Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows XP home SP 3 Can't turn on firewall after virus


  • Please log in to reply
9 replies to this topic

#1 Jrgirl

Jrgirl

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:01:46 AM

Posted 29 July 2012 - 11:07 AM

I am runnging windows XP SP 3. I got the live security platinum virus along with others it appears despite having the windows firewall and using MSE. I cannot turn my firewall back on. Everytime I try to access it, it says due to an unspecified problem, Windows cannot display firewall settings. I have run MSE, Malwarebytes and Farbar Service Scanner Log trying to follow similar post on the same problem. I am not really tech savy and am stuck as to how to proceed from here. Below are my last two malwarebytes full scans along with the Farbar Service Scanner log. Any help would really be appreciated!! Thanks!

Database version: v2012.07.28.07

Windows XP Service Pack 3 x86 NTFS
Protection: Enabled

7/28/2012 11:51:42 PM
mbam-log-2012-07-28 (23-51-42).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 292726
Time elapsed: 1 hour(s), 55 minute(s), 19 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Documents and Settings\Jen\Local Settings\Application Data\{28130b53-756b-db51-a40b-8b41941ead15}\n (RootKit.0Access) -> Quarantined and deleted successfully.

(end)

Malwarebytes Anti-Malware (Trial) 1.62.0.1300
www.malwarebytes.org

Database version: v2012.07.28.07

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702

Protection: Enabled

7/29/2012 6:54:39 AM
mbam-log-2012-07-29 (06-54-39).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 292625
Time elapsed: 2 hour(s), 39 minute(s),

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
sharedaccess Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to retrieve start type of sharedaccess. The value does not exist.
Checking ImagePath: ATTENTION!=====> Unable to retrieve ImagePath of sharedaccess. The value does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open sharedaccess registry key. The service key does not exist.


Firewall Disabled Policy:
==================
ATTENTION!=====> Unable to open HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile. The key does not exist.
ATTENTION!=====> Unable to open HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile. The key does not exist.


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.

BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.


Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
Gpc(6) IPSec(4) NetBT(5) PSched(7) Tcpip(3)
0x0700000004000000010000000200000003000000050000000600000007000000
IpSec Tag value is correct.

**** End of log ****

Edited by Orange Blossom, 29 July 2012 - 12:37 PM.
Moved to AII from XP forum. ~ OB


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:46 AM

Posted 29 July 2012 - 12:08 PM

You're still infected


Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 Jrgirl

Jrgirl
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:01:46 AM

Posted 29 July 2012 - 03:08 PM

I followed the steps you provided. Here are my logs:

