00aa97b990c00d) C:\WINDOWS\System32\dnsrslvr.dll
15:31:44.0281 3988 Dnscache - ok
15:31:44.0296 3988 dpti2o - ok
15:31:44.0296 3988 drmkaud (1ed4dbbae9f5d558dbba4cc450e3eb2e) C:\WINDOWS\system32\drivers\drmkaud.sys
15:31:44.0312 3988 drmkaud - ok
15:31:44.0328 3988 e1kexpress (8bed3dbbb13d2c8e1c1c9decec309826) C:\WINDOWS\system32\DRIVERS\e1k5132.sys
15:31:44.0343 3988 e1kexpress - ok
15:31:44.0484 3988 ealqvrouxwr - ok
15:31:44.0484 3988 ekocbxmdedsgjxm - ok
15:31:44.0500 3988 ERSvc (67dff7bbbd0e80aab7b3cf061448db8a) C:\WINDOWS\System32\ersvc.dll
15:31:44.0515 3988 ERSvc - ok
15:31:44.0531 3988 Eventlog (c6ce6eec82f187615d1002bb3bb50ed4) C:\WINDOWS\system32\services.exe
15:31:44.0546 3988 Eventlog - ok
15:31:44.0578 3988 EventSystem (acd36a2dd7d1e9d8a060aa651dc07e63) C:\WINDOWS\system32\es.dll
15:31:44.0593 3988 EventSystem - ok
15:31:44.0609 3988 ew_hwusbdev (e98a64c7f106740a38fb2b78197816f8) C:\WINDOWS\system32\DRIVERS\ew_hwusbdev.sys
15:31:44.0625 3988 ew_hwusbdev - ok
15:31:44.0656 3988 Fastfat (3117f595e9615e04f05a54fc15a03b20) C:\WINDOWS\system32\drivers\Fastfat.sys
15:31:44.0656 3988 Fastfat - ok
15:31:44.0687 3988 FastUserSwitchingCompatibility (e7518dc542d3ebdcb80edd98462c7821) C:\WINDOWS\System32\shsvcs.dll
15:31:44.0718 3988 FastUserSwitchingCompatibility - ok
15:31:44.0750 3988 Fdc (ced2e8396a8838e59d8fd529c680e02c) C:\WINDOWS\system32\drivers\Fdc.sys
15:31:44.0765 3988 Fdc - ok
15:31:44.0765 3988 fdgsvstls - ok
15:31:44.0765 3988 ffcrdzggyir - ok
15:31:44.0765 3988 ffxhjhwzwvell - ok
15:31:44.0781 3988 Fips (e153ab8a11de5452bcf5ac7652dbf3ed) C:\WINDOWS\system32\drivers\Fips.sys
15:31:44.0796 3988 Fips - ok
15:31:44.0812 3988 Flpydisk (0dd1de43115b93f4d85e889d7a86f548) C:\WINDOWS\system32\drivers\Flpydisk.sys
15:31:44.0812 3988 Flpydisk - ok
15:31:44.0828 3988 FltMgr (157754f0df355a9e0a6f54721914f9c6) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
15:31:44.0843 3988 FltMgr - ok
15:31:44.0843 3988 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
15:31:44.0859 3988 Fs_Rec - ok
15:31:44.0875 3988 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
15:31:44.0875 3988 Ftdisk - ok
15:31:44.0890 3988 fuwurgueij - ok
15:31:44.0890 3988 giarohqralcjum - ok
15:31:44.0906 3988 Gpc (c0f1d4a21de5a415df8170616703debf) C:\WINDOWS\system32\DRIVERS\msgpc.sys
15:31:44.0921 3988 Gpc - ok
15:31:44.0921 3988 gsrakuclyntoqn - ok
15:31:45.0000 3988 gusvc (c1b577b2169900f4cf7190c39f085794) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
15:31:45.0000 3988 gusvc - ok
15:31:45.0015 3988 HDAudBus (3fcc124b6e08ee0e9351f717dd136939) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
15:31:45.0015 3988 HDAudBus - ok
15:31:45.0046 3988 HECI (a88485dc6a7136c10d9a6c7e38fdfe3c) C:\WINDOWS\system32\DRIVERS\HECI.sys
15:31:45.0046 3988 HECI - ok
15:31:45.0109 3988 helpsvc (8827911a8c37e40c027cbfc88e69d967) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
15:31:45.0109 3988 helpsvc - ok
15:31:45.0109 3988 hgysozsupk - ok
15:31:45.0125 3988 HidServ (9376e6893e52b368abc6255bf54f0b28) C:\WINDOWS\System32\hidserv.dll
15:31:45.0140 3988 HidServ - ok
15:31:45.0156 3988 hidusb (1de6783b918f540149aa69943bdfeba8) C:\WINDOWS\system32\DRIVERS\hidusb.sys
15:31:45.0171 3988 hidusb - ok
15:31:45.0171 3988 hpn - ok
15:31:45.0171 3988 hqnxnsutk - ok
15:31:45.0187 3988 HTTP (c19b522a9ae0bbc3293397f3055e80a1) C:\WINDOWS\system32\Drivers\HTTP.sys
15:31:45.0187 3988 HTTP - ok
15:31:45.0203 3988 HTTPFilter (064d8581adf77c25133e7d751d917d83) C:\WINDOWS\System32\w3ssl.dll
15:31:45.0218 3988 HTTPFilter - ok
15:31:45.0234 3988 huawei_enumerator (22a4b14530194fc57c1c849fb5afee17) C:\WINDOWS\system32\DRIVERS\ew_jubusenum.sys
15:31:45.0250 3988 huawei_enumerator - ok
15:31:45.0265 3988 hwdatacard (3e3bfe85b9fe3720bf4c108f57c945fb) C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys
15:31:45.0265 3988 hwdatacard - ok
15:31:45.0265 3988 i2omgmt - ok
15:31:45.0265 3988 i2omp - ok
15:31:45.0281 3988 i8042prt (5502b58eef7486ee6f93f3f164dcb808) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
15:31:45.0296 3988 i8042prt - ok
