Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Internet Explorer Hijacked


  • Please log in to reply
9 replies to this topic

#1 artharpster

artharpster

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:10:16 PM

Posted 06 August 2012 - 08:52 PM

Hello,


I am running Windows XP, service pack 3. I have Internet Explorer 8.

Yesterday, I noticed a 'humming' low sound when I opened IE. Today, I saw that my download manager came on when I opened my home page on IE, and it showed 2 files available for download:

hxxp://youvs.oakley.com/_assets/mp3/ambient.mp3

hxxp://youvs.oakley.com/_assets/flv/aura.flv

I went into the registry and deleted anything that had "youvs.oakley.com" associated with it and there were a number of entries. This didn't fix the probelm.

I did a virus scan with Malewarebytes, SuperAntiSpyware and AVG and they all came up empty.

Any ideas to help me?

Thanks!

Edited by Orange Blossom, 07 August 2012 - 04:08 AM.
Deactivated links and moved from XP to AII. ~ OB


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:16 PM

Posted 07 August 2012 - 08:57 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 artharpster

artharpster
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:10:16 PM

Posted 08 August 2012 - 12:11 PM

Thank you Narenxp. Much appreciated.

This is the first scan using TDSSkiller:

07:37:42.0078 5092 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
07:37:43.0968 5092 ============================================================
07:37:43.0968 5092 Current date / time: 2012/08/08 07:37:43.0968
07:37:43.0968 5092 SystemInfo:
07:37:43.0968 5092
07:37:43.0968 5092 OS Version: 5.1.2600 ServicePack: 3.0
07:37:43.0968 5092 Product type: Workstation
07:37:43.0968 5092 ComputerName: SUPERNAT-F2B3B3
07:37:43.0968 5092 UserName: Randy
07:37:43.0968 5092 Windows directory: C:\WINDOWS
07:37:43.0968 5092 System windows directory: C:\WINDOWS
07:37:43.0968 5092 Processor architecture: Intel x86
07:37:43.0968 5092 Number of processors: 2
07:37:43.0968 5092 Page size: 0x1000
07:37:43.0968 5092 Boot type: Normal boot
07:37:43.0968 5092 ============================================================
07:37:45.0906 5092 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
07:37:45.0906 5092 Drive \Device\Harddisk1\DR3 - Size: 0x1D1C1115E00 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
07:37:45.0906 5092 ============================================================
07:37:45.0906 5092 \Device\Harddisk0\DR0:
07:37:45.0906 5092 MBR partitions:
07:37:45.0906 5092 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x17886, BlocksNum 0x25411F7A
07:37:45.0906 5092 \Device\Harddisk1\DR3:
07:37:45.0906 5092 MBR partitions:
07:37:45.0906 5092 \Device\Harddisk1\DR3\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xE8E074C1
07:37:45.0906 5092 ============================================================
07:37:45.0953 5092 C: <-> \Device\Harddisk0\DR0\Partition0
07:37:46.0062 5092 E: <-> \Device\Harddisk1\DR3\Partition0
07:37:46.0062 5092 ============================================================
07:37:46.0062 5092 Initialize success
07:37:46.0062 5092 ============================================================
07:38:23.0968 6064 ============================================================
07:38:23.0968 6064 Scan started
07:38:23.0968 6064 Mode: Manual; TDLFS;
07:38:23.0968 6064 ============================================================
07:38:24.0750 6064 !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
07:38:24.0765 6064 !SASCORE - ok
07:38:24.0859 6064 3855958drv - ok
07:38:24.0921 6064 51237219 (186b54479d98e48aee0e9ada4b3c4d31) C:\WINDOWS\system32\DRIVERS\51237219.sys
07:38:24.0921 6064 51237219 - ok
07:38:24.0984 6064 57179250 (186b54479d98e48aee0e9ada4b3c4d31) C:\WINDOWS\system32\DRIVERS\57179250.sys
07:38:24.0984 6064 57179250 - ok
07:38:25.0046 6064 77078791 (186b54479d98e48aee0e9ada4b3c4d31) C:\WINDOWS\system32\DRIVERS\77078791.sys
07:38:25.0046 6064 77078791 - ok
07:38:25.0093 6064 82927290 (186b54479d98e48aee0e9ada4b3c4d31) C:\WINDOWS\system32\DRIVERS\82927290.sys
07:38:25.0093 6064 82927290 - ok
07:38:25.0171 6064 9115651drv (cd40157a1a5cddc6ca219ab14a17692a) C:\WINDOWS\system32\DRIVERS\9115651drv.sys
07:38:25.0171 6064 9115651drv - ok
07:38:25.0187 6064 Abiosdsk - ok
07:38:25.0187 6064 abp480n5 - ok
07:38:25.0250 6064 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
07:38:25.0250 6064 ACPI - ok
07:38:25.0296 6064 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
07:38:25.0312 6064 ACPIEC - ok
07:38:25.0359 6064 AdobeActiveFileMonitor10.0 (c245e08ec469a52a622efdc9787a0dcc) C:\Program Files\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
07:38:25.0359 6064 AdobeActiveFileMonitor10.0 - ok
07:38:25.0406 6064 AdobeActiveFileMonitor9.0 (c004f38974f4d321b4c20a240e1175c0) C:\Program Files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
07:38:25.0406 6064 AdobeActiveFileMonitor9.0 - ok
07:38:25.0421 6064 adpu160m - ok
07:38:25.0468 6064 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
07:38:25.0468 6064 aec - ok
07:38:25.0531 6064 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
07:38:25.0531 6064 AFD - ok
07:38:25.0531 6064 Aha154x - ok
07:38:25.0531 6064 aic78u2 - ok
07:38:25.0546 6064 aic78xx - ok
07:38:25.0593 6064 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
07:38:25.0593 6064 Alerter - ok
07:38:25.0609 6064 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
07:38:25.0625 6064 ALG - ok
07:38:25.0625 6064 AliIde - ok
07:38:25.0750 6064 Ambfilt (267fc636801edc5ab28e14036349e3be) C:\WINDOWS\system32\drivers\Ambfilt.sys
07:38:25.0781 6064 Ambfilt - ok
07:38:25.0828 6064 amsint - ok
07:38:25.0875 6064 androidusb (dd8d9c597af7cd2f6b70a3d6a4a1acea) C:\WINDOWS\system32\Drivers\ssadadb.sys
07:38:25.0875 6064 androidusb - ok
07:38:25.0921 6064 AnyDVD (133b7b6d6a3ec9e46fbe742ee1516c37) C:\WINDOWS\system32\Drivers\AnyDVD.sys
07:38:25.0921 6064 AnyDVD - ok
07:38:26.0062 6064 Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
07:38:26.0062 6064 Apple Mobile Device - ok
07:38:26.0093 6064 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll
07:38:26.0093 6064 AppMgmt - ok
07:38:26.0140 6064 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
07:38:26.0140 6064 Arp1394 - ok
07:38:26.0140 6064 asc - ok
07:38:26.0156 6064 asc3350p - ok
07:38:26.0156 6064 asc3550 - ok
07:38:26.0218 6064 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
07:38:26.0218 6064 aspnet_state - ok
07:38:26.0250 6064 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
07:38:26.0250 6064 AsyncMac - ok
07:38:26.0312 6064 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
07:38:26.0312 6064 atapi - ok
07:38:26.0312 6064 Atdisk - ok
07:38:26.0375 6064 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
07:38:26.0375 6064 Atmarpc - ok
07:38:26.0421 6064 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
07:38:26.0421 6064 AudioSrv - ok
07:38:26.0468 6064 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
07:38:26.0484 6064 audstub - ok
07:38:26.0515 6064 Avgfwdx (841b0a982065bffc7d7e84009f2fa76f) C:\WINDOWS\system32\DRIVERS\avgfwdx.sys
07:38:26.0515 6064 Avgfwdx - ok
07:38:26.0515 6064 Avgfwfd (841b0a982065bffc7d7e84009f2fa76f) C:\WINDOWS\system32\DRIVERS\avgfwdx.sys
07:38:26.0515 6064 Avgfwfd - ok
07:38:26.0703 6064 avgfws (5cd22eb540f82c70e33e530003f3903b) C:\Program Files\AVG\AVG2012\avgfws.exe
07:38:26.0781 6064 avgfws - ok
07:38:27.0093 6064 AVGIDSAgent (6d440ff3f44ca72edfd6176c6d6a89c0) C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
07:38:27.0125 6064 AVGIDSAgent - ok
07:38:27.0250 6064 AVGIDSDriver (4fa401b33c1b50c816486f6951244a14) C:\WINDOWS\system32\DRIVERS\AVGIDSDriver.Sys
07:38:27.0250 6064 AVGIDSDriver - ok
07:38:27.0281 6064 AVGIDSEH (69578bc9d43d614c6b3455db4af19762) C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys
07:38:27.0281 6064 AVGIDSEH - ok
07:38:27.0312 6064 AVGIDSFilter (6df528406aa22201f392b9b19121cd6f) C:\WINDOWS\system32\DRIVERS\AVGIDSFilter.Sys
07:38:27.0312 6064 AVGIDSFilter - ok
07:38:27.0359 6064 AVGIDSShim (1e01c2166b5599802bcd61b9691f7476) C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys
07:38:27.0359 6064 AVGIDSShim - ok
07:38:27.0421 6064 Avgldx86 (bf8118cd5e2255387b715b534d64acd1) C:\WINDOWS\system32\DRIVERS\avgldx86.sys
07:38:27.0421 6064 Avgldx86 - ok
07:38:27.0437 6064 Avgmfx86 (1c77ef67f196466adc9924cb288afe87) C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
07:38:27.0437 6064 Avgmfx86 - ok
07:38:27.0468 6064 Avgrkx86 (f2038ed7284b79dcef581468121192a9) C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
07:38:27.0468 6064 Avgrkx86 - ok
07:38:27.0515 6064 Avgtdix (a6d562b612216d8d02a35ebeb92366bd) C:\WINDOWS\system32\DRIVERS\avgtdix.sys
07:38:27.0531 6064 Avgtdix - ok
07:38:27.0593 6064 avgwd (6699ece24fe4b3f752a66c66a602ee86) C:\Program Files\AVG\AVG2012\avgwdsvc.exe
07:38:27.0593 6064 avgwd - ok
07:38:27.0656 6064 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
07:38:27.0656 6064 Beep - ok
07:38:27.0718 6064 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
07:38:27.0828 6064 BITS - ok
07:38:27.0906 6064 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
07:38:27.0906 6064 Bonjour Service - ok
07:38:27.0968 6064 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
07:38:27.0968 6064 Browser - ok
07:38:28.0015 6064 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
07:38:28.0015 6064 cbidf2k - ok
07:38:28.0046 6064 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
07:38:28.0046 6064 CCDECODE - ok
07:38:28.0062 6064 cd20xrnt - ok
07:38:28.0109 6064 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
07:38:28.0109 6064 Cdaudio - ok
07:38:28.0125 6064 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
07:38:28.0140 6064 Cdfs - ok
07:38:28.0171 6064 Cdrom (4b0a100eaf5c49ef3cca8c641431eacc) C:\WINDOWS\system32\DRIVERS\cdrom.sys
07:38:28.0171 6064 Cdrom - ok
07:38:28.0203 6064 Cepstral License Server (e0d1a86936ae67a266a88ea84b1b5d79) C:\Program Files\Cepstral\bin\CepstralLicSrv.exe
07:38:28.0203 6064 Cepstral License Server - ok
07:38:28.0218 6064 cercsr6 (84853b3fd012251690570e9e7e43343f) C:\WINDOWS\system32\drivers\cercsr6.sys
07:38:28.0218 6064 cercsr6 - ok
07:38:28.0218 6064 Changer - ok
07:38:28.0234 6064 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
07:38:28.0250 6064 CiSvc - ok
07:38:28.0265 6064 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
07:38:28.0265 6064 ClipSrv - ok
07:38:28.0421 6064 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
07:38:28.0421 6064 clr_optimization_v2.0.50727_32 - ok
07:38:28.0531 6064 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
07:38:28.0531 6064 clr_optimization_v4.0.30319_32 - ok
07:38:28.0531 6064 CmdIde - ok
07:38:28.0546 6064 COMSysApp - ok
07:38:28.0546 6064 Cpqarray - ok
07:38:28.0593 6064 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
07:38:28.0593 6064 CryptSvc - ok
07:38:28.0593 6064 dac2w2k - ok
07:38:28.0609 6064 dac960nt - ok
07:38:28.0671 6064 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
07:38:28.0671 6064 DcomLaunch - ok
07:38:28.0750 6064 Delete Duplicate Files Scan on Schedule Service (953bfa65032b6b6eec5d82612b872fb7) C:\Program Files\Delete Duplicate Files\DDFS.exe
07:38:28.0750 6064 Delete Duplicate Files Scan on Schedule Service - ok
07:38:28.0765 6064 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
07:38:28.0765 6064 Dhcp - ok
07:38:28.0796 6064 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
07:38:28.0812 6064 Disk - ok
07:38:28.0812 6064 dmadmin - ok
07:38:28.0875 6064 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
07:38:28.0875 6064 dmboot - ok
07:38:28.0890 6064 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
07:38:28.0890 6064 dmio - ok
07:38:28.0921 6064 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
07:38:28.0921 6064 dmload - ok
07:38:28.0953 6064 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
07:38:28.0953 6064 dmserver - ok
07:38:29.0000 6064 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
07:38:29.0000 6064 DMusic - ok
07:38:29.0031 6064 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
07:38:29.0031 6064 Dnscache - ok
07:38:29.0062 6064 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
07:38:29.0062 6064 Dot3svc - ok
07:38:29.0062 6064 dpti2o - ok
07:38:29.0140 6064 DragonSvc (fbb015880ad6b8366e0d061ea42cc091) C:\Program Files\Common Files\Nuance\dgnsvc.exe
07:38:29.0156 6064 DragonSvc - ok
07:38:29.0156 6064 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
07:38:29.0156 6064 drmkaud - ok
07:38:29.0203 6064 e1express (34aaa3b298a852b3663e6e0d94d12945) C:\WINDOWS\system32\DRIVERS\e1e5132.sys
07:38:29.0203 6064 e1express - ok
07:38:29.0218 6064 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
07:38:29.0218 6064 EapHost - ok
07:38:29.0265 6064 ElbyCDIO (d71233d7ccc2e64f8715a20428d5a33b) C:\WINDOWS\system32\Drivers\ElbyCDIO.sys
07:38:29.0265 6064 ElbyCDIO - ok
07:38:29.0312 6064 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
07:38:29.0312 6064 ERSvc - ok
07:38:29.0375 6064 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
07:38:29.0375 6064 Eventlog - ok
07:38:29.0437 6064 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
07:38:29.0437 6064 EventSystem - ok
07:38:29.0500 6064 Fabs - ok
07:38:29.0562 6064 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
07:38:29.0562 6064 Fastfat - ok
07:38:29.0625 6064 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
07:38:29.0625 6064 FastUserSwitchingCompatibility - ok
07:38:29.0640 6064 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
07:38:29.0640 6064 Fdc - ok
07:38:29.0687 6064 FilterService (b73ec688c29f81f9da0fcf63682b3ecb) C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys
07:38:29.0687 6064 FilterService - ok
07:38:29.0703 6064 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
07:38:29.0703 6064 Fips - ok
07:38:29.0875 6064 FirebirdServerMAGIXInstance (5bd96d8c5411ace71a7eaacaf0ef2903) C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe
07:38:29.0953 6064 FirebirdServerMAGIXInstance - ok
07:38:30.0031 6064 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
07:38:30.0031 6064 Flpydisk - ok
07:38:30.0062 6064 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
07:38:30.0062 6064 FltMgr - ok
07:38:30.0203 6064 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
07:38:30.0203 6064 FontCache3.0.0.0 - ok
07:38:30.0250 6064 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
07:38:30.0250 6064 Fs_Rec - ok
07:38:30.0312 6064 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
07:38:30.0312 6064 Ftdisk - ok
07:38:30.0359 6064 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
07:38:30.0359 6064 GEARAspiWDM - ok
07:38:30.0406 6064 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
07:38:30.0406 6064 Gpc - ok
07:38:30.0562 6064 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
07:38:30.0562 6064 gupdate - ok
07:38:30.0562 6064 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
07:38:30.0562 6064 gupdatem - ok
07:38:30.0625 6064 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
07:38:30.0625 6064 gusvc - ok
07:38:30.0640 6064 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
07:38:30.0640 6064 HDAudBus - ok
07:38:30.0750 6064 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
07:38:30.0750 6064 helpsvc - ok
07:38:30.0812 6064 HidServ (deb04da35cc871b6d309b77e1443c796) C:\WINDOWS\System32\hidserv.dll
07:38:30.0812 6064 HidServ - ok
07:38:30.0812 6064 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
07:38:30.0812 6064 hidusb - ok
07:38:30.0859 6064 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
07:38:30.0875 6064 hkmsvc - ok
07:38:30.0875 6064 hpn - ok
07:38:31.0031 6064 hpqcxs08 (5da42d24712e00728cea2342a65009b2) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
07:38:31.0031 6064 hpqcxs08 - ok
07:38:31.0093 6064 hpqddsvc (d86a39bf100069444d026d22d9a6e555) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
07:38:31.0093 6064 hpqddsvc - ok
07:38:31.0140 6064 HPSLPSVC (a04f4ac48895774a2cf9d1c9eaaacef0) C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
07:38:31.0156 6064 HPSLPSVC - ok
07:38:31.0234 6064 HPZid412 (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
07:38:31.0234 6064 HPZid412 - ok
07:38:31.0250 6064 HPZipr12 (89f41658929393487b6b7d13c8528ce3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
07:38:31.0250 6064 HPZipr12 - ok
07:38:31.0296 6064 HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
07:38:31.0296 6064 HPZius12 - ok
07:38:31.0359 6064 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
07:38:31.0375 6064 HTTP - ok
07:38:31.0437 6064 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
07:38:31.0437 6064 HTTPFilter - ok
07:38:31.0437 6064 i2omgmt - ok
07:38:31.0437 6064 i2omp - ok
07:38:31.0578 6064 ialm (c5db546f9028cd00e64335091860d8f3) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
07:38:31.0640 6064 ialm - ok
07:38:31.0734 6064 IDMTDI (eb5a63adbf35314465cfbc33558cdaf7) C:\WINDOWS\system32\DRIVERS\idmtdi.sys
07:38:31.0734 6064 IDMTDI - ok
07:38:31.0890 6064 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
07:38:31.0890 6064 IDriverT - ok
07:38:32.0000 6064 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
07:38:32.0015 6064 idsvc - ok
07:38:32.0062 6064 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
07:38:32.0062 6064 Imapi - ok
07:38:32.0125 6064 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
07:38:32.0125 6064 ImapiService - ok
07:38:32.0125 6064 ini910u - ok
07:38:32.0406 6064 IntcAzAudAddService (17bbbabb21f86b650b2626045a9d016c) C:\WINDOWS\system32\drivers\RtkHDAud.sys
07:38:32.0421 6064 IntcAzAudAddService - ok
07:38:32.0468 6064 IntelIde - ok
07:38:32.0515 6064 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
07:38:32.0515 6064 intelppm - ok
07:38:32.0546 6064 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
07:38:32.0546 6064 Ip6Fw - ok
07:38:32.0593 6064 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
07:38:32.0593 6064 IpFilterDriver - ok
07:38:32.0625 6064 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
07:38:32.0625 6064 IpInIp - ok
07:38:32.0671 6064 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
07:38:32.0671 6064 IpNat - ok
07:38:32.0812 6064 iPod Service (e6be7a41a28d8f2db174957454d32448) C:\Program Files\iPod\bin\iPodService.exe
07:38:32.0828 6064 iPod Service - ok
07:38:32.0875 6064 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
07:38:32.0890 6064 IPSec - ok
07:38:32.0906 6064 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
07:38:32.0906 6064 IRENUM - ok
07:38:32.0968 6064 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
07:38:32.0968 6064 isapnp - ok
07:38:33.0062 6064 JavaQuickStarterService (c2c1660ddcc9bd67eb98d6d5f91c107f) C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
07:38:33.0078 6064 JavaQuickStarterService - ok
07:38:33.0125 6064 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
07:38:33.0125 6064 Kbdclass - ok
07:38:33.0140 6064 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
07:38:33.0140 6064 kbdhid - ok
07:38:33.0156 6064 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
07:38:33.0156 6064 kmixer - ok
07:38:33.0187 6064 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
07:38:33.0187 6064 KSecDD - ok
07:38:33.0218 6064 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
07:38:33.0218 6064 lanmanserver - ok
07:38:33.0281 6064 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
07:38:33.0281 6064 lanmanworkstation - ok
07:38:33.0296 6064 lbrtfdc - ok
07:38:33.0343 6064 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
07:38:33.0343 6064 LmHosts - ok
07:38:33.0406 6064 LVPr2Mon (1a7db7a00a4b0d8da24cd691a4547291) C:\WINDOWS\system32\Drivers\LVPr2Mon.sys
07:38:33.0406 6064 LVPr2Mon - ok
07:38:33.0515 6064 LVPrcSrv (0ddfdcaa92c7f553328db06ba599bea9) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
07:38:33.0515 6064 LVPrcSrv - ok
07:38:33.0593 6064 LVRS (37072ec9299e825f4335cc554b6fac6a) C:\WINDOWS\system32\DRIVERS\lvrs.sys
07:38:33.0593 6064 LVRS - ok
07:38:33.0640 6064 LVUSBSta (8b79a50360fc31df6b7b979b686b4aa2) C:\WINDOWS\system32\drivers\LVUSBSta.sys
07:38:33.0640 6064 LVUSBSta - ok
07:38:34.0031 6064 LVUVC (a240e42a7402e927a71b6e8aa4629b13) C:\WINDOWS\system32\DRIVERS\lvuvc.sys
07:38:34.0062 6064 LVUVC - ok
07:38:34.0156 6064 MBAMProtector (6dfe7f2e8e8a337263aa5c92a215f161) C:\WINDOWS\system32\drivers\mbam.sys
07:38:34.0171 6064 MBAMProtector - ok
07:38:34.0281 6064 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
07:38:34.0296 6064 MBAMService - ok
07:38:34.0328 6064 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
07:38:34.0328 6064 Messenger - ok
07:38:34.0359 6064 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
07:38:34.0359 6064 mnmdd - ok
07:38:34.0406 6064 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
07:38:34.0406 6064 mnmsrvc - ok
07:38:34.0437 6064 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
07:38:34.0453 6064 Modem - ok
07:38:34.0546 6064 Monfilt (c7d9f9717916b34c1b00dd4834af485c) C:\WINDOWS\system32\drivers\Monfilt.sys
07:38:34.0609 6064 Monfilt - ok
07:38:34.0656 6064 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
07:38:34.0656 6064 Mouclass - ok
07:38:34.0703 6064 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
07:38:34.0718 6064 mouhid - ok
07:38:34.0718 6064 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
07:38:34.0718 6064 MountMgr - ok
07:38:34.0765 6064 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
07:38:34.0765 6064 MozillaMaintenance - ok
07:38:34.0781 6064 mraid35x - ok
07:38:34.0796 6064 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
07:38:34.0812 6064 MRxDAV - ok
07:38:34.0875 6064 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
07:38:34.0875 6064 MRxSmb - ok
07:38:34.0906 6064 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe
07:38:34.0921 6064 MSDTC - ok
07:38:34.0937 6064 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
07:38:34.0937 6064 Msfs - ok
07:38:34.0937 6064 MSIServer - ok
07:38:34.0984 6064 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
07:38:35.0000 6064 MSKSSRV - ok
07:38:35.0000 6064 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
07:38:35.0000 6064 MSPCLOCK - ok
07:38:35.0015 6064 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
07:38:35.0015 6064 MSPQM - ok
07:38:35.0078 6064 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
07:38:35.0078 6064 mssmbios - ok
07:38:35.0109 6064 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
07:38:35.0109 6064 MSTEE - ok
07:38:35.0140 6064 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
07:38:35.0140 6064 Mup - ok
07:38:35.0171 6064 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
07:38:35.0171 6064 NABTSFEC - ok
07:38:35.0203 6064 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
07:38:35.0234 6064 napagent - ok
07:38:35.0234 6064 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
07:38:35.0250 6064 NDIS - ok
07:38:35.0265 6064 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
07:38:35.0265 6064 NdisIP - ok
07:38:35.0312 6064 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
07:38:35.0312 6064 NdisTapi - ok
07:38:35.0328 6064 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
07:38:35.0328 6064 Ndisuio - ok
07:38:35.0328 6064 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
07:38:35.0343 6064 NdisWan - ok
07:38:35.0359 6064 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
07:38:35.0359 6064 NDProxy - ok
07:38:35.0390 6064 Net Driver HPZ12 (a081cb6fb9a12668f233eb5414be3a0e) C:\WINDOWS\system32\HPZinw12.dll
07:38:35.0390 6064 Net Driver HPZ12 - ok
07:38:35.0406 6064 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
07:38:35.0406 6064 NetBIOS - ok
07:38:35.0421 6064 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
07:38:35.0421 6064 NetBT - ok
07:38:35.0468 6064 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
07:38:35.0468 6064 NetDDE - ok
07:38:35.0468 6064 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
07:38:35.0484 6064 NetDDEdsdm - ok
07:38:35.0531 6064 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
07:38:35.0546 6064 Netlogon - ok
07:38:35.0609 6064 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
07:38:35.0609 6064 Netman - ok
07:38:35.0734 6064 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
07:38:35.0734 6064 NetTcpPortSharing - ok
07:38:35.0765 6064 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
07:38:35.0765 6064 NIC1394 - ok
07:38:35.0781 6064 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
07:38:35.0796 6064 Nla - ok
07:38:35.0796 6064 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
07:38:35.0796 6064 Npfs - ok
07:38:35.0828 6064 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
07:38:35.0828 6064 Ntfs - ok
07:38:35.0828 6064 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
07:38:35.0828 6064 NtLmSsp - ok
07:38:35.0890 6064 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
07:38:35.0921 6064 NtmsSvc - ok
07:38:35.0968 6064 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
07:38:35.0968 6064 Null - ok
07:38:36.0031 6064 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
07:38:36.0031 6064 NwlnkFlt - ok
07:38:36.0062 6064 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
07:38:36.0062 6064 NwlnkFwd - ok
07:38:36.0203 6064 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
07:38:36.0218 6064 odserv - ok
07:38:36.0218 6064 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
07:38:36.0218 6064 ohci1394 - ok
07:38:36.0265 6064 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
07:38:36.0265 6064 ose - ok
07:38:36.0265 6064 PalmUSBD - ok
07:38:36.0296 6064 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
07:38:36.0296 6064 Parport - ok
07:38:36.0312 6064 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
07:38:36.0312 6064 PartMgr - ok
07:38:36.0328 6064 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
07:38:36.0328 6064 ParVdm - ok
07:38:36.0375 6064 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
07:38:36.0375 6064 PCI - ok
07:38:36.0375 6064 PCIDump - ok
07:38:36.0375 6064 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
07:38:36.0375 6064 PCIIde - ok
07:38:36.0406 6064 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
07:38:36.0406 6064 Pcmcia - ok
07:38:36.0406 6064 PDCOMP - ok
07:38:36.0406 6064 PDFRAME - ok
07:38:36.0421 6064 PDRELI - ok
07:38:36.0421 6064 PDRFRAME - ok
07:38:36.0421 6064 perc2 - ok
07:38:36.0421 6064 perc2hib - ok
07:38:36.0484 6064 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
07:38:36.0484 6064 PlugPlay - ok
07:38:36.0546 6064 Pml Driver HPZ12 (65bc271f337637731d3c71455ae1f476) C:\WINDOWS\system32\HPZipm12.dll
07:38:36.0546 6064 Pml Driver HPZ12 - ok
07:38:36.0562 6064 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
07:38:36.0562 6064 PolicyAgent - ok
07:38:36.0578 6064 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
07:38:36.0578 6064 PptpMiniport - ok
07:38:36.0578 6064 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
07:38:36.0578 6064 ProtectedStorage - ok
07:38:36.0578 6064 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
07:38:36.0578 6064 PSched - ok
07:38:36.0609 6064 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
07:38:36.0609 6064 Ptilink - ok
07:38:36.0625 6064 pwdrvio (3ddd425de6f3dae507ca2129838b3d53) C:\WINDOWS\system32\pwdrvio.sys
