Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows Security Center not working


  • Please log in to reply
12 replies to this topic

#1 bobmaluga

bobmaluga

  • Members
  • 72 posts
  • OFFLINE
  •  
  • Local time:08:29 AM

Posted 02 August 2012 - 07:34 PM

Hi and thanks
my operating system is Windows XP home edition version 2002 service pack 3
i use IE and Firefox also i don't have the windows cd anymore

I got the Live Security Platinum virus and I used Malwarebytes Chameleon like Malwarebytes site said to.It got rid of it according to second mbam scan but i am still getting redirected away from BleepingComputer.com site and maybe others.also after the removal my windows security center says "The Security Center is currently unavailable because the"Security Center"service has not started or was stopped.please close this window,restart the computer(or start the "Security Center"service),and then open the security center again."and the little security center emblem on the taskbar is missing.

Plus i cant open Windows Firewall it gives me the message "Due to an unidentified problem,Windows cannot display Windows Firewall settings.

hope you can help thanks again

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:29 AM

Posted 02 August 2012 - 07:41 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 bobmaluga

bobmaluga
  • Topic Starter

  • Members
  • 72 posts
  • OFFLINE
  •  
  • Local time:08:29 AM

Posted 02 August 2012 - 10:30 PM

You Didn't tell me to Quarantine what it found so i choose skip I'm dumb about this stuff