15:31:45.0359 3988 ialm (748d242a1c1a92d14dfe225892a8749b) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
15:31:45.0406 3988 ialm - ok
15:31:45.0546 3988 ICAM5USB (0a8a464d0dfd3257b72792248b44fc93) C:\WINDOWS\system32\Drivers\Icam5USB.sys
15:31:45.0562 3988 ICAM5USB - ok
15:31:45.0671 3988 ikivllnwtceanv - ok
15:31:45.0703 3988 Imapi (f8aa320c6a0409c0380e5d8a99d76ec6) C:\WINDOWS\system32\DRIVERS\imapi.sys
15:31:45.0703 3988 Imapi - ok
15:31:45.0718 3988 ImapiService (fa788520bcac0f5d9d5cde5615c0d931) C:\WINDOWS\system32\imapi.exe
15:31:45.0734 3988 ImapiService - ok
15:31:45.0734 3988 ini910u - ok
15:31:45.0906 3988 IntcAzAudAddService (55063eabed4508cbe458d2016fff745d) C:\WINDOWS\system32\drivers\RtkHDAud.sys
15:31:45.0937 3988 IntcAzAudAddService - ok
15:31:46.0109 3988 IntcDAud (a58a567b601866bee62d8dda78e6e101) C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
15:31:46.0109 3988 IntcDAud - ok
15:31:46.0109 3988 IntelIde - ok
15:31:46.0140 3988 intelppm (279fb78702454dff2bb445f238c048d2) C:\WINDOWS\system32\DRIVERS\intelppm.sys
15:31:46.0140 3988 intelppm - ok
15:31:46.0156 3988 Ip6Fw (4448006b6bc60e6c027932cfc38d6855) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
15:31:46.0171 3988 Ip6Fw - ok
15:31:46.0187 3988 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
15:31:46.0203 3988 IpFilterDriver - ok
15:31:46.0203 3988 IpInIp (e1ec7f5da720b640cd8fb8424f1b14bb) C:\WINDOWS\system32\DRIVERS\ipinip.sys
15:31:46.0218 3988 IpInIp - ok
15:31:46.0250 3988 IpNat (b5a8e215ac29d24d60b4d1250ef05ace) C:\WINDOWS\system32\DRIVERS\ipnat.sys
15:31:46.0250 3988 IpNat - ok
15:31:46.0265 3988 IPSec (64537aa5c003a6afeee1df819062d0d1) C:\WINDOWS\system32\DRIVERS\ipsec.sys
15:31:46.0281 3988 IPSec - ok
15:31:46.0296 3988 IRENUM (50708daa1b1cbb7d6ac1cf8f56a24410) C:\WINDOWS\system32\DRIVERS\irenum.sys
15:31:46.0312 3988 IRENUM - ok
15:31:46.0328 3988 isapnp (e504f706ccb699c2596e9a3da1596e87) C:\WINDOWS\system32\DRIVERS\isapnp.sys
15:31:46.0343 3988 isapnp - ok
15:31:46.0453 3988 jfcbchoottt - ok
15:31:46.0453 3988 jftzwvcvdcdirg - ok
15:31:46.0453 3988 jgapervgrz - ok
15:31:46.0484 3988 Kbdclass (ebdee8a2ee5393890a1acee971c4c246) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
15:31:46.0484 3988 Kbdclass - ok
15:31:46.0515 3988 kbdhid (e182fa8e49e8ee41b4adc53093f3c7e6) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
15:31:46.0515 3988 kbdhid - ok
15:31:46.0546 3988 KL1 (94d67d49bd9503bb1d838405d80f2058) C:\WINDOWS\system32\DRIVERS\kl1.sys
15:31:46.0562 3988 KL1 - ok
15:31:46.0578 3988 kl2 (713576569667ac9e0f8556076004a96b) C:\WINDOWS\system32\DRIVERS\kl2.sys
15:31:46.0578 3988 kl2 - ok
15:31:46.0625 3988 KLIF (395a295fd9ea657b4a3621e402cc56c5) C:\WINDOWS\system32\DRIVERS\klif.sys
15:31:46.0640 3988 KLIF - ok
15:31:46.0687 3988 klim5 (8d6e11bfa9927978d25b1b8029554f07) C:\WINDOWS\system32\DRIVERS\klim5.sys
15:31:46.0687 3988 klim5 - ok
15:31:46.0703 3988 klmouflt (3959530f69e19da56f1f24f2c89f1e2c) C:\WINDOWS\system32\DRIVERS\klmouflt.sys
15:31:46.0718 3988 klmouflt - ok
15:31:46.0734 3988 kmixer (d93cad07c5683db066b0b2d2d3790ead) C:\WINDOWS\system32\drivers\kmixer.sys
15:31:46.0734 3988 kmixer - ok
15:31:46.0765 3988 KSecDD (eb7ffe87fd367ea8fca0506f74a87fbb) C:\WINDOWS\system32\drivers\KSecDD.sys
15:31:46.0781 3988 KSecDD - ok
15:31:46.0781 3988 kslrswht - ok
15:31:46.0781 3988 kvwlogdim - ok
15:31:46.0812 3988 lanmanserver (93d32468d34e000cb3407947d1d6e22a) C:\WINDOWS\System32\srvsvc.dll
15:31:46.0812 3988 lanmanserver - ok
15:31:46.0843 3988 lanmanworkstation (2c0a7b2ae9c26f2c163627679b42783c) C:\WINDOWS\System32\wkssvc.dll
15:31:46.0843 3988 lanmanworkstation - ok
15:31:46.0843 3988 lbrtfdc - ok
15:31:46.0843 3988 lkkppdxfluvyx - ok
15:31:46.0859 3988 LmHosts (b3eff6d938c572e90a07b3d87a3c7657) C:\WINDOWS\System32\lmhsvc.dll
15:31:46.0859 3988 LmHosts - ok
15:31:46.0937 3988 LMS (1d82a01a368255fe78c65cf66b5b8281) C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe
15:31:46.0953 3988 LMS - ok
15:31:46.0953 3988 lnfvikkjqc - ok
15:31:46.0953 3988 lvnfdblwva - ok