13:20:24.0343 3456 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
13:20:24.0593 3456 ============================================================
13:20:24.0593 3456 Current date / time: 2012/07/29 13:20:24.0593
13:20:24.0593 3456 SystemInfo:
13:20:24.0593 3456
13:20:24.0593 3456 OS Version: 5.1.2600 ServicePack: 3.0
13:20:24.0593 3456 Product type: Workstation
13:20:24.0593 3456 ComputerName: DH6HV171
13:20:24.0593 3456 UserName: Jen
13:20:24.0593 3456 Windows directory: C:\WINDOWS
13:20:24.0593 3456 System windows directory: C:\WINDOWS
13:20:24.0593 3456 Processor architecture: Intel x86
13:20:24.0593 3456 Number of processors: 2
13:20:24.0593 3456 Page size: 0x1000
13:20:24.0593 3456 Boot type: Normal boot
13:20:24.0593 3456 ============================================================
13:20:35.0656 3456 Drive \Device\Harddisk0\DR0 - Size: 0x12A05F2000 (74.51 Gb), SectorSize: 0x200, Cylinders: 0x25FE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
13:20:36.0015 3456 ============================================================
13:20:36.0015 3456 \Device\Harddisk0\DR0:
13:20:36.0406 3456 MBR partitions:
13:20:36.0406 3456 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x17886, BlocksNum 0x8E77C93
13:20:36.0406 3456 ============================================================
13:20:36.0875 3456 C: <-> \Device\Harddisk0\DR0\Partition0
13:20:37.0046 3456 ============================================================
13:20:37.0046 3456 Initialize success
13:20:37.0046 3456 ============================================================
13:20:47.0890 2088 ============================================================
13:20:47.0890 2088 Scan started
13:20:47.0890 2088 Mode: Manual; TDLFS;
13:20:47.0890 2088 ============================================================
13:20:48.0203 2088 Abiosdsk - ok
13:20:48.0234 2088 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
13:20:48.0250 2088 abp480n5 - ok
13:20:48.0281 2088 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
13:20:48.0296 2088 ACPI - ok
13:20:48.0343 2088 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
13:20:48.0343 2088 ACPIEC - ok
13:20:48.0421 2088 AdobeFlashPlayerUpdateSvc (6c40d5ed8951ab7b90d08af655224ee4) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
13:20:48.0437 2088 AdobeFlashPlayerUpdateSvc - ok
13:20:48.0484 2088 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
13:20:48.0484 2088 adpu160m - ok
13:20:48.0531 2088 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
13:20:48.0531 2088 aec - ok
13:20:48.0578 2088 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
13:20:48.0578 2088 AFD - ok
13:20:48.0609 2088 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
13:20:48.0625 2088 agp440 - ok
13:20:48.0625 2088 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
13:20:48.0640 2088 agpCPQ - ok
13:20:48.0656 2088 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
13:20:48.0671 2088 Aha154x - ok
13:20:48.0671 2088 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
13:20:48.0671 2088 aic78u2 - ok
13:20:48.0687 2088 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
13:20:48.0687 2088 aic78xx - ok
13:20:48.0734 2088 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
13:20:48.0750 2088 Alerter - ok
13:20:48.0765 2088 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
13:20:48.0781 2088 ALG - ok
13:20:48.0828 2088 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
13:20:48.0828 2088 AliIde - ok
13:20:48.0828 2088 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
13:20:48.0843 2088 alim1541 - ok
13:20:48.0843 2088 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
13:20:48.0859 2088 amdagp - ok
13:20:48.0875 2088 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
13:20:48.0875 2088 amsint - ok
13:20:48.0875 2088 AppMgmt - ok
13:20:48.0890 2088 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
13:20:48.0890 2088 asc - ok
13:20:48.0906 2088 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
13:20:48.0906 2088 asc3350p - ok
13:20:48.0921 2088 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
13:20:48.0921 2088 asc3550 - ok
13:20:49.0031 2088 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
13:20:49.0093 2088 aspnet_state - ok
13:20:49.0140 2088 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
13:20:49.0140 2088 AsyncMac - ok
13:20:49.0171 2088 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
13:20:49.0171 2088 atapi - ok
13:20:49.0171 2088 Atdisk - ok
13:20:49.0187 2088 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
13:20:49.0203 2088 Atmarpc - ok
13:20:49.0234 2088 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
13:20:49.0250 2088 AudioSrv - ok
13:20:49.0281 2088 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
13:20:49.0281 2088 audstub - ok
13:20:49.0312 2088 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
13:20:49.0312 2088 Beep - ok
13:20:49.0343 2088 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
13:20:49.0359 2088 Browser - ok
13:20:49.0390 2088 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
13:20:49.0390 2088 cbidf - ok
13:20:49.0406 2088 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
13:20:49.0406 2088 cbidf2k - ok
13:20:49.0421 2088 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
13:20:49.0421 2088 cd20xrnt - ok
13:20:49.0453 2088 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
13:20:49.0453 2088 Cdaudio - ok
13:20:49.0468 2088 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
13:20:49.0468 2088 Cdfs - ok
13:20:49.0500 2088 Cdr4_xp (bf79e659c506674c0497cc9c61f1a165) C:\WINDOWS\system32\drivers\Cdr4_xp.sys
13:20:49.0500 2088 Cdr4_xp - ok
13:20:49.0500 2088 Cdralw2k (2c41cd49d82d5fd85c72d57b6ca25471) C:\WINDOWS\system32\drivers\Cdralw2k.sys
13:20:49.0500 2088 Cdralw2k - ok
13:20:49.0546 2088 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
13:20:49.0546 2088 Cdrom - ok
13:20:49.0562 2088 Changer - ok
13:20:49.0578 2088 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
13:20:49.0609 2088 CiSvc - ok
13:20:49.0656 2088 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
13:20:49.0703 2088 ClipSrv - ok
13:20:49.0828 2088 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:20:49.0843 2088 clr_optimization_v2.0.50727_32 - ok
13:20:49.0890 2088 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
13:20:49.0890 2088 CmdIde - ok
13:20:49.0890 2088 COMSysApp - ok
13:20:49.0921 2088 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
13:20:49.0937 2088 Cpqarray - ok
13:20:49.0968 2088 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
13:20:50.0015 2088 CryptSvc - ok
13:20:50.0062 2088 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
13:20:50.0078 2088 dac2w2k - ok
13:20:50.0093 2088 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
13:20:50.0093 2088 dac960nt - ok
13:20:50.0156 2088 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
13:20:50.0359 2088 DcomLaunch - ok
13:20:50.0406 2088 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
13:20:50.0406 2088 Dhcp - ok
13:20:50.0437 2088 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
13:20:50.0453 2088 Disk - ok
13:20:50.0453 2088 dlbx_device - ok
13:20:50.0468 2088 dmadmin - ok
13:20:50.0578 2088 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
13:20:50.0671 2088 dmboot - ok
13:20:50.0859 2088 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
13:20:50.0890 2088 dmio - ok
13:20:50.0953 2088 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
13:20:50.0953 2088 dmload - ok
13:20:50.0984 2088 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
13:20:51.0000 2088 dmserver - ok
13:20:51.0015 2088 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
13:20:51.0031 2088 DMusic - ok
13:20:51.0062 2088 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
13:20:51.0062 2088 Dnscache - ok
13:20:51.0140 2088 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
13:20:51.0187 2088 Dot3svc - ok
13:20:51.0234 2088 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
13:20:51.0234 2088 dpti2o - ok
13:20:51.0265 2088 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
13:20:51.0265 2088 drmkaud - ok
13:20:51.0296 2088 drvmcdb (e814854e6b246ccf498874839ab64d77) C:\WINDOWS\system32\drivers\drvmcdb.sys
13:20:51.0312 2088 drvmcdb - ok
13:20:51.0312 2088 drvnddm (ee83a4ebae70bc93cf14879d062f548b) C:\WINDOWS\system32\drivers\drvnddm.sys
13:20:51.0328 2088 drvnddm - ok
13:20:51.0468 2088 DSBrokerService (fe80901578e7e3da70299a5aeb2b7fbd) C:\Program Files\DellSupport\brkrsvc.exe
13:20:51.0562 2088 DSBrokerService - ok
13:20:51.0671 2088 DSproct (413f2d5f9d802688242c23b38f767ecb) C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
13:20:51.0671 2088 DSproct - ok
13:20:51.0703 2088 dsunidrv (dfeabb7cfffadea4a912ab95bdc3177a) C:\WINDOWS\system32\DRIVERS\dsunidrv.sys
13:20:51.0703 2088 dsunidrv - ok
13:20:51.0765 2088 E100B (7d91dc6342248369f94d6eba0cf42e99) C:\WINDOWS\system32\DRIVERS\e100b325.sys
13:20:51.0765 2088 E100B - ok
13:20:51.0812 2088 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
13:20:51.0828 2088 EapHost - ok
13:20:51.0875 2088 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
13:20:51.0875 2088 ERSvc - ok
13:20:51.0921 2088 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
13:20:51.0984 2088 Eventlog - ok
13:20:52.0031 2088 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
13:20:52.0031 2088 EventSystem - ok
13:20:52.0109 2088 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
13:20:52.0140 2088 Fastfat - ok
13:20:52.0187 2088 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
13:20:52.0250 2088 FastUserSwitchingCompatibility - ok
13:20:52.0296 2088 Fax (e97d6a8684466df94ff3bc24fb787a07) C:\WINDOWS\system32\fxssvc.exe
13:20:52.0312 2088 Fax - ok
13:20:52.0343 2088 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
13:20:52.0359 2088 Fdc - ok
13:20:52.0390 2088 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
13:20:52.0390 2088 Fips - ok
13:20:52.0437 2088 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
13:20:52.0437 2088 Flpydisk - ok
13:20:52.0500 2088 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
13:20:52.0500 2088 FltMgr - ok
13:20:52.0593 2088 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
13:20:52.0593 2088 FontCache3.0.0.0 - ok
13:20:52.0625 2088 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
13:20:52.0640 2088 Fs_Rec - ok
13:20:52.0656 2088 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
13:20:52.0671 2088 Ftdisk - ok
13:20:52.0703 2088 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
13:20:52.0718 2088 Gpc - ok
13:20:52.0828 2088 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
13:20:52.0828 2088 gupdate - ok
13:20:52.0843 2088 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
13:20:52.0843 2088 gupdatem - ok
13:20:52.0906 2088 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
13:20:52.0921 2088 helpsvc - ok
13:20:52.0921 2088 HidServ - ok
13:20:52.0968 2088 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
13:20:52.0968 2088 HidUsb - ok
13:20:53.0046 2088 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
13:20:53.0046 2088 hkmsvc - ok
13:20:53.0109 2088 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
13:20:53.0109 2088 hpn - ok
13:20:53.0234 2088 hpqcxs08 (0a3c6aa4a9fc38c20ba4eac2c3351c05) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
13:20:53.0250 2088 hpqcxs08 - ok
13:20:53.0281 2088 hpqddsvc (f3f72a2a86c22610bca5439fa789dd52) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
13:20:53.0281 2088 hpqddsvc - ok
13:20:53.0328 2088 HPZid412 (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