07:38:36.0625 6064 pwdrvio - ok
07:38:36.0671 6064 pwdspio (0e634f8be4d0e6a10317c6647ae31344) C:\WINDOWS\system32\pwdspio.sys
07:38:36.0671 6064 pwdspio - ok
07:38:36.0703 6064 PxHelp20 (053a608bcfeb5a4d0cecdda703b08c83) C:\WINDOWS\system32\Drivers\PxHelp20.sys
07:38:36.0703 6064 PxHelp20 - ok
07:38:36.0703 6064 ql1080 - ok
07:38:36.0718 6064 Ql10wnt - ok
07:38:36.0718 6064 ql12160 - ok
07:38:36.0718 6064 ql1240 - ok
07:38:36.0734 6064 ql1280 - ok
07:38:36.0734 6064 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
07:38:36.0734 6064 RasAcd - ok
07:38:36.0765 6064 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
07:38:36.0765 6064 RasAuto - ok
07:38:36.0796 6064 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
07:38:36.0796 6064 Rasl2tp - ok
07:38:36.0859 6064 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
07:38:36.0859 6064 RasMan - ok
07:38:36.0875 6064 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
07:38:36.0875 6064 RasPppoe - ok
07:38:36.0875 6064 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
07:38:36.0875 6064 Raspti - ok
07:38:36.0890 6064 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
07:38:36.0890 6064 Rdbss - ok
07:38:36.0890 6064 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
07:38:36.0890 6064 RDPCDD - ok
07:38:36.0906 6064 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
07:38:36.0906 6064 rdpdr - ok
07:38:36.0953 6064 RDPWD (6589db6e5969f8eee594cf71171c5028) C:\WINDOWS\system32\drivers\RDPWD.sys
07:38:36.0953 6064 RDPWD - ok
07:38:36.0968 6064 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
07:38:36.0984 6064 RDSessMgr - ok
07:38:37.0015 6064 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
07:38:37.0015 6064 redbook - ok
07:38:37.0062 6064 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
07:38:37.0062 6064 RemoteAccess - ok
07:38:37.0109 6064 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINDOWS\system32\regsvc.dll
07:38:37.0109 6064 RemoteRegistry - ok
07:38:37.0140 6064 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
07:38:37.0140 6064 RpcLocator - ok
07:38:37.0203 6064 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
07:38:37.0203 6064 RpcSs - ok
07:38:37.0265 6064 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
07:38:37.0265 6064 RSVP - ok
07:38:37.0265 6064 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
07:38:37.0265 6064 SamSs - ok
07:38:37.0421 6064 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
07:38:37.0421 6064 SASDIFSV - ok
07:38:37.0437 6064 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
07:38:37.0437 6064 SASKUTIL - ok
07:38:37.0484 6064 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
07:38:37.0484 6064 SCardSvr - ok
07:38:37.0515 6064 SCDEmu (c23dbd9bfba8b1170706e0896b3cf7da) C:\WINDOWS\system32\drivers\SCDEmu.sys
07:38:37.0515 6064 SCDEmu - ok
07:38:37.0546 6064 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
07:38:37.0562 6064 Schedule - ok
07:38:37.0703 6064 SeagateDashboardService (16b44d246835eac156f8daf0aa4f530c) C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe
07:38:37.0703 6064 SeagateDashboardService - ok
07:38:37.0718 6064 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
07:38:37.0718 6064 Secdrv - ok
07:38:37.0734 6064 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
07:38:37.0750 6064 seclogon - ok
07:38:37.0750 6064 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
07:38:37.0750 6064 SENS - ok
07:38:37.0750 6064 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys
07:38:37.0750 6064 Serial - ok
07:38:37.0812 6064 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
07:38:37.0812 6064 Sfloppy - ok
07:38:37.0843 6064 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
07:38:37.0859 6064 SharedAccess - ok
07:38:37.0921 6064 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
07:38:37.0921 6064 ShellHWDetection - ok
07:38:37.0937 6064 Simbad - ok
07:38:38.0015 6064 SkypeUpdate (ddaa5f4a6b958fc313ebd02dd925752f) C:\Program Files\Skype\Updater\Updater.exe
07:38:38.0015 6064 SkypeUpdate - ok
07:38:38.0062 6064 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
07:38:38.0062 6064 SLIP - ok
07:38:38.0140 6064 Sony SCSI Helper Service (3bb48f7e33c2b76184ddf233000c09cd) C:\Program Files\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe
07:38:38.0140 6064 Sony SCSI Helper Service - ok
07:38:38.0156 6064 Sparrow - ok
07:38:38.0171 6064 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
07:38:38.0171 6064 splitter - ok
07:38:38.0203 6064 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
07:38:38.0218 6064 Spooler - ok
07:38:38.0250 6064 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
07:38:38.0250 6064 sr - ok
07:38:38.0296 6064 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
07:38:38.0312 6064 srservice - ok
07:38:38.0359 6064 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
07:38:38.0359 6064 Srv - ok
07:38:38.0375 6064 ssadbus (406776fe3c2b66796bac1a7afb9ac8a1) C:\WINDOWS\system32\DRIVERS\ssadbus.sys
07:38:38.0390 6064 ssadbus - ok
07:38:38.0406 6064 ssadmdfl (b19532d015a5d295e2aa34bb521202cf) C:\WINDOWS\system32\DRIVERS\ssadmdfl.sys
07:38:38.0406 6064 ssadmdfl - ok
07:38:38.0421 6064 ssadmdm (2aebf9108e6f435458b9499c27394da4) C:\WINDOWS\system32\DRIVERS\ssadmdm.sys
07:38:38.0421 6064 ssadmdm - ok
07:38:38.0468 6064 ssadserd (28f893c9b4e98dee5ae3c24db56b1b11) C:\WINDOWS\system32\DRIVERS\ssadserd.sys
07:38:38.0468 6064 ssadserd - ok
07:38:38.0500 6064 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
07:38:38.0515 6064 SSDPSRV - ok
07:38:38.0546 6064 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
07:38:38.0562 6064 stisvc - ok
07:38:38.0578 6064 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
07:38:38.0578 6064 streamip - ok
07:38:38.0609 6064 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
07:38:38.0609 6064 swenum - ok
07:38:38.0734 6064 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
07:38:38.0734 6064 SwitchBoard - ok
07:38:38.0781 6064 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
07:38:38.0781 6064 swmidi - ok
07:38:38.0781 6064 SwPrv - ok
07:38:38.0796 6064 symc810 - ok
07:38:38.0796 6064 symc8xx - ok
07:38:38.0796 6064 sym_hi - ok
07:38:38.0812 6064 sym_u3 - ok
07:38:38.0828 6064 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
07:38:38.0828 6064 sysaudio - ok
07:38:38.0875 6064 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
07:38:38.0875 6064 SysmonLog - ok
07:38:38.0921 6064 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
07:38:38.0921 6064 TapiSrv - ok
07:38:39.0000 6064 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
07:38:39.0000 6064 Tcpip - ok
07:38:39.0031 6064 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
07:38:39.0031 6064 TDPIPE - ok
07:38:39.0078 6064 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
07:38:39.0078 6064 TDTCP - ok
07:38:39.0093 6064 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
07:38:39.0093 6064 TermDD - ok
07:38:39.0140 6064 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
07:38:39.0140 6064 TermService - ok
07:38:39.0203 6064 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
07:38:39.0203 6064 Themes - ok
07:38:39.0250 6064 TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINDOWS\system32\tlntsvr.exe
07:38:39.0250 6064 TlntSvr - ok
07:38:39.0250 6064 TosIde - ok
07:38:39.0281 6064 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
07:38:39.0281 6064 TrkWks - ok
07:38:39.0453 6064 TuneUp.UtilitiesSvc (40234b24fcce742b0b74a38129ec138d) C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe
07:38:39.0500 6064 TuneUp.UtilitiesSvc - ok
07:38:39.0531 6064 TuneUpUtilitiesDrv (f2107c9d85ec0df116939ccce06ae697) C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys
07:38:39.0531 6064 TuneUpUtilitiesDrv - ok
07:38:39.0656 6064 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
07:38:39.0656 6064 Udfs - ok
07:38:39.0656 6064 ultra - ok
07:38:39.0718 6064 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
07:38:39.0734 6064 Update - ok
07:38:39.0765 6064 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
07:38:39.0781 6064 upnphost - ok
07:38:39.0812 6064 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
07:38:39.0812 6064 UPS - ok
07:38:39.0875 6064 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
07:38:39.0875 6064 usbaudio - ok
07:38:39.0921 6064 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
07:38:39.0921 6064 usbccgp - ok
07:38:39.0937 6064 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
07:38:39.0937 6064 usbehci - ok
07:38:39.0937 6064 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
07:38:39.0937 6064 usbhub - ok
07:38:40.0000 6064 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
07:38:40.0000 6064 usbprint - ok
07:38:40.0046 6064 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
07:38:40.0046 6064 usbscan - ok
07:38:40.0062 6064 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
07:38:40.0062 6064 USBSTOR - ok
07:38:40.0125 6064 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
07:38:40.0125 6064 usbuhci - ok
07:38:40.0140 6064 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
07:38:40.0156 6064 usbvideo - ok
07:38:40.0171 6064 usb_rndisx (b6cc50279d6cd28e090a5d33244adc9a) C:\WINDOWS\system32\DRIVERS\usb8023x.sys
07:38:40.0171 6064 usb_rndisx - ok
07:38:40.0218 6064 UxTuneUp (677a6e9bb5c299b5b566a512d5c17534) C:\WINDOWS\System32\uxtuneup.dll
07:38:40.0218 6064 UxTuneUp - ok
07:38:40.0218 6064 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
07:38:40.0218 6064 VgaSave - ok
07:38:40.0218 6064 ViaIde - ok
07:38:40.0281 6064 VNUSB (ae01e1ed5a81e0d268b91b4a6de5a872) C:\WINDOWS\system32\DRIVERS\VNUSB.sys
07:38:40.0281 6064 VNUSB - ok
07:38:40.0312 6064 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
07:38:40.0312 6064 VolSnap - ok
07:38:40.0343 6064 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
07:38:40.0359 6064 VSS - ok
07:38:40.0546 6064 vToolbarUpdater11.2.0 (8ed347bad8d1fb7c40b593bfb01786d2) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe
07:38:40.0562 6064 vToolbarUpdater11.2.0 - ok
07:38:40.0578 6064 W32Time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
07:38:40.0578 6064 W32Time - ok
07:38:40.0609 6064 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
07:38:40.0609 6064 Wanarp - ok
07:38:40.0656 6064 wceusbsh (46a247f6617526afe38b6f12f5512120) C:\WINDOWS\system32\DRIVERS\wceusbsh.sys
07:38:40.0656 6064 wceusbsh - ok
07:38:40.0703 6064 Wdf01000 (bbcfeab7e871cddac2d397ee7fa91fdc) C:\WINDOWS\system32\Drivers\wdf01000.sys
07:38:40.0750 6064 Wdf01000 - ok
07:38:40.0750 6064 WDICA - ok
07:38:40.0796 6064 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
07:38:40.0796 6064 wdmaud - ok
07:38:40.0843 6064 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
07:38:40.0859 6064 WebClient - ok
07:38:40.0984 6064 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
07:38:40.0984 6064 winmgmt - ok
07:38:41.0015 6064 WinUSB (fd600b032e741eb6aab509fc630f7c42) C:\WINDOWS\system32\DRIVERS\WinUSB.sys
07:38:41.0015 6064 WinUSB - ok
07:38:41.0062 6064 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
07:38:41.0062 6064 WmdmPmSN - ok
07:38:41.0140 6064 Wmi (e76f8807070ed04e7408a86d6d3a6137) C:\WINDOWS\System32\advapi32.dll
07:38:41.0156 6064 Wmi - ok
07:38:41.0187 6064 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
07:38:41.0187 6064 WmiApSrv - ok
07:38:41.0312 6064 WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\WMPNetwk.exe
07:38:41.0328 6064 WMPNetworkSvc - ok
07:38:41.0531 6064 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
07:38:41.0546 6064 WPFFontCache_v0400 - ok
07:38:41.0687 6064 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
07:38:41.0703 6064 wscsvc - ok
07:38:41.0703 6064 WSearch - ok
07:38:41.0781 6064 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
07:38:41.0781 6064 WSTCODEC - ok
07:38:41.0796 6064 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
07:38:41.0796 6064 wuauserv - ok
07:38:41.0828 6064 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
07:38:41.0828 6064 WudfPf - ok
07:38:41.0843 6064 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
07:38:41.0843 6064 WudfRd - ok
07:38:41.0890 6064 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
07:38:41.0890 6064 WudfSvc - ok
07:38:41.0953 6064 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
07:38:41.0953 6064 WZCSVC - ok
07:38:42.0000 6064 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
07:38:42.0015 6064 xmlprov - ok
07:38:42.0046 6064 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
07:38:42.0500 6064 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
07:38:42.0500 6064 \Device\Harddisk0\DR0 - detected TDSS File System (1)
07:38:42.0500 6064 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR3
07:38:42.0671 6064 \Device\Harddisk1\DR3 - ok
07:38:42.0671 6064 Boot (0x1200) (5cdab5eb157f0a681515ca93bf0175da) \Device\Harddisk0\DR0\Partition0
07:38:42.0671 6064 \Device\Harddisk0\DR0\Partition0 - ok
07:38:42.0671 6064 Boot (0x1200) (86fa015f297857cb252d3caa1dd4b83b) \Device\Harddisk1\DR3\Partition0
07:38:42.0687 6064 \Device\Harddisk1\DR3\Partition0 - ok
07:38:42.0687 6064 ============================================================
07:38:42.0687 6064 Scan finished
07:38:42.0687 6064 ============================================================
07:38:42.0687 6036 Detected object count: 1
07:38:42.0687 6036 Actual detected object count: 1
07:39:19.0546 6036 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
07:39:19.0546 6036 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
07:41:54.0421 4964 Deinitialize success