15:31:46.0968 3988 Messenger (95fd808e4ac22aba025a7b3eac0375d2) C:\WINDOWS\System32\msgsvc.dll
15:31:46.0984 3988 Messenger - ok
15:31:47.0031 3988 Microsoft Office Groove Audit Service (fafe367d032ed82e9332b4c741a20216) C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
15:31:47.0046 3988 Microsoft Office Groove Audit Service - ok
15:31:47.0062 3988 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
15:31:47.0062 3988 mnmdd - ok
15:31:47.0078 3988 mnmsrvc (f6415361201915b9fe3896b0e4e724ff) C:\WINDOWS\system32\mnmsrvc.exe
15:31:47.0093 3988 mnmsrvc - ok
15:31:47.0093 3988 Modem (6fc6f9d7acc36dca9b914565a3aeda05) C:\WINDOWS\system32\drivers\Modem.sys
15:31:47.0093 3988 Modem - ok
15:31:47.0156 3988 Monfilt (c7d9f9717916b34c1b00dd4834af485c) C:\WINDOWS\system32\drivers\Monfilt.sys
15:31:47.0187 3988 Monfilt - ok
15:31:47.0203 3988 Mouclass (34e1f0031153e491910e12551400192c) C:\WINDOWS\system32\DRIVERS\mouclass.sys
15:31:47.0203 3988 Mouclass - ok
15:31:47.0234 3988 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
15:31:47.0234 3988 mouhid - ok
15:31:47.0250 3988 MountMgr (65653f3b4477f3c63e68a9659f85ee2e) C:\WINDOWS\system32\drivers\MountMgr.sys
15:31:47.0250 3988 MountMgr - ok
15:31:47.0328 3988 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
15:31:47.0328 3988 MozillaMaintenance - ok
15:31:47.0328 3988 mraid35x - ok
15:31:47.0359 3988 MRxDAV (46edcc8f2db2f322c24f48785cb46366) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
15:31:47.0375 3988 MRxDAV - ok
15:31:47.0390 3988 MRxSmb (1fd607fc67f7f7c633c3da65bfc53d18) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
15:31:47.0390 3988 MRxSmb - ok
15:31:47.0468 3988 MSDTC (c7c3d89eb0a6f3dba622ea737fa335b1) C:\WINDOWS\system32\msdtc.exe
15:31:47.0468 3988 MSDTC - ok
15:31:47.0484 3988 Msfs (561b3a4333ca2dbdba28b5b956822519) C:\WINDOWS\system32\drivers\Msfs.sys
15:31:47.0484 3988 Msfs - ok
15:31:47.0484 3988 MSIServer - ok
15:31:47.0531 3988 MSKSSRV (ae431a8dd3c1d0d0610cdbac16057ad0) C:\WINDOWS\system32\drivers\MSKSSRV.sys
15:31:47.0546 3988 MSKSSRV - ok
15:31:47.0546 3988 MSPCLOCK (13e75fef9dfeb08eeded9d0246e1f448) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
15:31:47.0546 3988 MSPCLOCK - ok
15:31:47.0562 3988 MSPQM (1988a33ff19242576c3d0ef9ce785da7) C:\WINDOWS\system32\drivers\MSPQM.sys
15:31:47.0562 3988 MSPQM - ok
15:31:47.0578 3988 mssmbios (469541f8bfd2b32659d5d463a6714bce) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
15:31:47.0593 3988 mssmbios - ok
15:31:47.0609 3988 MSTEE (bf13612142995096ab084f2db7f40f77) C:\WINDOWS\system32\drivers\MSTEE.sys
15:31:47.0625 3988 MSTEE - ok
15:31:47.0640 3988 Mup (82035e0f41c2dd05ae41d27fe6cf7de1) C:\WINDOWS\system32\drivers\Mup.sys
15:31:47.0640 3988 Mup - ok
15:31:47.0750 3988 muzoekon - ok
15:31:47.0781 3988 NABTSFEC (5c8dc6429c43dc6177c1fa5b76290d1a) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
15:31:47.0781 3988 NABTSFEC - ok
15:31:47.0812 3988 NDIS (558635d3af1c7546d26067d5d9b6959e) C:\WINDOWS\system32\drivers\NDIS.sys
15:31:47.0812 3988 NDIS - ok
15:31:47.0828 3988 NdisIP (520ce427a8b298f54112857bcf6bde15) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
15:31:47.0828 3988 NdisIP - ok
15:31:47.0859 3988 NdisTapi (08d43bbdacdf23f34d79e44ed35c1b4c) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
15:31:47.0859 3988 NdisTapi - ok
15:31:47.0890 3988 Ndisuio (34d6cd56409da9a7ed573e1c90a308bf) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
15:31:47.0890 3988 Ndisuio - ok
15:31:47.0906 3988 NdisWan (0b90e255a9490166ab368cd55a529893) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
15:31:47.0906 3988 NdisWan - ok
15:31:47.0921 3988 NDProxy (59fc3fb44d2669bc144fd87826bb571f) C:\WINDOWS\system32\drivers\NDProxy.sys
15:31:47.0921 3988 NDProxy - ok
15:31:47.0921 3988 NetBIOS (3a2aca8fc1d7786902ca434998d7ceb4) C:\WINDOWS\system32\DRIVERS\netbios.sys
15:31:47.0937 3988 NetBIOS - ok
15:31:47.0953 3988 NetBT (0c80e410cd2f47134407ee7dd19cc86b) C:\WINDOWS\system32\DRIVERS\netbt.sys
15:31:47.0953 3988 NetBT - ok
15:31:47.0984 3988 NetDDE (05afb5ad06462257bea7495283c86d50) C:\WINDOWS\system32\netdde.exe