23:04:11.0875 3532 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
23:04:12.0250 3532 ============================================================
23:04:12.0250 3532 Current date / time: 2012/08/02 23:04:12.0250
23:04:12.0250 3532 SystemInfo:
23:04:12.0250 3532
23:04:12.0250 3532 OS Version: 5.1.2600 ServicePack: 3.0
23:04:12.0250 3532 Product type: Workstation
23:04:12.0250 3532 ComputerName: JAMES-APE5PO8SH
23:04:12.0250 3532 UserName: James n
23:04:12.0250 3532 Windows directory: C:\WINDOWS
23:04:12.0250 3532 System windows directory: C:\WINDOWS
23:04:12.0250 3532 Processor architecture: Intel x86
23:04:12.0250 3532 Number of processors: 1
23:04:12.0250 3532 Page size: 0x1000
23:04:12.0250 3532 Boot type: Normal boot
23:04:12.0250 3532 ============================================================
23:04:14.0750 3532 Drive \Device\Harddisk0\DR0 - Size: 0x9516AE000 (37.27 Gb), SectorSize: 0x200, Cylinders: 0x1301, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
23:04:14.0781 3532 Drive \Device\Harddisk1\DR1 - Size: 0x951CC0000 (37.28 Gb), SectorSize: 0x200, Cylinders: 0x1432, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000054
23:04:14.0812 3532 ============================================================
23:04:14.0812 3532 \Device\Harddisk0\DR0:
23:04:14.0812 3532 MBR partitions:
23:04:14.0812 3532 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x4A852C1
23:04:14.0812 3532 \Device\Harddisk1\DR1:
23:04:14.0812 3532 MBR partitions:
23:04:14.0812 3532 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2ABD501
23:04:14.0843 3532 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x2ABD57F, BlocksNum 0x1FCF3A1
23:04:14.0843 3532 ============================================================
23:04:14.0890 3532 C: <-> \Device\Harddisk0\DR0\Partition0
23:04:14.0937 3532 F: <-> \Device\Harddisk1\DR1\Partition0
23:04:15.0015 3532 G: <-> \Device\Harddisk1\DR1\Partition1
23:04:15.0015 3532 ============================================================
23:04:15.0015 3532 Initialize success
23:04:15.0015 3532 ============================================================
23:07:23.0687 3152 ============================================================
23:07:23.0687 3152 Scan started
23:07:23.0687 3152 Mode: Manual; TDLFS;
23:07:23.0687 3152 ============================================================
23:07:24.0343 3152 Abiosdsk - ok
23:07:24.0406 3152 abp480n5 - ok
23:07:24.0515 3152 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
23:07:24.0515 3152 ACPI - ok
23:07:24.0625 3152 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
23:07:24.0625 3152 ACPIEC - ok
23:07:24.0671 3152 adpu160m - ok
23:07:24.0781 3152 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
23:07:24.0796 3152 aec - ok
23:07:24.0875 3152 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys
23:07:24.0890 3152 AFD - ok
23:07:24.0953 3152 Aha154x - ok
23:07:25.0031 3152 aic78u2 - ok
23:07:25.0093 3152 aic78xx - ok
23:07:25.0171 3152 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
23:07:25.0203 3152 Alerter - ok
23:07:25.0265 3152 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
23:07:25.0265 3152 ALG - ok
23:07:25.0328 3152 AliIde - ok
23:07:25.0406 3152 amsint - ok
23:07:25.0656 3152 AntiVirSchedulerService (b4837fe56d76b2e9ea90e5365cf6a2be) C:\Program Files\Avira\AntiVir Desktop\sched.exe
23:07:25.0671 3152 AntiVirSchedulerService - ok
23:07:25.0781 3152 AntiVirService (df5a3016052755c910a206058b4a1729) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
23:07:25.0796 3152 AntiVirService - ok
23:07:25.0859 3152 AppMgmt - ok
23:07:25.0937 3152 asc - ok
23:07:26.0000 3152 asc3350p - ok
23:07:26.0062 3152 asc3550 - ok
23:07:26.0343 3152 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
23:07:26.0343 3152 aspnet_state - ok
23:07:26.0437 3152 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
23:07:26.0437 3152 AsyncMac - ok
23:07:26.0515 3152 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
23:07:26.0515 3152 atapi - ok
23:07:26.0562 3152 Atdisk - ok
23:07:26.0656 3152 atksgt (e46d344412d1abc60c58e95c73bcdc70) C:\WINDOWS\system32\DRIVERS\atksgt.sys
23:07:26.0687 3152 atksgt - ok
23:07:26.0796 3152 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
23:07:26.0812 3152 Atmarpc - ok
23:07:26.0906 3152 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
23:07:26.0906 3152 AudioSrv - ok
23:07:26.0953 3152 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
23:07:26.0953 3152 audstub - ok
23:07:27.0015 3152 avgio (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Program Files\Avira\AntiVir Desktop\avgio.sys
23:07:27.0015 3152 avgio - ok
23:07:27.0109 3152 avgntflt (1e4114685de1ffa9675e09c6a1fb3f4b) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
23:07:27.0140 3152 avgntflt - ok
23:07:27.0250 3152 avipbb (0f78d3dae6dedd99ae54c9491c62adf2) C:\WINDOWS\system32\DRIVERS\avipbb.sys
23:07:27.0265 3152 avipbb - ok
23:07:27.0390 3152 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
23:07:27.0390 3152 Beep - ok
23:07:27.0468 3152 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
23:07:27.0484 3152 Browser - ok
23:07:27.0593 3152 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
23:07:27.0593 3152 cbidf2k - ok
23:07:27.0640 3152 cd20xrnt - ok
23:07:27.0734 3152 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
23:07:27.0734 3152 Cdaudio - ok
23:07:27.0828 3152 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
23:07:27.0843 3152 Cdfs - ok
23:07:28.0078 3152 cdiskdun - ok
23:07:28.0140 3152 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
23:07:28.0171 3152 Cdrom - ok
23:07:28.0203 3152 Changer - ok
23:07:28.0265 3152 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
23:07:28.0265 3152 CiSvc - ok
23:07:28.0312 3152 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
23:07:28.0328 3152 ClipSrv - ok
23:07:28.0484 3152 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:07:28.0500 3152 clr_optimization_v2.0.50727_32 - ok
23:07:28.0671 3152 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:07:28.0687 3152 clr_optimization_v4.0.30319_32 - ok
23:07:28.0750 3152 CmdIde - ok
23:07:28.0796 3152 COMSysApp - ok
23:07:28.0937 3152 Cpqarray - ok
23:07:29.0031 3152 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
23:07:29.0046 3152 CryptSvc - ok
23:07:29.0125 3152 dac2w2k - ok
23:07:29.0156 3152 dac960nt - ok
23:07:29.0250 3152 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
23:07:29.0531 3152 DcomLaunch - ok
23:07:29.0656 3152 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
23:07:29.0671 3152 Dhcp - ok
23:07:29.0781 3152 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
23:07:29.0781 3152 Disk - ok
23:07:29.0828 3152 dmadmin - ok
23:07:29.0953 3152 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
23:07:29.0968 3152 dmboot - ok
23:07:30.0046 3152 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
23:07:30.0062 3152 dmio - ok
23:07:30.0187 3152 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
23:07:30.0187 3152 dmload - ok
23:07:30.0250 3152 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
23:07:30.0250 3152 dmserver - ok
23:07:30.0343 3152 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
23:07:30.0359 3152 DMusic - ok
23:07:30.0468 3152 Dnscache (474b4dc3983173e4b4c9740b0dac98a6) C:\WINDOWS\System32\dnsrslvr.dll
23:07:30.0468 3152 Dnscache - ok
23:07:30.0562 3152 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
23:07:30.0578 3152 Dot3svc - ok
23:07:30.0656 3152 dpti2o - ok
23:07:30.0765 3152 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
23:07:30.0765 3152 drmkaud - ok
23:07:30.0859 3152 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
23:07:30.0859 3152 EapHost - ok
23:07:30.0984 3152 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
23:07:30.0984 3152 ERSvc - ok
23:07:31.0062 3152 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
23:07:31.0109 3152 Eventlog - ok
23:07:31.0203 3152 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\System32\es.dll
23:07:31.0218 3152 EventSystem - ok
23:07:31.0296 3152 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
23:07:31.0312 3152 Fastfat - ok
23:07:31.0406 3152 FastUserSwitchingCompatibility (1926899bf9ffe2602b63074971700412) C:\WINDOWS\System32\shsvcs.dll
23:07:31.0421 3152 FastUserSwitchingCompatibility - ok
23:07:31.0484 3152 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
