Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Constantly receiving “Malicious URL Blocked” Avast Pop Up Notifications?


  • Please log in to reply
10 replies to this topic

#1 toicy4ya

toicy4ya

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:02:30 PM

Posted 27 August 2012 - 06:18 AM

Hello Everyone,

For the past two days my computer has been acting funny. It is lagging, the desktop theme is slightly altered, i have drop shadows on my desktop icons for no reason that i cannot change. Additionally i'm constantly receiving “Malicious URL Blocked” Avast Pop Up Notifications while visiting typical sites, gamespot, yahoo, etc.

When i receive the pop up it has a path file similiar to C:\WINDOWS\system32\Winniet (dont quote me) the pop up only comes up for a few seconds so i couldnt record the exact path.

I ran Malwarebytes, SUPERantiSpyware and Avast scans on safe mode (no networking) but im still having the same issue.

Can someone offer any assistance?

BC AdBot (Login to Remove)

 


#2 roelof1967

roelof1967

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Local time:08:30 PM

Posted 27 August 2012 - 06:41 AM

Could you do this :

Download Xplode(by Xplode) on your desktop.

Launch it, click on [Delete] and wait for the scan.
When the scan ends, notepad with the report will appears.
The program will close all active programs. Click OK to confirm that.
On the next two windows that open ( Informations and Restart required ) click OK

The computer will restart and open a notepad ( C:\AdwCleaner[S1].txt ) with the report.
Save the notepad report on the Desktop
Please attach here C:\AdwCleaner[S1].txt

Roelof

Edited by roelof1967, 27 August 2012 - 06:43 AM.


#3 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:30 PM

Posted 27 August 2012 - 07:44 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#4 toicy4ya

toicy4ya
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:02:30 PM

Posted 27 August 2012 - 04:52 PM

Thanks for your feedback. Please find the following results;

Xplode Results:
# AdwCleaner v1.801 - Logfile created 08/27/2012 at 15:42:20
# Updated 14/08/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 2 (32 bits)
# User : Noel - NOEL-MNR7BSKA4M
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Noel\Local Settings\Temporary Internet Files\Content.IE5\7EJGRLBI\adwcleaner[1].exe
# Option [Delete]

***** [Services] *****

***** [Files / Folders] *****

Folder Deleted : C:\DOCUME~1\Noel\LOCALS~1\Temp\OpenCandy
Folder Deleted : C:\Program Files\Red Kawa\Video Converter App\OpenCandy

***** [Registry] *****

***** [Registre - GUID] *****

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

*************************

AdwCleaner[S1].txt - [759 octets] - [27/08/2012 15:42:20]