This is the 2nd scan using Avast:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-08 07:42:28
-----------------------------
07:42:28.234 OS Version: Windows 5.1.2600 Service Pack 3
07:42:28.234 Number of processors: 2 586 0xF0D
07:42:28.234 ComputerName: SUPERNAT-F2B3B3 UserName: Randy
07:42:29.281 Initialize success
07:43:40.703 AVAST engine defs: 12080800
07:43:59.421 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
07:43:59.421 Disk 0 Vendor: WDC_WD3200AAKS-75VYA0 12.01B02 Size: 305245MB BusType: 3
07:43:59.437 Disk 0 MBR read successfully
07:43:59.437 Disk 0 MBR scan
07:43:59.484 Disk 0 Windows XP default MBR code
07:43:59.484 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 47 MB offset 63
07:43:59.515 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 305187 MB offset 96390
07:43:59.515 Disk 0 scanning sectors +625121280
07:43:59.609 Disk 0 scanning C:\WINDOWS\system32\drivers
07:44:12.656 Service scanning
07:44:32.859 Modules scanning
07:44:37.640 Disk 0 trace - called modules:
07:44:37.656 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
07:44:37.671 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8aee1ab8]
07:44:37.671 3 CLASSPNP.SYS[ba108fd7] -> nt!IofCallDriver -> \Device\00000078[0x8af2fcd8]
07:44:37.671 5 ACPI.sys[b9f7f620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x8af17d98]
07:44:38.718 AVAST engine scan C:\WINDOWS
07:44:45.406 AVAST engine scan C:\WINDOWS\system32
07:47:59.562 AVAST engine scan C:\WINDOWS\system32\drivers
07:48:23.156 AVAST engine scan C:\Documents and Settings\Randy
08:51:27.936 AVAST engine scan C:\Documents and Settings\All Users
10:33:29.202 Scan finished successfully
10:48:32.514 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Randy\Desktop\MBR.dat"
10:48:32.545 The log file has been saved successfully to "C:\Documents and Settings\Randy\Desktop\aswMBR.txt"