15:31:47.0984 3988 NetDDE - ok
15:31:47.0984 3988 NetDDEdsdm (05afb5ad06462257bea7495283c86d50) C:\WINDOWS\system32\netdde.exe
15:31:48.0000 3988 NetDDEdsdm - ok
15:31:48.0000 3988 Netlogon (84885f9b82f4d55c6146ebf6065d75d2) C:\WINDOWS\system32\lsass.exe
15:31:48.0015 3988 Netlogon - ok
15:31:48.0015 3988 Netman (dab9e6c7105d2ef49876fe92c524f565) C:\WINDOWS\System32\netman.dll
15:31:48.0031 3988 Netman - ok
15:31:48.0046 3988 Nla (4e74af063c3271fbea20dd940cfd1184) C:\WINDOWS\System32\mswsock.dll
15:31:48.0046 3988 Nla - ok
15:31:48.0046 3988 Npfs (4f601bcb8f64ea3ac0994f98fed03f8e) C:\WINDOWS\system32\drivers\Npfs.sys
15:31:48.0062 3988 Npfs - ok
15:31:48.0093 3988 Ntfs (b78be402c3f63dd55521f73876951cdd) C:\WINDOWS\system32\drivers\Ntfs.sys
15:31:48.0109 3988 Ntfs - ok
15:31:48.0109 3988 NtLmSsp (84885f9b82f4d55c6146ebf6065d75d2) C:\WINDOWS\system32\lsass.exe
15:31:48.0109 3988 NtLmSsp - ok
15:31:48.0140 3988 NtmsSvc (b62f29c00ac55a761b2e45877d85ea0f) C:\WINDOWS\system32\ntmssvc.dll
15:31:48.0156 3988 NtmsSvc - ok
15:31:48.0171 3988 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
15:31:48.0171 3988 Null - ok
15:31:48.0203 3988 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
15:31:48.0203 3988 NwlnkFlt - ok
15:31:48.0203 3988 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
15:31:48.0218 3988 NwlnkFwd - ok
15:31:48.0296 3988 odserv (84de1dd996b48b05ace31ad015fa108a) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
15:31:48.0296 3988 odserv - ok
15:31:48.0328 3988 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:31:48.0343 3988 ose - ok
15:31:48.0453 3988 ovyniurxcd - ok
15:31:48.0468 3988 Parport (29744eb4ce659dfe3b4122deb45bc478) C:\WINDOWS\system32\DRIVERS\parport.sys
15:31:48.0484 3988 Parport - ok
15:31:48.0515 3988 PartMgr (3334430c29dc338092f79c38ef7b4cd0) C:\WINDOWS\system32\drivers\PartMgr.sys
15:31:48.0515 3988 PartMgr - ok
15:31:48.0531 3988 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
15:31:48.0531 3988 ParVdm - ok
15:31:48.0546 3988 PCI (8086d9979234b603ad5bc2f5d890b234) C:\WINDOWS\system32\DRIVERS\pci.sys
15:31:48.0562 3988 PCI - ok
15:31:48.0562 3988 PCIDump - ok
15:31:48.0562 3988 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
15:31:48.0578 3988 PCIIde - ok
15:31:48.0593 3988 Pcmcia (82a087207decec8456fbe8537947d579) C:\WINDOWS\system32\drivers\Pcmcia.sys
15:31:48.0593 3988 Pcmcia - ok
15:31:48.0593 3988 PDCOMP - ok
15:31:48.0593 3988 PDFRAME - ok
15:31:48.0593 3988 PDRELI - ok
15:31:48.0609 3988 PDRFRAME - ok
15:31:48.0609 3988 perc2 - ok
15:31:48.0609 3988 perc2hib - ok
15:31:48.0625 3988 PlugPlay (c6ce6eec82f187615d1002bb3bb50ed4) C:\WINDOWS\system32\services.exe
15:31:48.0640 3988 PlugPlay - ok
15:31:48.0640 3988 PolicyAgent (84885f9b82f4d55c6146ebf6065d75d2) C:\WINDOWS\system32\lsass.exe
15:31:48.0640 3988 PolicyAgent - ok
15:31:48.0640 3988 PptpMiniport (1c5cc65aac0783c344f16353e60b72ac) C:\WINDOWS\system32\DRIVERS\raspptp.sys
15:31:48.0656 3988 PptpMiniport - ok
15:31:48.0656 3988 ProtectedStorage (84885f9b82f4d55c6146ebf6065d75d2) C:\WINDOWS\system32\lsass.exe
15:31:48.0656 3988 ProtectedStorage - ok
15:31:48.0656 3988 PSched (48671f327553dcf1d27f6197f622a668) C:\WINDOWS\system32\DRIVERS\psched.sys
15:31:48.0671 3988 PSched - ok
15:31:48.0671 3988 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
15:31:48.0671 3988 Ptilink - ok
15:31:48.0671 3988 qbbolirxdkuc - ok
15:31:48.0671 3988 ql1080 - ok
15:31:48.0671 3988 Ql10wnt - ok
15:31:48.0687 3988 ql12160 - ok
15:31:48.0687 3988 ql1240 - ok
15:31:48.0687 3988 ql1280 - ok
15:31:48.0703 3988 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
15:31:48.0703 3988 RasAcd - ok
15:31:48.0718 3988 RasAuto (44db7a9bdd2fb58747d123fbf1d35adb) C:\WINDOWS\System32\rasauto.dll
15:31:48.0734 3988 RasAuto - ok
15:31:48.0750 3988 Rasl2tp (98faeb4a4dcf812ba1c6fca4aa3e115c) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
15:31:48.0750 3988 Rasl2tp - ok
15:31:48.0765 3988 RasMan (41a3c11e3517c962c9b44893bcec3b34) C:\WINDOWS\System32\rasmans.dll