########## EOF - C:\AdwCleaner[S1].txt - [886 octets] ##########


TDSSKiller Results:
15:47:45.0218 2628 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
15:47:45.0500 2628 ============================================================
15:47:45.0500 2628 Current date / time: 2012/08/27 15:47:45.0500
15:47:45.0500 2628 SystemInfo:
15:47:45.0500 2628
15:47:45.0500 2628 OS Version: 5.1.2600 ServicePack: 2.0
15:47:45.0500 2628 Product type: Workstation
15:47:45.0500 2628 ComputerName: NOEL-MNR7BSKA4M
15:47:45.0500 2628 UserName: Noel
15:47:45.0500 2628 Windows directory: C:\WINDOWS
15:47:45.0500 2628 System windows directory: C:\WINDOWS
15:47:45.0500 2628 Processor architecture: Intel x86
15:47:45.0500 2628 Number of processors: 2
15:47:45.0500 2628 Page size: 0x1000
15:47:45.0500 2628 Boot type: Normal boot
15:47:45.0500 2628 ============================================================
15:47:46.0953 2628 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
15:47:46.0953 2628 ============================================================
15:47:46.0953 2628 \Device\Harddisk0\DR0:
15:47:46.0953 2628 MBR partitions:
15:47:46.0953 2628 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x254297C1
15:47:46.0953 2628 ============================================================
15:47:46.0968 2628 C: <-> \Device\Harddisk0\DR0\Partition1
15:47:46.0984 2628 ============================================================
15:47:46.0984 2628 Initialize success
15:47:46.0984 2628 ============================================================
15:48:25.0343 3912 ============================================================
15:48:25.0343 3912 Scan started
15:48:25.0343 3912 Mode: Manual; TDLFS;
15:48:25.0343 3912 ============================================================
15:48:25.0906 3912 ================ Scan system memory ========================
15:48:25.0921 3912 System memory - ok
15:48:25.0921 3912 ================ Scan services =============================
15:48:26.0046 3912 [ C0393EB99A6C72C6BEF9BFC4A72B33A6 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
15:48:26.0062 3912 !SASCORE - ok
15:48:26.0187 3912 [ 0352A73CD6B1782EA3ED7A03A8268F55 ] Aavmker4 C:\WINDOWS\system32\drivers\Aavmker4.sys
15:48:26.0187 3912 Aavmker4 - ok
15:48:26.0187 3912 Abiosdsk - ok
15:48:26.0203 3912 abp480n5 - ok
15:48:26.0234 3912 [ A10C7534F7223F4A73A948967D00E69B ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
15:48:26.0234 3912 ACPI - ok
15:48:26.0265 3912 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
15:48:26.0265 3912 ACPIEC - ok
15:48:26.0312 3912 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
15:48:26.0312 3912 AdobeFlashPlayerUpdateSvc - ok
15:48:26.0312 3912 adpu160m - ok
15:48:26.0375 3912 [ 1EE7B434BA961EF845DE136224C30FEC ] aec C:\WINDOWS\system32\drivers\aec.sys
15:48:26.0375 3912 aec - ok
15:48:26.0421 3912 [ FDE8ED2C9280AFB8975894AA78EEF59F ] AESTAud C:\WINDOWS\system32\drivers\AESTAud.sys
15:48:26.0421 3912 AESTAud - ok
15:48:26.0453 3912 [ 55E6E1C51B6D30E54335750955453702 ] AFD C:\WINDOWS\System32\drivers\afd.sys
15:48:26.0453 3912 AFD - ok
15:48:26.0468 3912 Aha154x - ok
15:48:26.0468 3912 aic78u2 - ok
15:48:26.0484 3912 aic78xx - ok
15:48:26.0515 3912 [ C7AE0FD3867DB0D42B03B73C18F3D671 ] Alerter C:\WINDOWS\system32\alrsvc.dll
15:48:26.0515 3912 Alerter - ok
15:48:26.0531 3912 [ F1958FBF86D5C004CF19A5951A9514B7 ] ALG C:\WINDOWS\System32\alg.exe
15:48:26.0531 3912 ALG - ok
15:48:26.0546 3912 AliIde - ok
15:48:26.0546 3912 amsint - ok
15:48:26.0593 3912 [ B83F9DA84F7079451C1C6A4A2F140920 ] ApfiltrService C:\WINDOWS\system32\DRIVERS\Apfiltr.sys
15:48:26.0593 3912 ApfiltrService - ok
15:48:26.0625 3912 [ EC94E05B76D033B74394E7B2175103CF ] APPDRV C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS
15:48:26.0625 3912 APPDRV - ok
15:48:26.0718 3912 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:48:26.0718 3912 Apple Mobile Device - ok
15:48:26.0734 3912 AppMgmt - ok
15:48:26.0734 3912 asc - ok
15:48:26.0750 3912 asc3350p - ok
15:48:26.0750 3912 asc3550 - ok
15:48:26.0828 3912 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
15:48:26.0859 3912 aspnet_state - ok
15:48:26.0875 3912 [ F5DC168BF77572D51BE28BA261B30CB4 ] aswFsBlk C:\WINDOWS\system32\drivers\aswFsBlk.sys
15:48:26.0875 3912 aswFsBlk - ok
15:48:26.0906 3912 [ D58AC76EB4D2B478B654EBD6550965BB ] aswKbd C:\WINDOWS\system32\drivers\aswKbd.sys
15:48:26.0906 3912 aswKbd - ok
15:48:26.0937 3912 [ 2B9B1DF809E965EF63402CBBA6DB50AE ] aswMon2 C:\WINDOWS\system32\drivers\aswMon2.sys
15:48:26.0937 3912 aswMon2 - ok
15:48:26.0953 3912 [ B7D5E4486BA658ED08624D8084ABB830 ] AswRdr C:\WINDOWS\system32\drivers\AswRdr.sys
15:48:26.0968 3912 AswRdr - ok
15:48:27.0015 3912 [ 30E45AF8B4D83176CA850FC9699E860B ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
15:48:27.0031 3912 aswSnx - ok
15:48:27.0062 3912 [ F04BDBCB965C05C51F4A7DE7B62063D6 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
15:48:27.0062 3912 aswSP - ok
15:48:27.0078 3912 [ DFE9152ABFA89BB8CFDC057409B2D4DA ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys
15:48:27.0078 3912 aswTdi - ok
15:48:27.0109 3912 [ 02000ABF34AF4C218C35D257024807D6 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
15:48:27.0109 3912 AsyncMac - ok
15:48:27.0140 3912 [ CDFE4411A69C224BD1D11B2DA92DAC51 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
15:48:27.0140 3912 atapi - ok
15:48:27.0140 3912 Atdisk - ok
15:48:27.0156 3912 [ EC88DA854AB7D7752EC8BE11A741BB7F ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
15:48:27.0156 3912 Atmarpc - ok
15:48:27.0203 3912 [ DB66DB626E4882EBEF55F136F12C1829 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
15:48:27.0203 3912 AudioSrv - ok
15:48:27.0234 3912 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
15:48:27.0234 3912 audstub - ok
15:48:27.0281 3912 [ 04AC21E821F259845BD7367CEE057290 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
15:48:27.0281 3912 avast! Antivirus - ok
15:48:27.0312 3912 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
15:48:27.0312 3912 Beep - ok
15:48:27.0359 3912 [ 2C69EC7E5A311334D10DD95F338FCCEA ] BITS C:\WINDOWS\System32\qmgr.dll
15:48:27.0406 3912 BITS - ok
15:48:27.0468 3912 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:48:27.0468 3912 Bonjour Service - ok
15:48:27.0500 3912 [ E3CFCCDDA4EDD1D0DC9168B2E18F27B8 ] Browser C:\WINDOWS\System32\browser.dll
15:48:27.0515 3912 Browser - ok
15:48:27.0546 3912 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
15:48:27.0546 3912 cbidf2k - ok
15:48:27.0562 3912 cd20xrnt - ok
15:48:27.0578 3912 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
15:48:27.0578 3912 Cdaudio - ok
15:48:27.0593 3912 [ CD7D5152DF32B47F4E36F710B35AAE02 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
15:48:27.0609 3912 Cdfs - ok
15:48:27.0625 3912 [ AF9C19B3100FE010496B1A27181FBF72 ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
15:48:27.0625 3912 Cdrom - ok
15:48:27.0625 3912 Changer - ok
15:48:27.0640 3912 [ 3192BD04D032A9C4A85A3278C268A13A ] CiSvc C:\WINDOWS\system32\cisvc.exe
15:48:27.0640 3912 CiSvc - ok
15:48:27.0687 3912 [ F00AB7543840AC1CA06AD5C155BCC06F ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
15:48:27.0687 3912 ClipSrv - ok
15:48:27.0718 3912 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:48:27.0750 3912 clr_optimization_v2.0.50727_32 - ok
15:48:27.0750 3912 [ 4266BE808F85826AEDF3C64C1E240203 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
15:48:27.0765 3912 CmBatt - ok
15:48:27.0765 3912 CmdIde - ok
15:48:27.0781 3912 [ DF1B1A24BF52D0EBC01ED4ECE8979F50 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
15:48:27.0781 3912 Compbatt - ok
15:48:27.0781 3912 COMSysApp - ok
15:48:27.0796 3912 Cpqarray - ok
15:48:27.0812 3912 [ 10654F9DDCEA9C46CFB77554231BE73B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
15:48:27.0828 3912 CryptSvc - ok
15:48:27.0859 3912 [ CB7D7C0E74ADCB7DA96D08EC8DB86062 ] CVirtA C:\WINDOWS\system32\DRIVERS\CVirtA.sys
15:48:27.0859 3912 CVirtA - ok
15:48:27.0953 3912 [ 89C9312DE99E00893B5330C762216D7B ] CVPND C:\Program Files\Affinity\Affinity VPN Client\cvpnd.exe
15:48:28.0015 3912 CVPND - ok
15:48:28.0046 3912 [ F7EB6EC14C1F614B89ABC3C10BEB1054 ] CVPNDRVA C:\WINDOWS\system32\Drivers\CVPNDRVA.sys
15:48:28.0062 3912 CVPNDRVA - ok
15:48:28.0062 3912 dac2w2k - ok
15:48:28.0062 3912 dac960nt - ok
15:48:28.0109 3912 [ 01095FEBF33BEEA00C2A0730B9B3EC28 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
15:48:28.0125 3912 DcomLaunch - ok
15:48:28.0156 3912 [ EF545E1A4B043DA4C84E230DD471C55F ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
15:48:28.0156 3912 Dhcp - ok
15:48:28.0171 3912 [ 00CA44E4534865F8A3B64F7C0984BFF0 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
15:48:28.0171 3912 Disk - ok
15:48:28.0171 3912 dmadmin - ok
15:48:28.0218 3912 [ C0FBB516E06E243F0CF31F597E7EBF7D ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
15:48:28.0250 3912 dmboot - ok
15:48:28.0265 3912 [ F5E7B358A732D09F4BCF2824B88B9E28 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
15:48:28.0265 3912 dmio - ok
15:48:28.0296 3912 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
15:48:28.0296 3912 dmload - ok
15:48:28.0312 3912 [ 1639D9964C9E1B2ECCA95C8217D3E70D ] dmserver C:\WINDOWS\System32\dmserver.dll
15:48:28.0328 3912 dmserver - ok
15:48:28.0343 3912 [ A6F881284AC1150E37D9AE47FF601267 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
15:48:28.0343 3912 DMusic - ok
15:48:28.0375 3912 [ C86FBF607445BF693450D84B775F168C ] DNE C:\WINDOWS\system32\DRIVERS\dne2000.sys
15:48:28.0390 3912 DNE - ok
15:48:28.0406 3912 [ AAC8FFBFD61E784FA3BAC851D4A0BD5F ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
15:48:28.0406 3912 Dnscache - ok
15:48:28.0421 3912 dpti2o - ok
15:48:28.0421 3912 [ 1ED4DBBAE9F5D558DBBA4CC450E3EB2E ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
15:48:28.0421 3912 drmkaud - ok
15:48:28.0453 3912 [ 67DFF7BBBD0E80AAB7B3CF061448DB8A ] ERSvc C:\WINDOWS\System32\ersvc.dll
15:48:28.0453 3912 ERSvc - ok
15:48:28.0484 3912 [ 37561F8D4160D62DA86D24AE41FAE8DE ] Eventlog C:\WINDOWS\system32\services.exe
15:48:28.0500 3912 Eventlog - ok
15:48:28.0515 3912 [ 60D1A6342238378BFB7545C81EE3606C ] EventSystem C:\WINDOWS\System32\es.dll
15:48:28.0531 3912 EventSystem - ok
15:48:28.0531 3912 [ 3117F595E9615E04F05A54FC15A03B20 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
15:48:28.0546 3912 Fastfat - ok
15:48:28.0578 3912 [ 6815DEF9B810AEFAC107EEAF72DA6F82 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
15:48:28.0593 3912 FastUserSwitchingCompatibility - ok
15:48:28.0625 3912 [ CED2E8396A8838E59D8FD529C680E02C ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
15:48:28.0625 3912 Fdc - ok
15:48:28.0656 3912 [ E153AB8A11DE5452BCF5AC7652DBF3ED ] Fips C:\WINDOWS\system32\drivers\Fips.sys
15:48:28.0656 3912 Fips - ok
15:48:28.0671 3912 [ 0DD1DE43115B93F4D85E889D7A86F548 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
15:48:28.0671 3912 Flpydisk - ok
15:48:28.0703 3912 [ 3D234FB6D6EE875EB009864A299BEA29 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
15:48:28.0703 3912 FltMgr - ok
15:48:28.0734 3912 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
15:48:28.0750 3912 FontCache3.0.0.0 - ok
15:48:28.0750 3912 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
15:48:28.0750 3912 Fs_Rec - ok
15:48:28.0796 3912 [ D6E3667F5E2BC6AFC50308B480DE2999 ] FTDIBUS C:\WINDOWS\system32\drivers\ftdibus.sys
15:48:28.0796 3912 FTDIBUS - ok
15:48:28.0828 3912 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
15:48:28.0828 3912 Ftdisk - ok
15:48:28.0875 3912 [ E4CF4C1F9E3D57A66850F484C08E9ECF ] FTSER2K C:\WINDOWS\system32\drivers\ftser2k.sys
15:48:28.0875 3912 FTSER2K - ok
15:48:28.0937 3912 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
15:48:28.0953 3912 GEARAspiWDM - ok
15:48:28.0984 3912 [ C0F1D4A21DE5A415DF8170616703DEBF ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
15:48:28.0984 3912 Gpc - ok
15:48:29.0015 3912 [ E31363D186B3E1D7C4E9117884A6AEE5 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
15:48:29.0015 3912 HDAudBus - ok
15:48:29.0093 3912 [ 8827911A8C37E40C027CBFC88E69D967 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
15:48:29.0093 3912 helpsvc - ok
15:48:29.0125 3912 [ 9376E6893E52B368ABC6255BF54F0B28 ] HidServ C:\WINDOWS\System32\hidserv.dll
15:48:29.0125 3912 HidServ - ok
15:48:29.0171 3912 [ 1DE6783B918F540149AA69943BDFEBA8 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
15:48:29.0171 3912 hidusb - ok
15:48:29.0171 3912 hpn - ok
15:48:29.0218 3912 [ 9F8B0F4276F618964FD118BE4289B7CD ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
15:48:29.0218 3912 HTTP - ok
15:48:29.0250 3912 [ 064D8581ADF77C25133E7D751D917D83 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
15:48:29.0250 3912 HTTPFilter - ok
15:48:29.0265 3912 i2omgmt - ok
15:48:29.0265 3912 i2omp - ok
15:48:29.0312 3912 [ 5502B58EEF7486EE6F93F3F164DCB808 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
15:48:29.0312 3912 i8042prt - ok
15:48:29.0484 3912 [ D1359E54D9755D28E56B17A352AB8AAE ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
15:48:29.0625 3912 ialm - ok
15:48:29.0718 3912 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:48:29.0750 3912 idsvc - ok
15:48:29.0781 3912 [ F8AA320C6A0409C0380E5D8A99D76EC6 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
15:48:29.0781 3912 Imapi - ok
15:48:29.0812 3912 [ FA788520BCAC0F5D9D5CDE5615C0D931 ] ImapiService C:\WINDOWS\System32\imapi.exe
15:48:29.0828 3912 ImapiService - ok
15:48:29.0828 3912 InCDFs - ok
15:48:29.0843 3912 InCDPass - ok
15:48:29.0843 3912 InCDRm - ok
15:48:29.0859 3912 ini910u - ok
15:48:29.0859 3912 IntelIde - ok
15:48:29.0890 3912 [ 279FB78702454DFF2BB445F238C048D2 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
15:48:29.0890 3912 intelppm - ok
15:48:29.0906 3912 [ 4448006B6BC60E6C027932CFC38D6855 ] ip6fw C:\WINDOWS\system32\drivers\ip6fw.sys
15:48:29.0906 3912 ip6fw - ok
15:48:29.0921 3912 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
15:48:29.0937 3912 IpFilterDriver - ok
15:48:29.0953 3912 [ E1EC7F5DA720B640CD8FB8424F1B14BB ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
15:48:29.0953 3912 IpInIp - ok
15:48:29.0984 3912 [ E2168CBC7098FFE963C6F23F472A3593 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
15:48:30.0000 3912 IpNat - ok
15:48:30.0046 3912 [ E6BE7A41A28D8F2DB174957454D32448 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
15:48:30.0078 3912 iPod Service - ok
15:48:30.0093 3912 [ 64537AA5C003A6AFEEE1DF819062D0D1 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
15:48:30.0109 3912 IPSec - ok
15:48:30.0125 3912 [ 50708DAA1B1CBB7D6AC1CF8F56A24410 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
15:48:30.0125 3912 IRENUM - ok
15:48:30.0156 3912 [ E504F706CCB699C2596E9A3DA1596E87 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
15:48:30.0156 3912 isapnp - ok
15:48:30.0218 3912 [ 381B25DC8E958D905B33130D500BBF29 ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
15:48:30.0218 3912 JavaQuickStarterService - ok
15:48:30.0234 3912 [ EBDEE8A2EE5393890A1ACEE971C4C246 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
15:48:30.0250 3912 Kbdclass - ok
15:48:30.0281 3912 [ BA5DEDA4D934E6288C2F66CAF58D2562 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
15:48:30.0296 3912 kmixer - ok
15:48:30.0312 3912 [ 674D3E5A593475915DC6643317192403 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
15:48:30.0312 3912 KSecDD - ok
15:48:30.0343 3912 [ 0CB3AF149A0BAC0836022CA307C7A0F8 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
15:48:30.0343 3912 lanmanserver - ok
15:48:30.0390 3912 [ E1F27CFCD114EC9F1E1F44674B2FF9F0 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
15:48:30.0421 3912 lanmanworkstation - ok
15:48:30.0421 3912 lbrtfdc - ok
15:48:30.0625 3912 [ 3C879D04BB6466E2853C3155B635CC45 ] LeapFrog Connect Device Service C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
15:48:30.0750 3912 LeapFrog Connect Device Service - ok
15:48:30.0781 3912 [ 5CFFDA921FE0C9E9EBDE3150D3C81594 ] Leapfrog-USBLAN C:\WINDOWS\system32\DRIVERS\btblan.sys
15:48:30.0781 3912 Leapfrog-USBLAN - ok
15:48:30.0828 3912 [ B3EFF6D938C572E90A07B3D87A3C7657 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
15:48:30.0828 3912 LmHosts - ok
15:48:30.0859 3912 [ 95FD808E4AC22ABA025A7B3EAC0375D2 ] Messenger C:\WINDOWS\System32\msgsvc.dll
15:48:30.0859 3912 Messenger - ok
15:48:30.0890 3912 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
15:48:30.0890 3912 mnmdd - ok
15:48:30.0921 3912 [ D1B8D875275B392E46AEE85F219B81FC ] mnmsrvc C:\WINDOWS\System32\mnmsrvc.exe
15:48:30.0921 3912 mnmsrvc - ok
15:48:30.0968 3912 [ 6FC6F9D7ACC36DCA9B914565A3AEDA05 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
15:48:30.0984 3912 Modem - ok
15:48:31.0000 3912 [ 34E1F0031153E491910E12551400192C ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
15:48:31.0015 3912 Mouclass - ok
15:48:31.0031 3912 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
15:48:31.0031 3912 mouhid - ok
15:48:31.0046 3912 [ 65653F3B4477F3C63E68A9659F85EE2E ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
15:48:31.0046 3912 MountMgr - ok
15:48:31.0046 3912 mraid35x - ok
15:48:31.0078 3912 [ 29414447EB5BDE2F8397DC965DBB3156 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
15:48:31.0078 3912 MRxDAV - ok
15:48:31.0125 3912 [ FB6C89BB3CE282B08BDB1E3C179E1C39 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
15:48:31.0125 3912 MRxSmb - ok
15:48:31.0140 3912 [ A82FF842A4A4A6420308FF509E29C51F ] MSDTC C:\WINDOWS\System32\msdtc.exe
15:48:31.0140 3912 MSDTC - ok
15:48:31.0156 3912 [ 561B3A4333CA2DBDBA28B5B956822519 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
15:48:31.0156 3912 Msfs - ok
15:48:31.0156 3912 MSIServer - ok
15:48:31.0171 3912 [ AE431A8DD3C1D0D0610CDBAC16057AD0 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
15:48:31.0171 3912 MSKSSRV - ok
15:48:31.0187 3912 [ 13E75FEF9DFEB08EEDED9D0246E1F448 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
15:48:31.0187 3912 MSPCLOCK - ok
15:48:31.0203 3912 [ 1988A33FF19242576C3D0EF9CE785DA7 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
15:48:31.0203 3912 MSPQM - ok
15:48:31.0218 3912 [ 469541F8BFD2B32659D5D463A6714BCE ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
15:48:31.0218 3912 mssmbios - ok
15:48:31.0218 3912 [ 82035E0F41C2DD05AE41D27FE6CF7DE1 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
15:48:31.0234 3912 Mup - ok
15:48:31.0234 3912 [ 558635D3AF1C7546D26067D5D9B6959E ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
15:48:31.0250 3912 NDIS - ok
15:48:31.0265 3912 [ 08D43BBDACDF23F34D79E44ED35C1B4C ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
15:48:31.0281 3912 NdisTapi - ok
15:48:31.0296 3912 [ 34D6CD56409DA9A7ED573E1C90A308BF ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
15:48:31.0296 3912 Ndisuio - ok
15:48:31.0296 3912 [ 0B90E255A9490166AB368CD55A529893 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
15:48:31.0312 3912 NdisWan - ok
15:48:31.0312 3912 [ 59FC3FB44D2669BC144FD87826BB571F ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