23:07:31.0484 3152 Fdc - ok
23:07:31.0562 3152 FETND5BV (cfc4cc73c903152a23e1db28eaba1f03) C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys
23:07:31.0562 3152 FETND5BV - ok
23:07:31.0609 3152 FETNDIS (e9648254056bce81a85380c0c3647dc4) C:\WINDOWS\system32\DRIVERS\fetnd5.sys
23:07:31.0609 3152 FETNDIS - ok
23:07:31.0671 3152 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
23:07:31.0671 3152 Fips - ok
23:07:31.0812 3152 FLEXnet Licensing Service (f76d04f7413b07daa029f6520b64b4e8) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
23:07:31.0890 3152 FLEXnet Licensing Service - ok
23:07:31.0968 3152 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
23:07:31.0968 3152 Flpydisk - ok
23:07:32.0093 3152 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
23:07:32.0125 3152 FltMgr - ok
23:07:32.0296 3152 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
23:07:32.0296 3152 FontCache3.0.0.0 - ok
23:07:32.0390 3152 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
23:07:32.0390 3152 Fs_Rec - ok
23:07:32.0515 3152 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
23:07:32.0531 3152 Ftdisk - ok
23:07:32.0578 3152 gameenum (065639773d8b03f33577f6cdaea21063) C:\WINDOWS\system32\DRIVERS\gameenum.sys
23:07:32.0578 3152 gameenum - ok
23:07:32.0687 3152 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
23:07:32.0687 3152 Gpc - ok
23:07:32.0812 3152 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
23:07:32.0812 3152 helpsvc - ok
23:07:32.0875 3152 HidServ - ok
23:07:32.0937 3152 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
23:07:32.0937 3152 HidUsb - ok
23:07:33.0031 3152 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
23:07:33.0031 3152 hkmsvc - ok
23:07:33.0093 3152 hpn - ok
23:07:33.0218 3152 HTTP (f6aacf5bce2893e0c1754afeb672e5c9) C:\WINDOWS\system32\Drivers\HTTP.sys
23:07:33.0234 3152 HTTP - ok
23:07:33.0312 3152 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
23:07:33.0328 3152 HTTPFilter - ok
23:07:33.0375 3152 i2omgmt - ok
23:07:33.0437 3152 i2omp - ok
23:07:33.0515 3152 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
23:07:33.0546 3152 i8042prt - ok
23:07:33.0843 3152 IDriverT (daf66902f08796f9c694901660e5a64a) C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
23:07:33.0859 3152 IDriverT - ok
23:07:34.0015 3152 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
23:07:34.0046 3152 idsvc - ok
23:07:34.0156 3152 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
23:07:34.0156 3152 Imapi - ok
23:07:34.0265 3152 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
23:07:34.0281 3152 ImapiService - ok
23:07:34.0359 3152 ini910u - ok
23:07:34.0437 3152 IntelIde - ok
23:07:34.0515 3152 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
23:07:34.0515 3152 intelppm - ok
23:07:34.0578 3152 ip6fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
23:07:34.0578 3152 ip6fw - ok
23:07:34.0671 3152 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
23:07:34.0687 3152 IpFilterDriver - ok
23:07:34.0750 3152 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
23:07:34.0750 3152 IpInIp - ok
23:07:34.0812 3152 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
23:07:34.0828 3152 IpNat - ok
23:07:34.0921 3152 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
23:07:34.0937 3152 IPSec - ok
23:07:34.0984 3152 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
23:07:35.0000 3152 IRENUM - ok
23:07:35.0109 3152 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
23:07:35.0109 3152 isapnp - ok
23:07:35.0406 3152 JavaQuickStarterService (0a5709543986843d37a92290b7838340) C:\Program Files\Java\jre6\bin\jqs.exe
23:07:35.0406 3152 JavaQuickStarterService - ok
23:07:35.0453 3152 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
23:07:35.0453 3152 Kbdclass - ok
23:07:35.0531 3152 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
23:07:35.0546 3152 kmixer - ok
23:07:35.0656 3152 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
23:07:35.0656 3152 KSecDD - ok
23:07:35.0750 3152 lanmanserver (f385f4b02c535bffe1d70cab80838123) C:\WINDOWS\System32\srvsvc.dll
23:07:35.0765 3152 lanmanserver - ok
23:07:35.0843 3152 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
23:07:35.0890 3152 lanmanworkstation - ok
23:07:35.0953 3152 lbrtfdc - ok
23:07:36.0109 3152 lirsgt (8ccf9ed46d52af1375875f74a91ffacf) C:\WINDOWS\system32\DRIVERS\lirsgt.sys
23:07:36.0125 3152 lirsgt - ok
23:07:36.0187 3152 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
23:07:36.0187 3152 LmHosts - ok
23:07:36.0234 3152 LMIInfo - ok
23:07:36.0328 3152 lmimirr (4477689e2d8ae6b78ba34c9af4cc1ed1) C:\WINDOWS\system32\DRIVERS\lmimirr.sys
23:07:36.0328 3152 lmimirr - ok
23:07:36.0390 3152 LMIRfsClientNP - ok
23:07:36.0484 3152 LMIRfsDriver (3faa563ddf853320f90259d455a01d79) C:\WINDOWS\system32\drivers\LMIRfsDriver.sys
23:07:36.0484 3152 LMIRfsDriver - ok
23:07:36.0593 3152 mcdbus (f922b609524cf1ed66a1a109f3ce014f) C:\WINDOWS\system32\DRIVERS\mcdbus.sys
23:07:36.0609 3152 mcdbus - ok
23:07:36.0703 3152 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
23:07:36.0703 3152 Messenger - ok
23:07:36.0859 3152 mi-raysat_3dsmax2010_32 (0af89452a8ce3928168f4e5b2208c68b) C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe
23:07:36.0890 3152 mi-raysat_3dsmax2010_32 - ok
23:07:36.0984 3152 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
23:07:36.0984 3152 mnmdd - ok
23:07:37.0062 3152 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\System32\mnmsrvc.exe
23:07:37.0078 3152 mnmsrvc - ok
23:07:37.0156 3152 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
23:07:37.0156 3152 Modem - ok
23:07:37.0265 3152 MODEMCSA (1992e0d143b09653ab0f9c5e04b0fd65) C:\WINDOWS\system32\drivers\MODEMCSA.sys
23:07:37.0265 3152 MODEMCSA - ok
23:07:37.0328 3152 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
23:07:37.0328 3152 Mouclass - ok
23:07:37.0406 3152 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
23:07:37.0406 3152 MountMgr - ok
23:07:37.0562 3152 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
23:07:37.0578 3152 MozillaMaintenance - ok
23:07:37.0625 3152 mraid35x - ok
23:07:37.0750 3152 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
23:07:37.0765 3152 MRxDAV - ok
23:07:37.0859 3152 MRxSmb (60ae98742484e7ab80c3c1450e708148) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
23:07:37.0890 3152 MRxSmb - ok
23:07:38.0000 3152 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\System32\msdtc.exe
23:07:38.0000 3152 MSDTC - ok
23:07:38.0125 3152 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
23:07:38.0125 3152 Msfs - ok
23:07:38.0187 3152 msgame (082a950191dde602bbea8ef4e5900251) C:\WINDOWS\system32\DRIVERS\msgame.sys
23:07:38.0187 3152 msgame - ok
23:07:38.0234 3152 MSIServer - ok
23:07:38.0312 3152 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
23:07:38.0312 3152 MSKSSRV - ok
23:07:38.0359 3152 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
23:07:38.0375 3152 MSPCLOCK - ok
23:07:38.0437 3152 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
23:07:38.0437 3152 MSPQM - ok
23:07:38.0515 3152 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
23:07:38.0515 3152 mssmbios - ok
23:07:38.0562 3152 ms_mpu401 (ca3e22598f411199adc2dfee76cd0ae0) C:\WINDOWS\system32\drivers\msmpu401.sys
23:07:38.0562 3152 ms_mpu401 - ok
23:07:38.0625 3152 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
23:07:38.0640 3152 Mup - ok
23:07:38.0750 3152 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
23:07:38.0765 3152 napagent - ok
23:07:38.0843 3152 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
23:07:38.0859 3152 NDIS - ok
23:07:38.0890 3152 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
23:07:38.0890 3152 NdisTapi - ok
23:07:38.0968 3152 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
23:07:38.0968 3152 Ndisuio - ok
23:07:39.0015 3152 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
23:07:39.0031 3152 NdisWan - ok
23:07:39.0062 3152 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys
23:07:39.0062 3152 NDProxy - ok
23:07:39.0140 3152 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
23:07:39.0140 3152 NetBIOS - ok
23:07:39.0218 3152 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
23:07:39.0234 3152 NetBT - ok
23:07:39.0343 3152 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
23:07:39.0343 3152 NetDDE - ok