15:31:48.0765 3988 RasMan - ok
15:31:48.0781 3988 RasPppoe (7306eeed8895454cbed4669be9f79faa) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
15:31:48.0781 3988 RasPppoe - ok
15:31:48.0781 3988 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
15:31:48.0796 3988 Raspti - ok
15:31:48.0859 3988 Rdbss (29d66245adba878fff574cd66abd2884) C:\WINDOWS\system32\DRIVERS\rdbss.sys
15:31:48.0859 3988 Rdbss - ok
15:31:48.0875 3988 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
15:31:48.0890 3988 RDPCDD - ok
15:31:48.0906 3988 rdpdr (a2cae2c60bc37e0751ef9dda7ceaf4ad) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
15:31:48.0921 3988 rdpdr - ok
15:31:48.0953 3988 RDPWD (d4f5643d7714ef499ae9527fdcd50894) C:\WINDOWS\system32\drivers\RDPWD.sys
15:31:48.0953 3988 RDPWD - ok
15:31:48.0968 3988 RDSessMgr (729798e0933076b8fcfcd9934698f164) C:\WINDOWS\system32\sessmgr.exe
15:31:48.0984 3988 RDSessMgr - ok
15:31:49.0000 3988 redbook (b31b4588e4086d8d84adbf9845c2402b) C:\WINDOWS\system32\DRIVERS\redbook.sys
15:31:49.0000 3988 redbook - ok
15:31:49.0031 3988 RemoteAccess (3046db917e3cfa040632799dd9b14865) C:\WINDOWS\System32\mprdim.dll
15:31:49.0031 3988 RemoteAccess - ok
15:31:49.0062 3988 RemoteRegistry (3151427db7d87107d1c5be58fac53960) C:\WINDOWS\system32\regsvc.dll
15:31:49.0062 3988 RemoteRegistry - ok
15:31:49.0062 3988 rofmfssttpamio - ok
15:31:49.0078 3988 RpcLocator (793f04a09b15e7c6c11dbdffaf06c0ab) C:\WINDOWS\system32\locator.exe
15:31:49.0093 3988 RpcLocator - ok
15:31:49.0109 3988 RpcSs (5c83a4408604f737717ab96371201680) C:\WINDOWS\system32\rpcss.dll
15:31:49.0109 3988 RpcSs - ok
15:31:49.0125 3988 rsrvdpnx - ok
15:31:49.0140 3988 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
15:31:49.0140 3988 RSVP - ok
15:31:49.0156 3988 rzkuizwetyne - ok
15:31:49.0156 3988 SamSs (84885f9b82f4d55c6146ebf6065d75d2) C:\WINDOWS\system32\lsass.exe
15:31:49.0171 3988 SamSs - ok
15:31:49.0218 3988 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
15:31:49.0234 3988 SASDIFSV - ok
15:31:49.0250 3988 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
15:31:49.0250 3988 SASKUTIL - ok
15:31:49.0250 3988 SBRE - ok
15:31:49.0281 3988 SCardSvr (25d8de134df108e3dbc8d7d23b1aa58e) C:\WINDOWS\System32\SCardSvr.exe
15:31:49.0281 3988 SCardSvr - ok
15:31:49.0312 3988 Schedule (92360854316611f6cc471612213c3d92) C:\WINDOWS\system32\schedsvc.dll
15:31:49.0312 3988 Schedule - ok
15:31:49.0328 3988 Secdrv (d26e26ea516450af9d072635c60387f4) C:\WINDOWS\system32\DRIVERS\secdrv.sys
15:31:49.0343 3988 Secdrv - ok
15:31:49.0359 3988 seclogon (b1e0ce09895376871746f36dc5773b4f) C:\WINDOWS\System32\seclogon.dll
15:31:49.0390 3988 seclogon - ok
15:31:49.0390 3988 SENS (dfd9870cf39c791d86c4c209da9fa919) C:\WINDOWS\system32\sens.dll
15:31:49.0406 3988 SENS - ok
15:31:49.0453 3988 serenum (a2d868aeeff612e70e213c451a70cafb) C:\WINDOWS\system32\DRIVERS\serenum.sys
15:31:49.0453 3988 serenum - ok
15:31:49.0468 3988 Serial (cd9404d115a00d249f70a371b46d5a26) C:\WINDOWS\system32\DRIVERS\serial.sys
15:31:49.0484 3988 Serial - ok
15:31:49.0500 3988 Sfloppy (0d13b6df6e9e101013a7afb0ce629fe0) C:\WINDOWS\system32\drivers\Sfloppy.sys
15:31:49.0515 3988 Sfloppy - ok
15:31:49.0515 3988 sglksyuffihcqij - ok
15:31:49.0593 3988 SharedAccess (36cc8c01b5e50163037bef56cb96deff) C:\WINDOWS\System32\ipnathlp.dll
15:31:49.0593 3988 SharedAccess - ok
15:31:49.0625 3988 ShellHWDetection (e7518dc542d3ebdcb80edd98462c7821) C:\WINDOWS\System32\shsvcs.dll
15:31:49.0625 3988 ShellHWDetection - ok
15:31:49.0625 3988 Simbad - ok
15:31:49.0656 3988 SLIP (5caeed86821fa2c6139e32e9e05ccdc9) C:\WINDOWS\system32\DRIVERS\SLIP.sys
15:31:49.0671 3988 SLIP - ok
15:31:49.0671 3988 Sparrow - ok
15:31:49.0687 3988 splitter (8e186b8f23295d1e42c573b82b80d548) C:\WINDOWS\system32\drivers\splitter.sys
15:31:49.0703 3988 splitter - ok
15:31:49.0718 3988 Spooler (7435b108b935e42ea92ca94f59c8e717) C:\WINDOWS\system32\spoolsv.exe
15:31:49.0718 3988 Spooler - ok
15:31:49.0765 3988 sr (e41b6d037d6cd08461470af04500dc24) C:\WINDOWS\system32\DRIVERS\sr.sys
15:31:49.0765 3988 sr - ok