15:48:31.0312 3912 NDProxy - ok
15:48:31.0328 3912 [ 3A2ACA8FC1D7786902CA434998D7CEB4 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
15:48:31.0328 3912 NetBIOS - ok
15:48:31.0343 3912 [ 0C80E410CD2F47134407EE7DD19CC86B ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
15:48:31.0343 3912 NetBT - ok
15:48:31.0390 3912 [ 05AFB5AD06462257BEA7495283C86D50 ] NetDDE C:\WINDOWS\system32\netdde.exe
15:48:31.0406 3912 NetDDE - ok
15:48:31.0406 3912 [ 05AFB5AD06462257BEA7495283C86D50 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
15:48:31.0421 3912 NetDDEdsdm - ok
15:48:31.0453 3912 [ 84885F9B82F4D55C6146EBF6065D75D2 ] Netlogon C:\WINDOWS\System32\lsass.exe
15:48:31.0453 3912 Netlogon - ok
15:48:31.0500 3912 [ 36739B39267914BA69AD0610A0299732 ] Netman C:\WINDOWS\System32\netman.dll
15:48:31.0515 3912 Netman - ok
15:48:31.0562 3912 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:48:31.0562 3912 NetTcpPortSharing - ok
15:48:31.0687 3912 [ CFE1981A47A2F7650A1EF8917DC4D1C3 ] NETw5x32 C:\WINDOWS\system32\DRIVERS\NETw5x32.sys
15:48:31.0765 3912 NETw5x32 - ok
15:48:31.0968 3912 [ D51118EA7F2699CCE54E9646465C233B ] NETwNx32 C:\WINDOWS\system32\DRIVERS\NETwNx32.sys
15:48:32.0140 3912 NETwNx32 - ok
15:48:32.0171 3912 [ 097722F235A1FB698BF9234E01B52637 ] Nla C:\WINDOWS\System32\mswsock.dll
15:48:32.0203 3912 Nla - ok
15:48:32.0218 3912 [ 4F601BCB8F64EA3AC0994F98FED03F8E ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
15:48:32.0234 3912 Npfs - ok
15:48:32.0265 3912 [ 19A811EF5F1ED5C926A028CE107FF1AF ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
15:48:32.0281 3912 Ntfs - ok
15:48:32.0312 3912 [ 84885F9B82F4D55C6146EBF6065D75D2 ] NtLmSsp C:\WINDOWS\System32\lsass.exe
15:48:32.0312 3912 NtLmSsp - ok
15:48:32.0359 3912 [ B62F29C00AC55A761B2E45877D85EA0F ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
15:48:32.0375 3912 NtmsSvc - ok
15:48:32.0390 3912 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
15:48:32.0390 3912 Null - ok
15:48:32.0421 3912 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
15:48:32.0421 3912 NwlnkFlt - ok
15:48:32.0421 3912 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
15:48:32.0437 3912 NwlnkFwd - ok
15:48:32.0484 3912 [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
15:48:32.0515 3912 odserv - ok
15:48:32.0546 3912 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:48:32.0546 3912 ose - ok
15:48:32.0578 3912 [ 29744EB4CE659DFE3B4122DEB45BC478 ] Parport C:\WINDOWS\system32\drivers\Parport.sys
15:48:32.0578 3912 Parport - ok
15:48:32.0609 3912 [ 3334430C29DC338092F79C38EF7B4CD0 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
15:48:32.0609 3912 PartMgr - ok
15:48:32.0640 3912 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
15:48:32.0640 3912 ParVdm - ok
15:48:32.0656 3912 [ 8086D9979234B603AD5BC2F5D890B234 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
15:48:32.0656 3912 PCI - ok
15:48:32.0656 3912 PCIDump - ok
15:48:32.0671 3912 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
15:48:32.0671 3912 PCIIde - ok
15:48:32.0718 3912 [ 82A087207DECEC8456FBE8537947D579 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
15:48:32.0718 3912 Pcmcia - ok
15:48:32.0750 3912 [ 5B6C11DE7E839C05248CED8825470FEF ] pcouffin C:\WINDOWS\system32\Drivers\pcouffin.sys
15:48:32.0750 3912 pcouffin - ok
15:48:32.0750 3912 PDCOMP - ok
15:48:32.0765 3912 PDFRAME - ok
15:48:32.0765 3912 PDRELI - ok
15:48:32.0781 3912 PDRFRAME - ok
15:48:32.0781 3912 perc2 - ok
15:48:32.0781 3912 perc2hib - ok
15:48:32.0859 3912 [ 37561F8D4160D62DA86D24AE41FAE8DE ] PlugPlay C:\WINDOWS\system32\services.exe
15:48:32.0859 3912 PlugPlay - ok
15:48:32.0875 3912 [ 84885F9B82F4D55C6146EBF6065D75D2 ] PolicyAgent C:\WINDOWS\System32\lsass.exe
15:48:32.0875 3912 PolicyAgent - ok
15:48:32.0890 3912 [ 1C5CC65AAC0783C344F16353E60B72AC ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
15:48:32.0890 3912 PptpMiniport - ok
15:48:32.0906 3912 [ 0D97D88720A4087EC93AF7DBB303B30A ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
15:48:32.0906 3912 Processor - ok
15:48:32.0906 3912 [ 84885F9B82F4D55C6146EBF6065D75D2 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
15:48:32.0921 3912 ProtectedStorage - ok
15:48:32.0921 3912 [ 48671F327553DCF1D27F6197F622A668 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
15:48:32.0937 3912 PSched - ok
15:48:32.0937 3912 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
15:48:32.0953 3912 Ptilink - ok
15:48:32.0953 3912 ql1080 - ok
15:48:32.0953 3912 Ql10wnt - ok
15:48:32.0968 3912 ql12160 - ok
15:48:32.0968 3912 ql1240 - ok
15:48:32.0984 3912 ql1280 - ok
15:48:33.0000 3912 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
15:48:33.0000 3912 RasAcd - ok
15:48:33.0031 3912 [ 44DB7A9BDD2FB58747D123FBF1D35ADB ] RasAuto C:\WINDOWS\System32\rasauto.dll
15:48:33.0031 3912 RasAuto - ok
15:48:33.0046 3912 [ 98FAEB4A4DCF812BA1C6FCA4AA3E115C ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
15:48:33.0062 3912 Rasl2tp - ok
15:48:33.0078 3912 [ 49B5EED5FB89D39456A2F616CCD8BA5D ] RasMan C:\WINDOWS\System32\rasmans.dll
15:48:33.0109 3912 RasMan - ok
15:48:33.0109 3912 [ 7306EEED8895454CBED4669BE9F79FAA ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
15:48:33.0109 3912 RasPppoe - ok
15:48:33.0125 3912 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
15:48:33.0125 3912 Raspti - ok
15:48:33.0156 3912 [ 03B965B1CA47F6EF60EB5E51CB50E0AF ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
15:48:33.0171 3912 Rdbss - ok
15:48:33.0171 3912 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
15:48:33.0187 3912 RDPCDD - ok
15:48:33.0218 3912 [ B54CD38A9EBFBF2B3561426E3FE26F62 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
15:48:33.0234 3912 RDPWD - ok
15:48:33.0265 3912 [ 729798E0933076B8FCFCD9934698F164 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
15:48:33.0296 3912 RDSessMgr - ok
15:48:33.0328 3912 [ B31B4588E4086D8D84ADBF9845C2402B ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
15:48:33.0343 3912 redbook - ok
15:48:33.0390 3912 [ 3046DB917E3CFA040632799DD9B14865 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
15:48:33.0390 3912 RemoteAccess - ok
15:48:33.0406 3912 [ 793F04A09B15E7C6C11DBDFFAF06C0AB ] RpcLocator C:\WINDOWS\System32\locator.exe
15:48:33.0406 3912 RpcLocator - ok
15:48:33.0437 3912 [ 01095FEBF33BEEA00C2A0730B9B3EC28 ] RpcSs C:\WINDOWS\system32\rpcss.dll
15:48:33.0453 3912 RpcSs - ok
15:48:33.0484 3912 [ 030442F08AEC1A5D7CF035CC514374B9 ] RSUSBSTOR C:\WINDOWS\system32\Drivers\RTS5121.sys
15:48:33.0500 3912 RSUSBSTOR - ok
15:48:33.0515 3912 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\System32\rsvp.exe
15:48:33.0515 3912 RSVP - ok
15:48:33.0531 3912 Rts516xIR - ok
15:48:33.0546 3912 [ 84885F9B82F4D55C6146EBF6065D75D2 ] SamSs C:\WINDOWS\system32\lsass.exe
15:48:33.0546 3912 SamSs - ok
15:48:33.0578 3912 [ 39763504067962108505BFF25F024345 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
15:48:33.0578 3912 SASDIFSV - ok
15:48:33.0593 3912 [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
15:48:33.0593 3912 SASKUTIL - ok
15:48:33.0609 3912 [ 25D8DE134DF108E3DBC8D7D23B1AA58E ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
15:48:33.0609 3912 SCardSvr - ok
15:48:33.0640 3912 [ 92360854316611F6CC471612213C3D92 ] Schedule C:\WINDOWS\system32\schedsvc.dll
15:48:33.0671 3912 Schedule - ok
15:48:33.0703 3912 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
15:48:33.0703 3912 Secdrv - ok
15:48:33.0734 3912 [ B1E0CE09895376871746F36DC5773B4F ] seclogon C:\WINDOWS\System32\seclogon.dll
15:48:33.0734 3912 seclogon - ok
15:48:33.0750 3912 [ DFD9870CF39C791D86C4C209DA9FA919 ] SENS C:\WINDOWS\system32\sens.dll
15:48:33.0765 3912 SENS - ok
15:48:33.0781 3912 [ A2D868AEEFF612E70E213C451A70CAFB ] Serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
15:48:33.0796 3912 Serenum - ok
15:48:33.0812 3912 [ CD9404D115A00D249F70A371B46D5A26 ] Serial C:\WINDOWS\system32\drivers\Serial.sys
15:48:33.0812 3912 Serial - ok
15:48:33.0843 3912 [ 0D13B6DF6E9E101013A7AFB0CE629FE0 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
15:48:33.0843 3912 Sfloppy - ok
15:48:33.0875 3912 [ 36CC8C01B5E50163037BEF56CB96DEFF ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
15:48:33.0906 3912 SharedAccess - ok
15:48:33.0921 3912 [ 6815DEF9B810AEFAC107EEAF72DA6F82 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
15:48:33.0937 3912 ShellHWDetection - ok
15:48:33.0937 3912 Simbad - ok
15:48:33.0953 3912 Sparrow - ok
15:48:33.0984 3912 [ 0CE218578FFF5F4F7E4201539C45C78F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
15:48:33.0984 3912 splitter - ok
15:48:34.0015 3912 [ 7435B108B935E42EA92CA94F59C8E717 ] Spooler C:\WINDOWS\system32\spoolsv.exe
15:48:34.0031 3912 Spooler - ok
15:48:34.0062 3912 [ 777115C9CC675BD98127660712D2F784 ] sprtsvc_DellSupportCenter C:\Program Files\Dell Support Center\bin\sprtsvc.exe
15:48:34.0062 3912 sprtsvc_DellSupportCenter - ok
15:48:34.0093 3912 [ E41B6D037D6CD08461470AF04500DC24 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
15:48:34.0093 3912 sr - ok
15:48:34.0125 3912 [ 92BDF74F12D6CBEC43C94D4B7F804838 ] srservice C:\WINDOWS\System32\srsvc.dll
15:48:34.0140 3912 srservice - ok
15:48:34.0156 3912 [ 7A4F147CC6B133F905F6E65E2F8669FB ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
15:48:34.0156 3912 Srv - ok
15:48:34.0187 3912 [ 4B8D61792F7175BED48859CC18CE4E38 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
15:48:34.0203 3912 SSDPSRV - ok
15:48:34.0250 3912 [ 12898D947CFCB36CB7A43E8F86A53CBC ] STacSV c:\program files\idt\dellxpm09b_6017v022\wdm\stacsv.exe
15:48:34.0250 3912 STacSV - ok
15:48:34.0312 3912 [ 503A4536C83E041DDCDF75B38CD5ECF7 ] STHDA C:\WINDOWS\system32\drivers\sthda.sys
15:48:34.0328 3912 STHDA - ok
15:48:34.0390 3912 [ B6763F8534AC547CF1AF98AFDFF2EDC8 ] stisvc C:\WINDOWS\system32\wiaservc.dll
15:48:34.0406 3912 stisvc - ok
15:48:34.0453 3912 [ 03C1BAE4766E2450219D20B993D6E046 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
15:48:34.0453 3912 swenum - ok
15:48:34.0468 3912 [ 94ABC808FC4B6D7D2BBF42B85E25BB4D ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
15:48:34.0468 3912 swmidi - ok
15:48:34.0468 3912 SwPrv - ok
15:48:34.0468 3912 symc810 - ok
15:48:34.0484 3912 symc8xx - ok
15:48:34.0484 3912 sym_hi - ok
15:48:34.0500 3912 sym_u3 - ok
15:48:34.0500 3912 [ 650AD082D46BAC0E64C9C0E0928492FD ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
15:48:34.0500 3912 sysaudio - ok
15:48:34.0515 3912 [ 8B54AA346D1B1B113FFAA75501B8B1B2 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
15:48:34.0531 3912 SysmonLog - ok
15:48:34.0578 3912 [ FB78839B36025AA286A51289ED28B73E ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
15:48:34.0593 3912 TapiSrv - ok
15:48:34.0625 3912 [ 2A5554FC5B1E04E131230E3CE035C3F9 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
15:48:34.0625 3912 Tcpip - ok
15:48:34.0656 3912 [ 38D437CF2D98965F239B0ABCD66DCB0F ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
15:48:34.0671 3912 TDPIPE - ok
15:48:34.0671 3912 [ ED0580AF02502D00AD8C4C066B156BE9 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
15:48:34.0671 3912 TDTCP - ok
15:48:34.0703 3912 [ A540A99C281D933F3D69D55E48727F47 ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
15:48:34.0703 3912 TermDD - ok
15:48:34.0750 3912 [ B60C877D16D9C880B952FDA04ADF16E6 ] TermService C:\WINDOWS\System32\termsrv.dll
15:48:34.0765 3912 TermService - ok
15:48:34.0781 3912 [ 6815DEF9B810AEFAC107EEAF72DA6F82 ] Themes C:\WINDOWS\System32\shsvcs.dll
15:48:34.0796 3912 Themes - ok
15:48:34.0796 3912 TosIde - ok
15:48:34.0843 3912 [ 6D9AC544B30F96C57F8206566C1FB6A1 ] TrkWks C:\WINDOWS\system32\trkwks.dll
15:48:34.0859 3912 TrkWks - ok
15:48:34.0859 3912 [ 12F70256F140CD7D52C58C7048FDE657 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
15:48:34.0859 3912 Udfs - ok
15:48:34.0875 3912 ultra - ok
15:48:34.0906 3912 [ CED744117E91BDC0BEB810F7D8608183 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
15:48:34.0906 3912 Update - ok
15:48:34.0921 3912 [ ACA5D98663D879C6BAAFCEA7E2F1B710 ] upnphost C:\WINDOWS\System32\upnphost.dll
15:48:34.0953 3912 upnphost - ok
15:48:34.0968 3912 [ 3F5DF65B0758675F95A2D43918A740A3 ] UPS C:\WINDOWS\System32\ups.exe
15:48:34.0984 3912 UPS - ok
15:48:35.0000 3912 [ EAFE1E00739AFE6C51487A050E772E17 ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
15:48:35.0015 3912 USBAAPL - ok
15:48:35.0031 3912 [ 45A0D14B26C35497AD93BCE7E15C9941 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
15:48:35.0031 3912 usbaudio - ok
15:48:35.0062 3912 [ 77B3C8F166A6E6F2E834737AB8CAC1CA ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
15:48:35.0062 3912 usbccgp - ok
15:48:35.0062 3912 USBCCID - ok
15:48:35.0093 3912 [ 4FFAEA1BD071A72DFB76519F5B1DA956 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
15:48:35.0109 3912 usbehci - ok
15:48:35.0109 3912 [ ACE960E54148821E8E48F5D191562C28 ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
15:48:35.0109 3912 usbhub - ok
15:48:35.0140 3912 [ A6BC71402F4F7DD5B77FD7F4A8DDBA85 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
15:48:35.0140 3912 usbscan - ok
15:48:35.0171 3912 [ 6CD7B22193718F1D17A47A1CD6D37E75 ] usbstor C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
15:48:35.0171 3912 usbstor - ok
15:48:35.0203 3912 [ 1590742573FCAFDD9C837478EB1846A4 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
15:48:35.0203 3912 usbuhci - ok
15:48:35.0250 3912 [ 8A60EDD72B4EA5AEA8202DAF0E427925 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
15:48:35.0250 3912 VgaSave - ok
15:48:35.0250 3912 ViaIde - ok
15:48:35.0281 3912 [ EE4660083DEBA849FF6C485D944B379B ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
15:48:35.0296 3912 VolSnap - ok
15:48:35.0328 3912 [ D658E49302C382B88C8E9A08E20B2E82 ] vsdatant C:\WINDOWS\system32\vsdatant.sys
15:48:35.0359 3912 vsdatant - ok
15:48:35.0390 3912 [ 3EE00364AE0FD8D604F46CBAF512838A ] VSS C:\WINDOWS\System32\vssvc.exe
15:48:35.0421 3912 VSS - ok
15:48:35.0453 3912 [ 2B281958F5D0CF99ED626E3EF39D5C8D ] W32Time C:\WINDOWS\System32\w32time.dll
15:48:35.0468 3912 W32Time - ok
15:48:35.0531 3912 [ 984EF0B9788ABF89974CFED4BFBAACBC ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
15:48:35.0531 3912 Wanarp - ok
15:48:35.0562 3912 [ FD47474BD21794508AF449D9D91AF6E6 ] Wdf01000 C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
15:48:35.0578 3912 Wdf01000 - ok
15:48:35.0578 3912 WDICA - ok
15:48:35.0609 3912 [ EFD235CA22B57C81118C1AEB4798F1C1 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
15:48:35.0625 3912 wdmaud - ok
15:48:35.0656 3912 [ 265F534EF76832435AFBF771EC97176D ] WebClient C:\WINDOWS\System32\webclnt.dll
15:48:35.0671 3912 WebClient - ok
15:48:35.0718 3912 [ F399242A80C4066FD155EFA4CF96658E ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
15:48:35.0734 3912 winmgmt - ok
15:48:35.0796 3912 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
15:48:35.0796 3912 WmdmPmSN - ok
15:48:35.0812 3912 [ AE2C8544E747C20062DB27456EA2D67A ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
15:48:35.0812 3912 WmiAcpi - ok
15:48:35.0843 3912 [ BA8CECC3E813E1F7C441B20393D4F86C ] WmiApSrv C:\WINDOWS\System32\wbem\wmiapsrv.exe
15:48:35.0859 3912 WmiApSrv - ok
15:48:36.0000 3912 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
15:48:36.0015 3912 WMPNetworkSvc - ok
15:48:36.0062 3912 [ 13D72740963CBA12D9FF76A7F218BCD8 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
15:48:36.0078 3912 wuauserv - ok
15:48:36.0140 3912 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
15:48:36.0140 3912 WudfPf - ok
15:48:36.0140 3912 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
15:48:36.0156 3912 WudfRd - ok
15:48:36.0187 3912 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
15:48:36.0203 3912 WudfSvc - ok
15:48:36.0234 3912 [ 5A91E6FEAB9F901302FA7FF768C0120F ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
15:48:36.0265 3912 WZCSVC - ok
15:48:36.0296 3912 [ EEF46DAB68229A14DA3D8E73C99E2959 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
15:48:36.0312 3912 xmlprov - ok
15:48:36.0328 3912 yksvc - ok
15:48:36.0359 3912 [ 109B497D481490BE0A31C390FCE9BFFE ] yukonwxp C:\WINDOWS\system32\DRIVERS\yk51x86.sys
15:48:36.0359 3912 yukonwxp - ok
15:48:36.0375 3912 ================ Scan global ===============================
15:48:36.0406 3912 [ 00EF9C3AF83EDBAF18CA7A2837750117 ] C:\WINDOWS\system32\basesrv.dll
15:48:36.0453 3912 [ 3D21B3BE0C5768E76FD9780E9CF9E07C ] C:\WINDOWS\system32\winsrv.dll
15:48:36.0468 3912 [ 3D21B3BE0C5768E76FD9780E9CF9E07C ] C:\WINDOWS\system32\winsrv.dll
15:48:36.0500 3912 [ 37561F8D4160D62DA86D24AE41FAE8DE ] C:\WINDOWS\system32\services.exe
15:48:36.0515 3912 [Global] - ok
15:48:36.0515 3912 ================ Scan MBR ==================================
15:48:36.0531 3912 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
15:48:36.0531 3912 Suspicious mbr (Forged): \Device\Harddisk0\DR0
15:48:36.0546 3912 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
15:48:36.0546 3912 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
15:48:36.0578 3912 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
15:48:36.0578 3912 \Device\Harddisk0\DR0 - detected TDSS File System (1)
15:48:36.0578 3912 ================ Scan VBR ==================================
15:48:36.0593 3912 [ FDBC45A418FFF205E1E6F1534FF37F73 ] \Device\Harddisk0\DR0\Partition1
15:48:36.0593 3912 \Device\Harddisk0\DR0\Partition1 - ok
15:48:36.0593 3912 ============================================================
15:48:36.0593 3912 Scan finished
15:48:36.0593 3912 ============================================================
15:48:36.0609 3736 Detected object count: 2
15:48:36.0609 3736 Actual detected object count: 2
15:49:14.0843 3736 \Device\Harddisk0\DR0\# - copied to quarantine
15:49:14.0859 3736 \Device\Harddisk0\DR0 - copied to quarantine
15:49:14.0890 3736 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
15:49:14.0906 3736 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
15:49:14.0953 3736 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
15:49:15.0015 3736 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
15:49:19.0015 3736 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
15:49:19.0156 3736 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
15:49:19.0171 3736 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
15:49:19.0171 3736 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
15:49:19.0187 3736 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
15:49:19.0312 3736 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
15:49:19.0406 3736 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
15:49:19.0421 3736 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
15:49:19.0562 3736 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot
15:49:19.0562 3736 \Device\Harddisk0\DR0 - ok
15:49:19.0578 3736 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure
15:49:19.0578 3736 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
15:49:19.0578 3736 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
15:49:26.0562 3244 Deinitialize success