13:20:53.0328 2088 HPZid412 - ok
13:20:53.0375 2088 HPZipr12 (89f41658929393487b6b7d13c8528ce3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
13:20:53.0375 2088 HPZipr12 - ok
13:20:53.0421 2088 HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
13:20:53.0421 2088 HPZius12 - ok
13:20:53.0468 2088 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
13:20:53.0484 2088 HTTP - ok
13:20:53.0531 2088 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
13:20:53.0640 2088 HTTPFilter - ok
13:20:53.0687 2088 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
13:20:53.0687 2088 i2omgmt - ok
13:20:53.0734 2088 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
13:20:53.0734 2088 i2omp - ok
13:20:53.0765 2088 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
13:20:53.0765 2088 i8042prt - ok
13:20:53.0875 2088 ialm (9a883c3c4d91292c0d09de7c728e781c) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
13:20:53.0906 2088 ialm - ok
13:20:54.0156 2088 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
13:20:54.0250 2088 idsvc - ok
13:20:54.0406 2088 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
13:20:54.0406 2088 Imapi - ok
13:20:54.0468 2088 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
13:20:54.0484 2088 ImapiService - ok
13:20:54.0515 2088 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
13:20:54.0515 2088 ini910u - ok
13:20:54.0593 2088 IntelC51 (7509c548400f4c9e0211e3f6e66abbe6) C:\WINDOWS\system32\DRIVERS\IntelC51.sys
13:20:54.0640 2088 IntelC51 - ok
13:20:54.0828 2088 IntelC52 (9584ffdd41d37f2c239681d0dac2513e) C:\WINDOWS\system32\DRIVERS\IntelC52.sys
13:20:54.0843 2088 IntelC52 - ok
13:20:54.0890 2088 IntelC53 (cf0b937710cec6ef39416edecd803cbb) C:\WINDOWS\system32\DRIVERS\IntelC53.sys
13:20:54.0890 2088 IntelC53 - ok
13:20:54.0937 2088 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
13:20:54.0937 2088 IntelIde - ok
13:20:54.0968 2088 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
13:20:54.0968 2088 intelppm - ok
13:20:55.0000 2088 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
13:20:55.0015 2088 Ip6Fw - ok
13:20:55.0046 2088 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
13:20:55.0062 2088 IpFilterDriver - ok
13:20:55.0093 2088 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
13:20:55.0093 2088 IpInIp - ok
13:20:55.0140 2088 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
13:20:55.0156 2088 IpNat - ok
13:20:55.0171 2088 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
13:20:55.0187 2088 IPSec - ok
13:20:55.0203 2088 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
13:20:55.0203 2088 IRENUM - ok
13:20:55.0234 2088 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
13:20:55.0234 2088 isapnp - ok
13:20:55.0359 2088 JavaQuickStarterService (0a5709543986843d37a92290b7838340) C:\Program Files\Java\jre6\bin\jqs.exe
13:20:55.0375 2088 JavaQuickStarterService - ok
13:20:55.0406 2088 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
13:20:55.0421 2088 Kbdclass - ok
13:20:55.0437 2088 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
13:20:55.0437 2088 kmixer - ok
13:20:55.0484 2088 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
13:20:55.0500 2088 KSecDD - ok
13:20:55.0531 2088 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
13:20:55.0546 2088 lanmanserver - ok
13:20:55.0593 2088 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
13:20:55.0640 2088 lanmanworkstation - ok
13:20:55.0640 2088 lbrtfdc - ok
13:20:55.0687 2088 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
13:20:55.0687 2088 LmHosts - ok
13:20:55.0734 2088 MBAMProtector (6dfe7f2e8e8a337263aa5c92a215f161) C:\WINDOWS\system32\drivers\mbam.sys
13:20:55.0734 2088 MBAMProtector - ok
13:20:55.0859 2088 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
13:20:55.0875 2088 MBAMService - ok
13:20:55.0984 2088 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
13:20:56.0000 2088 Messenger - ok
13:20:56.0078 2088 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
13:20:56.0078 2088 mnmdd - ok
13:20:56.0109 2088 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
13:20:56.0125 2088 mnmsrvc - ok
13:20:56.0156 2088 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
13:20:56.0156 2088 Modem - ok
13:20:56.0203 2088 MODEMCSA (1992e0d143b09653ab0f9c5e04b0fd65) C:\WINDOWS\system32\drivers\MODEMCSA.sys
13:20:56.0203 2088 MODEMCSA - ok
13:20:56.0218 2088 mohfilt (59b8b11ff70728eec60e72131c58b716) C:\WINDOWS\system32\DRIVERS\mohfilt.sys
13:20:56.0218 2088 mohfilt - ok
13:20:56.0234 2088 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
13:20:56.0234 2088 Mouclass - ok
13:20:56.0250 2088 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
13:20:56.0250 2088 MountMgr - ok
13:20:56.0343 2088 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
13:20:56.0359 2088 MozillaMaintenance - ok
13:20:56.0406 2088 MpFilter (d993bea500e7382dc4e760bf4f35efcb) C:\WINDOWS\system32\DRIVERS\MpFilter.sys
13:20:56.0406 2088 MpFilter - ok
13:20:56.0437 2088 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
13:20:56.0453 2088 mraid35x - ok
13:20:56.0515 2088 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
13:20:56.0531 2088 MRxDAV - ok
13:20:56.0593 2088 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
13:20:56.0656 2088 MRxSmb - ok
13:20:56.0703 2088 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe
13:20:56.0703 2088 MSDTC - ok
13:20:56.0750 2088 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
13:20:56.0750 2088 Msfs - ok
13:20:56.0765 2088 MSIServer - ok
13:20:56.0796 2088 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
13:20:56.0796 2088 MSKSSRV - ok
13:20:56.0890 2088 MsMpSvc (24516bf4e12a46cb67302e2cdcb8cddf) c:\Program Files\Microsoft Security Client\MsMpEng.exe
13:20:56.0890 2088 MsMpSvc - ok
13:20:56.0921 2088 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
13:20:56.0921 2088 MSPCLOCK - ok
13:20:56.0937 2088 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
13:20:56.0937 2088 MSPQM - ok
13:20:56.0984 2088 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
13:20:56.0984 2088 mssmbios - ok
13:20:57.0015 2088 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
13:20:57.0015 2088 Mup - ok
13:20:57.0109 2088 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
13:20:57.0156 2088 napagent - ok
13:20:57.0203 2088 NB762_XP (6d0b121fe665626d266678ea97c75622) C:\WINDOWS\system32\DRIVERS\WlanUZXP.sys
13:20:57.0218 2088 NB762_XP - ok
13:20:57.0265 2088 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
13:20:57.0281 2088 NDIS - ok
13:20:57.0328 2088 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
13:20:57.0328 2088 NdisTapi - ok
13:20:57.0343 2088 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
13:20:57.0343 2088 Ndisuio - ok
13:20:57.0359 2088 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
13:20:57.0359 2088 NdisWan - ok
13:20:57.0406 2088 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
13:20:57.0406 2088 NDProxy - ok
13:20:57.0453 2088 Net Driver HPZ12 (510c138564486ff926a3f773205c63d1) C:\WINDOWS\system32\HPZinw12.dll
13:20:57.0453 2088 Net Driver HPZ12 - ok
13:20:57.0500 2088 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
13:20:57.0515 2088 NetBIOS - ok
13:20:57.0546 2088 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
13:20:57.0546 2088 NetBT - ok
13:20:57.0640 2088 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
13:20:57.0656 2088 NetDDE - ok
13:20:57.0671 2088 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
13:20:57.0671 2088 NetDDEdsdm - ok
13:20:57.0734 2088 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
13:20:57.0734 2088 Netlogon - ok
13:20:57.0781 2088 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
13:20:57.0796 2088 Netman - ok
13:20:57.0953 2088 NetSvc (02d0798f376fcbd0210eda58476d0b1b) C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
13:20:58.0531 2088 NetSvc - ok
13:20:58.0640 2088 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:20:58.0656 2088 NetTcpPortSharing - ok
13:20:58.0687 2088 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
13:20:58.0703 2088 Nla - ok
13:20:58.0781 2088 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
13:20:58.0796 2088 Npfs - ok
13:20:58.0843 2088 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
13:20:58.0875 2088 Ntfs - ok
13:20:58.0921 2088 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
13:20:58.0921 2088 NtLmSsp - ok
13:20:59.0046 2088 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
13:20:59.0125 2088 NtmsSvc - ok
13:20:59.0187 2088 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
13:20:59.0187 2088 Null - ok
13:20:59.0312 2088 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
13:20:59.0359 2088 nv - ok
13:20:59.0515 2088 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
13:20:59.0515 2088 NwlnkFlt - ok
13:20:59.0531 2088 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
13:20:59.0531 2088 NwlnkFwd - ok
13:20:59.0640 2088 ose (7a56cf3e3f12e8af599963b16f50fb6a) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:20:59.0656 2088 ose - ok
13:20:59.0656 2088 PalmUSBD - ok
13:20:59.0703 2088 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
13:20:59.0703 2088 Parport - ok
13:20:59.0734 2088 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
13:20:59.0734 2088 PartMgr - ok
13:20:59.0781 2088 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
13:20:59.0781 2088 ParVdm - ok
13:20:59.0812 2088 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
13:20:59.0812 2088 PCI - ok
13:20:59.0828 2088 PCIDump - ok
13:20:59.0843 2088 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
13:20:59.0843 2088 PCIIde - ok
13:20:59.0890 2088 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
13:20:59.0890 2088 Pcmcia - ok
13:20:59.0906 2088 PDCOMP - ok
13:20:59.0906 2088 PDFRAME - ok
13:20:59.0921 2088 PDRELI - ok
13:20:59.0937 2088 PDRFRAME - ok
13:20:59.0968 2088 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
13:20:59.0984 2088 perc2 - ok
13:21:00.0015 2088 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
13:21:00.0015 2088 perc2hib - ok
13:21:00.0062 2088 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
13:21:00.0062 2088 PlugPlay - ok
13:21:00.0093 2088 Pml Driver HPZ12 (37e5e8ffbad35605daeec3224ea0e465) C:\WINDOWS\system32\HPZipm12.dll
13:21:00.0109 2088 Pml Driver HPZ12 - ok
13:21:00.0140 2088 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
13:21:00.0156 2088 PolicyAgent - ok
13:21:00.0187 2088 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
13:21:00.0203 2088 PptpMiniport - ok
13:21:00.0265 2088 PRISM_USB (3bdcb5bf0eae3e4f25d4d0c0ce8e8d94) C:\WINDOWS\system32\DRIVERS\EXPSUSB.sys
13:21:00.0671 2088 PRISM_USB - ok
13:21:00.0718 2088 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
13:21:00.0718 2088 ProtectedStorage - ok
13:21:00.0750 2088 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
13:21:00.0750 2088 PSched - ok
13:21:00.0796 2088 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
13:21:00.0796 2088 Ptilink - ok
13:21:00.0843 2088 PxHelp20 (1962166e0ceb740704f30fa55ad3d509) C:\WINDOWS\system32\Drivers\PxHelp20.sys
13:21:00.0843 2088 PxHelp20 - ok
13:21:00.0906 2088 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
13:21:00.0921 2088 ql1080 - ok
13:21:00.0937 2088 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
13:21:00.0937 2088 Ql10wnt - ok
13:21:00.0937 2088 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
13:21:00.0953 2088 ql12160 - ok
13:21:00.0968 2088 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
13:21:00.0968 2088 ql1240 - ok
13:21:01.0015 2088 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