The 3rd scan using ESET did not reveal anything.

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:16 PM

Posted 08 August 2012 - 02:35 PM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Post the generated log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Create a restore point before trying this

Download

adware cleaner

Launch it click on Delete

post the generated log

#5 artharpster

artharpster
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:10:16 PM

Posted 12 August 2012 - 10:34 AM

Hi, sorry for the delay. The sound is no longer there. I had removed the Longtail video folder (JW Player) that housed the Conduit toolbar which I didn't like and the sound stopped. Coincidence? Anyway, continuing to post results of scans:


Malewarebytes:
Malwarebytes Anti-Malware (PRO) 1.62.0.1300
www.malwarebytes.org

Database version: v2012.08.08.11

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Randy :: SUPERNAT-F2B3B3 [administrator]

Protection: Enabled

8/8/2012 5:42:14 PM
mbam-log-2012-08-08 (17-42-14).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 672936
Time elapsed: 3 hour(s), 30 minute(s), 6 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 13
C:\System Volume Information\_restore{91D7D715-6BE0-46B2-9820-24FE9608BCCC}\RP374\A0092995.exe (Dont.Steal.Our.Software) -> Quarantined and

deleted successfully.
C:\System Volume Information\_restore{91D7D715-6BE0-46B2-9820-24FE9608BCCC}\RP374\A0093001.exe (RiskWare.Tool.CK) -> Quarantined and deleted

successfully.
C:\System Volume Information\_restore{91D7D715-6BE0-46B2-9820-24FE9608BCCC}\RP374\A0093008.EXE (Dont.Steal.Our.Software) -> Quarantined and

deleted successfully.
C:\System Volume Information\_restore{91D7D715-6BE0-46B2-9820-24FE9608BCCC}\RP374\A0093249.exe (Dont.Steal.Our.Software) -> Quarantined and

deleted successfully.
C:\System Volume Information\_restore{91D7D715-6BE0-46B2-9820-24FE9608BCCC}\RP374\A0093266.exe (RiskWare.Tool.CK) -> Quarantined and deleted

successfully.
C:\System Volume Information\_restore{91D7D715-6BE0-46B2-9820-24FE9608BCCC}\RP374\A0093272.EXE (Dont.Steal.Our.Software) -> Quarantined and

deleted successfully.
C:\System Volume Information\_restore{91D7D715-6BE0-46B2-9820-24FE9608BCCC}\RP374\A0093589.EXE (Dont.Steal.Our.Software) -> Quarantined and

deleted successfully.
C:\System Volume Information\_restore{91D7D715-6BE0-46B2-9820-24FE9608BCCC}\RP374\A0093595.EXE (Dont.Steal.Our.Software) -> Quarantined and

deleted successfully.
C:\System Volume Information\_restore{91D7D715-6BE0-46B2-9820-24FE9608BCCC}\RP374\A0093607.EXE (Dont.Steal.Our.Software) -> Quarantined and

deleted successfully.
C:\System Volume Information\_restore{91D7D715-6BE0-46B2-9820-24FE9608BCCC}\RP374\A0094514.exe (Dont.Steal.Our.Software) -> Quarantined and

deleted successfully.
C:\System Volume Information\_restore{91D7D715-6BE0-46B2-9820-24FE9608BCCC}\RP374\A0094520.exe (RiskWare.Tool.CK) -> Quarantined and deleted

successfully.
C:\System Volume Information\_restore{91D7D715-6BE0-46B2-9820-24FE9608BCCC}\RP374\A0094528.exe (RiskWare.Tool.CK) -> Quarantined and deleted

successfully.
C:\System Volume Information\_restore{91D7D715-6BE0-46B2-9820-24FE9608BCCC}\RP374\A0094727.EXE (Dont.Steal.Our.Software) -> Quarantined and

deleted successfully.

(end)


_ _ _ _ _ _ _ _

Mini-Toolbox:

MiniToolBox by Farbar Version: 23-07-2012
Ran by Randy (administrator) on 12-08-2012 at 10:40:13
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================
Windows IP ConfigurationSuccessfully flushed the DNS Resolver Cache.
========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

========================= Hosts content: =================================






127.0.0.1 localhost
127.0.0.1 activate.adobe.com
127.0.0.1 secure.tune-up.com

========================= IP Configuration: ================================

1394 Net Adapter = 1394 Connection (Connected)
Intel® 82562V-2 10/100 Network Connection = Local Area Connection (Connected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp


popd
# End of interface IP configuration


Windows IP Configuration Host Name . . . . . . . . . . . . : supernat-f2b3b3 Primary Dns Suffix . . . . . . . : Node Type . . . . . . . . . . . . : Unknown IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No DNS Suffix Search List. . . . . . : BelkinEthernet adapter Local Area Connection: Connection-specific DNS Suffix . : Belkin Description . . . . . . . . . . . : Intel® 82562V-2 10/100 Network Connection Physical Address. . . . . . . . . : 00-1D-09-8C-46-04 Dhcp Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes IP Address. . . . . . . . . . . . : 192.168.2.6 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 192.168.2.1 DHCP Server . . . . . . . . . . . : 192.168.2.1 DNS Servers . . . . . . . . . . . : 192.168.2.1 Lease Obtained. . . . . . . . . . : Sunday, August 12, 2012 7:35:59 AM Lease Expires . . . . . . . . . . : Monday, January 18, 2038 11:14:07 PMServer: UnKnown
Address: 192.168.2.1

Name: google.com
Addresses: 74.125.137.138, 74.125.137.102, 74.125.137.139, 74.125.137.100
74.125.137.113, 74.125.137.101

Pinging google.com [173.194.37.64] with 32 bytes of data:Reply from 173.194.37.64: bytes=32 time=28ms TTL=54Reply from 173.194.37.64: bytes=32 time=28ms TTL=54Ping statistics for 173.194.37.64: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 28ms, Maximum = 28ms, Average = 28msServer: UnKnown
Address: 192.168.2.1

Name: yahoo.com
Addresses: 209.191.122.70, 72.30.38.140, 98.139.183.24

Pinging yahoo.com [98.139.183.24] with 32 bytes of data:Reply from 98.139.183.24: bytes=32 time=167ms TTL=49Reply from 98.139.183.24: bytes=32 time=90ms TTL=49Ping statistics for 98.139.183.24: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 90ms, Maximum = 167ms, Average = 128msServer: UnKnown
Address: 192.168.2.1

Name: bleepingcomputer.com
Address: 208.43.87.2

Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:Reply from 208.43.87.2: Destination host unreachable.Reply from 208.43.87.2: Destination host unreachable.Ping statistics for 208.43.87.2: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0msPinging 127.0.0.1 with 32 bytes of data:Reply from 127.0.0.1: bytes=32 time<1ms TTL=128Reply from 127.0.0.1: bytes=32 time<1ms TTL=128Ping statistics for 127.0.0.1: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 1d 09 8c 46 04 ...... Intel® 82562V-2 10/100 Network Connection - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.2.1 192.168.2.6 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
169.254.0.0 255.255.0.0 192.168.2.6 192.168.2.6 20
192.168.2.0 255.255.255.0 192.168.2.6 192.168.2.6 20
192.168.2.6 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.2.255 255.255.255.255 192.168.2.6 192.168.2.6 20
224.0.0.0 240.0.0.0 192.168.2.6 192.168.2.6 20
255.255.255.255 255.255.255.255 192.168.2.6 192.168.2.6 1
Default Gateway: 192.168.2.1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (11/21/2011 01:45:43 PM) (Source: MsiInstaller) (User: SUPERNAT-F2B3B3)SUPERNAT-F2B3B3
Description: Product: Adobe Photoshop Elements 10 -- Error 1500.Another installation is in progress. You must complete that installation before continuing this one.(NULL)(NULL)(NULL)(NULL)

Error: (11/21/2011 01:45:42 PM) (Source: MsiInstaller) (User: SUPERNAT-F2B3B3)SUPERNAT-F2B3B3
Description: Product: Adobe Photoshop Elements 10 -- Error 1500.Another installation is in progress. You must complete that installation before continuing this one.(NULL)(NULL)(NULL)(NULL)

Error: (11/21/2011 01:45:41 PM) (Source: MsiInstaller) (User: SUPERNAT-F2B3B3)SUPERNAT-F2B3B3
Description: Product: Adobe Photoshop Elements 10 -- Error 1500.Another installation is in progress. You must complete that installation before continuing this one.(NULL)(NULL)(NULL)(NULL)

Error: (11/21/2011 01:45:41 PM) (Source: MsiInstaller) (User: SUPERNAT-F2B3B3)SUPERNAT-F2B3B3
Description: Product: Adobe Photoshop Elements 10 -- Error 1500.Another installation is in progress. You must complete that installation before continuing this one.(NULL)(NULL)(NULL)(NULL)