aswMBR Results:
aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-27 16:01:22
-----------------------------
16:01:22.750 OS Version: Windows 5.1.2600 Service Pack 2
16:01:22.750 Number of processors: 2 586 0x170A
16:01:22.750 ComputerName: NOEL-MNR7BSKA4M UserName: Noel
16:01:23.578 Initialize success
16:01:23.703 AVAST engine defs: 12082700
16:02:01.359 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
16:02:01.359 Disk 0 Vendor: WDC_WD3200BEVT-75ZCT2 11.01A11 Size: 305245MB BusType: 3
16:02:01.406 Disk 0 MBR read successfully
16:02:01.406 Disk 0 MBR scan
16:02:01.406 Disk 0 Windows XP default MBR code
16:02:01.406 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 305234 MB offset 63
16:02:01.406 Disk 0 scanning sectors +625121280
16:02:01.484 Disk 0 scanning C:\WINDOWS\system32\drivers
16:02:07.250 Service scanning
16:02:16.937 Modules scanning
16:02:22.156 Disk 0 trace - called modules:
16:02:22.171 ntkrnlpa.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll pciide.sys PCIIDEX.SYS
16:02:22.171 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8ace2ab8]
16:02:22.671 3 CLASSPNP.SYS[ba0e905b] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x8ad86b00]
16:02:23.468 AVAST engine scan C:\WINDOWS
16:02:56.828 AVAST engine scan C:\WINDOWS\system32
16:07:52.703 AVAST engine scan C:\WINDOWS\system32\drivers
16:08:19.687 AVAST engine scan C:\Documents and Settings\Noel
16:11:41.328 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Noel\Desktop\MBR.dat"
16:11:41.359 The log file has been saved successfully to "C:\Documents and Settings\Noel\Desktop\aswMBR.txt"