13:21:01.0031 2088 ql1280 - ok
13:21:01.0046 2088 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
13:21:01.0046 2088 RasAcd - ok
13:21:01.0078 2088 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
13:21:01.0093 2088 RasAuto - ok
13:21:01.0109 2088 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
13:21:01.0125 2088 Rasl2tp - ok
13:21:01.0156 2088 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
13:21:01.0171 2088 RasMan - ok
13:21:01.0187 2088 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
13:21:01.0203 2088 RasPppoe - ok
13:21:01.0234 2088 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
13:21:01.0234 2088 Raspti - ok
13:21:01.0281 2088 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
13:21:01.0296 2088 Rdbss - ok
13:21:01.0343 2088 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
13:21:01.0343 2088 RDPCDD - ok
13:21:01.0406 2088 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
13:21:01.0453 2088 rdpdr - ok
13:21:01.0500 2088 RDPWD (6589db6e5969f8eee594cf71171c5028) C:\WINDOWS\system32\drivers\RDPWD.sys
13:21:01.0500 2088 RDPWD - ok
13:21:01.0578 2088 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
13:21:01.0640 2088 RDSessMgr - ok
13:21:01.0703 2088 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
13:21:01.0703 2088 redbook - ok
13:21:01.0734 2088 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
13:21:01.0750 2088 RemoteAccess - ok
13:21:01.0796 2088 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
13:21:01.0796 2088 RpcLocator - ok
13:21:01.0859 2088 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
13:21:01.0859 2088 RpcSs - ok
13:21:01.0921 2088 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
13:21:01.0937 2088 RSVP - ok
13:21:01.0984 2088 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
13:21:01.0984 2088 SamSs - ok
13:21:02.0031 2088 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
13:21:02.0046 2088 SCardSvr - ok
13:21:02.0093 2088 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
13:21:02.0109 2088 Schedule - ok
13:21:02.0187 2088 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
13:21:02.0187 2088 Secdrv - ok
13:21:02.0234 2088 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
13:21:02.0234 2088 seclogon - ok
13:21:02.0312 2088 senfilt (b9c7617c1e8ab6fdff75d3c8dafcb4c8) C:\WINDOWS\system32\drivers\senfilt.sys
13:21:02.0328 2088 senfilt - ok
13:21:02.0437 2088 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
13:21:02.0453 2088 SENS - ok
13:21:02.0515 2088 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
13:21:02.0531 2088 serenum - ok
13:21:02.0562 2088 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
13:21:02.0562 2088 Serial - ok
13:21:02.0593 2088 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
13:21:02.0593 2088 Sfloppy - ok
13:21:02.0640 2088 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
13:21:02.0640 2088 ShellHWDetection - ok
13:21:02.0656 2088 Simbad - ok
13:21:02.0687 2088 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
13:21:02.0687 2088 sisagp - ok
13:21:02.0750 2088 smwdm (86c4d93b7b7818d066c52fdb03c6c921) C:\WINDOWS\system32\drivers\smwdm.sys
13:21:02.0765 2088 smwdm - ok
13:21:02.0781 2088 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
13:21:02.0781 2088 Sparrow - ok
13:21:02.0812 2088 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
13:21:02.0828 2088 splitter - ok
13:21:02.0859 2088 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
13:21:02.0875 2088 Spooler - ok
13:21:02.0906 2088 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
13:21:02.0921 2088 sr - ok
13:21:02.0968 2088 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
13:21:02.0984 2088 srservice - ok
13:21:03.0031 2088 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
13:21:03.0046 2088 Srv - ok
13:21:03.0078 2088 sscdbhk5 (d7968049be0adbb6a57cee3960320911) C:\WINDOWS\system32\drivers\sscdbhk5.sys
13:21:03.0078 2088 sscdbhk5 - ok
13:21:03.0109 2088 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
13:21:03.0125 2088 SSDPSRV - ok
13:21:03.0156 2088 ssrtln (c3ffd65abfb6441e7606cf74f1155273) C:\WINDOWS\system32\drivers\ssrtln.sys
13:21:03.0156 2088 ssrtln - ok
13:21:03.0218 2088 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
13:21:03.0234 2088 stisvc - ok
13:21:03.0265 2088 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
13:21:03.0265 2088 swenum - ok
13:21:03.0296 2088 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
13:21:03.0312 2088 swmidi - ok
13:21:03.0312 2088 SwPrv - ok
13:21:03.0359 2088 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
13:21:03.0359 2088 symc810 - ok
13:21:03.0390 2088 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
13:21:03.0390 2088 symc8xx - ok
13:21:03.0406 2088 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
13:21:03.0406 2088 sym_hi - ok
13:21:03.0421 2088 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
13:21:03.0421 2088 sym_u3 - ok
13:21:03.0453 2088 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
13:21:03.0453 2088 sysaudio - ok
13:21:03.0515 2088 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
13:21:03.0546 2088 SysmonLog - ok
13:21:03.0593 2088 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
13:21:03.0609 2088 TapiSrv - ok
13:21:03.0656 2088 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
13:21:03.0671 2088 Tcpip - ok
13:21:03.0703 2088 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
13:21:03.0703 2088 TDPIPE - ok
13:21:03.0734 2088 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
13:21:03.0750 2088 TDTCP - ok
13:21:03.0812 2088 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
13:21:03.0812 2088 TermDD - ok
13:21:03.0859 2088 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
13:21:03.0890 2088 TermService - ok
13:21:03.0953 2088 tfsnboio (30698355067d07da5f9eb81132c9fdd6) C:\WINDOWS\system32\dla\tfsnboio.sys
13:21:04.0015 2088 tfsnboio - ok
13:21:04.0031 2088 tfsncofs (fb9d825bb4a2abdf24600f7505050e2b) C:\WINDOWS\system32\dla\tfsncofs.sys
13:21:04.0078 2088 tfsncofs - ok
13:21:04.0093 2088 tfsndrct (cafd8cca11aa1e8b6d2ea1ba8f70ec33) C:\WINDOWS\system32\dla\tfsndrct.sys
13:21:04.0109 2088 tfsndrct - ok
13:21:04.0140 2088 tfsndres (8db1e78fbf7c426d8ec3d8f1a33d6485) C:\WINDOWS\system32\dla\tfsndres.sys
13:21:04.0187 2088 tfsndres - ok
13:21:04.0218 2088 tfsnifs (b92f67a71cc8176f331b8aa8d9f555ad) C:\WINDOWS\system32\dla\tfsnifs.sys
13:21:04.0296 2088 tfsnifs - ok
13:21:04.0328 2088 tfsnopio (85985faa9a71e2358fcc2edefc2a3c5c) C:\WINDOWS\system32\dla\tfsnopio.sys
13:21:04.0359 2088 tfsnopio - ok
13:21:04.0375 2088 tfsnpool (bba22094f0f7c210567efdaf11f64495) C:\WINDOWS\system32\dla\tfsnpool.sys
13:21:04.0406 2088 tfsnpool - ok
13:21:04.0468 2088 tfsnudf (81340bef80b9811e98ce64611e67e3ff) C:\WINDOWS\system32\dla\tfsnudf.sys
13:21:04.0562 2088 tfsnudf - ok
13:21:04.0593 2088 tfsnudfa (c035fd116224ccc8325f384776b6a8bb) C:\WINDOWS\system32\dla\tfsnudfa.sys
13:21:04.0656 2088 tfsnudfa - ok
13:21:04.0703 2088 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
13:21:04.0703 2088 Themes - ok
13:21:04.0781 2088 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
13:21:04.0781 2088 TosIde - ok
13:21:04.0828 2088 TPkd (f3e2bde812bccd6f58751affe43269f0) C:\WINDOWS\system32\drivers\TPkd.sys
13:21:04.0828 2088 TPkd - ok
13:21:04.0875 2088 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
13:21:04.0890 2088 TrkWks - ok
13:21:04.0921 2088 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
13:21:04.0937 2088 Udfs - ok
13:21:04.0968 2088 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
13:21:04.0984 2088 ultra - ok
13:21:05.0031 2088 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
13:21:05.0046 2088 Update - ok
13:21:05.0093 2088 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
13:21:05.0109 2088 upnphost - ok
13:21:05.0156 2088 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
13:21:05.0156 2088 UPS - ok
13:21:05.0203 2088 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
13:21:05.0218 2088 usbccgp - ok
13:21:05.0250 2088 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
13:21:05.0250 2088 usbehci - ok
13:21:05.0281 2088 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
13:21:05.0281 2088 usbhub - ok
13:21:05.0328 2088 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
13:21:05.0328 2088 usbprint - ok
13:21:05.0343 2088 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
13:21:05.0343 2088 usbscan - ok
13:21:05.0390 2088 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
13:21:05.0406 2088 USBSTOR - ok
13:21:05.0437 2088 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
13:21:05.0437 2088 usbuhci - ok
13:21:05.0468 2088 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
13:21:05.0468 2088 VgaSave - ok
13:21:05.0500 2088 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
13:21:05.0515 2088 viaagp - ok
13:21:05.0546 2088 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
13:21:05.0546 2088 ViaIde - ok
13:21:05.0640 2088 Viewpoint Manager Service (d622530829e35d75526a814375eebcfd) C:\Program Files\Viewpoint\Common\ViewpointService.exe
13:21:05.0781 2088 Viewpoint Manager Service - ok
13:21:05.0828 2088 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
13:21:05.0843 2088 VolSnap - ok
13:21:05.0890 2088 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
13:21:05.0937 2088 VSS - ok
13:21:05.0968 2088 w32time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
13:21:05.0984 2088 w32time - ok
13:21:06.0015 2088 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
13:21:06.0015 2088 Wanarp - ok
13:21:06.0078 2088 wanatw (0a716c08cb13c3a8f4f51e882dbf7416) C:\WINDOWS\system32\DRIVERS\wanatw4.sys
13:21:06.0078 2088 wanatw - ok
13:21:06.0093 2088 WDICA - ok
13:21:06.0109 2088 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
13:21:06.0125 2088 wdmaud - ok
13:21:06.0156 2088 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
13:21:06.0171 2088 WebClient - ok
13:21:06.0250 2088 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
13:21:06.0250 2088 winmgmt - ok
13:21:06.0296 2088 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\mspmsnsv.dll
13:21:06.0312 2088 WmdmPmSN - ok
13:21:06.0390 2088 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
13:21:06.0453 2088 WmiApSrv - ok
13:21:06.0625 2088 WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\WMPNetwk.exe
13:21:06.0656 2088 WMPNetworkSvc - ok
13:21:06.0843 2088 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
13:21:06.0843 2088 WS2IFSL - ok
13:21:06.0890 2088 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
13:21:06.0890 2088 WudfPf - ok
13:21:06.0921 2088 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
13:21:06.0937 2088 WudfRd - ok
13:21:06.0968 2088 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
13:21:07.0031 2088 WudfSvc - ok
13:21:07.0093 2088 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
13:21:07.0140 2088 WZCSVC - ok
13:21:07.0218 2088 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
13:21:07.0281 2088 xmlprov - ok
13:21:07.0312 2088 MBR (0x1B8) (b16a2359f4962b0c622d81a1c1f4b703) \Device\Harddisk0\DR0
13:21:07.0921 2088 \Device\Harddisk0\DR0 - ok
13:21:07.0968 2088 Boot (0x1200) (a00d79b7ddedc449fffa781bc93c6c4c) \Device\Harddisk0\DR0\Partition0
13:21:07.0968 2088 \Device\Harddisk0\DR0\Partition0 - ok
13:21:07.0968 2088 ============================================================
13:21:07.0968 2088 Scan finished
13:21:07.0968 2088 ============================================================
13:21:07.0984 3232 Detected object count: 0
13:21:07.0984 3232 Actual detected object count: 0