23:07:39.0406 3152 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
23:07:39.0406 3152 NetDDEdsdm - ok
23:07:39.0500 3152 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
23:07:39.0500 3152 Netlogon - ok
23:07:39.0593 3152 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
23:07:39.0609 3152 Netman - ok
23:07:39.0812 3152 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:07:39.0828 3152 NetTcpPortSharing - ok
23:07:39.0921 3152 Nla (832e4dd8964ab7acc880b2837cb1ed20) C:\WINDOWS\System32\mswsock.dll
23:07:39.0937 3152 Nla - ok
23:07:40.0015 3152 NMIndexingService - ok
23:07:40.0093 3152 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
23:07:40.0093 3152 Npfs - ok
23:07:40.0203 3152 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
23:07:40.0250 3152 Ntfs - ok
23:07:40.0328 3152 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\System32\lsass.exe
23:07:40.0328 3152 NtLmSsp - ok
23:07:40.0406 3152 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
23:07:40.0437 3152 NtmsSvc - ok
23:07:40.0515 3152 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
23:07:40.0515 3152 Null - ok
23:07:40.0781 3152 nv (34c114da0a5e03219444e46f122ff5a3) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
23:07:41.0031 3152 nv - ok
23:07:41.0265 3152 NVSvc (ff8112711b5f9823d4595579b2130955) C:\WINDOWS\system32\nvsvc32.exe
23:07:41.0281 3152 NVSvc - ok
23:07:41.0421 3152 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
23:07:41.0421 3152 NwlnkFlt - ok
23:07:41.0484 3152 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
23:07:41.0484 3152 NwlnkFwd - ok
23:07:41.0625 3152 ose (7a56cf3e3f12e8af599963b16f50fb6a) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:07:41.0640 3152 ose - ok
23:07:41.0718 3152 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
23:07:41.0734 3152 Parport - ok
23:07:41.0828 3152 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
23:07:41.0828 3152 PartMgr - ok
23:07:41.0937 3152 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
23:07:41.0937 3152 ParVdm - ok
23:07:42.0000 3152 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
23:07:42.0015 3152 PCI - ok
23:07:42.0046 3152 PCIDump - ok
23:07:42.0093 3152 PCIIde - ok
23:07:42.0187 3152 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
23:07:42.0187 3152 Pcmcia - ok
23:07:42.0312 3152 pcouffin (02aaafb7ba137ce5ddabcdf8090954d9) C:\WINDOWS\system32\Drivers\pcouffin.sys
23:07:42.0328 3152 pcouffin - ok
23:07:42.0375 3152 PDCOMP - ok
23:07:42.0437 3152 PDFRAME - ok
23:07:42.0515 3152 PDRELI - ok
23:07:42.0578 3152 PDRFRAME - ok
23:07:42.0625 3152 perc2 - ok
23:07:42.0687 3152 perc2hib - ok
23:07:42.0906 3152 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
23:07:42.0906 3152 PlugPlay - ok
23:07:43.0015 3152 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
23:07:43.0015 3152 PolicyAgent - ok
23:07:43.0109 3152 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
23:07:43.0140 3152 PptpMiniport - ok
23:07:43.0203 3152 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
23:07:43.0203 3152 Processor - ok
23:07:43.0281 3152 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
23:07:43.0281 3152 ProtectedStorage - ok
23:07:43.0359 3152 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
23:07:43.0375 3152 PSched - ok
23:07:43.0453 3152 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
23:07:43.0453 3152 Ptilink - ok
23:07:43.0593 3152 Ptserial (7be3a4b169178bb6e60b4cbe79a38950) C:\WINDOWS\system32\DRIVERS\ptserial.sys
23:07:43.0625 3152 Ptserial - ok
23:07:43.0734 3152 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\DRIVERS\PxHelp20.sys
23:07:43.0734 3152 PxHelp20 - ok
23:07:43.0781 3152 ql1080 - ok
23:07:43.0859 3152 Ql10wnt - ok
23:07:43.0890 3152 ql12160 - ok
23:07:43.0953 3152 ql1240 - ok
23:07:44.0000 3152 ql1280 - ok
23:07:44.0078 3152 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
23:07:44.0078 3152 RasAcd - ok
23:07:44.0140 3152 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
23:07:44.0156 3152 RasAuto - ok
23:07:44.0250 3152 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
23:07:44.0265 3152 Rasl2tp - ok
23:07:44.0406 3152 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
23:07:44.0421 3152 RasMan - ok
23:07:44.0484 3152 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
23:07:44.0500 3152 RasPppoe - ok
23:07:44.0546 3152 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
23:07:44.0562 3152 Raspti - ok
23:07:44.0640 3152 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
23:07:44.0656 3152 Rdbss - ok
23:07:44.0750 3152 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
23:07:44.0750 3152 RDPCDD - ok
23:07:44.0890 3152 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
23:07:44.0906 3152 RDPWD - ok
23:07:44.0984 3152 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
23:07:44.0984 3152 RDSessMgr - ok
23:07:45.0062 3152 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
23:07:45.0078 3152 redbook - ok
23:07:45.0156 3152 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
23:07:45.0171 3152 RemoteAccess - ok
23:07:45.0406 3152 Roxio UPnP Renderer 10 (85b5159d86ac06ad744ee9d3c288aeee) C:\Program Files\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe
23:07:45.0421 3152 Roxio UPnP Renderer 10 - ok
23:07:45.0515 3152 Roxio Upnp Server 10 (0db43caf2d77b809a86e9d7e1bcc6d76) C:\Program Files\Roxio\Digital Home 10\RoxioUpnpService10.exe
23:07:45.0531 3152 Roxio Upnp Server 10 - ok
23:07:45.0718 3152 RoxLiveShare10 (7958affc64e4f284068eb6575cc64dcf) C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe
23:07:45.0734 3152 RoxLiveShare10 - ok
23:07:45.0890 3152 RoxMediaDB10 (ed69cd4ab4be607abf768a60e4ac79da) C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
23:07:45.0937 3152 RoxMediaDB10 - ok
23:07:46.0046 3152 RoxWatch10 (0da14ee2c0e274fea5a6545181851c16) C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe
23:07:46.0062 3152 RoxWatch10 - ok
23:07:46.0265 3152 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\System32\locator.exe
23:07:46.0265 3152 RpcLocator - ok
23:07:46.0375 3152 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\System32\rpcss.dll
23:07:46.0375 3152 RpcSs - ok
23:07:46.0468 3152 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\System32\rsvp.exe
23:07:46.0484 3152 RSVP - ok
23:07:46.0640 3152 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
23:07:46.0640 3152 rtl8139 - ok
23:07:46.0734 3152 RxFilter (80cae340f37b52d1cb75ff74e6a087cd) C:\WINDOWS\system32\DRIVERS\RxFilter.sys
23:07:46.0750 3152 RxFilter - ok
23:07:46.0828 3152 S3Psddr (0dbcc071a268e0340a2ba6bdd98bace4) C:\WINDOWS\system32\DRIVERS\s3gnbm.sys
23:07:46.0843 3152 S3Psddr - ok
23:07:46.0906 3152 S3SavageNB (0dbcc071a268e0340a2ba6bdd98bace4) C:\WINDOWS\system32\DRIVERS\s3gnbm.sys
23:07:46.0906 3152 S3SavageNB - ok
23:07:47.0000 3152 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
23:07:47.0000 3152 SamSs - ok
23:07:47.0156 3152 SASDIFSV (bfbc4be8d6ac6d33ad93f3f5f2e11499) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
23:07:47.0156 3152 SASDIFSV - ok
23:07:47.0234 3152 SASENUM (e9c2d75c748c3f0a4c34d6cf2ae1d754) C:\Program Files\SUPERAntiSpyware\SASENUM.SYS
23:07:47.0234 3152 SASENUM - ok
23:07:47.0343 3152 SASKUTIL (c7d81c10d3befeee41f3408714637438) C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys
23:07:47.0359 3152 SASKUTIL - ok
23:07:47.0453 3152 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
23:07:47.0468 3152 SCardSvr - ok
23:07:47.0578 3152 SCDEmu (3b35ce540758bbabb721e234cb5a4f3f) C:\WINDOWS\system32\drivers\SCDEmu.sys
23:07:47.0609 3152 SCDEmu - ok
23:07:47.0718 3152 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
23:07:47.0734 3152 Schedule - ok
23:07:47.0875 3152 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
23:07:47.0875 3152 Secdrv - ok
23:07:47.0921 3152 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
23:07:47.0921 3152 seclogon - ok
23:07:47.0984 3152 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
23:07:47.0984 3152 SENS - ok
23:07:48.0046 3152 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
23:07:48.0046 3152 serenum - ok
23:07:48.0093 3152 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
23:07:48.0109 3152 Serial - ok
23:07:48.0375 3152 sfdrv01 (9e7dee11fd5a4355941a45f13c0ed59a) C:\WINDOWS\system32\drivers\sfdrv01.sys
23:07:48.0375 3152 sfdrv01 - ok