15:31:49.0781 3988 srservice (92bdf74f12d6cbec43c94d4b7f804838) C:\WINDOWS\system32\srsvc.dll
15:31:49.0796 3988 srservice - ok
15:31:49.0812 3988 Srv (20b7e396720353e4117d64d9dcb926ca) C:\WINDOWS\system32\DRIVERS\srv.sys
15:31:49.0828 3988 Srv - ok
15:31:49.0843 3988 SSDPSRV (4b8d61792f7175bed48859cc18ce4e38) C:\WINDOWS\System32\ssdpsrv.dll
15:31:49.0859 3988 SSDPSRV - ok
15:31:49.0875 3988 stisvc (d9f6c4f6b1e188adafc42b561d9bc2e6) C:\WINDOWS\system32\wiaservc.dll
15:31:49.0875 3988 stisvc - ok
15:31:49.0906 3988 streamip (284c57df5dc7abca656bc2b96a667afb) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
15:31:49.0906 3988 streamip - ok
15:31:49.0921 3988 swenum (03c1bae4766e2450219d20b993d6e046) C:\WINDOWS\system32\DRIVERS\swenum.sys
15:31:49.0937 3988 swenum - ok
15:31:49.0953 3988 swmidi (94abc808fc4b6d7d2bbf42b85e25bb4d) C:\WINDOWS\system32\drivers\swmidi.sys
15:31:49.0968 3988 swmidi - ok
15:31:49.0968 3988 SwPrv - ok
15:31:49.0968 3988 symc810 - ok
15:31:49.0968 3988 symc8xx - ok
15:31:49.0968 3988 sym_hi - ok
15:31:49.0984 3988 sym_u3 - ok
15:31:49.0984 3988 sysaudio (650ad082d46bac0e64c9c0e0928492fd) C:\WINDOWS\system32\drivers\sysaudio.sys
15:31:50.0000 3988 sysaudio - ok
15:31:50.0015 3988 SysmonLog (8b54aa346d1b1b113ffaa75501b8b1b2) C:\WINDOWS\system32\smlogsvc.exe
15:31:50.0015 3988 SysmonLog - ok
15:31:50.0046 3988 TapiSrv (eb4a4187d74a8efdcbea3ea2cb1bdfbd) C:\WINDOWS\System32\tapisrv.dll
15:31:50.0046 3988 TapiSrv - ok
15:31:50.0062 3988 Tcpip (9f4b36614a0fc234525ba224957de55c) C:\WINDOWS\system32\DRIVERS\tcpip.sys
15:31:50.0078 3988 Tcpip - ok
15:31:50.0093 3988 TDPIPE (38d437cf2d98965f239b0abcd66dcb0f) C:\WINDOWS\system32\drivers\TDPIPE.sys
15:31:50.0109 3988 TDPIPE - ok
15:31:50.0109 3988 TDTCP (ed0580af02502d00ad8c4c066b156be9) C:\WINDOWS\system32\drivers\TDTCP.sys
15:31:50.0125 3988 TDTCP - ok
15:31:50.0140 3988 TermDD (a540a99c281d933f3d69d55e48727f47) C:\WINDOWS\system32\DRIVERS\termdd.sys
15:31:50.0140 3988 TermDD - ok
15:31:50.0171 3988 TermService (b60c877d16d9c880b952fda04adf16e6) C:\WINDOWS\System32\termsrv.dll
15:31:50.0171 3988 TermService - ok
15:31:50.0187 3988 Themes (e7518dc542d3ebdcb80edd98462c7821) C:\WINDOWS\System32\shsvcs.dll
15:31:50.0187 3988 Themes - ok
15:31:50.0218 3988 TlntSvr (37db0a7d097310e8b4de803fc3119c78) C:\WINDOWS\system32\tlntsvr.exe
15:31:50.0218 3988 TlntSvr - ok
15:31:50.0218 3988 TosIde - ok
15:31:50.0234 3988 TrkWks (6d9ac544b30f96c57f8206566c1fb6a1) C:\WINDOWS\system32\trkwks.dll
15:31:50.0250 3988 TrkWks - ok
15:31:50.0265 3988 Udfs (12f70256f140cd7d52c58c7048fde657) C:\WINDOWS\system32\drivers\Udfs.sys
15:31:50.0265 3988 Udfs - ok
15:31:50.0265 3988 ultra - ok
15:31:50.0453 3988 UNS (c6142b8cb72558d91cea8e38f1b7d905) C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe
15:31:50.0468 3988 UNS - ok
15:31:50.0578 3988 Update (aff2e5045961bbc0a602bb6f95eb1345) C:\WINDOWS\system32\DRIVERS\update.sys
15:31:50.0593 3988 Update - ok
15:31:50.0609 3988 upnphost (0546477bde979e33294fe97f6b3de84a) C:\WINDOWS\System32\upnphost.dll
15:31:50.0625 3988 upnphost - ok
15:31:50.0625 3988 UPS (3f5df65b0758675f95a2d43918a740a3) C:\WINDOWS\System32\ups.exe
15:31:50.0625 3988 UPS - ok
15:31:50.0656 3988 usbccgp (bffd9f120cc63bcbaa3d840f3eef9f79) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
15:31:50.0671 3988 usbccgp - ok
15:31:50.0703 3988 usbehci (15e993ba2f6946b2bfbbfcd30398621e) C:\WINDOWS\system32\DRIVERS\usbehci.sys
15:31:50.0703 3988 usbehci - ok
15:31:50.0703 3988 usbhub (c72f40947f92cea56a8fb532edf025f1) C:\WINDOWS\system32\DRIVERS\usbhub.sys
15:31:50.0718 3988 usbhub - ok
15:31:50.0734 3988 usbprint (a42369b7cd8886cd7c70f33da6fcbcf5) C:\WINDOWS\system32\DRIVERS\usbprint.sys
15:31:50.0734 3988 usbprint - ok
15:31:50.0750 3988 usbscan (a6bc71402f4f7dd5b77fd7f4a8ddba85) C:\WINDOWS\system32\DRIVERS\usbscan.sys
15:31:50.0765 3988 usbscan - ok
15:31:50.0781 3988 USBSTOR (6cd7b22193718f1d17a47a1cd6d37e75) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
15:31:50.0796 3988 USBSTOR - ok
15:31:50.0828 3988 VgaSave (8a60edd72b4ea5aea8202daf0e427925) C:\WINDOWS\System32\drivers\vga.sys