ESET Online Scanner:
C:\Documents and Settings\Noel\Local Settings\Temp\is1598539481\BuzzdockSetup-Silent.exe probably a variant of Win32/Adware.ECOHET application cleaned by deleting - quarantined
C:\Documents and Settings\Noel\My Documents\My Downloads\Windows Media Player 10\windows.7.codec.pack.v3.4.0.setup.exe probably a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\27.08.2012_15.47.45\mbr0000\tdlfs0000\tsk0001.dta Win32/Olmarik.AYI trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\27.08.2012_15.47.45\mbr0000\tdlfs0000\tsk0002.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\27.08.2012_15.52.48\tdlfs0000\tsk0001.dta Win32/Olmarik.AYI trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\27.08.2012_15.52.48\tdlfs0000\tsk0002.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\27.08.2012_15.58.12\tdlfs0000\tsk0001.dta Win32/Olmarik.AYI trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\27.08.2012_15.58.12\tdlfs0000\tsk0002.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\27.08.2012_15.58.12\tdlfs0000\tsk0003.dta a variant of Win32/Rootkit.Kryptik.LA trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\27.08.2012_15.58.12\tdlfs0000\tsk0004.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\27.08.2012_15.58.12\tdlfs0000\tsk0008.dta Win32/Olmarik.AFK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\27.08.2012_15.58.12\tdlfs0000\tsk0009.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined

#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:30 PM

Posted 27 August 2012 - 10:06 PM

15:49:19.0578 3736 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user

Run TDSSkiller again and DELETE this.Post the new log

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#6 toicy4ya

toicy4ya
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:02:30 PM

Posted 28 August 2012 - 06:34 PM

TDSSKiller Results:
04:59:20.0359 3152 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
04:59:20.0656 3152 ============================================================
04:59:20.0656 3152 Current date / time: 2012/08/28 04:59:20.0656
04:59:20.0656 3152 SystemInfo:
04:59:20.0656 3152
04:59:20.0656 3152 OS Version: 5.1.2600 ServicePack: 2.0
04:59:20.0656 3152 Product type: Workstation
04:59:20.0656 3152 ComputerName: NOEL-MNR7BSKA4M
04:59:20.0656 3152 UserName: Noel
04:59:20.0656 3152 Windows directory: C:\WINDOWS
04:59:20.0656 3152 System windows directory: C:\WINDOWS
04:59:20.0656 3152 Processor architecture: Intel x86
04:59:20.0656 3152 Number of processors: 2
04:59:20.0656 3152 Page size: 0x1000
04:59:20.0656 3152 Boot type: Normal boot
04:59:20.0656 3152 ============================================================
04:59:22.0031 3152 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
04:59:22.0031 3152 ============================================================
04:59:22.0031 3152 \Device\Harddisk0\DR0:
04:59:22.0031 3152 MBR partitions:
04:59:22.0031 3152 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x254297C1
04:59:22.0031 3152 ============================================================
04:59:22.0093 3152 C: <-> \Device\Harddisk0\DR0\Partition1
04:59:22.0109 3152 ============================================================
04:59:22.0109 3152 Initialize success
04:59:22.0109 3152 ============================================================
04:59:53.0250 3332 ============================================================
04:59:53.0250 3332 Scan started
04:59:53.0250 3332 Mode: Manual; TDLFS;
04:59:53.0250 3332 ============================================================
04:59:53.0812 3332 ================ Scan system memory ========================
04:59:53.0812 3332 System memory - ok
04:59:53.0812 3332 ================ Scan services =============================
04:59:53.0937 3332 [ C0393EB99A6C72C6BEF9BFC4A72B33A6 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
04:59:53.0937 3332 !SASCORE - ok
04:59:54.0390 3332 [ 0352A73CD6B1782EA3ED7A03A8268F55 ] Aavmker4 C:\WINDOWS\system32\drivers\Aavmker4.sys
04:59:54.0390 3332 Aavmker4 - ok
04:59:54.0390 3332 Abiosdsk - ok
04:59:54.0390 3332 abp480n5 - ok
04:59:54.0421 3332 [ A10C7534F7223F4A73A948967D00E69B ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
04:59:54.0437 3332 ACPI - ok
04:59:54.0468 3332 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
04:59:54.0468 3332 ACPIEC - ok
04:59:54.0500 3332 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
04:59:54.0515 3332 AdobeFlashPlayerUpdateSvc - ok
04:59:54.0515 3332 adpu160m - ok
04:59:54.0546 3332 [ 1EE7B434BA961EF845DE136224C30FEC ] aec C:\WINDOWS\system32\drivers\aec.sys
04:59:54.0562 3332 aec - ok
04:59:54.0578 3332 [ FDE8ED2C9280AFB8975894AA78EEF59F ] AESTAud C:\WINDOWS\system32\drivers\AESTAud.sys
04:59:54.0578 3332 AESTAud - ok
04:59:54.0609 3332 [ 55E6E1C51B6D30E54335750955453702 ] AFD C:\WINDOWS\System32\drivers\afd.sys
04:59:54.0609 3332 AFD - ok
04:59:54.0625 3332 Aha154x - ok
04:59:54.0625 3332 aic78u2 - ok
04:59:54.0625 3332 aic78xx - ok
04:59:54.0656 3332 [ C7AE0FD3867DB0D42B03B73C18F3D671 ] Alerter C:\WINDOWS\system32\alrsvc.dll
04:59:54.0656 3332 Alerter - ok
04:59:54.0687 3332 [ F1958FBF86D5C004CF19A5951A9514B7 ] ALG C:\WINDOWS\System32\alg.exe
04:59:54.0687 3332 ALG - ok
04:59:54.0687 3332 AliIde - ok
04:59:54.0687 3332 amsint - ok
04:59:54.0718 3332 [ B83F9DA84F7079451C1C6A4A2F140920 ] ApfiltrService C:\WINDOWS\system32\DRIVERS\Apfiltr.sys
04:59:54.0718 3332 ApfiltrService - ok
04:59:54.0750 3332 [ EC94E05B76D033B74394E7B2175103CF ] APPDRV C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS
04:59:54.0750 3332 APPDRV - ok
04:59:54.0859 3332 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
04:59:54.0859 3332 Apple Mobile Device - ok
04:59:54.0859 3332 AppMgmt - ok
04:59:54.0875 3332 asc - ok
04:59:54.0875 3332 asc3350p - ok
04:59:54.0890 3332 asc3550 - ok
04:59:54.0968 3332 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
04:59:54.0984 3332 aspnet_state - ok
04:59:55.0015 3332 [ F5DC168BF77572D51BE28BA261B30CB4 ] aswFsBlk C:\WINDOWS\system32\drivers\aswFsBlk.sys
04:59:55.0015 3332 aswFsBlk - ok
04:59:55.0046 3332 [ D58AC76EB4D2B478B654EBD6550965BB ] aswKbd C:\WINDOWS\system32\drivers\aswKbd.sys
04:59:55.0046 3332 aswKbd - ok
04:59:55.0062 3332 [ 2B9B1DF809E965EF63402CBBA6DB50AE ] aswMon2 C:\WINDOWS\system32\drivers\aswMon2.sys
04:59:55.0062 3332 aswMon2 - ok
04:59:55.0078 3332 [ B7D5E4486BA658ED08624D8084ABB830 ] AswRdr C:\WINDOWS\system32\drivers\AswRdr.sys
04:59:55.0078 3332 AswRdr - ok
04:59:55.0140 3332 [ 30E45AF8B4D83176CA850FC9699E860B ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
04:59:55.0156 3332 aswSnx - ok
04:59:55.0187 3332 [ F04BDBCB965C05C51F4A7DE7B62063D6 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
04:59:55.0187 3332 aswSP - ok
04:59:55.0203 3332 [ DFE9152ABFA89BB8CFDC057409B2D4DA ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys
04:59:55.0203 3332 aswTdi - ok
04:59:55.0234 3332 [ 02000ABF34AF4C218C35D257024807D6 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
04:59:55.0234 3332 AsyncMac - ok
04:59:55.0250 3332 [ CDFE4411A69C224BD1D11B2DA92DAC51 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
04:59:55.0250 3332 atapi - ok
04:59:55.0265 3332 Atdisk - ok
04:59:55.0312 3332 [ EC88DA854AB7D7752EC8BE11A741BB7F ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
04:59:55.0312 3332 Atmarpc - ok
04:59:55.0359 3332 [ DB66DB626E4882EBEF55F136F12C1829 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
04:59:55.0359 3332 AudioSrv - ok
04:59:55.0390 3332 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
04:59:55.0390 3332 audstub - ok
04:59:55.0437 3332 [ 04AC21E821F259845BD7367CEE057290 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
04:59:55.0437 3332 avast! Antivirus - ok
04:59:55.0468 3332 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
04:59:55.0468 3332 Beep - ok
04:59:55.0515 3332 [ 2C69EC7E5A311334D10DD95F338FCCEA ] BITS C:\WINDOWS\System32\qmgr.dll
04:59:55.0562 3332 BITS - ok
04:59:55.0593 3332 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
04:59:55.0609 3332 Bonjour Service - ok
04:59:55.0656 3332 [ E3CFCCDDA4EDD1D0DC9168B2E18F27B8 ] Browser C:\WINDOWS\System32\browser.dll
04:59:55.0656 3332 Browser - ok
04:59:55.0687 3332 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
04:59:55.0687 3332 cbidf2k - ok
04:59:55.0703 3332 cd20xrnt - ok
04:59:55.0718 3332 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
04:59:55.0718 3332 Cdaudio - ok
04:59:55.0750 3332 [ CD7D5152DF32B47F4E36F710B35AAE02 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
04:59:55.0750 3332 Cdfs - ok
04:59:55.0765 3332 [ AF9C19B3100FE010496B1A27181FBF72 ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
04:59:55.0765 3332 Cdrom - ok
04:59:55.0765 3332 Changer - ok
04:59:55.0781 3332 [ 3192BD04D032A9C4A85A3278C268A13A ] CiSvc C:\WINDOWS\system32\cisvc.exe
04:59:55.0796 3332 CiSvc - ok
04:59:55.0828 3332 [ F00AB7543840AC1CA06AD5C155BCC06F ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
04:59:55.0828 3332 ClipSrv - ok
04:59:55.0859 3332 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
04:59:55.0890 3332 clr_optimization_v2.0.50727_32 - ok
04:59:55.0906 3332 [ 4266BE808F85826AEDF3C64C1E240203 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
04:59:55.0906 3332 CmBatt - ok
04:59:55.0906 3332 CmdIde - ok
04:59:55.0921 3332 [ DF1B1A24BF52D0EBC01ED4ECE8979F50 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
04:59:55.0921 3332 Compbatt - ok
04:59:55.0921 3332 COMSysApp - ok
04:59:55.0937 3332 Cpqarray - ok
04:59:55.0968 3332 [ 10654F9DDCEA9C46CFB77554231BE73B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
04:59:55.0968 3332 CryptSvc - ok
04:59:55.0984 3332 [ CB7D7C0E74ADCB7DA96D08EC8DB86062 ] CVirtA C:\WINDOWS\system32\DRIVERS\CVirtA.sys
04:59:55.0984 3332 CVirtA - ok
04:59:56.0062 3332 [ 89C9312DE99E00893B5330C762216D7B ] CVPND C:\Program Files\Affinity\Affinity VPN Client\cvpnd.exe
04:59:56.0093 3332 CVPND - ok
04:59:56.0125 3332 [ F7EB6EC14C1F614B89ABC3C10BEB1054 ] CVPNDRVA C:\WINDOWS\system32\Drivers\CVPNDRVA.sys
04:59:56.0140 3332 CVPNDRVA - ok
04:59:56.0140 3332 dac2w2k - ok
04:59:56.0140 3332 dac960nt - ok
04:59:56.0187 3332 [ 01095FEBF33BEEA00C2A0730B9B3EC28 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
04:59:56.0203 3332 DcomLaunch - ok
04:59:56.0234 3332 [ EF545E1A4B043DA4C84E230DD471C55F ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
04:59:56.0234 3332 Dhcp - ok
04:59:56.0250 3332 [ 00CA44E4534865F8A3B64F7C0984BFF0 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
04:59:56.0250 3332 Disk - ok
04:59:56.0265 3332 dmadmin - ok
04:59:56.0312 3332 [ C0FBB516E06E243F0CF31F597E7EBF7D ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
04:59:56.0328 3332 dmboot - ok
04:59:56.0343 3332 [ F5E7B358A732D09F4BCF2824B88B9E28 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
04:59:56.0343 3332 dmio - ok
04:59:56.0359 3332 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
04:59:56.0359 3332 dmload - ok
04:59:56.0390 3332 [ 1639D9964C9E1B2ECCA95C8217D3E70D ] dmserver C:\WINDOWS\System32\dmserver.dll
04:59:56.0390 3332 dmserver - ok
04:59:56.0406 3332 [ A6F881284AC1150E37D9AE47FF601267 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
04:59:56.0421 3332 DMusic - ok
04:59:56.0453 3332 [ C86FBF607445BF693450D84B775F168C ] DNE C:\WINDOWS\system32\DRIVERS\dne2000.sys
04:59:56.0453 3332 DNE - ok
04:59:56.0468 3332 [ AAC8FFBFD61E784FA3BAC851D4A0BD5F ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
04:59:56.0468 3332 Dnscache - ok
04:59:56.0484 3332 dpti2o - ok
04:59:56.0484 3332 [ 1ED4DBBAE9F5D558DBBA4CC450E3EB2E ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
04:59:56.0484 3332 drmkaud - ok
04:59:56.0500 3332 [ 67DFF7BBBD0E80AAB7B3CF061448DB8A ] ERSvc C:\WINDOWS\System32\ersvc.dll
04:59:56.0515 3332 ERSvc - ok
04:59:56.0546 3332 [ 37561F8D4160D62DA86D24AE41FAE8DE ] Eventlog C:\WINDOWS\system32\services.exe
04:59:56.0546 3332 Eventlog - ok
04:59:56.0578 3332 [ 60D1A6342238378BFB7545C81EE3606C ] EventSystem C:\WINDOWS\System32\es.dll
04:59:56.0578 3332 EventSystem - ok
04:59:56.0593 3332 [ 3117F595E9615E04F05A54FC15A03B20 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
04:59:56.0593 3332 Fastfat - ok
04:59:56.0609 3332 [ 6815DEF9B810AEFAC107EEAF72DA6F82 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
04:59:56.0640 3332 FastUserSwitchingCompatibility - ok
04:59:56.0703 3332 [ CED2E8396A8838E59D8FD529C680E02C ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
04:59:56.0703 3332 Fdc - ok
04:59:56.0734 3332 [ E153AB8A11DE5452BCF5AC7652DBF3ED ] Fips C:\WINDOWS\system32\drivers\Fips.sys
04:59:56.0734 3332 Fips - ok
04:59:56.0765 3332 [ 0DD1DE43115B93F4D85E889D7A86F548 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
04:59:56.0765 3332 Flpydisk - ok
04:59:56.0828 3332 [ 3D234FB6D6EE875EB009864A299BEA29 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
04:59:56.0828 3332 FltMgr - ok
04:59:56.0859 3332 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
04:59:56.0859 3332 FontCache3.0.0.0 - ok
04:59:56.0875 3332 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
04:59:56.0875 3332 Fs_Rec - ok
04:59:56.0921 3332 [ D6E3667F5E2BC6AFC50308B480DE2999 ] FTDIBUS C:\WINDOWS\system32\drivers\ftdibus.sys
04:59:56.0921 3332 FTDIBUS - ok
04:59:56.0953 3332 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
04:59:56.0953 3332 Ftdisk - ok
04:59:57.0000 3332 [ E4CF4C1F9E3D57A66850F484C08E9ECF ] FTSER2K C:\WINDOWS\system32\drivers\ftser2k.sys
04:59:57.0000 3332 FTSER2K - ok
04:59:57.0046 3332 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
04:59:57.0046 3332 GEARAspiWDM - ok
04:59:57.0078 3332 [ C0F1D4A21DE5A415DF8170616703DEBF ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
04:59:57.0093 3332 Gpc - ok
04:59:57.0125 3332 [ E31363D186B3E1D7C4E9117884A6AEE5 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
04:59:57.0125 3332 HDAudBus - ok
04:59:57.0187 3332 [ 8827911A8C37E40C027CBFC88E69D967 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
04:59:57.0187 3332 helpsvc - ok
04:59:57.0218 3332 [ 9376E6893E52B368ABC6255BF54F0B28 ] HidServ C:\WINDOWS\System32\hidserv.dll
04:59:57.0234 3332 HidServ - ok
04:59:57.0265 3332 [ 1DE6783B918F540149AA69943BDFEBA8 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
04:59:57.0265 3332 hidusb - ok
04:59:57.0281 3332 hpn - ok
04:59:57.0312 3332 [ 9F8B0F4276F618964FD118BE4289B7CD ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
04:59:57.0312 3332 HTTP - ok
04:59:57.0343 3332 [ 064D8581ADF77C25133E7D751D917D83 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
04:59:57.0359 3332 HTTPFilter - ok
04:59:57.0359 3332 i2omgmt - ok
04:59:57.0359 3332 i2omp - ok
04:59:57.0390 3332 [ 5502B58EEF7486EE6F93F3F164DCB808 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
04:59:57.0390 3332 i8042prt - ok
04:59:57.0578 3332 [ D1359E54D9755D28E56B17A352AB8AAE ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
04:59:57.0718 3332 ialm - ok
04:59:57.0796 3332 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
04:59:57.0828 3332 idsvc - ok
04:59:57.0859 3332 [ F8AA320C6A0409C0380E5D8A99D76EC6 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
04:59:57.0859 3332 Imapi - ok
04:59:57.0890 3332 [ FA788520BCAC0F5D9D5CDE5615C0D931 ] ImapiService C:\WINDOWS\System32\imapi.exe
04:59:57.0906 3332 ImapiService - ok
04:59:57.0906 3332 InCDFs - ok
04:59:57.0921 3332 InCDPass - ok
04:59:57.0921 3332 InCDRm - ok
04:59:57.0937 3332 ini910u - ok
04:59:57.0937 3332 IntelIde - ok
04:59:57.0968 3332 [ 279FB78702454DFF2BB445F238C048D2 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
04:59:57.0968 3332 intelppm - ok
04:59:57.0984 3332 [ 4448006B6BC60E6C027932CFC38D6855 ] ip6fw C:\WINDOWS\system32\drivers\ip6fw.sys
04:59:57.0984 3332 ip6fw - ok
04:59:58.0000 3332 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
04:59:58.0000 3332 IpFilterDriver - ok
04:59:58.0015 3332 [ E1EC7F5DA720B640CD8FB8424F1B14BB ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
04:59:58.0015 3332 IpInIp - ok
04:59:58.0046 3332 [ E2168CBC7098FFE963C6F23F472A3593 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
04:59:58.0062 3332 IpNat - ok
04:59:58.0109 3332 [ E6BE7A41A28D8F2DB174957454D32448 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
04:59:58.0140 3332 iPod Service - ok
04:59:58.0171 3332 [ 64537AA5C003A6AFEEE1DF819062D0D1 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
04:59:58.0171 3332 IPSec - ok
04:59:58.0187 3332 [ 50708DAA1B1CBB7D6AC1CF8F56A24410 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
04:59:58.0187 3332 IRENUM - ok
04:59:58.0218 3332 [ E504F706CCB699C2596E9A3DA1596E87 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
04:59:58.0218 3332 isapnp - ok
04:59:58.0265 3332 [ 381B25DC8E958D905B33130D500BBF29 ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
04:59:58.0281 3332 JavaQuickStarterService - ok
04:59:58.0281 3332 [ EBDEE8A2EE5393890A1ACEE971C4C246 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
04:59:58.0281 3332 Kbdclass - ok
04:59:58.0312 3332 [ BA5DEDA4D934E6288C2F66CAF58D2562 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
04:59:58.0328 3332 kmixer - ok
04:59:58.0343 3332 [ 674D3E5A593475915DC6643317192403 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
04:59:58.0343 3332 KSecDD - ok
04:59:58.0375 3332 [ 0CB3AF149A0BAC0836022CA307C7A0F8 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
04:59:58.0390 3332 lanmanserver - ok
04:59:58.0421 3332 [ E1F27CFCD114EC9F1E1F44674B2FF9F0 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
04:59:58.0437 3332 lanmanworkstation - ok
04:59:58.0453 3332 lbrtfdc - ok
04:59:58.0640 3332 [ 3C879D04BB6466E2853C3155B635CC45 ] LeapFrog Connect Device Service C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
04:59:58.0765 3332 LeapFrog Connect Device Service - ok
04:59:58.0796 3332 [ 5CFFDA921FE0C9E9EBDE3150D3C81594 ] Leapfrog-USBLAN C:\WINDOWS\system32\DRIVERS\btblan.sys
04:59:58.0796 3332 Leapfrog-USBLAN - ok
04:59:58.0828 3332 [ B3EFF6D938C572E90A07B3D87A3C7657 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
04:59:58.0843 3332 LmHosts - ok
04:59:58.0875 3332 [ 95FD808E4AC22ABA025A7B3EAC0375D2 ] Messenger C:\WINDOWS\System32\msgsvc.dll
04:59:58.0890 3332 Messenger - ok
04:59:58.0906 3332 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
04:59:58.0906 3332 mnmdd - ok
04:59:58.0937 3332 [ D1B8D875275B392E46AEE85F219B81FC ] mnmsrvc C:\WINDOWS\System32\mnmsrvc.exe
04:59:58.0953 3332 mnmsrvc - ok
04:59:58.0984 3332 [ 6FC6F9D7ACC36DCA9B914565A3AEDA05 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
04:59:58.0984 3332 Modem - ok
04:59:59.0015 3332 [ 34E1F0031153E491910E12551400192C ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
04:59:59.0015 3332 Mouclass - ok
04:59:59.0031 3332 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
04:59:59.0031 3332 mouhid - ok
04:59:59.0078 3332 [ 65653F3B4477F3C63E68A9659F85EE2E ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
04:59:59.0078 3332 MountMgr - ok
04:59:59.0078 3332 mraid35x - ok
04:59:59.0125 3332 [ 29414447EB5BDE2F8397DC965DBB3156 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
04:59:59.0125 3332 MRxDAV - ok
04:59:59.0156 3332 [ FB6C89BB3CE282B08BDB1E3C179E1C39 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
04:59:59.0171 3332 MRxSmb - ok
04:59:59.0171 3332 [ A82FF842A4A4A6420308FF509E29C51F ] MSDTC C:\WINDOWS\System32\msdtc.exe
04:59:59.0171 3332 MSDTC - ok
04:59:59.0187 3332 [ 561B3A4333CA2DBDBA28B5B956822519 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
04:59:59.0187 3332 Msfs - ok
04:59:59.0187 3332 MSIServer - ok
04:59:59.0203 3332 [ AE431A8DD3C1D0D0610CDBAC16057AD0 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
04:59:59.0203 3332 MSKSSRV - ok
04:59:59.0218 3332 [ 13E75FEF9DFEB08EEDED9D0246E1F448 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
04:59:59.0218 3332 MSPCLOCK - ok
04:59:59.0234 3332 [ 1988A33FF19242576C3D0EF9CE785DA7 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
04:59:59.0234 3332 MSPQM - ok
04:59:59.0250 3332 [ 469541F8BFD2B32659D5D463A6714BCE ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
04:59:59.0250 3332 mssmbios - ok
04:59:59.0265 3332 [ 82035E0F41C2DD05AE41D27FE6CF7DE1 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
04:59:59.0265 3332 Mup - ok
04:59:59.0265 3332 [ 558635D3AF1C7546D26067D5D9B6959E ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
04:59:59.0281 3332 NDIS - ok