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-29 13:26:35
-----------------------------
13:26:35.828 OS Version: Windows 5.1.2600 Service Pack 3
13:26:35.843 Number of processors: 2 586 0x401
13:26:35.843 ComputerName: DH6HV171 UserName:
13:26:36.859 Initialize success
13:27:01.031 AVAST engine defs: 12072900
13:27:23.703 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
13:27:23.703 Disk 0 Vendor: Maxtor_6Y080L0 YAR41BW0 Size: 76293MB BusType: 3
13:27:23.718 Disk 0 MBR read successfully
13:27:23.734 Disk 0 MBR scan
13:27:23.921 Disk 0 unknown MBR code
13:27:23.953 Disk 0 Partition 1 00 DE Dell Utility Dell 4.1 47 MB offset 63
13:27:24.250 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 72943 MB offset 96390
13:27:24.375 Disk 0 Partition 3 00 DB CP/M / CTOS MSWIN4.1 3294 MB offset 149484825
13:27:24.515 Disk 0 scanning sectors +156232125
13:27:24.843 Disk 0 scanning C:\WINDOWS\system32\drivers
13:28:55.531 Service scanning
13:29:24.609 Service MpKsl31c4d4ac c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0FBBA066-CDC9-4DC3-BA36-AC7077722458}\MpKsl31c4d4ac.sys **LOCKED** 32
13:29:51.375 Modules scanning
13:30:36.234 Disk 0 trace - called modules:
13:30:36.265 ntoskrnl.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll pciide.sys PCIIDEX.SYS
13:30:36.265 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8338b030]
13:30:36.265 3 CLASSPNP.SYS[f8878fd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x83388b00]
13:30:36.640 AVAST engine scan C:\WINDOWS
13:31:39.015 AVAST engine scan C:\WINDOWS\system32
13:40:23.328 AVAST engine scan C:\WINDOWS\system32\drivers
13:40:54.593 AVAST engine scan C:\Documents and Settings\Neal Lissack
14:05:41.218 AVAST engine scan C:\Documents and Settings\All Users
14:33:19.140 Scan finished successfully
14:34:41.687 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Jen\Desktop\MBR.dat"
14:34:41.718 The log file has been saved successfully to "C:\Documents and Settings\Jen\Desktop\aswMBR2.txt"