15:31:50.0828 3988 VgaSave - ok
15:31:50.0843 3988 ViaIde - ok
15:31:50.0953 3988 vikbgkozuhcdtdu - ok
15:31:50.0953 3988 vnbzugtzfygahnv - ok
15:31:50.0968 3988 VolSnap (ee4660083deba849ff6c485d944b379b) C:\WINDOWS\system32\drivers\VolSnap.sys
15:31:50.0968 3988 VolSnap - ok
15:31:50.0968 3988 vpiykajr - ok
15:31:51.0000 3988 VSS (3ee00364ae0fd8d604f46cbaf512838a) C:\WINDOWS\System32\vssvc.exe
15:31:51.0000 3988 VSS - ok
15:31:51.0031 3988 W32Time (2b281958f5d0cf99ed626e3ef39d5c8d) C:\WINDOWS\system32\w32time.dll
15:31:51.0031 3988 W32Time - ok
15:31:51.0046 3988 wajsnoakussetj - ok
15:31:51.0046 3988 Wanarp (984ef0b9788abf89974cfed4bfbaacbc) C:\WINDOWS\system32\DRIVERS\wanarp.sys
15:31:51.0062 3988 Wanarp - ok
15:31:51.0093 3988 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys
15:31:51.0109 3988 Wdf01000 - ok
15:31:51.0109 3988 WDICA - ok
15:31:51.0140 3988 wdmaud (2797f33ebf50466020c430ee4f037933) C:\WINDOWS\system32\drivers\wdmaud.sys
15:31:51.0140 3988 wdmaud - ok
15:31:51.0218 3988 Web Assistant Updater (efb3074bdbabe0a137d89d8e58f02392) C:\Program Files\Web Assistant\ExtensionUpdaterService.exe
15:31:51.0234 3988 Web Assistant Updater - ok
15:31:51.0250 3988 WebClient (5d0a442864bfbf3b19dcca4cd29f6e99) C:\WINDOWS\System32\webclnt.dll
15:31:51.0265 3988 WebClient - ok
15:31:51.0265 3988 winlpedgenpjc - ok
15:31:51.0312 3988 winmgmt (f399242a80c4066fd155efa4cf96658e) C:\WINDOWS\system32\wbem\WMIsvc.dll
15:31:51.0312 3988 winmgmt - ok
15:31:51.0328 3988 wldtxahe - ok
15:31:51.0343 3988 WmdmPmSN (c086483e3dba8c1c0a687ec8d5b3d4c1) C:\WINDOWS\system32\mspmsnsv.dll
15:31:51.0359 3988 WmdmPmSN - ok
15:31:51.0390 3988 Wmi (1aff244ca134956c54474f4e2433e4ce) C:\WINDOWS\System32\advapi32.dll
15:31:51.0406 3988 Wmi - ok
15:31:51.0437 3988 WmiApSrv (ba8cecc3e813e1f7c441b20393d4f86c) C:\WINDOWS\system32\wbem\wmiapsrv.exe
15:31:51.0437 3988 WmiApSrv - ok
15:31:51.0500 3988 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
15:31:51.0515 3988 WS2IFSL - ok
15:31:51.0531 3988 wscsvc (4d59daa66c60858cdf4f67a900f42d4a) C:\WINDOWS\system32\wscsvc.dll
15:31:51.0546 3988 wscsvc - ok
15:31:51.0562 3988 WSTCODEC (d5842484f05e12121c511aa93f6439ec) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
15:31:51.0578 3988 WSTCODEC - ok
15:31:51.0593 3988 wuauserv (13d72740963cba12d9ff76a7f218bcd8) C:\WINDOWS\system32\wuauserv.dll
15:31:51.0609 3988 wuauserv - ok
15:31:51.0625 3988 WZCSVC (5a91e6feab9f901302fa7ff768c0120f) C:\WINDOWS\System32\wzcsvc.dll
15:31:51.0625 3988 WZCSVC - ok
15:31:51.0656 3988 xmlprov (eef46dab68229a14da3d8e73c99e2959) C:\WINDOWS\System32\xmlprov.dll
15:31:51.0656 3988 xmlprov - ok
15:31:51.0765 3988 xrmmgmfzlt - ok
15:31:51.0781 3988 xzixaxmah - ok
15:31:51.0781 3988 ynkjladtrvdaalo - ok
15:31:51.0781 3988 zffelxtmybjaqvx - ok
15:31:51.0781 3988 zrdriiizg - ok
15:31:51.0796 3988 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
15:31:52.0187 3988 \Device\Harddisk0\DR0 - ok
15:31:52.0187 3988 Boot (0x1200) (b7e5cf20a4e8c76a93e084f3dace209c) \Device\Harddisk0\DR0\Partition0
15:31:52.0187 3988 \Device\Harddisk0\DR0\Partition0 - ok
15:31:52.0187 3988 Boot (0x1200) (8a7cdf05f94831bf0b1a73ec069cb297) \Device\Harddisk0\DR0\Partition1
15:31:52.0187 3988 \Device\Harddisk0\DR0\Partition1 - ok
15:31:52.0218 3988 Boot (0x1200) (77bec477ca3bb1d92df29e0c40ba6269) \Device\Harddisk0\DR0\Partition2
15:31:52.0218 3988 \Device\Harddisk0\DR0\Partition2 - ok
15:31:52.0234 3988 Boot (0x1200) (81eb9ed4ec57c133e931eb7c65d097ad) \Device\Harddisk0\DR0\Partition3
15:31:52.0234 3988 \Device\Harddisk0\DR0\Partition3 - ok
15:31:52.0250 3988 Boot (0x1200) (69a276336a00bdb1d5d3d7c2fb75effe) \Device\Harddisk0\DR0\Partition4
15:31:52.0250 3988 \Device\Harddisk0\DR0\Partition4 - ok
15:31:52.0250 3988 ============================================================
15:31:52.0250 3988 Scan finished
15:31:52.0250 3988 ============================================================
15:31:52.0250 3756 Detected object count: 0
15:31:52.0250 3756 Actual detected object count: 0