23:07:48.0468 3152 sfhlp02 (ecefb59d2206d281e6d317af0ea0d8bd) C:\WINDOWS\system32\drivers\sfhlp02.sys
23:07:48.0468 3152 sfhlp02 - ok
23:07:48.0562 3152 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
23:07:48.0562 3152 Sfloppy - ok
23:07:48.0656 3152 sfsync04 (05e3038180cd846b0bca0e915163606a) C:\WINDOWS\system32\drivers\sfsync04.sys
23:07:48.0656 3152 sfsync04 - ok
23:07:48.0734 3152 sfvfs02 (d5a7e09d2c6a702809e49190d52adc9f) C:\WINDOWS\system32\drivers\sfvfs02.sys
23:07:48.0750 3152 sfvfs02 - ok
23:07:48.0875 3152 ShellHWDetection (1926899bf9ffe2602b63074971700412) C:\WINDOWS\System32\shsvcs.dll
23:07:48.0875 3152 ShellHWDetection - ok
23:07:48.0937 3152 Simbad - ok
23:07:49.0031 3152 Sparrow - ok
23:07:49.0093 3152 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
23:07:49.0093 3152 splitter - ok
23:07:49.0171 3152 Spooler (d8e14a61acc1d4a6cd0d38aebac7fa3b) C:\WINDOWS\system32\spoolsv.exe
23:07:49.0203 3152 Spooler - ok
23:07:49.0281 3152 sptd (f42efefb765235f24b24e1d2b6f99f46) C:\WINDOWS\System32\Drivers\sptd.sys
23:07:49.0281 3152 Suspicious file (NoAccess): C:\WINDOWS\System32\Drivers\sptd.sys. md5: f42efefb765235f24b24e1d2b6f99f46
23:07:49.0281 3152 sptd ( LockedFile.Multi.Generic ) - warning
23:07:49.0281 3152 sptd - detected LockedFile.Multi.Generic (1)
23:07:49.0343 3152 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
23:07:49.0359 3152 sr - ok
23:07:49.0468 3152 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
23:07:49.0484 3152 srservice - ok
23:07:49.0593 3152 Srv (3bb03f2ba89d2be417206c373d2af17c) C:\WINDOWS\system32\DRIVERS\srv.sys
23:07:49.0609 3152 Srv - ok
23:07:49.0734 3152 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
23:07:49.0765 3152 SSDPSRV - ok
23:07:49.0812 3152 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
23:07:49.0812 3152 ssmdrv - ok
23:07:49.0890 3152 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
23:07:49.0921 3152 stisvc - ok
23:07:50.0031 3152 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
23:07:50.0031 3152 swenum - ok
23:07:50.0250 3152 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
23:07:50.0359 3152 SwitchBoard - ok
23:07:50.0421 3152 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
23:07:50.0437 3152 swmidi - ok
23:07:50.0500 3152 SwPrv - ok
23:07:50.0546 3152 symc810 - ok
23:07:50.0609 3152 symc8xx - ok
23:07:50.0656 3152 sym_hi - ok
23:07:50.0718 3152 sym_u3 - ok
23:07:50.0796 3152 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
23:07:50.0812 3152 sysaudio - ok
23:07:50.0906 3152 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
23:07:50.0921 3152 SysmonLog - ok
23:07:51.0046 3152 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
23:07:51.0062 3152 TapiSrv - ok
23:07:51.0156 3152 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
23:07:51.0171 3152 Tcpip - ok
23:07:51.0265 3152 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
23:07:51.0265 3152 TDPIPE - ok
23:07:51.0328 3152 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
23:07:51.0328 3152 TDTCP - ok
23:07:51.0406 3152 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
23:07:51.0406 3152 TermDD - ok
23:07:51.0515 3152 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
23:07:51.0531 3152 TermService - ok
23:07:51.0625 3152 Themes (1926899bf9ffe2602b63074971700412) C:\WINDOWS\System32\shsvcs.dll
23:07:51.0625 3152 Themes - ok
23:07:51.0687 3152 TosIde - ok
23:07:51.0781 3152 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
23:07:51.0796 3152 TrkWks - ok
23:07:51.0906 3152 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
23:07:51.0937 3152 Udfs - ok
23:07:51.0984 3152 ultra - ok
23:07:52.0109 3152 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
23:07:52.0140 3152 Update - ok
23:07:52.0234 3152 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
23:07:52.0250 3152 upnphost - ok
23:07:52.0281 3152 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
23:07:52.0296 3152 UPS - ok
23:07:52.0359 3152 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
23:07:52.0359 3152 usbehci - ok
23:07:52.0468 3152 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
23:07:52.0484 3152 usbhub - ok
23:07:52.0593 3152 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
23:07:52.0593 3152 usbprint - ok
23:07:52.0640 3152 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
23:07:52.0640 3152 usbscan - ok
23:07:52.0718 3152 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
23:07:52.0718 3152 USBSTOR - ok
23:07:52.0750 3152 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
23:07:52.0750 3152 usbuhci - ok
23:07:52.0812 3152 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
23:07:52.0812 3152 VgaSave - ok
23:07:52.0875 3152 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
23:07:52.0890 3152 viaagp - ok
23:07:52.0921 3152 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
23:07:52.0921 3152 ViaIde - ok
23:07:53.0000 3152 VIAudio (55b465e2680a898152f8fb776810b858) C:\WINDOWS\system32\drivers\viaudio.sys
23:07:53.0015 3152 VIAudio - ok
23:07:53.0171 3152 Vmodem (da375ffe40ffe04a000c6284924ce124) C:\WINDOWS\system32\DRIVERS\vmodem.sys
23:07:53.0218 3152 Vmodem - ok
23:07:53.0296 3152 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
23:07:53.0296 3152 VolSnap - ok
23:07:53.0406 3152 Vpctcom (59f6e3f26afffa40cbb9ab02ceb646e8) C:\WINDOWS\system32\DRIVERS\vpctcom.sys
23:07:53.0453 3152 Vpctcom - ok
23:07:53.0562 3152 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
23:07:53.0578 3152 VSS - ok
23:07:53.0671 3152 Vvoice (3412ee55a854d51df5f89401874415a2) C:\WINDOWS\system32\DRIVERS\vvoice.sys
23:07:53.0718 3152 Vvoice - ok
23:07:53.0828 3152 W32Time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
23:07:53.0843 3152 W32Time - ok
23:07:54.0000 3152 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
23:07:54.0000 3152 Wanarp - ok
23:07:54.0031 3152 WDICA - ok
23:07:54.0109 3152 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
23:07:54.0125 3152 wdmaud - ok
23:07:54.0250 3152 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
23:07:54.0265 3152 WebClient - ok
23:07:54.0453 3152 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
23:07:54.0468 3152 winmgmt - ok
23:07:54.0640 3152 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
23:07:54.0640 3152 WmdmPmSN - ok
23:07:54.0812 3152 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\System32\wbem\wmiapsrv.exe
23:07:54.0812 3152 WmiApSrv - ok
23:07:55.0015 3152 WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\WMPNetwk.exe
23:07:55.0062 3152 WMPNetworkSvc - ok
23:07:55.0375 3152 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
23:07:55.0421 3152 WPFFontCache_v0400 - ok
23:07:55.0593 3152 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
23:07:55.0609 3152 WudfPf - ok
23:07:55.0671 3152 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
23:07:55.0687 3152 WudfRd - ok
23:07:55.0765 3152 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
23:07:55.0875 3152 WudfSvc - ok
23:07:55.0968 3152 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
23:07:56.0015 3152 WZCSVC - ok
23:07:56.0140 3152 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
23:07:56.0203 3152 xmlprov - ok
23:07:56.0375 3152 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
23:07:57.0140 3152 \Device\Harddisk0\DR0 - ok
23:07:57.0218 3152 MBR (0x1B8) (c22f0561f5a0c53739e9dccbd29d451b) \Device\Harddisk1\DR1
23:07:57.0968 3152 \Device\Harddisk1\DR1 - ok
23:07:58.0000 3152 Boot (0x1200) (bd86def4d8120104698cad302cc6c112) \Device\Harddisk0\DR0\Partition0
23:07:58.0000 3152 \Device\Harddisk0\DR0\Partition0 - ok
23:07:58.0062 3152 Boot (0x1200) (74ad55b4297926be31760e53612db56c) \Device\Harddisk1\DR1\Partition0
23:07:58.0062 3152 \Device\Harddisk1\DR1\Partition0 - ok
23:07:58.0109 3152 Boot (0x1200) (1a36d9d5339f2bda3550d003727f1ece) \Device\Harddisk1\DR1\Partition1
23:07:58.0109 3152 \Device\Harddisk1\DR1\Partition1 - ok
23:07:58.0109 3152 ============================================================
23:07:58.0109 3152 Scan finished
23:07:58.0109 3152 ============================================================
23:07:58.0218 3352 Detected object count: 1
23:07:58.0218 3352 Actual detected object count: 1
23:09:43.0609 3352 sptd ( LockedFile.Multi.Generic ) - skipped by user
23:09:43.0609 3352 sptd ( LockedFile.Multi.Generic ) - User select action: Skip