Finally ESET Log

386\GTDownDE_87.ocx probably a variant of Win32/Adware.Agent.LCKGTSG application cleaned by deleting - quarantined

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:46 AM

Posted 29 July 2012 - 03:49 PM

Open your C drive

On top,click on Organize-folder and search options

Click on View tab and scroll down

Check mark Show hidden files
Uncheck Hide operating system files


Click ok,now go to

C:\Documents and Settings\Jen\Local Settings\Application Data\{28130b53-756b-db51-a40b-8b41941ead15}
C:\Windows\Installer\{28130b53-756b-db51-a40b-8b41941ead15}

delete the folders

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#5 Jrgirl

Jrgirl
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:01:46 AM

Posted 29 July 2012 - 04:38 PM

I found and deleted both folders. Here are the logs you requested:

Mini
========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================




127.0.0.1 localhost

========================= IP Configuration: ================================

Intel® PRO/100 VE Network Connection = Local Area Connection (Connected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : DH6HV171

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Hybrid

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No

DNS Suffix Search List. . . . . . : rochester.rr.com



Ethernet adapter Local Area Connection:



Connection-specific DNS Suffix . : rochester.rr.com

Description . . . . . . . . . . . : Intel® PRO/100 VE Network Connection

Physical Address. . . . . . . . . : 00-13-20-03-DC-37

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 69.205.114.43

Subnet Mask . . . . . . . . . . . : 255.255.248.0

Default Gateway . . . . . . . . . : 69.205.112.1

DHCP Server . . . . . . . . . . . : 10.109.32.1

DNS Servers . . . . . . . . . . . : 209.18.47.61

209.18.47.62

Lease Obtained. . . . . . . . . . : Sunday, July 29, 2012 5:01:15 PM

Lease Expires . . . . . . . . . . : Monday, July 30, 2012 2:35:11 AM

Server: dns-cac-lb-01.rr.com
Address: 209.18.47.61

Name: google.com
Addresses: 74.125.228.102, 74.125.228.103, 74.125.228.104, 74.125.228.105
74.125.228.110, 74.125.228.96, 74.125.228.97, 74.125.228.98, 74.125.228.99
74.125.228.100, 74.125.228.101



Pinging google.com [74.125.228.67] with 32 bytes of data:



Reply from 74.125.228.67: bytes=32 time=34ms TTL=54

Reply from 74.125.228.67: bytes=32 time=33ms TTL=54



Ping statistics for 74.125.228.67:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 33ms, Maximum = 34ms, Average = 33ms

Server: dns-cac-lb-01.rr.com
Address: 209.18.47.61

Name: yahoo.com
Addresses: 98.139.183.24, 209.191.122.70, 72.30.38.140



Pinging yahoo.com [72.30.38.140] with 32 bytes of data:



Reply from 72.30.38.140: bytes=32 time=93ms TTL=54

Reply from 72.30.38.140: bytes=32 time=181ms TTL=54



Ping statistics for 72.30.38.140:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 93ms, Maximum = 181ms, Average = 137ms

Server: dns-cac-lb-01.rr.com
Address: 209.18.47.61

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:



Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x10003 ...00 13 20 03 dc 37 ...... Intel® PRO/100 VE Network Connection
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 69.205.112.1 69.205.114.43 20
69.205.112.0 255.255.248.0 69.205.114.43 69.205.114.43 20
69.205.114.43 255.255.255.255 127.0.0.1 127.0.0.1 20
69.255.255.255 255.255.255.255 69.205.114.43 69.205.114.43 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
224.0.0.0 240.0.0.0 69.205.114.43 69.205.114.43 20
255.255.255.255 255.255.255.255 69.205.114.43 69.205.114.43 1
Default Gateway: 69.205.112.1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/29/2012 11:19:41 AM) (Source: Application Error) (User: )
Description: Faulting application dlbxmon.exe, version 1.196.0.0, faulting module unknown, version 0.0.0.0, fault address 0x0012fb84.
Processing media-specific event for [dlbxmon.exe!ws!]

Error: (07/29/2012 10:07:07 AM) (Source: Application Error) (User: )
Description: Faulting application FlashPlayerUpdateService.exe, version 11.3.300.268, faulting module ntdll.dll, version 5.1.2600.6055, fault address 0x000113c0.
Processing media-specific event for [FlashPlayerUpdateService.exe!ws!]

Error: (07/29/2012 06:50:01 AM) (Source: Application Error) (User: )
Description: Faulting application dlbxmon.exe, version 1.196.0.0, faulting module unknown, version 0.0.0.0, fault address 0x0012fb84.
Processing media-specific event for [dlbxmon.exe!ws!]

Error: (07/29/2012 01:07:24 AM) (Source: Application Error) (User: )
Description: Faulting application FlashPlayerUpdateService.exe, version 11.3.300.268, faulting module ntdll.dll, version 5.1.2600.6055, fault address 0x000113c0.
Processing media-specific event for [FlashPlayerUpdateService.exe!ws!]

Error: (07/28/2012 11:34:03 PM) (Source: Application Error) (User: )
Description: Faulting application mbam.exe, version 1.62.0.87, faulting module version.dll, version 5.1.2600.5512, fault address 0x00001ddc.
Processing media-specific event for [mbam.exe!ws!]

Error: (07/28/2012 09:18:46 PM) (Source: Application Error) (User: )
Description: Faulting application mbam.exe, version 1.62.0.87, faulting module version.dll, version 5.1.2600.5512, fault address 0x00001ddc.
Processing media-specific event for [mbam.exe!ws!]

Error: (07/28/2012 09:07:07 PM) (Source: Application Error) (User: )
Description: Faulting application FlashPlayerUpdateService.exe, version 11.3.300.268, faulting module ntdll.dll, version 5.1.2600.6055, fault address 0x000113c0.
Processing media-specific event for [FlashPlayerUpdateService.exe!ws!]

Error: (07/28/2012 07:07:08 PM) (Source: Application Error) (User: )
Description: Faulting application FlashPlayerUpdateService.exe, version 11.3.300.268, faulting module ntdll.dll, version 5.1.2600.6055, fault address 0x000113c0.
Processing media-specific event for [FlashPlayerUpdateService.exe!ws!]

Error: (07/28/2012 06:37:45 PM) (Source: Application Error) (User: )
Description: Faulting application dlbxmon.exe, version 1.196.0.0, faulting module unknown, version 0.0.0.0, fault address 0x0012fb84.
Processing media-specific event for [dlbxmon.exe!ws!]