04:59:59.0312 3332 [ 08D43BBDACDF23F34D79E44ED35C1B4C ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
04:59:59.0312 3332 NdisTapi - ok
04:59:59.0328 3332 [ 34D6CD56409DA9A7ED573E1C90A308BF ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
04:59:59.0328 3332 Ndisuio - ok
04:59:59.0343 3332 [ 0B90E255A9490166AB368CD55A529893 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
04:59:59.0359 3332 NdisWan - ok
04:59:59.0359 3332 [ 59FC3FB44D2669BC144FD87826BB571F ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
04:59:59.0359 3332 NDProxy - ok
04:59:59.0359 3332 [ 3A2ACA8FC1D7786902CA434998D7CEB4 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
04:59:59.0375 3332 NetBIOS - ok
04:59:59.0390 3332 [ 0C80E410CD2F47134407EE7DD19CC86B ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
04:59:59.0390 3332 NetBT - ok
04:59:59.0437 3332 [ 05AFB5AD06462257BEA7495283C86D50 ] NetDDE C:\WINDOWS\system32\netdde.exe
04:59:59.0453 3332 NetDDE - ok
04:59:59.0453 3332 [ 05AFB5AD06462257BEA7495283C86D50 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
04:59:59.0453 3332 NetDDEdsdm - ok
04:59:59.0500 3332 [ 84885F9B82F4D55C6146EBF6065D75D2 ] Netlogon C:\WINDOWS\System32\lsass.exe
04:59:59.0500 3332 Netlogon - ok
04:59:59.0531 3332 [ 36739B39267914BA69AD0610A0299732 ] Netman C:\WINDOWS\System32\netman.dll
04:59:59.0562 3332 Netman - ok
04:59:59.0593 3332 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
04:59:59.0609 3332 NetTcpPortSharing - ok
04:59:59.0734 3332 [ CFE1981A47A2F7650A1EF8917DC4D1C3 ] NETw5x32 C:\WINDOWS\system32\DRIVERS\NETw5x32.sys
04:59:59.0828 3332 NETw5x32 - ok
05:00:00.0031 3332 [ D51118EA7F2699CCE54E9646465C233B ] NETwNx32 C:\WINDOWS\system32\DRIVERS\NETwNx32.sys
05:00:00.0187 3332 NETwNx32 - ok
05:00:00.0234 3332 [ 097722F235A1FB698BF9234E01B52637 ] Nla C:\WINDOWS\System32\mswsock.dll
05:00:00.0250 3332 Nla - ok
05:00:00.0281 3332 [ 4F601BCB8F64EA3AC0994F98FED03F8E ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
05:00:00.0281 3332 Npfs - ok
05:00:00.0328 3332 [ 19A811EF5F1ED5C926A028CE107FF1AF ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
05:00:00.0343 3332 Ntfs - ok
05:00:00.0359 3332 [ 84885F9B82F4D55C6146EBF6065D75D2 ] NtLmSsp C:\WINDOWS\System32\lsass.exe
05:00:00.0359 3332 NtLmSsp - ok
05:00:00.0390 3332 [ B62F29C00AC55A761B2E45877D85EA0F ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
05:00:00.0421 3332 NtmsSvc - ok
05:00:00.0437 3332 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
05:00:00.0437 3332 Null - ok
05:00:00.0453 3332 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
05:00:00.0468 3332 NwlnkFlt - ok
05:00:00.0468 3332 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
05:00:00.0468 3332 NwlnkFwd - ok
05:00:00.0531 3332 [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
05:00:00.0546 3332 odserv - ok
05:00:00.0578 3332 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
05:00:00.0578 3332 ose - ok
05:00:00.0609 3332 [ 29744EB4CE659DFE3B4122DEB45BC478 ] Parport C:\WINDOWS\system32\drivers\Parport.sys
05:00:00.0609 3332 Parport - ok
05:00:00.0640 3332 [ 3334430C29DC338092F79C38EF7B4CD0 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
05:00:00.0656 3332 PartMgr - ok
05:00:00.0671 3332 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
05:00:00.0671 3332 ParVdm - ok
05:00:00.0687 3332 [ 8086D9979234B603AD5BC2F5D890B234 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
05:00:00.0687 3332 PCI - ok
05:00:00.0687 3332 PCIDump - ok
05:00:00.0718 3332 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
05:00:00.0718 3332 PCIIde - ok
05:00:00.0750 3332 [ 82A087207DECEC8456FBE8537947D579 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
05:00:00.0750 3332 Pcmcia - ok
05:00:00.0781 3332 [ 5B6C11DE7E839C05248CED8825470FEF ] pcouffin C:\WINDOWS\system32\Drivers\pcouffin.sys
05:00:00.0781 3332 pcouffin - ok
05:00:00.0781 3332 PDCOMP - ok
05:00:00.0796 3332 PDFRAME - ok
05:00:00.0796 3332 PDRELI - ok
05:00:00.0796 3332 PDRFRAME - ok
05:00:00.0812 3332 perc2 - ok
05:00:00.0812 3332 perc2hib - ok
05:00:00.0859 3332 [ 37561F8D4160D62DA86D24AE41FAE8DE ] PlugPlay C:\WINDOWS\system32\services.exe
05:00:00.0859 3332 PlugPlay - ok
05:00:00.0859 3332 [ 84885F9B82F4D55C6146EBF6065D75D2 ] PolicyAgent C:\WINDOWS\System32\lsass.exe
05:00:00.0859 3332 PolicyAgent - ok
05:00:00.0875 3332 [ 1C5CC65AAC0783C344F16353E60B72AC ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
05:00:00.0875 3332 PptpMiniport - ok
05:00:00.0890 3332 [ 0D97D88720A4087EC93AF7DBB303B30A ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
05:00:00.0890 3332 Processor - ok
05:00:00.0906 3332 [ 84885F9B82F4D55C6146EBF6065D75D2 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
05:00:00.0906 3332 ProtectedStorage - ok
05:00:00.0906 3332 [ 48671F327553DCF1D27F6197F622A668 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
05:00:00.0921 3332 PSched - ok
05:00:00.0921 3332 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
05:00:00.0921 3332 Ptilink - ok
05:00:00.0937 3332 ql1080 - ok
05:00:00.0937 3332 Ql10wnt - ok
05:00:00.0937 3332 ql12160 - ok
05:00:00.0953 3332 ql1240 - ok
05:00:00.0953 3332 ql1280 - ok
05:00:00.0968 3332 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
05:00:00.0968 3332 RasAcd - ok
05:00:00.0984 3332 [ 44DB7A9BDD2FB58747D123FBF1D35ADB ] RasAuto C:\WINDOWS\System32\rasauto.dll
05:00:01.0000 3332 RasAuto - ok
05:00:01.0015 3332 [ 98FAEB4A4DCF812BA1C6FCA4AA3E115C ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
05:00:01.0015 3332 Rasl2tp - ok
05:00:01.0062 3332 [ 49B5EED5FB89D39456A2F616CCD8BA5D ] RasMan C:\WINDOWS\System32\rasmans.dll
05:00:01.0062 3332 RasMan - ok
05:00:01.0078 3332 [ 7306EEED8895454CBED4669BE9F79FAA ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
05:00:01.0078 3332 RasPppoe - ok
05:00:01.0078 3332 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
05:00:01.0078 3332 Raspti - ok
05:00:01.0109 3332 [ 03B965B1CA47F6EF60EB5E51CB50E0AF ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
05:00:01.0125 3332 Rdbss - ok
05:00:01.0125 3332 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
05:00:01.0125 3332 RDPCDD - ok
05:00:01.0171 3332 [ B54CD38A9EBFBF2B3561426E3FE26F62 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
05:00:01.0171 3332 RDPWD - ok
05:00:01.0203 3332 [ 729798E0933076B8FCFCD9934698F164 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
05:00:01.0203 3332 RDSessMgr - ok
05:00:01.0234 3332 [ B31B4588E4086D8D84ADBF9845C2402B ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
05:00:01.0234 3332 redbook - ok
05:00:01.0250 3332 [ 3046DB917E3CFA040632799DD9B14865 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
05:00:01.0250 3332 RemoteAccess - ok
05:00:01.0265 3332 [ 793F04A09B15E7C6C11DBDFFAF06C0AB ] RpcLocator C:\WINDOWS\System32\locator.exe
05:00:01.0265 3332 RpcLocator - ok
05:00:01.0296 3332 [ 01095FEBF33BEEA00C2A0730B9B3EC28 ] RpcSs C:\WINDOWS\system32\rpcss.dll
05:00:01.0296 3332 RpcSs - ok
05:00:01.0343 3332 [ 030442F08AEC1A5D7CF035CC514374B9 ] RSUSBSTOR C:\WINDOWS\system32\Drivers\RTS5121.sys
05:00:01.0343 3332 RSUSBSTOR - ok
05:00:01.0359 3332 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\System32\rsvp.exe
05:00:01.0375 3332 RSVP - ok
05:00:01.0375 3332 Rts516xIR - ok
05:00:01.0406 3332 [ 84885F9B82F4D55C6146EBF6065D75D2 ] SamSs C:\WINDOWS\system32\lsass.exe
05:00:01.0406 3332 SamSs - ok
05:00:01.0437 3332 [ 39763504067962108505BFF25F024345 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
05:00:01.0437 3332 SASDIFSV - ok
05:00:01.0453 3332 [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
05:00:01.0453 3332 SASKUTIL - ok
05:00:01.0453 3332 [ 25D8DE134DF108E3DBC8D7D23B1AA58E ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
05:00:01.0468 3332 SCardSvr - ok
05:00:01.0484 3332 [ 92360854316611F6CC471612213C3D92 ] Schedule C:\WINDOWS\system32\schedsvc.dll
05:00:01.0515 3332 Schedule - ok
05:00:01.0546 3332 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
05:00:01.0562 3332 Secdrv - ok
05:00:01.0578 3332 [ B1E0CE09895376871746F36DC5773B4F ] seclogon C:\WINDOWS\System32\seclogon.dll
05:00:01.0593 3332 seclogon - ok
05:00:01.0609 3332 [ DFD9870CF39C791D86C4C209DA9FA919 ] SENS C:\WINDOWS\system32\sens.dll
05:00:01.0625 3332 SENS - ok
05:00:01.0640 3332 [ A2D868AEEFF612E70E213C451A70CAFB ] Serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
05:00:01.0640 3332 Serenum - ok
05:00:01.0671 3332 [ CD9404D115A00D249F70A371B46D5A26 ] Serial C:\WINDOWS\system32\drivers\Serial.sys
05:00:01.0671 3332 Serial - ok
05:00:01.0703 3332 [ 0D13B6DF6E9E101013A7AFB0CE629FE0 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
05:00:01.0703 3332 Sfloppy - ok
05:00:01.0734 3332 [ 36CC8C01B5E50163037BEF56CB96DEFF ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
05:00:01.0765 3332 SharedAccess - ok
05:00:01.0781 3332 [ 6815DEF9B810AEFAC107EEAF72DA6F82 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
05:00:01.0781 3332 ShellHWDetection - ok
05:00:01.0796 3332 Simbad - ok
05:00:01.0796 3332 Sparrow - ok
05:00:01.0828 3332 [ 0CE218578FFF5F4F7E4201539C45C78F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
05:00:01.0843 3332 splitter - ok
05:00:01.0875 3332 [ DA81EC57ACD4CDC3D4C51CF3D409AF9F ] Spooler C:\WINDOWS\system32\spoolsv.exe
05:00:01.0890 3332 Spooler - ok
05:00:01.0921 3332 [ 777115C9CC675BD98127660712D2F784 ] sprtsvc_DellSupportCenter C:\Program Files\Dell Support Center\bin\sprtsvc.exe
05:00:01.0921 3332 sprtsvc_DellSupportCenter - ok
05:00:01.0937 3332 [ E41B6D037D6CD08461470AF04500DC24 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
05:00:01.0937 3332 sr - ok
05:00:01.0968 3332 [ 92BDF74F12D6CBEC43C94D4B7F804838 ] srservice C:\WINDOWS\System32\srsvc.dll
05:00:01.0984 3332 srservice - ok
05:00:02.0015 3332 [ 7A4F147CC6B133F905F6E65E2F8669FB ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
05:00:02.0031 3332 Srv - ok
05:00:02.0078 3332 [ 4B8D61792F7175BED48859CC18CE4E38 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
05:00:02.0093 3332 SSDPSRV - ok
05:00:02.0140 3332 [ 12898D947CFCB36CB7A43E8F86A53CBC ] STacSV c:\program files\idt\dellxpm09b_6017v022\wdm\stacsv.exe
05:00:02.0140 3332 STacSV - ok
05:00:02.0187 3332 [ 503A4536C83E041DDCDF75B38CD5ECF7 ] STHDA C:\WINDOWS\system32\drivers\sthda.sys
05:00:02.0203 3332 STHDA - ok
05:00:02.0250 3332 [ B6763F8534AC547CF1AF98AFDFF2EDC8 ] stisvc C:\WINDOWS\system32\wiaservc.dll
05:00:02.0265 3332 stisvc - ok
05:00:02.0281 3332 [ 03C1BAE4766E2450219D20B993D6E046 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
05:00:02.0281 3332 swenum - ok
05:00:02.0296 3332 [ 94ABC808FC4B6D7D2BBF42B85E25BB4D ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
05:00:02.0296 3332 swmidi - ok
05:00:02.0296 3332 SwPrv - ok
05:00:02.0312 3332 symc810 - ok
05:00:02.0312 3332 symc8xx - ok
05:00:02.0328 3332 sym_hi - ok
05:00:02.0328 3332 sym_u3 - ok
05:00:02.0343 3332 [ 650AD082D46BAC0E64C9C0E0928492FD ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
05:00:02.0343 3332 sysaudio - ok
05:00:02.0375 3332 [ 8B54AA346D1B1B113FFAA75501B8B1B2 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
05:00:02.0390 3332 SysmonLog - ok
05:00:02.0421 3332 [ FB78839B36025AA286A51289ED28B73E ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
05:00:02.0437 3332 TapiSrv - ok
05:00:02.0484 3332 [ 2A5554FC5B1E04E131230E3CE035C3F9 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
05:00:02.0500 3332 Tcpip - ok
05:00:02.0531 3332 [ 38D437CF2D98965F239B0ABCD66DCB0F ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
05:00:02.0531 3332 TDPIPE - ok
05:00:02.0531 3332 [ ED0580AF02502D00AD8C4C066B156BE9 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
05:00:02.0546 3332 TDTCP - ok
05:00:02.0546 3332 [ A540A99C281D933F3D69D55E48727F47 ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
05:00:02.0546 3332 TermDD - ok
05:00:02.0593 3332 [ B60C877D16D9C880B952FDA04ADF16E6 ] TermService C:\WINDOWS\System32\termsrv.dll
05:00:02.0609 3332 TermService - ok
05:00:02.0625 3332 [ 6815DEF9B810AEFAC107EEAF72DA6F82 ] Themes C:\WINDOWS\System32\shsvcs.dll
05:00:02.0640 3332 Themes - ok
05:00:02.0640 3332 TosIde - ok
05:00:02.0671 3332 [ 6D9AC544B30F96C57F8206566C1FB6A1 ] TrkWks C:\WINDOWS\system32\trkwks.dll
05:00:02.0687 3332 TrkWks - ok
05:00:02.0703 3332 [ 12F70256F140CD7D52C58C7048FDE657 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
05:00:02.0703 3332 Udfs - ok
05:00:02.0703 3332 ultra - ok
05:00:02.0734 3332 [ CED744117E91BDC0BEB810F7D8608183 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
05:00:02.0750 3332 Update - ok
05:00:02.0765 3332 [ ACA5D98663D879C6BAAFCEA7E2F1B710 ] upnphost C:\WINDOWS\System32\upnphost.dll
05:00:02.0781 3332 upnphost - ok
05:00:02.0812 3332 [ 3F5DF65B0758675F95A2D43918A740A3 ] UPS C:\WINDOWS\System32\ups.exe
05:00:02.0828 3332 UPS - ok
05:00:02.0843 3332 [ EAFE1E00739AFE6C51487A050E772E17 ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
05:00:02.0843 3332 USBAAPL - ok
05:00:02.0859 3332 [ 45A0D14B26C35497AD93BCE7E15C9941 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
05:00:02.0859 3332 usbaudio - ok
05:00:02.0890 3332 [ 77B3C8F166A6E6F2E834737AB8CAC1CA ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
05:00:02.0890 3332 usbccgp - ok
05:00:02.0906 3332 USBCCID - ok
05:00:02.0937 3332 [ 4FFAEA1BD071A72DFB76519F5B1DA956 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
05:00:02.0937 3332 usbehci - ok
05:00:02.0937 3332 [ ACE960E54148821E8E48F5D191562C28 ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
05:00:02.0937 3332 usbhub - ok
05:00:02.0968 3332 [ A6BC71402F4F7DD5B77FD7F4A8DDBA85 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
05:00:02.0968 3332 usbscan - ok
05:00:03.0000 3332 [ 6CD7B22193718F1D17A47A1CD6D37E75 ] usbstor C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
05:00:03.0000 3332 usbstor - ok
05:00:03.0031 3332 [ 1590742573FCAFDD9C837478EB1846A4 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
05:00:03.0031 3332 usbuhci - ok
05:00:03.0078 3332 [ 8A60EDD72B4EA5AEA8202DAF0E427925 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
05:00:03.0078 3332 VgaSave - ok
05:00:03.0093 3332 ViaIde - ok
05:00:03.0109 3332 [ EE4660083DEBA849FF6C485D944B379B ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
05:00:03.0109 3332 VolSnap - ok
05:00:03.0156 3332 [ D658E49302C382B88C8E9A08E20B2E82 ] vsdatant C:\WINDOWS\system32\vsdatant.sys
05:00:03.0171 3332 vsdatant - ok
05:00:03.0218 3332 [ 3EE00364AE0FD8D604F46CBAF512838A ] VSS C:\WINDOWS\System32\vssvc.exe
05:00:03.0234 3332 VSS - ok
05:00:03.0265 3332 [ 2B281958F5D0CF99ED626E3EF39D5C8D ] W32Time C:\WINDOWS\System32\w32time.dll
05:00:03.0281 3332 W32Time - ok
05:00:03.0328 3332 [ 984EF0B9788ABF89974CFED4BFBAACBC ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
05:00:03.0328 3332 Wanarp - ok
05:00:03.0375 3332 [ FD47474BD21794508AF449D9D91AF6E6 ] Wdf01000 C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
05:00:03.0375 3332 Wdf01000 - ok
05:00:03.0375 3332 WDICA - ok
05:00:03.0406 3332 [ EFD235CA22B57C81118C1AEB4798F1C1 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
05:00:03.0406 3332 wdmaud - ok
05:00:03.0437 3332 [ 265F534EF76832435AFBF771EC97176D ] WebClient C:\WINDOWS\System32\webclnt.dll
05:00:03.0453 3332 WebClient - ok
05:00:03.0515 3332 [ F399242A80C4066FD155EFA4CF96658E ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
05:00:03.0515 3332 winmgmt - ok
05:00:03.0562 3332 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
05:00:03.0578 3332 WmdmPmSN - ok
05:00:03.0609 3332 [ AE2C8544E747C20062DB27456EA2D67A ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
05:00:03.0609 3332 WmiAcpi - ok
05:00:03.0625 3332 [ BA8CECC3E813E1F7C441B20393D4F86C ] WmiApSrv C:\WINDOWS\System32\wbem\wmiapsrv.exe
05:00:03.0625 3332 WmiApSrv - ok
05:00:03.0703 3332 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
05:00:03.0734 3332 WMPNetworkSvc - ok
05:00:03.0781 3332 [ 13D72740963CBA12D9FF76A7F218BCD8 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
05:00:03.0796 3332 wuauserv - ok
05:00:03.0828 3332 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
05:00:03.0828 3332 WudfPf - ok
05:00:03.0828 3332 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
05:00:03.0843 3332 WudfRd - ok
05:00:03.0859 3332 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
05:00:03.0875 3332 WudfSvc - ok
05:00:03.0921 3332 [ 5A91E6FEAB9F901302FA7FF768C0120F ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
05:00:03.0937 3332 WZCSVC - ok
05:00:03.0968 3332 [ EEF46DAB68229A14DA3D8E73C99E2959 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
05:00:04.0000 3332 xmlprov - ok
05:00:04.0000 3332 yksvc - ok
05:00:04.0031 3332 [ 109B497D481490BE0A31C390FCE9BFFE ] yukonwxp C:\WINDOWS\system32\DRIVERS\yk51x86.sys
05:00:04.0046 3332 yukonwxp - ok
05:00:04.0046 3332 ================ Scan global ===============================
05:00:04.0078 3332 [ 00EF9C3AF83EDBAF18CA7A2837750117 ] C:\WINDOWS\system32\basesrv.dll
05:00:04.0125 3332 [ 3D21B3BE0C5768E76FD9780E9CF9E07C ] C:\WINDOWS\system32\winsrv.dll
05:00:04.0156 3332 [ 3D21B3BE0C5768E76FD9780E9CF9E07C ] C:\WINDOWS\system32\winsrv.dll
05:00:04.0171 3332 [ 37561F8D4160D62DA86D24AE41FAE8DE ] C:\WINDOWS\system32\services.exe
05:00:04.0187 3332 [Global] - ok
05:00:04.0187 3332 ================ Scan MBR ==================================
05:00:04.0203 3332 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
05:00:04.0515 3332 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
05:00:04.0515 3332 \Device\Harddisk0\DR0 - detected TDSS File System (1)
05:00:04.0515 3332 ================ Scan VBR ==================================
05:00:04.0515 3332 [ FDBC45A418FFF205E1E6F1534FF37F73 ] \Device\Harddisk0\DR0\Partition1
05:00:04.0515 3332 \Device\Harddisk0\DR0\Partition1 - ok
05:00:04.0515 3332 ============================================================
05:00:04.0515 3332 Scan finished
05:00:04.0515 3332 ============================================================
05:00:04.0531 3316 Detected object count: 1
05:00:04.0531 3316 Actual detected object count: 1
05:00:27.0343 3316 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
05:00:27.0359 3316 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
05:00:27.0375 3316 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
05:00:27.0421 3316 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
05:00:27.0437 3316 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
05:00:27.0437 3316 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
05:00:27.0437 3316 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
05:00:27.0500 3316 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
05:00:27.0500 3316 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
05:00:27.0515 3316 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
05:00:27.0515 3316 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
05:00:27.0515 3316 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
05:00:27.0515 3316 \Device\Harddisk0\DR0\TDLFS - deleted
05:00:27.0515 3316 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Delete