#4 bobmaluga

bobmaluga
  • Topic Starter

  • Members
  • 72 posts
  • OFFLINE
  •  
  • Local time:08:29 AM

Posted 03 August 2012 - 07:16 PM

I need to know if i should run TDSS killer again and click Quarantine? OR go on to next steps. sorry not trying to be pushy

thanks

#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:29 AM

Posted 03 August 2012 - 07:18 PM

Skip it and continue

#6 bobmaluga

bobmaluga
  • Topic Starter

  • Members
  • 72 posts
  • OFFLINE
  •  
  • Local time:08:29 AM

Posted 03 August 2012 - 10:07 PM

Hi here is the aswMBR and ESET scans.


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-03 20:26:09
-----------------------------
20:26:09.515 OS Version: Windows 5.1.2600 Service Pack 3
20:26:09.515 Number of processors: 1 586 0x209
20:26:09.515 ComputerName: JAMES-APE5PO8SH UserName: James n
20:26:10.031 Initialize success
20:36:34.296 AVAST engine defs: 12080301
20:37:11.046 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4
20:37:11.046 Disk 0 Vendor: WDC_WD400BB-00DEA0 05.03E05 Size: 38166MB BusType: 3
20:37:11.046 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP0T1L0-c
20:37:11.046 Disk 1 Vendor: QUANTUM_FIREBALLlct20_40 APL.0900 Size: 38172MB BusType: 3
20:37:11.062 Disk 0 MBR read successfully
20:37:11.078 Disk 0 MBR scan
20:37:11.125 Disk 0 Windows XP default MBR code
20:37:11.125 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 38154 MB offset 63
20:37:11.140 Disk 0 scanning sectors +78140160
20:37:11.218 Disk 0 scanning C:\WINDOWS\system32\drivers
20:37:29.468 Service scanning
20:37:45.890 Service sptd C:\WINDOWS\System32\Drivers\sptd.sys **LOCKED** 32
20:37:51.984 Modules scanning
20:38:14.984 Disk 0 trace - called modules:
20:38:15.015 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll sfsync04.sys atapi.sys sptd.sys viaide.sys PCIIDEX.SYS
20:38:15.015 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86b74ab8]
20:38:15.015 3 CLASSPNP.SYS[f788efd7] -> nt!IofCallDriver -> \Device\0000006e[0x86bca1c0]
20:38:15.015 5 ACPI.sys[f76f5620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-4[0x86babd98]
20:38:15.031 \Driver\atapi[0x86b781a0] -> IRP_MJ_INTERNAL_DEVICE_CONTROL -> sfsync04.sys[0xf76cda7c]
20:38:15.375 AVAST engine scan C:\WINDOWS
20:38:31.718 AVAST engine scan C:\WINDOWS\system32
20:38:44.750 File: C:\WINDOWS\system32\cmddown.dll **INFECTED** Win32:Downloader-PVL [Trj]
20:42:44.765 AVAST engine scan C:\WINDOWS\system32\drivers
20:43:10.234 AVAST engine scan C:\Documents and Settings\James n
21:12:49.500 AVAST engine scan C:\Documents and Settings\All Users
21:14:56.843 Scan finished successfully
21:15:54.093 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\James n\Desktop\MBR.dat"
21:15:54.093 The log file has been saved successfully to "C:\Documents and Settings\James n\Desktop\aswMBR.txt"




C:\WINDOWS\Installer\{c6386137-85d1-9ce4-7249-d6d93a4a0b1e}\U\80000000.@ a variant of Win32/Sirefef.FA trojan cleaned by deleting - quarantined
C:\WINDOWS\system32\cmddown.dll Win32/PSW.Papras.CE trojan cleaned by deleting (after the next restart) - quarantined
F:\Cheats For Games\true crimes la\True_Crime_trn.exe probably a variant of Win32/Agent.CSOTSCW trojan cleaned by deleting - quarantined
Operating memory a variant of Win32/PSW.Papras.CE trojan

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:29 AM

Posted 04 August 2012 - 05:35 AM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

`
Download

adware cleaner

Launch it click on Delete

post the generated log

#8 bobmaluga

bobmaluga
  • Topic Starter

  • Members
  • 72 posts
  • OFFLINE
  •  
  • Local time:08:29 AM

Posted 04 August 2012 - 02:03 PM

Hi
The full scan and normal scan with MBAM were clean.
Here are the logs you asked for.Thanks again


MiniToolBox by Farbar Version: 23-07-2012
Ran by James n (administrator) on 04-08-2012 at 14:25:57
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 activate.adobe.com
127.0.0.1 localhost
127.0.0.1 activate.adobe.com

========================= IP Configuration: ================================

VIA Rhine II Fast Ethernet Adapter = Local Area Connection (Disconnected)
SMC EZ Card 10/100 PCI (SMC1211TX) = Local Area Connection 2 (Connected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection 2"

set address name="Local Area Connection 2" source=dhcp
set dns name="Local Area Connection 2" source=dhcp register=PRIMARY
set wins name="Local Area Connection 2" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : james-ape5po8sh

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Unknown

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No

DNS Suffix Search List. . . . . . : zoominternet.net



Ethernet adapter Local Area Connection 2:



Connection-specific DNS Suffix . : zoominternet.net

Description . . . . . . . . . . . : SMC EZ Card 10/100 PCI (SMC1211TX) #2

Physical Address. . . . . . . . . : 00-10-B5-F4-75-68

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.0.11

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.0.1

DHCP Server . . . . . . . . . . . : 192.168.0.1

DNS Servers . . . . . . . . . . . : 24.154.1.68

24.154.1.7

Lease Obtained. . . . . . . . . . : Saturday, August 04, 2012 2:08:12 PM

Lease Expires . . . . . . . . . . : Saturday, August 04, 2012 3:08:12 PM

Server: dns-8.zoominternet.net
Address: 24.154.1.68

Name: google.com.zoominternet.net
Addresses: 66.152.109.102, 69.16.143.102



Pinging google.com [74.125.225.35] with 32 bytes of data:



Reply from 74.125.225.35: bytes=32 time=49ms TTL=52

Reply from 74.125.225.35: bytes=32 time=41ms TTL=52



Ping statistics for 74.125.225.35:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 41ms, Maximum = 49ms, Average = 45ms

Server: dns-8.zoominternet.net
Address: 24.154.1.68

Name: yahoo.com.zoominternet.net
Addresses: 66.152.109.102, 69.16.143.102



Pinging yahoo.com [209.191.122.70] with 32 bytes of data:



Reply from 209.191.122.70: bytes=32 time=71ms TTL=48

Reply from 209.191.122.70: bytes=32 time=76ms TTL=48



Ping statistics for 209.191.122.70:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 71ms, Maximum = 76ms, Average = 73ms

Server: dns-8.zoominternet.net
Address: 24.154.1.68

Name: bleepingcomputer.com.zoominternet.net
Addresses: 66.152.109.102, 69.16.143.102



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:



Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 10 b5 f4 75 68 ...... SMC EZ Card 10/100 PCI (SMC1211TX) #2 - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.11 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.0.0 255.255.255.0 192.168.0.11 192.168.0.11 20
192.168.0.11 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.0.255 255.255.255.255 192.168.0.11 192.168.0.11 20
224.0.0.0 240.0.0.0 192.168.0.11 192.168.0.11 20
255.255.255.255 255.255.255.255 192.168.0.11 192.168.0.11 1
Default Gateway: 192.168.0.1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/04/2012 02:08:52 PM) (Source: nview_info) (User: )
Description: NVIEW : Explorer: WAIT_TIMEOUT, while waiting for a read to clear - resetting read event

Error: (08/04/2012 02:08:45 PM) (Source: nview_info) (User: )
Description: NVIEW : hcenter: WAIT_TIMEOUT, while waiting for a read to clear - resetting read event

Error: (08/04/2012 02:08:41 PM) (Source: nview_info) (User: )
Description: NVIEW : verclsid: WAIT_TIMEOUT, while waiting for a read to clear - resetting read event

Error: (08/04/2012 11:40:59 AM) (Source: nview_info) (User: )
Description: NVIEW : Explorer: Mutex Recovery on THREAD_DETACH! - Info:PID:618, TID:290, Name:C:\WINDOWS\Explorer.EXE - NView (and Mutexes) are now enabled again.

Error: (08/04/2012 11:40:59 AM) (Source: nview_info) (User: )
Description: NVIEW : avgnt: Mutex Recovery Code - app released the mutex - back to normal operation.