Error: (07/28/2012 03:07:03 AM) (Source: Application Error) (User: )
Description: Faulting application FlashPlayerUpdateService.exe, version 11.3.300.265, faulting module ntdll.dll, version 5.1.2600.6055, fault address 0x000113c0.
Processing media-specific event for [FlashPlayerUpdateService.exe!ws!]


System errors:
=============
Error: (07/29/2012 11:27:34 AM) (Source: Microsoft Antimalware) (User: )
Description: %%8604.0.1526.01.131.599.07%%859NT AUTHORITYSYSTEMS-1-5-181%%8001%%8031.1.8601.00x80070424The specified service does not exist as an installed service. 1%%852Default URL

Error: (07/29/2012 11:19:15 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (07/29/2012 06:59:34 AM) (Source: Microsoft Antimalware) (User: )
Description: %%8604.0.1526.01.131.599.07%%859NT AUTHORITYSYSTEMS-1-5-181%%8001%%8031.1.8601.00x80070424The specified service does not exist as an installed service. 1%%852Default URL

Error: (07/29/2012 06:50:29 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
abp480n5
adpu160m
agp440
agpCPQ
Aha154x
aic78u2
aic78xx
AliIde
alim1541
amdagp
amsint
asc
asc3350p
asc3550
cbidf
cd20xrnt
CmdIde
Cpqarray
dac2w2k
dac960nt
dpti2o
hpn
i2omp
ini910u
IntelIde
mraid35x
perc2
perc2hib
ql1080
Ql10wnt
ql12160
ql1240
ql1280
sisagp
Sparrow
symc810
symc8xx
sym_hi
sym_u3
TosIde
ultra
viaagp
ViaIde

Error: (07/29/2012 06:50:29 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (07/29/2012 02:15:39 AM) (Source: Microsoft Antimalware) (User: )
Description: %%8604.0.1526.01.131.599.07%%859NT AUTHORITYSYSTEMS-1-5-181%%8001%%8031.1.8601.00x80070424The specified service does not exist as an installed service. 1%%852Default URL

Error: (07/28/2012 06:46:06 PM) (Source: Microsoft Antimalware) (User: )
Description: %%8604.0.1526.01.131.599.07%%859NT AUTHORITYSYSTEMS-1-5-181%%8001%%8031.1.8601.00x80070424The specified service does not exist as an installed service. 1%%852Default URL

Error: (07/28/2012 06:37:12 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (07/28/2012 07:35:05 AM) (Source: Microsoft Antimalware) (User: )
Description: %%8604.0.1526.01.131.599.07%%859NT AUTHORITYSYSTEMS-1-5-181%%8001%%8031.1.8601.00x80070424The specified service does not exist as an installed service. 1%%852Default URL

Error: (07/28/2012 07:35:03 AM) (Source: Microsoft Antimalware) (User: )
Description: %%8604.0.1526.01.131.599.07%%859NT AUTHORITYSYSTEMS-1-5-181%%8001%%8031.1.8601.00x80070424The specified service does not exist as an installed service. 1%%852Default URL


Microsoft Office Sessions:
=========================
Error: (07/29/2012 11:19:41 AM) (Source: Application Error)(User: )
Description: dlbxmon.exe1.196.0.0unknown0.0.0.00012fb84

Error: (07/29/2012 10:07:07 AM) (Source: Application Error)(User: )
Description: FlashPlayerUpdateService.exe11.3.300.268ntdll.dll5.1.2600.6055000113c0

Error: (07/29/2012 06:50:01 AM) (Source: Application Error)(User: )
Description: dlbxmon.exe1.196.0.0unknown0.0.0.00012fb84

Error: (07/29/2012 01:07:24 AM) (Source: Application Error)(User: )
Description: FlashPlayerUpdateService.exe11.3.300.268ntdll.dll5.1.2600.6055000113c0

Error: (07/28/2012 11:34:03 PM) (Source: Application Error)(User: )
Description: mbam.exe1.62.0.87version.dll5.1.2600.551200001ddc

Error: (07/28/2012 09:18:46 PM) (Source: Application Error)(User: )
Description: mbam.exe1.62.0.87version.dll5.1.2600.551200001ddc

Error: (07/28/2012 09:07:07 PM) (Source: Application Error)(User: )
Description: FlashPlayerUpdateService.exe11.3.300.268ntdll.dll5.1.2600.6055000113c0

Error: (07/28/2012 07:07:08 PM) (Source: Application Error)(User: )
Description: FlashPlayerUpdateService.exe11.3.300.268ntdll.dll5.1.2600.6055000113c0

Error: (07/28/2012 06:37:45 PM) (Source: Application Error)(User: )
Description: dlbxmon.exe1.196.0.0unknown0.0.0.00012fb84

Error: (07/28/2012 03:07:03 AM) (Source: Application Error)(User: )
Description: FlashPlayerUpdateService.exe11.3.300.265ntdll.dll5.1.2600.6055000113c0


=========================== Installed Programs ============================

32 Bit HP CIO Components Installer (Version: 6.1.1)
4500_G510af_Help (Version: 000.0.439.000)
4500G510af (Version: 000.0.423.000)
4500G510af_Software_Min (Version: 000.0.423.000)
ABBYY FineReader 6.0 Sprint Plus (Version: 6.00.1224.4165)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.268)
Adobe Reader 7.0 (Version: 7.0.0)
BufferChm (Version: 130.0.331.000)
Coupon Printer for Windows (Version: 5.0.0.1)
Critical Update for Windows Media Player 11 (KB959772)
Dell Driver Reset Tool (Version: 1.02.0000)
Dell System Restore (Version: 2.00.0000)
DellSupport (Version: 6.0.3062)
Destinations (Version: 130.0.0.0)
DeviceDiscovery (Version: 130.0.372.000)
DocMgr (Version: 130.0.000.000)
DocProc (Version: 13.0.0.0)
Download Updater (AOL LLC)
ESET Online Scanner v3
Fax (Version: 130.0.418.000)
Google Chrome (Version: 20.0.1132.57)
Google Update Helper (Version: 1.3.21.115)
GPBaseService2 (Version: 130.0.371.000)
HP Customer Participation Program 13.0 (Version: 13.0)
HP Document Manager 2.0 (Version: 2.0)
HP Imaging Device Functions 13.0 (Version: 13.0)
HP Officejet 4500 G510a-f (Version: 13.0)
HP Smart Web Printing 4.5 (Version: 4.5)
HP Solution Center 13.0 (Version: 13.0)
HP Update (Version: 4.000.011.006)
HPProductAssistant (Version: 130.0.371.000)
HPSSupply (Version: 130.0.371.000)
Intel® 537EP V9x DF PCI Modem
Intel® Extreme Graphics 2 Driver (Version: 6.14.10.4396)
Intel® PRO Network Adapters and Drivers
Intel® PROSet for Wired Connections (Version: 8.00.5000)
Internet Explorer Default Page (Version: 1.00.03)
J2SE Runtime Environment 5.0 Update 6 (Version: 1.5.0.60)
Jasc Paint Shop Pro 8 Dell Edition (Version: 8.10.0000)
Java 2 Runtime Environment, SE v1.4.2_03 (Version: 1.4.2_03)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 31 (Version: 6.0.310)
Joy of Cooking
Learn2 Player (Uninstall Only)
Macromedia Flash Player (Version: 7.0.19.0)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
MarketResearch (Version: 130.0.374.000)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Office 2003 Web Components (Version: 11.0.8173.0)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Professional Edition 2003 (Version: 11.0.8173.0)
Microsoft Plus! Digital Media Edition Installer (Version: 1.1.0.3514)
Microsoft Plus! Photo Story 2 LE (Version: 1.1.0.3463)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Mozilla Firefox 14.0.1 (x86 en-US) (Version: 14.0.1)
Mozilla Maintenance Service (Version: 14.0.1)
MSN
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 6 Service Pack 2 (KB973686) (Version: 6.20.2003.0)
My Way Search Assistant
My Way Search Assistant (Version: 1.0.256)
Napster Burn Engine (Version: 2.5.0000)
OCR Software by I.R.I.S. 13.0 (Version: 13.0)
PowerDVD 5.3
QuickTime
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer (Version: 15.0.4)
RealUpgrade 1.1 (Version: 1.1.0)
Scan (Version: 13.0.0.0)
Serif DrawPlus 3.0
Shop for HP Supplies (Version: 13.0)
SmartWebPrinting (Version: 130.0.373.000)
SolutionCenter (Version: 130.0.373.000)
Sonic DLA (Version: 4.95)
Sonic MyDVD SlideShow (Version: 5.2.3)
Sonic RecordNow! (Version: 7.3)
Sonic Update Manager (Version: 2.9)
Status (Version: 130.0.373.000)
TaxCut Premium 2006
Toolbox (Version: 130.0.648.000)
TrayApp (Version: 130.0.376.000)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Windows Internet Explorer 8 (KB2447568) (Version: 1)
Update for Windows XP (KB2141007) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2607712) (Version: 1)
Update for Windows XP (KB2616676) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB951072-v2) (Version: 2)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB955839) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
Update for Windows XP (KB976749) (Version: 1)
Update for Windows XP (KB978207) (Version: 1)
Update for Windows XP (KB980182) (Version: 1)
Viewpoint Manager (Remove Only)
Viewpoint Media Player
WebFldrs XP (Version: 9.50.7523)
WebReg (Version: 130.0.132.017)
Windows Genuine Advantage Notifications (KB905474) (Version: 1.5.0532.2)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Imaging Component (Version: 3.0.0.0)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Media Format 11 runtime
Windows Media Player 10 (Version: 9.00.3636)
Windows Resource Kit Tools - SubInAcl.exe (Version: 5.2.3790.1164)
Windows XP Service Pack 3 (Version: 20080414.031525)
WinRAR archiver
XML Paper Specification Shared Components Pack 1.0
Yahoo! Toolbar