#5 Madmah

Madmah
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:03:21 AM

Posted 31 July 2012 - 05:17 AM

Dear Naren:

I got struck up in the second Download,aswMBR

When i tried to RUN, Kaspersky gave me a warning, Avast! Antirootkit belong to group "Low Restricted" is trying to downlaod driver in a hidden way. Kaspersy internet security will not be able to control application activities after installation.

Detected: PDM suspicion Driver Installation.

What should i do? Please guide.

Thanks in advance.

Madmah

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:21 AM

Posted 31 July 2012 - 06:47 AM

Run it in safemode :thumbup2:

#7 Madmah

Madmah
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:03:21 AM

Posted 01 August 2012 - 02:29 AM

Dear Naren!

Safe mode worked,

Here comes the log of aswMBR,

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-01 12:39:53
-----------------------------
12:39:53.531 OS Version: Windows 5.1.2600 Service Pack 2
12:39:53.531 Number of processors: 4 586 0x2505
12:39:53.546 ComputerName: MELURMEA UserName: login
12:39:59.343 Initialize success
12:40:12.656 AVAST engine download error: 0
12:40:23.062 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-7
12:40:23.109 Disk 0 Vendor: ST3500418AS CC46 Size: 476940MB BusType: 3
12:40:23.156 Disk 0 MBR read successfully
12:40:23.203 Disk 0 MBR scan
12:40:23.234 Disk 0 Windows XP default MBR code
12:40:23.281 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 49999 MB offset 63
12:40:23.312 Disk 0 Partition - 00 0F Extended LBA 426930 MB offset 102398310
12:40:23.375 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 99998 MB offset 102398373
12:40:23.406 Disk 0 Partition - 00 05 Extended 99998 MB offset 307194930
12:40:23.468 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 99998 MB offset 307194993
12:40:23.515 Disk 0 Partition - 00 05 Extended 99998 MB offset 716788170
12:40:23.578 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 99998 MB offset 511991613
12:40:23.625 Disk 0 Partition - 00 05 Extended 126935 MB offset 1126381410
12:40:23.703 Disk 0 Partition 5 00 07 HPFS/NTFS NTFS 126935 MB offset 716788233
12:40:23.812 Disk 0 scanning sectors +976752000
12:40:24.015 Disk 0 scanning C:\WINDOWS\system32\drivers
12:40:46.234 Service scanning
12:41:25.625 Modules scanning
12:41:37.812 Disk 0 trace - called modules:
12:41:37.921 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys
12:41:38.000 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8ae7eab8]
12:41:38.078 3 CLASSPNP.SYS[b98e905b] -> nt!IofCallDriver -> \Device\00000063[0x8adba968]
12:41:38.156 5 ACPI.sys[b977f620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-7[0x8add6940]
12:41:38.250 Scan finished successfully
12:41:49.734 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\login\Desktop\MBR.dat"
12:41:49.796 The log file has been saved successfully to "C:\Documents and Settings\login\Desktop\aswMBR.txt"
---------------------------------------------------------------------------------------------------------------------------

Shall do the third scan and sent it you soon....

Thank you

Regards,

Madmah

#8 Madmah

Madmah
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:03:21 AM

Posted 01 August 2012 - 04:34 AM

Dear Naren,

Believe the 3rdscan deleted few items,

plz find the log below,

C:\Documents and Settings\All Users\Application Data\OptimizerPro\runtime.dll Win32/GenUpdater application cleaned by deleting - quarantined
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BrothersoftExtremeCT.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined
C:\Program Files\TelevisionFanaticEI\Installr\1.bin\64EZSETP.dll Win32/Toolbar.MyWebSearch application cleaned by deleting - quarantined
C:\Program Files\TelevisionFanaticEI\Installr\1.bin\NP64EISb.dll Win32/Toolbar.MyWebSearch application cleaned by deleting - quarantined
E:\DigitalArtClockInst.exe Win32/Adware.Linkular application cleaned by deleting - quarantined
E:\SkyWatchInst.exe Win32/Adware.Linkular application cleaned by deleting - quarantined

Even after the scan, mozilla opened http://mightandmagicheroeskingdoms.ubi.com/us/ this site of its own..

What should i do next, whats happening in my PC? Help please.. : :mellow:

Regards,

Madmah

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:21 AM

Posted 01 August 2012 - 06:13 AM

Uninstall firefox

Checkmark Remove my personal data option

Reinstall firefox


Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#10 Madmah

Madmah
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:03:21 AM

Posted 03 August 2012 - 11:22 PM

Dear Naren,

Excuse me, plz clarify my doubt?

My Mozilla is 14.0.1, i know to uninstall (Add/Remove programs)

How to reinstall the same? In my C folder, there is Mozilla folder with lot of components within? what should be done to reinstall it

Thankx in advance

Regards,

Madmah

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:21 AM

Posted 04 August 2012 - 05:34 AM

Download from here

http://www.mozilla.org/en-US/firefox/new/

#12 Madmah

Madmah
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:03:21 AM

Posted 06 August 2012 - 04:27 AM

Dear Naren,

Am back to work.. uninstalled and Reinstalled firefox. Still http://affiliates.tyroodr.com/ez/bvqndnfsyglg/ is opening of own.

Now will go through the steps suggested by you.. Please advise whats that in my computer, trojan or worm or some monster, whats it?

Will get back soon.

Regards,

Madmah

Edited by Madmah, 06 August 2012 - 04:31 AM.


#13 Madmah

Madmah
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:03:21 AM

Posted 06 August 2012 - 06:32 AM

Dear Naren,

Tried MBAM and it deleted adware.agent. But still my system opened http://www.ixigo.com/hotels?utm_source=TYCps&utm_medium=Banner&utm_campaign=TYCps

Rescanned it and got a clear log.

Shall sent you other logs soon.

Regards,

Madmah

Edited by Madmah, 06 August 2012 - 06:33 AM.


#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:21 AM

Posted 06 August 2012 - 07:08 AM

Uninstall firefox

Checkmark Remove my personal data option

Reinstall firefox


Did you select remove my personal data option?

#15 Madmah

Madmah
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:03:21 AM

Posted 06 August 2012 - 11:35 PM

Dear Naren,

S, i selected that option "Remove my personal data".

Shall let u know, the other log reports soon.

Regards,

Madmah




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users