Error: (08/04/2012 11:40:58 AM) (Source: nview_info) (User: )
Description: NVIEW : avgnt: WAIT_TIMEOUT, LAST SUCCESS: (thread 0x750) (cmdName:avgnt.exe) WindowManager.cpp 3395

Error: (08/04/2012 11:40:58 AM) (Source: nview_info) (User: )
Description: NVIEW : avgnt: Mutex Recovery Code - after 5 seconds, mutex still stuck. NView (and Mutexes) are now disabled.

Error: (08/04/2012 11:40:58 AM) (Source: nview_info) (User: )
Description: NVIEW : rundll32: WAIT_TIMEOUT, LAST SUCCESS: (thread 0x750) (cmdName:rundll32.exe) WindowManager.cpp 3395

Error: (08/04/2012 11:40:58 AM) (Source: nview_info) (User: )
Description: NVIEW : avgnt: WAIT_TIMEOUT, LAST SUCCESS: (thread 0x750) (cmdName:avgnt.exe) WindowManager.cpp 3395

Error: (08/04/2012 11:40:58 AM) (Source: nview_info) (User: )
Description: NVIEW : avgnt: WAIT_TIMEOUT, LAST SUCCESS: (tid: 0x750) (pid: 0x74c)


System errors:
=============
Error: (08/04/2012 02:09:38 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (08/04/2012 02:09:38 PM) (Source: Service Control Manager) (User: )
Description: The LogMeIn Kernel Information Provider service failed to start due to the following error:
%%3

Error: (08/04/2012 11:41:46 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (08/04/2012 11:41:46 AM) (Source: Service Control Manager) (User: )
Description: The LogMeIn Kernel Information Provider service failed to start due to the following error:
%%3

Error: (08/03/2012 08:23:25 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (08/03/2012 08:23:25 PM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for the Roxio Hard Drive Watcher 10 service to connect.

Error: (08/03/2012 08:23:25 PM) (Source: Service Control Manager) (User: )
Description: The LogMeIn Kernel Information Provider service failed to start due to the following error:
%%3

Error: (08/02/2012 00:11:44 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (08/02/2012 00:11:44 PM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for the Roxio Hard Drive Watcher 10 service to connect.

Error: (08/02/2012 00:11:44 PM) (Source: Service Control Manager) (User: )
Description: The LogMeIn Kernel Information Provider service failed to start due to the following error:
%%3


Microsoft Office Sessions:
=========================
Error: (08/04/2012 02:08:52 PM) (Source: nview_info)(User: )
Description: NVIEW : Explorer: WAIT_TIMEOUT, while waiting for a read to clear - resetting read event

Error: (08/04/2012 02:08:45 PM) (Source: nview_info)(User: )
Description: NVIEW : hcenter: WAIT_TIMEOUT, while waiting for a read to clear - resetting read event

Error: (08/04/2012 02:08:41 PM) (Source: nview_info)(User: )
Description: NVIEW : verclsid: WAIT_TIMEOUT, while waiting for a read to clear - resetting read event

Error: (08/04/2012 11:40:59 AM) (Source: nview_info)(User: )
Description: NVIEW : Explorer: Mutex Recovery on THREAD_DETACH! - Info:PID:618, TID:290, Name:C:\WINDOWS\Explorer.EXE - NView (and Mutexes) are now enabled again.

Error: (08/04/2012 11:40:59 AM) (Source: nview_info)(User: )
Description: NVIEW : avgnt: Mutex Recovery Code - app released the mutex - back to normal operation.

Error: (08/04/2012 11:40:58 AM) (Source: nview_info)(User: )
Description: NVIEW : avgnt: WAIT_TIMEOUT, LAST SUCCESS: (thread 0x750) (cmdName:avgnt.exe) WindowManager.cpp 3395

Error: (08/04/2012 11:40:58 AM) (Source: nview_info)(User: )
Description: NVIEW : avgnt: Mutex Recovery Code - after 5 seconds, mutex still stuck. NView (and Mutexes) are now disabled.

Error: (08/04/2012 11:40:58 AM) (Source: nview_info)(User: )
Description: NVIEW : rundll32: WAIT_TIMEOUT, LAST SUCCESS: (thread 0x750) (cmdName:rundll32.exe) WindowManager.cpp 3395

Error: (08/04/2012 11:40:58 AM) (Source: nview_info)(User: )
Description: NVIEW : avgnt: WAIT_TIMEOUT, LAST SUCCESS: (thread 0x750) (cmdName:avgnt.exe) WindowManager.cpp 3395

Error: (08/04/2012 11:40:58 AM) (Source: nview_info)(User: )
Description: NVIEW : avgnt: WAIT_TIMEOUT, LAST SUCCESS: (tid: 0x750) (pid: 0x74c)


=========================== Installed Programs ============================

µTorrent (Version: 1.8.2)
7-Zip 9.20
Acrobat.com (Version: 0.0.0)
Acrobat.com (Version: 1.1.377)
Adobe AIR (Version: 1.5.3.9120)
Adobe Community Help (Version: 3.0.0)
Adobe Community Help (Version: 3.0.0.400)
Adobe Creative Suite 5 Master Collection (Version: 5.0)
Adobe Flash Player 10 ActiveX (Version: 10.3.183.10)
Adobe Flash Player 11 Plugin (Version: 11.2.202.235)
Adobe Media Player (Version: 1.8)
Adobe Reader 9 (Version: 9.0.0)
Aeria Ignite (Version: 1.9.1511)
Akamai NetSession Interface
Autodesk 3ds Max 2010 32-bit (Version: 12.0)
Autodesk 3ds Max 2010 32-bit Components (Version: 12.0)
Autodesk 3ds Max 2010 Tutorials Files (Version: 12.0)
Autodesk Backburner 2008.1 (Version: 2008.1.1)
Autodesk FBX Plugin 2009.4 - 3ds Max 2010
Avira AntiVir Personal - Free Antivirus (Version: 10.2.0.704)
AviSynth 2.5
BellSouth FastAccess DSL Help Center
BellSouth Internet Security - Alert Manager 1.3.20 (Version: 1.3.20)
Call of Duty® 4 - Modern Warfare™ 1.6 Patch
Call of Duty® 4 - Modern Warfare™ 1.7 Patch
Canon CanoScan Toolbox 4.5
Cheat Engine 5.6.1
DAEMON Tools Lite (Version: 4.45.1.0236)
Direct Show Ogg Vorbis Filter (remove only)
DirectXInstallService (Version: 9.0.1)
EarthLink MDAC (Version: 2004.1.42.0)
East India Company v1.01 Update
EAX4 Unified Redist (Version: 4.001)
EMC 10 Content (Version: 1.0.015)
ESET Online Scanner v3
EVGA Display Driver (Version: 1.00.000)
Homeworld
HSP56 Modem Drivers
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 31 (Version: 6.0.310)
Lernout & Hauspie TruVoice for Microsoft Agent
MagicDisc 2.5.79
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
Manual CanoScan 3200,3200F
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Game Studios Common Redistributables Pack 1 (Version: 1.0.0)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Excel Viewer (Version: 12.0.6219.1000)
Microsoft Office Excel Viewer 2003 (Version: 11.0.6412.0)
Microsoft Office PowerPoint Viewer 2003 (Version: 11.0.6458.0)
Microsoft Office Word Viewer 2003 (Version: 11.0.6506.0)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Windows Media Video 9 VCM
Microsoft XML Parser (Version: 8.20.8730.4)
Microsoft XNA Framework Redistributable 1.0 Refresh (Version: 1.1.10405.0)
Microsoft XNA Framework Redistributable 4.0 (Version: 4.0.20823.0)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Mozilla Firefox 14.0.1 (x86 en-US) (Version: 14.0.1)
Mozilla Maintenance Service (Version: 14.0.1)
MSSoap (Version: 2003.2.1.0)
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 6.0 Parser (KB933579) (Version: 6.10.1200.0)
neroxml (Version: 1.0.0)
NVIDIA PhysX (Version: 9.09.0203)
OmniPage SE 2.0 (Version: 2.00.0000)
OpenAL
Orbit
PDF Settings CS5 (Version: 10.0)
PowerISO
ProSavageDDR and Utilities
Roxio Activation Module (Version: 1.0)
Roxio BackOnTrack (Version: 1.1.0)
Roxio Central Audio (Version: 3.6.0)
Roxio Central Copy (Version: 3.6.0)
Roxio Central Core (Version: 3.6.0)
Roxio Central Data (Version: 3.6.0)
Roxio Central Tools (Version: 3.6.0)
Roxio CinePlayer (Version: 3.9)
Roxio CinePlayer Decoder Pack (Version: 4.3.0)
Roxio Disc Gallery (Version: 3.1)
Roxio Easy Media Creator 10 Suite (Version: 1.0.044)
Roxio File Backup (Version: 1.1.0)
Roxio MediaShare (Version: 1.0.0)
Roxio Update Manager (Version: 6.0.0)
S3Display
S3Gamma2
S3Info2
S3Overlay
Shaiya
SmartSound Quicktracks Plugin (Version: 3.0.8.0)
Sonic MyDVD
Spider-Man® - Web of Shadows™ 1.1 Patch
SpywareBlaster v2.5.3
Stardock Central
SUPER © Version 2009.bld.35 (Jan 5, 2009) (Version: Version 2009.bld.35 (Jan 5, 2009))
SUPERAntiSpyware Free Edition (Version: 4.26.0.1000)
The Hulk™ (Version: 1.00.000)
Ubisoft Game Launcher (Version: 1.0.0.0)
Ulead DVD PictureShow 2 SE Basic (Version: 2.00.0225)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Windows Internet Explorer 8 (KB973874) (Version: 1)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
VIA Audio Driver Setup Program
VIA Rhine-Family Fast Ethernet Adapter
Visual C++ Runtime for Dragon NaturallySpeaking (Version: 10.00.200.184)
VLC media player 1.1.7 (Version: 1.1.7)
VobSub v2.23 (Remove Only)
WebFldrs XP (Version: 9.50.6513)
Window Washer
Windows Genuine Advantage v1.3.0254.0 (Version: 1.3.0254.0)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Imaging Component (Version: 3.0.0.0)
Windows Installer Clean Up (Version: 3.00.00.0000)
Windows Internet Explorer 7 (Version: 20070813.185237)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3 (Version: 20080414.031525)
WinRAR archiver
XP Codec Pack