Error: (11/21/2011 01:45:40 PM) (Source: MsiInstaller) (User: SUPERNAT-F2B3B3)SUPERNAT-F2B3B3
Description: Product: Adobe Photoshop Elements 10 -- Error 1500.Another installation is in progress. You must complete that installation before continuing this one.(NULL)(NULL)(NULL)(NULL)

Error: (11/21/2011 01:45:39 PM) (Source: MsiInstaller) (User: SUPERNAT-F2B3B3)SUPERNAT-F2B3B3
Description: Product: Adobe Photoshop Elements 10 -- Error 1500.Another installation is in progress. You must complete that installation before continuing this one.(NULL)(NULL)(NULL)(NULL)

Error: (11/21/2011 01:44:21 PM) (Source: MsiInstaller) (User: SUPERNAT-F2B3B3)SUPERNAT-F2B3B3
Description: Product: Adobe Photoshop Elements 10 -- Please install/uninstall the product using Setup.exe in the root folder.(NULL)(NULL)(NULL)(NULL)

Error: (11/21/2011 01:36:54 PM) (Source: Application Hang) (User: )
Description: Hanging application msiexec.exe, version 4.5.6001.22159, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (11/21/2011 01:22:11 PM) (Source: Application Hang) (User: )
Description: Hanging application CORE10k.EXE, version 0.0.0.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (11/17/2011 08:48:21 PM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module unknown, version 0.0.0.0, fault address 0x8424b48b.
Processing media-specific event for [iexplore.exe!ws!]


System errors:
=============
Error: (10/30/2011 11:51:39 AM) (Source: DCOM) (User: SUPERNAT-F2B3B3)
Description: DCOM got error "%%1058" attempting to start the service WSearch with arguments ""
in order to run the server:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (10/29/2011 01:44:17 PM) (Source: DCOM) (User: SUPERNAT-F2B3B3)
Description: DCOM got error "%%1058" attempting to start the service WSearch with arguments ""
in order to run the server:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (10/28/2011 09:30:33 PM) (Source: DCOM) (User: SUPERNAT-F2B3B3)
Description: DCOM got error "%%1058" attempting to start the service WSearch with arguments ""
in order to run the server:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (10/28/2011 09:04:16 PM) (Source: DCOM) (User: SUPERNAT-F2B3B3)
Description: DCOM got error "%%1058" attempting to start the service WSearch with arguments ""
in order to run the server:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (10/28/2011 04:17:55 PM) (Source: DCOM) (User: SUPERNAT-F2B3B3)
Description: DCOM got error "%%1058" attempting to start the service WSearch with arguments ""
in order to run the server:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (10/28/2011 01:27:34 PM) (Source: DCOM) (User: SUPERNAT-F2B3B3)
Description: DCOM got error "%%1058" attempting to start the service WSearch with arguments ""
in order to run the server:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (10/28/2011 09:50:05 AM) (Source: DCOM) (User: SUPERNAT-F2B3B3)
Description: DCOM got error "%%1058" attempting to start the service WSearch with arguments ""
in order to run the server:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (10/27/2011 06:07:17 PM) (Source: DCOM) (User: SUPERNAT-F2B3B3)
Description: DCOM got error "%%1058" attempting to start the service WSearch with arguments ""
in order to run the server:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (10/27/2011 03:18:42 PM) (Source: DCOM) (User: SUPERNAT-F2B3B3)
Description: DCOM got error "%%1058" attempting to start the service WSearch with arguments ""
in order to run the server:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (10/27/2011 01:08:34 PM) (Source: DCOM) (User: SUPERNAT-F2B3B3)
Description: DCOM got error "%%1058" attempting to start the service WSearch with arguments ""
in order to run the server:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}


Microsoft Office Sessions:
=========================
Error: (07/30/2012 02:10:22 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1217 seconds with 120 seconds of active time. This session ended with a crash.

Error: (07/01/2012 02:29:49 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 56 seconds with 0 seconds of active time. This session ended with a crash.

Error: (06/14/2012 10:16:28 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 43 seconds with 0 seconds of active time. This session ended with a crash.

Error: (06/07/2012 08:55:19 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 47 seconds with 0 seconds of active time. This session ended with a crash.

Error: (05/02/2012 09:24:41 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 48 seconds with 0 seconds of active time. This session ended with a crash.

Error: (01/02/2012 01:12:19 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 148 seconds with 0 seconds of active time. This session ended with a crash.

Error: (12/11/2011 05:05:10 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 47 seconds with 0 seconds of active time. This session ended with a crash.

Error: (11/22/2011 06:47:06 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 5 seconds with 0 seconds of active time. This session ended with a crash.

Error: (10/25/2011 00:06:16 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 11 seconds with 0 seconds of active time. This session ended with a crash.

Error: (10/25/2011 10:52:34 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6562.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 4 seconds with 0 seconds of active time. This session ended with a crash.