========================= Memory info: ===================================

Percentage of memory in use: 74%
Total physical RAM: 509.98 MB
Available physical RAM: 130.18 MB
Total Pagefile: 1244.75 MB
Available Pagefile: 779.99 MB
Total Virtual: 2047.88 MB
Available Virtual: 1970.25 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:71.23 GB) (Free:45.31 GB) NTFS

========================= Users: ========================================

User accounts for \\DH6HV171

Administrator Guest HelpAssistant
Jen SUPPORT_388945a0


**** End of log ****

Farbar Service Scanner Version: 26-07-2012
Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
sharedaccess Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to retrieve start type of sharedaccess. The value does not exist.
Checking ImagePath: ATTENTION!=====> Unable to retrieve ImagePath of sharedaccess. The value does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open sharedaccess registry key. The service key does not exist.


Firewall Disabled Policy:
==================
ATTENTION!=====> Unable to open HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile. The key does not exist.
ATTENTION!=====> Unable to open HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile. The key does not exist.


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.

BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.


Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
Gpc(6) IPSec(4) NetBT(5) PSched(7) Tcpip(3)
0x0700000004000000010000000200000003000000050000000600000007000000
IpSec Tag value is correct.

**** End of log ****

# AdwCleaner v1.703 - Logfile created 07/29/2012 at 17:18:34
# Updated 20/07/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Jen - DH6HV171
# Running from : C:\Documents and Settings\Jen\My Documents\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****

Stopped & Deleted : Viewpoint Manager Service

***** [Files / Folders] *****

Folder Deleted : C:\Documents and Settings\Jen\Local Settings\Application Data\Conduit
Folder Deleted : C:\Documents and Settings\Jen\Local Settings\Application Data\ConduitEngine
Folder Deleted : C:\Documents and Settings\Jen\Local Settings\Application Data\Viewpoint
Folder Deleted : C:\Documents and Settings\Jen\Application Data\Viewpoint
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Viewpoint
Folder Deleted : C:\Program Files\ConduitEngine
Deleted on reboot : C:\Program Files\Viewpoint
Folder Deleted : C:\Program Files\Common Files\Software Update Utility
Folder Deleted : C:\Program Files\Common Files\Viewpoint

***** [Registry] *****

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\VWPT
Key Deleted : HKCU\Software\Viewpoint
Key Deleted : HKLM\SOFTWARE\Classes\AppID\dnu.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdate
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1
Key Deleted : HKLM\SOFTWARE\MetaStream
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Viewpoint Manager
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Key Deleted : HKLM\SOFTWARE\Viewpoint
Key Deleted : HKLM\SOFTWARE\Wise Solutions

***** [Registre - GUID] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A3F2A195-0D11-463b-96BB-D2FF1B7490A1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ECD0ECC6-DCA4-4013-A915-12355AB70999}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7327C09-B521-4EDB-8509-7D2660C9EC98}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F8AD5AA5-D966-4667-9DAF-2561D68B2012}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7327C09-B521-4EDB-8509-7D2660C9EC98}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F8AD5AA5-D966-4667-9DAF-2561D68B2012}

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

-\\ Mozilla Firefox v14.0.1 (en-US)

Profile name : default
File : C:\Documents and Settings\Jen\Application Data\Mozilla\Firefox\Profiles\ure0gtn6.default\prefs.js

[OK] File is clean.

Profile name : default
File : C:\Documents and Settings\Administrator.DH6HV171\Application Data\Mozilla\Firefox\Profiles\ma8svtaa.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v20.0.1132.57

File : C:\Documents and Settings\Jen\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

Deleted : "description": "The fastest way to search the web.",
Deleted : "path": "C:\\Program Files\\Viewpoint\\Viewpoint Experience Technology\\npViewpoint.dll",

*************************

AdwCleaner[S1].txt - [5104 octets] - [29/07/2012 17:18:34]

########## EOF - C:\AdwCleaner[S1].txt - [5232 octets] ##########

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:46 AM

Posted 29 July 2012 - 05:52 PM

Download

Sharedaccess
wscsvc
BITS
wuauserv

launch them ,click YES

Restart the PC,post the new FSS log

#7 Jrgirl

Jrgirl
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:01:46 AM

Posted 29 July 2012 - 06:09 PM

I completed the next set of steps. Here is the new FSS log

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
ATTENTION!=====> Unable to retrieve HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\\EnableFirewall value. The value does not exist.
ATTENTION!=====> Unable to retrieve HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\\EnableFirewall value. The value does not exist.


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
Gpc(6) IPSec(4) NetBT(5) PSched(7) Tcpip(3)
0x0700000004000000010000000200000003000000050000000600000007000000
IpSec Tag value is correct.

**** End of log ****

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:46 AM

Posted 29 July 2012 - 06:14 PM

That looks good

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://support.microsoft.com/kb/310405

Update your flash player

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#9 Jrgirl

Jrgirl
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:01:46 AM

Posted 29 July 2012 - 08:03 PM

Thank you sooo very much for all of your help!! I really appreciate it!!

I do have one last question.... I have downloaded the TFC and I am logged in as the admin. I click start and nothing happens, eventually I am told that TFC is not responding. It seems like the last program that TFC tries to close is MSE, the MSE box telling me I'm at risk doesn't completely close. Is it possible that the two are conflicting?

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:46 AM

Posted 29 July 2012 - 08:48 PM

Run TFC in safemode :thumbup2:




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users