========================= Memory info: ===================================

Percentage of memory in use: 39%
Total physical RAM: 991.48 MB
Available physical RAM: 600.05 MB
Total Pagefile: 2386.71 MB
Available Pagefile: 2021.37 MB
Total Virtual: 2047.88 MB
Available Virtual: 1967.5 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:37.26 GB) (Free:10.1 GB) NTFS
5 Drive f: () (Fixed) (Total:21.37 GB) (Free:9.7 GB) NTFS
6 Drive g: (SYSTEM_SAV) (Fixed) (Total:15.9 GB) (Free:0.88 GB) NTFS

========================= Users: ========================================

User accounts for \\JAMES-APE5PO8SH

Administrator ASPNET Guest
HelpAssistant James n SUPPORT_388945a0


**** End of log ****



Farbar Service Scanner Version: 04-08-2012 01
Ran by James n (administrator) on 04-08-2012 at 14:34:23
Running from "C:\Documents and Settings\James n\Desktop"
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
sharedaccess Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to retrieve start type of sharedaccess. The value does not exist.
Checking ImagePath: ATTENTION!=====> Unable to retrieve ImagePath of sharedaccess. The value does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open sharedaccess registry key. The service key does not exist.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.

BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.


Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
Gpc(3) IPSec(5) NetBT(6) PSched(7) Tcpip(4)
0x0700000005000000010000000200000003000000040000000600000007000000
IpSec Tag value is correct.

**** End of log ****


# AdwCleaner v1.800 - Logfile created 08/04/2012 at 14:38:52
# Updated 01/08/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : James n - JAMES-APE5PO8SH
# Running from : C:\Documents and Settings\James n\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\DOCUME~1\JAMESN~1\LOCALS~1\Temp\boost_interprocess
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Trymedia
Folder Deleted : C:\Program Files\Viewpoint
File Deleted : C:\Documents and Settings\James n\Application Data\Mozilla\Firefox\Profiles\06lgyvcy.default\searchplugins\daemon-search.xml

***** [Registry] *****

Key Deleted : HKCU\Software\Headlight
Key Deleted : HKCU\Software\Viewpoint
Key Deleted : HKLM\SOFTWARE\Cheat Engine\OpenCandy
Key Deleted : HKLM\SOFTWARE\DT Soft
Key Deleted : HKLM\SOFTWARE\Viewpoint
Key Deleted : HKLM\SOFTWARE\Wise Solutions

***** [Registre - GUID] *****

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9DBB28C1-1925-11D3-A498-00104B6EB52E}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03F998B2-0E00-11D3-A498-00104B6EB52E}

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

-\\ Mozilla Firefox v14.0.1 (en-US)

Profile name : default
File : C:\Documents and Settings\James n\Application Data\Mozilla\Firefox\Profiles\06lgyvcy.default\prefs.js

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [1879 octets] - [04/08/2012 14:38:52]

########## EOF - C:\AdwCleaner[S1].txt - [2007 octets] ##########

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:29 AM

Posted 05 August 2012 - 12:02 AM

Download

System look

Launch it and copy this script in the BOX
:filefind
{c6386137-85d1-9ce4-7249-d6d93a4a0b1e}

Click on LOOK,post the generated log

Download

Sharedaccess
wscsvc
BITS
wuauserv

Launch it,click YES

restart the PC

Post the new FSS log

#10 bobmaluga

bobmaluga
  • Topic Starter

  • Members
  • 72 posts
  • OFFLINE
  •  
  • Local time:08:29 AM

Posted 05 August 2012 - 11:15 AM

Hi after doing the last steps. My security shield is back on the taskbar.
and windows firewall asked if i wanted to keep bocking "Akamai Netsession client"
I clicked keep blocking but i think its for a mmorpg game not sure.



SystemLook 30.07.11 by jpshortstuff
Log created at 11:36 on 05/08/2012 by James n
Administrator - Elevation successful

========== filefind ==========

Searching for "{c6386137-85d1-9ce4-7249-d6d93a4a0b1e}"
No files found.

-= EOF =-



Farbar Service Scanner Version: 04-08-2012 01
Ran by James n (administrator) on 05-08-2012 at 11:55:40
Running from "C:\Documents and Settings\James n\Desktop"
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
Gpc(3) IPSec(5) NetBT(6) PSched(7) Tcpip(4)
0x0700000005000000010000000200000003000000040000000600000007000000
IpSec Tag value is correct.

**** End of log ****

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:29 AM

Posted 05 August 2012 - 12:36 PM

That looks good

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://support.microsoft.com/kb/310405

Update your flash player

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#12 bobmaluga

bobmaluga
  • Topic Starter

  • Members
  • 72 posts
  • OFFLINE
  •  
  • Local time:08:29 AM

Posted 05 August 2012 - 01:51 PM

Thank you so much for all your help.Everything seem to be running great :thumbsup:
I'm going to change my antivirus to avast.

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:29 AM

Posted 05 August 2012 - 01:55 PM

You're most welcome :thumbsup:




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users