=========================== Installed Programs ============================

32 Bit HP CIO Components Installer (Version: 7.1.8)
3D Male Characters for The Logo Creator 6.0 (Version: 6.0)
7-Zip 9.20
AccmeWare FileBulldog Toolbar
Adobe Acrobat X Pro - English, Français, Deutsch (Version: 10.1.3)
Adobe AIR (Version: 3.3.0.3650)
Adobe Audition CS5.5 (Version: 4.0)
Adobe Creative Suite 6 Master Collection (Version: 6)
Adobe Digital Editions
Adobe Flash Player 11 ActiveX (Version: 11.3.300.268)
Adobe Flash Player 11 Plugin (Version: 11.3.300.262)
Adobe Help Manager (Version: 4.0.244)
Adobe Photoshop Elements 10 (Version: 10.0)
Adobe Photoshop Elements 9 (Version: 9.0.3.0)
Adobe Photoshop.com Inspiration Browser (Version: 3.07)
Adobe Reader X (10.1.3) (Version: 10.1.3)
Adobe Shockwave Player 11.6 (Version: 11.6.5.635)
Akamai NetSession Interface
Amazon Kindle
Amazon MP3 Downloader 1.0.17 (Version: 1.0.17)
Antares Auto-Tune v4.39
AnyDVD (Version: 6.8.4.2)
AnySync (Version: 6.5)
AnyTime Organizer (Version: 13)
Apple Application Support (Version: 2.1.9)
Apple Mobile Device Support (Version: 5.2.0.6)
Apple Software Update (Version: 2.1.3.127)
Atmosphere Deluxe v7.1
Audacity 1.2.6
Audiograbber 1.83 SE (Version: 1.83 SE )
Audiograbber MP3 Plugin (Version: 1.0)
AVG 2012 (Version: 12.0.1913)
AVG 2012 (Version: 12.0.2437)
AVG 2012 (Version: 2012.0.1913)
BenVista PhotoArtist 2.0.8 (Version: 2.0.8)
bl (Version: 1.0.0)
BoldChat v7.15 (Version: 7.15.4567)
Bonjour (Version: 3.0.0.10)
BufferChm (Version: 140.0.212.000)
C309g-m (Version: 140.0.690.000)
calibre (Version: 0.8.61)
CCleaner (Version: 3.21)
CCScore (Version: 8.02.0000.0001)
Cepstral Whispery 5.1.0 (Version: 5.1.0)
CloneDVD2 (Version: 2.9.2.8)
CoffeeCup Animation Studio
CoffeeCup Direct FTP (Version: 3.9.1995)
CoffeeCup Flash FireStarter
CoffeeCup Flash Menu Builder
CoffeeCup HTML Editor
CoffeeCup LockBox
CoffeeCup MP3 Rip & Burn
CoffeeCup Photo Gallery
CoffeeCup PixConverter
CoffeeCup Sitemapper
CoffeeCup Web Form Builder
CoffeeCup Web Form Builder (Version: 2.1.4462)
CoffeeCup Web Form Builder Lite (Version: 1.0.3033)
CoffeeCup Web Video Player
CoffeeCup Website Access Manager
CoffeeCup Website Color Schemer
ColorPic (Version: 4.1)
Cool MP3 Splitter 2.02
Defraggler (Version: 2.10)
Delete Duplicate Files 4.6
Dell Resource CD (Version: 1.00.0000)
Desktop Player (Version: 1.00.0000)
Destinations (Version: 140.0.77.000)
DeviceDiscovery (Version: 140.0.212.000)
DFX for Windows Media Player (Version: 9.304.0.0)
Dragon NaturallySpeaking 11 (Version: 11.50.100)
Driver Genius Professional Edition (Version: 10.0)
Dropbox (Version: 1.4.9)
Edirol HQ Orchestral VSTi v1.03
Elements 10 Organizer (Version: 10.0)
Elements 9 Organizer (Version: 9.0)
Elements STI Installer (Version: 1.0)
ESET Online Scanner v3
ESSBrwr (Version: 8.02.0000.0001)
ESSCDBK (Version: 8.03.0000.0001)
ESScore (Version: 8.03.0000.0001)
ESSgui (Version: 8.03.0000.0001)
ESSini (Version: 8.02.0000.0001)
ESSPCD (Version: 8.02.0000.0001)
ESSPDock (Version: 6.03.0001.0004)
ESSTOOLS (Version: 5.00.0000.0004)
essvatgt (Version: 8.00.0000.0001)
Exact Audio Copy 1.0beta3 (Version: 1.0beta3)
FileHippo.com Update Checker
FileZilla Client 3.5.3 (Version: 3.5.3)
FinePrint (Version: 6.25)
Firebird SQL Server - MAGIX Edition (Version: 2.1.31.0)
Free Audio Recorder 6.5.6
Free M4a to MP3 Converter 7.0
GoodSync (Version: 8.7.6.6)
Google Chrome (Version: 21.0.1180.75)
Google Drive (Version: 1.3.3209.2688)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.3.2710.138)
Google Update Helper (Version: 1.3.21.115)
GoToMeeting 4.8.0.723 (Version: 4.8.0.723)
GPBaseService2 (Version: 140.0.211.000)
Graffi's Splitter 10.1
Hal Text-to-Speech with NeoSpeech VoiceText (Version: 1.03.0000)
Horizons - 1.00.06
Horizons - 1.00.08
HP Customer Participation Program 14.0 (Version: 14.0)
HP Imaging Device Functions 14.0 (Version: 14.0)
HP Photo Creations (Version: 1.0.0.2024)
HP Photosmart Premium C309g-m All-in-One Driver Software 14.0 Rel. 6 (Version: 14.0)
HP Smart Web Printing 4.60 (Version: 4.60)
HP Solution Center 14.0 (Version: 14.0)
HP Update (Version: 5.002.002.002)
HPProductAssistant (Version: 140.0.212.000)
HPSSupply (Version: 140.0.211.000)
Inkscape 0.48.2 (Version: 0.48.2)
Intel® Graphics Media Accelerator Driver (Version: 0.0.0.0000)
Intel® PRO Network Connections 12.1.12.0 (Version: )
Internet Download Manager
IrfanView (remove only) (Version: 4.32)
iTunes (Version: 10.6.3.25)
iZotope Ozone 4 (Version: 4.00)
iZotope Vinyl (Version: 1.61)
j2 Messenger (Version: 4.4.0.515)
Java Auto Updater (Version: 2.1.6.0)
Java™ 7 Update 5 (Version: 7.0.50)
JavaFX 2.1.1 (Version: 2.1.1)
Kepler 7.0
Kindle PC Converter (Version: )
Kodak EasyShare software
Logitech Webcam Software (Version: 12.10.1113)
Logitech Webcam Software Driver Package (Version: 12.10.1110)
LogoDesignSuite
LongTailVideo Toolbar (Version: 6.9.0.16)
Magic Bullet Quick Looks (for MAGIX) (Version: 1.0.0)
MAGIX Audio Cleaning Lab 16 deluxe Download Version (Version: 16.0.0.0)
MAGIX Movie Edit Pro 17 Plus (Version: 10.0.0.33)
MAGIX Movie Edit Pro 17 Plus Video Plugins (Version: 1.0.0.0)
MAGIX Movie Edit Pro MX Premium (Red Giant Magic Bullet Quick Looks) (Version: 1.0.0.0)
MAGIX Movie Edit Pro MX Premium (Video Plugins) (Version: 1.0.0.0)
MAGIX Movie Edit Pro MX Premium Download Version (Demo project) (Version: 1.0.0.0)
MAGIX Movie Edit Pro MX Premium Download Version (Design elements) (Version: 1.0.0.0)
MAGIX Movie Edit Pro MX Premium Download Version (Fade effects) (Version: 1.0.0.0)
MAGIX Movie Edit Pro MX Premium Download Version (Individual menu templates) (Version: 1.0.0.0)
MAGIX Movie Edit Pro MX Premium Download Version (Introductory videos) (Version: 1.0.0.0)
MAGIX Movie Edit Pro MX Premium Download Version (Menu templates 1) (Version: 1.0.0.0)
MAGIX Movie Edit Pro MX Premium Download Version (Menu templates 2) (Version: 1.0.0.0)
MAGIX Movie Edit Pro MX Premium Download Version (movie templates) (Version: 1.0.0.0)
MAGIX Movie Edit Pro MX Premium Download Version (NewBlueFX Light Blends) (Version: 1.0.0.0)
MAGIX Movie Edit Pro MX Premium Download Version (proDAD Adorage starter package) (Version: 1.0.0.0)
MAGIX Movie Edit Pro MX Premium Download Version (proDAD VitaScene 2 MAGIX Edition) (Version: 1.0.0.0)
MAGIX Movie Edit Pro MX Premium Download Version (Slideshow Maker styles 1) (Version: 1.0.0.0)
MAGIX Movie Edit Pro MX Premium Download Version (Slideshow Maker styles 2) (Version: 1.0.0.0)
MAGIX Movie Edit Pro MX Premium Download Version (Soundtrack Maker styles) (Version: 1.0.0.0)
MAGIX Movie Edit Pro MX Premium Download Version (title effects) (Version: 1.0.0.0)
MAGIX Movie Edit Pro MX Premium Download Version (Version: 11.0.1.4)
MAGIX Music Maker 17 Premium (Demo songs) (Version: 1.0.0.0)
MAGIX Music Maker 17 Premium (Instrument package 1) (Version: 1.0.0.0)
MAGIX Music Maker 17 Premium (Instrument package 2) (Version: 1.0.0.0)
MAGIX Music Maker 17 Premium (Instrument package 3) (Version: 1.0.0.0)
MAGIX Music Maker 17 Premium (Introductory videos) (Version: 1.0.0.0)
MAGIX Music Maker 17 Premium (Sound package) (Version: 1.0.0.0)
MAGIX Music Maker 17 Premium (Synthesizer and effects) (Version: 1.0.0.0)
MAGIX Music Maker 17 Premium Download Version (Version: 17.0.0.16)
MAGIX Music Maker MX Production Suite Download Version (Demo songs) (Version: 1.0.0.0)
MAGIX Music Maker MX Production Suite Download Version (Instrument package 1) (Version: 1.0.0.0)
MAGIX Music Maker MX Production Suite Download Version (Instrument package 2) (Version: 1.0.0.0)
MAGIX Music Maker MX Production Suite Download Version (Instrument package 3) (Version: 1.0.0.0)
MAGIX Music Maker MX Production Suite Download Version (Instrument package 4) (Version: 1.0.0.0)
MAGIX Music Maker MX Production Suite Download Version (Instrument package 5) (Version: 1.0.0.0)
MAGIX Music Maker MX Production Suite Download Version (Instrument package 6) (Version: 1.0.0.0)
MAGIX Music Maker MX Production Suite Download Version (Introductory videos) (Version: 1.0.0.0)
MAGIX Music Maker MX Production Suite Download Version (Sound package) (Version: 1.0.0.0)
MAGIX Music Maker MX Production Suite Download Version (Synthesizer and effects) (Version: 1.0.0.0)
MAGIX Music Maker MX Production Suite Download Version (Version: 18.0.1.11)
MAGIX Music Maker MX Production Suite Download Version (Visuals) (Version: 1.0.0.0)
MAGIX Screenshare (Version: 4.3.6.1987)
MAGIX Speed 2 (MSI) (Version: 6.0.1.2)
MAGIX Speed burnR (MSI) (Version: 7.0.1.27)
MAGIX Vita Solo Instruments (Century Keys) for MAGIX Music Maker 17 Premium Download Version (Version: 1.1.0.0)
MAGIX Vita Solo Instruments (Jazz Drums) for MAGIX Music Maker 17 Premium Download Version (Version: 1.1.0.0)
MAGIX Vita Solo Instruments (Saxophonia) for MAGIX Music Maker 17 Premium Download Version (Version: 1.1.0.0)
MAGIX Vita Solo Instruments (Space Pad) for MAGIX Music Maker 17 Premium Download Version (Version: 1.1.0.0)
MAGIX Vita Solo Instruments (Upright Bass) for MAGIX Music Maker 17 Premium Download Version (Version: 1.1.0.0)
MAGIX Vita Solo Instruments (Vibraphone) for MAGIX Music Maker 17 Premium Download Version (Version: 1.1.0.0)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
MarketResearch (Version: 140.0.212.000)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft ActiveSync (Version: 4.5.5096.0)
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Basic 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft Software Update for Web Folders (English) 12 (Version: 12.0.6612.1000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft WinUsb 1.0
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (Version: 1.00.0000)
Mind Stereo 1.1.3
Mind Stereo Visualizations Pack 1.1.2
Mind WorkStation 1.3.4
Mind WorkStation Visualizations Pack 1.0
Mindjet MindManager 2012 (Version: 10.0.445)
MiniTool Partition Wizard Home Edition 7.5
Mozilla Firefox 12.0 (x86 en-US) (Version: 12.0)
Mozilla Maintenance Service (Version: 12.0)
MP4/M4A Plugin (Free/GPL) 1.1, install for Neuro-Programmer 3
MP4/M4A Plugin (Free/GPL), install for Mind WorkStation 1.3.4
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP3 Parser (KB2721691) (Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB973685) (Version: 4.30.2107.0)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)
MSXML 6.0 Parser (Version: 6.00.3883.15)
netbrdg (Version: 7.01.0000.0001)
Network (Version: 140.0.215.000)
Neuro-Programmer 2.5.4
Neuro-Programmer 3 Visualizations Pack 1.0
Neuro-Programmer 3.1.4
NewBlue 3D Explosions for Windows (Version: 1.4)
NewBlue 3D Transformations for Windows (Version: 1.4)
NewBlue Art Blends for Windows (Version: 2.4)
NewBlue Art Effects for Windows (Version: 2.4)
NewBlue Film Effects for Windows (Version: 1.4)
NewBlue Free Effects for Windows (Version: 1.4)
NewBlue Light Effects for Windows (Version: 1.4)
NewBlue Motion Blends for Windows (Version: 2.4)
NewBlue Motion Effects for Windows (Version: 2.4)
NewBlue Paint Blends for Windows (Version: 1.4)
NewBlue Paint Effects for Windows (Version: 1.4)
NewBlue Sampler Pack for Windows (Version: 1.4)
NewBlue Stabilizer for Windows (Version: 1.4)
NewBlue Video Essentials for Windows (Version: 1.4)
NewBlue Video Essentials II for Windows (Version: 1.4)
NewBlue Video Essentials III for Windows (Version: 1.4)
NewBlue Video Essentials IV for Windows (Version: 1.4)
OfotoXMI (Version: 8.03.0000.0001)
Olympus Digital Wave Player
palmOne (Version: 4.1.0420)
PDF-XChange 3
PDF Settings CS6 (Version: 11.0)
pdfFactory Pro (Version: 4.50)
Personal Numerologist 5.0.9 (Version: 5.0.9)
ph (Version: 1.0.0)
Picture Merge Genius 2.8.1
Power CD+G Filter
PowerISO
proDAD Adorage 3.0 (Version: 3.0.92)
proDAD Vitascene 2.0 (Version: 2.0.112)
PRS-500 USB driver (Version: 1.0.00.08110)
PS_AIO_06_C309g-m_SW_Min (Version: 140.0.690.000)
PSE10 STI Installer (Version: 10.0)
QuickTime (Version: 7.72.80.56)
QuickTransfer (Version: 140.0.98.000)
Reader Library by Sony (Version: 3.3.00.07130)
Realtek High Definition Audio Driver (Version: 5.10.0.5408)
SAMSUNG USB Driver for Mobile Phones (Version: 1.3.650.0)
Scan (Version: 140.0.80.000)
Seagate Dashboard (Version: 1.1.0.1421)
SFR (Version: 8.01.0000.0001)
SHARM 4
SHASTA (Version: 7.01.0000.0001)
Shop for HP Supplies (Version: 14.0)
skin0001 (Version: 8.02.0000.0001)
SKINXSDK (Version: 8.02.0000.0001)
Skype Click to Call (Version: 5.9.9216)
Skype™ 5.10 (Version: 5.10.116)
SmartSound Common Data (Version: 1.1.0)
SmartSound Sonicfire Pro 5 (Version: 5.7.1)
SmartWebPrinting (Version: 140.0.186.000)
SolutionCenter (Version: 140.0.213.000)
Sonarca Sound Recorder XiFi 3.8.3
Sothink Logo Maker (Version: 3.2)
Sothink SWF Decompiler (Version: 6.1)
Sothink SWF Quicker (Version: 4.0)
Sound Forge Pro 10.0 (Version: 10.0.368)
Spybot - Search & Destroy (Version: 1.6.2)
SpywareBlaster 4.6 (Version: 4.6.0)
staticcr (Version: 8.02.0000.0001)
Status (Version: 140.0.212.000)
Style Master 4.6 (Version: 4.6.0)
SUPERAntiSpyware (Version: 5.5.1006)
Switch Sound File Converter
swMSM (Version: 12.0.0.1)
TeamViewer 7 (Version: 7.0.12979)
Text-To-Speech-Runtime (Version: 1.0.0.0)
TextAloud 3.0 (Version: 3.0)
The Action Machine 3
The Flash Ad Creator v2
The Flash Ad Creator v2.6
The Logo Creator v5
The Logo Creator v5.2
Tinnitus Masker Deluxe 7.1
Toolbox (Version: 140.0.428.000)
TrayApp (Version: 140.0.212.000)
TuneUp Utilities 2011 (Version: 10.0.4320.13)
TuneUp Utilities Language Pack (en-GB) (Version: 10.0.4320.13)
Universal Extractor 1.6.1 (Version: 1.6.1)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687310) 32-Bit Edition
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Windows Internet Explorer 8 (KB2447568) (Version: 1)
Update for Windows Internet Explorer 8 (KB2598845) (Version: 1)
Update for Windows XP (KB2607712) (Version: 1)
Update for Windows XP (KB2616676) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2718704) (Version: 1)
Visual C++ 9.0 Runtime for Dragon NaturallySpeaking (Version: 11.0.0)
Visual Site Designer (Version: 7.0.76)
VLC media player 2.0.3 (Version: 2.0.3)
VPRINTOL (Version: 8.02.0000.0001)
VT-Bridget-M16-SAPI5 (Version: 3.11.1.0)
Weather Watcher Live (Version: Weather Watcher Live (Build: 9/28/11))
Web Calendar
Web Image Studio (Version: 1.1.3659)
WebFldrs XP (Version: 9.50.7523)
WebReg (Version: 140.0.212.017)
Win*Star 2.05.05 Install
Windows 7 Upgrade Advisor (Version: 2.0.5000.0)
Windows Driver Package - Sony Corporation (PRSUSB) USB (08/08/2006 1.0.03.08080) (Version: 08/08/2006 1.0.03.08080)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Media Format 11 runtime
Windows Media Player 11
Windows PowerShell™ 1.0 (Version: 2)
WinRAR archiver
WIRELESS (Version: 8.02.0000.0001)
WOW Love
Xara Designer Pro 6 (Version: 6.1.1.13205)
Xara Designer Pro 6 Content Pack (Version: 1.0.0.0)
Xara Designer Pro 7 (MAGIX PanoramaStudio 2) (Version: 1.3.0.0)
Xara Designer Pro 7 (Version: 7.1.1.17261)
Xara Designer Pro 7 Content Pack (Version: 1.9.0.0)
Xara Web Designer 7 (Version: 7.1.2.18332)
Xara Web Designer 7 Content Pack (Version: 1.0.2.0)
Xilisoft MP3 CD Burner 6 (Version: 6.2.0.0331)
Yahoo! Toolbar
YouSendIt Express (Version: 2.11.2)
YouSendIt Plug-in for Outlook (Version: 2.15.0)

========================= Memory info: ===================================

Percentage of memory in use: 31%
Total physical RAM: 3317.1 MB
Available physical RAM: 2267.98 MB
Total Pagefile: 5201.15 MB
Available Pagefile: 3969.99 MB
Total Virtual: 2047.88 MB
Available Virtual: 1967.02 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:298.04 GB) (Free:140.43 GB) NTFS
3 Drive e: (FreeAgent GoFlex Drive) (Fixed) (Total:1863.01 GB) (Free:478.56 GB) NTFS
4 Drive f: () (Removable) (Total:0.24 GB) (Free:0.12 GB) FAT

========================= Users: ========================================

User accounts for \\SUPERNAT-F2B3B3

Administrator ASPNET Guest
HelpAssistant Randy SUPPORT_388945a0


**** End of log ****

_ _ _ __ __ _ _ _

FSS

Farbar Service Scanner Version: 06-08-2012
Ran by Randy (administrator) on 12-08-2012 at 10:44:47
Running from "C:\Documents and Settings\Randy\Desktop"
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
Avgfwfd(8) Avgtdix(9) Gpc(3) IPSec(5) NetBT(6) PSched(7) Tcpip(4)
0x09000000050000000100000002000000030000000400000008000000090000000600000007000000
IpSec Tag value is correct.

**** End of log ****

_ _ _ _ _ _ _ _ _


Adware Cleaner:

# AdwCleaner v1.800 - Logfile created 08/12/2012 at 10:51:53
# Updated 01/08/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Randy - SUPERNAT-F2B3B3
# Running from : C:\Documents and Settings\Randy\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****

Stopped & Deleted : vToolbarUpdater11.2.0

***** [Files / Folders] *****

Folder Deleted : C:\Documents and Settings\Randy\Local Settings\Application Data\AVG Secure Search
Folder Deleted : C:\Documents and Settings\Randy\Local Settings\Application Data\Conduit
Folder Deleted : C:\Documents and Settings\Randy\Local Settings\Application Data\LongTailVideo
Folder Deleted : C:\Documents and Settings\Randy\Application Data\AVG Secure Search
Folder Deleted : C:\Documents and Settings\Randy\Application Data\Mozilla\Firefox\Profiles\5eftda6s.default\extensions\avg@toolbar
Folder Deleted : C:\Documents and Settings\Randy\Application Data\Mozilla\Firefox\Profiles\5eftda6s.default\extensions\staged
Folder Deleted : C:\Documents and Settings\All Users\Application Data\AVG Secure Search
Folder Deleted : C:\Program Files\AVG Secure Search
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\LongTailVideo
Folder Deleted : C:\Program Files\Common Files\AVG Secure Search
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml

***** [Registry] *****

Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\LongTailVideo
Key Deleted : HKCU\Software\Smartbar
Key Deleted : HKCU\Software\Somoto Toolbar
Key Deleted : HKCU\Software\Zugo
Key Deleted : HKCU\Toolbar
Key Deleted : HKLM\SOFTWARE\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\LongTailVideo
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\LongTailVideo Toolbar
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\Wise Solutions

***** [Registre - GUID] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1BCEC53B-AA13-4DE2-814D-2D6A98E7BA79}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C52A8505-B703-44AE-9C74-2EB07FD0FF2E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{662379C1-C1BF-4173-BA52-FB63B89301AB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1BCEC53B-AA13-4DE2-814D-2D6A98E7BA79}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1BCEC53B-AA13-4DE2-814D-2D6A98E7BA79}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1BCEC53B-AA13-4DE2-814D-2D6A98E7BA79}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{1BCEC53B-AA13-4DE2-814D-2D6A98E7BA79}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{1BCEC53B-AA13-4DE2-814D-2D6A98E7BA79}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{1BCEC53B-AA13-4DE2-814D-2D6A98E7BA79}]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

-\\ Mozilla Firefox v12.0 (en-US)

Profile name : default
File : C:\Documents and Settings\Randy\Application Data\Mozilla\Firefox\Profiles\5eftda6s.default\prefs.js

C:\Documents and Settings\Randy\Application Data\Mozilla\Firefox\Profiles\5eftda6s.default\user.js ... Deleted !

Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search");
Deleted : user_pref("extensions.facemoods.DNSErrUrl", "hxxp://start.facemoods.com/?a=drive&f=5");
Deleted : user_pref("extensions.facemoods.aflt", "drive");
Deleted : user_pref("extensions.facemoods.dfltSrch", false);
Deleted : user_pref("extensions.facemoods.dnsErr", false);
Deleted : user_pref("extensions.facemoods.firstRun", true);
Deleted : user_pref("extensions.facemoods.hmpg", false);
Deleted : user_pref("extensions.facemoods.hmpgUrl", "hxxp://start.facemoods.com/?a=drive");
Deleted : user_pref("extensions.facemoods.id", "e4ca6537000000000000001d098c4604");
Deleted : user_pref("extensions.facemoods.instlDay", "15323");
Deleted : user_pref("extensions.facemoods.mntz", "");
Deleted : user_pref("extensions.facemoods.newTab", false);
Deleted : user_pref("extensions.facemoods.prtnrId", "facemoods.com");
Deleted : user_pref("extensions.facemoods.searchProviderAdded", false);
Deleted : user_pref("extensions.facemoods.sid", "5e6bd601abc84ce49918d7459dc1c3e3");
Deleted : user_pref("extensions.facemoods.tlbrSrchUrl", "hxxp://start.facemoods.com/?a=drive&f=3");
Deleted : user_pref("extensions.facemoods.vrsn", "1.4.17.11");
Deleted : user_pref("keyword.URL", "hxxp://isearch.avg.com/search?cid=%7Bd0f75153-167d-4308-b4cf-6e5a30d44ec8%[...]

-\\ Google Chrome v21.0.1180.75

File : C:\Documents and Settings\Randy\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

Deleted : "path": "C:\\Program Files\\Common Files\\AVG Secure Search\\SiteSafetyInstaller\\11.0.2\\\[...]

*************************

AdwCleaner[R1].txt - [8752 octets] - [12/08/2012 10:49:38]
AdwCleaner[R2].txt - [8812 octets] - [12/08/2012 10:51:46]
AdwCleaner[S1].txt - [9065 octets] - [12/08/2012 10:51:53]

########## EOF - C:\AdwCleaner[S1].txt - [9193 octets] ##########

That's it!

Thank you.

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:16 PM

Posted 12 August 2012 - 10:40 AM

Any current issues?

Do you still have browser hijacks?

#7 artharpster

artharpster
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:10:16 PM

Posted 12 August 2012 - 11:01 AM

No NarenXP, the sound is gone and everything seems good!

Am I good to go?

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:16 PM

Posted 12 August 2012 - 11:14 AM

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://support.microsoft.com/kb/310405

Update your flash player

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#9 artharpster

artharpster
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:10:16 PM

Posted 12 August 2012 - 03:07 PM

Hi,

The TFC program didn't seem to launch. I opend the program and the last thing the program said was that it was checking files or something. Nothing seemed to happen, the computer didn't seem to be engaged. I kept it on for 20 minutes and nothing changed. So I had to unplug the computer because it appeared frozen. Does it take a long time to work?

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:16 PM

Posted 12 August 2012 - 09:39 PM

Can you try it in safemode?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users