MBAM Results:
Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.08.28.04

Windows XP Service Pack 2 x86 NTFS
Internet Explorer 8.0.6001.18702
Noel :: NOEL-MNR7BSKA4M [administrator]

8/28/2012 7:04:12 AM
mbam-log-2012-08-28 (07-04-12).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 358944
Time elapsed: 1 hour(s), 51 minute(s), 47 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

Mini Toolbox Results:
MiniToolBox by Farbar Version: 23-07-2012
Ran by Noel (administrator) on 28-08-2012 at 18:58:57
Microsoft Windows XP Home Edition Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
Hosts file not detected in the default directory
========================= IP Configuration: ================================

Cisco Systems VPN Adapter = Local Area Connection 3 (Disconnected)
Intel® WiFi Link 5100 AGN = Wireless Network Connection (Connected)
Marvell Yukon 88E8040 PCI-E Fast Ethernet Controller = Local Area Connection (Media disconnected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Wireless Network Connection"

set address name="Wireless Network Connection" source=dhcp
set dns name="Wireless Network Connection" source=dhcp register=PRIMARY
set wins name="Wireless Network Connection" source=dhcp

# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : noel-mnr7bska4m

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Unknown

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No



Ethernet adapter Wireless Network Connection:



Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Intel® WiFi Link 5100 AGN

Physical Address. . . . . . . . . : 00-22-FB-9C-CB-A2

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.0.198

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.0.1

DHCP Server . . . . . . . . . . . : 192.168.0.1

DNS Servers . . . . . . . . . . . : 192.168.0.1

Lease Obtained. . . . . . . . . . : Tuesday, August 28, 2012 6:54:44 PM

Lease Expires . . . . . . . . . . : Wednesday, August 29, 2012 6:54:44 PM



Ethernet adapter Local Area Connection:



Media State . . . . . . . . . . . : Media disconnected

Description . . . . . . . . . . . : Marvell Yukon 88E8040 PCI-E Fast Ethernet Controller

Physical Address. . . . . . . . . : 00-25-64-4B-A1-E2

Server: UnKnown
Address: 192.168.0.1

Name: google.com
Addresses: 173.194.43.5, 173.194.43.3, 173.194.43.0, 173.194.43.4
173.194.43.8, 173.194.43.14, 173.194.43.6, 173.194.43.1, 173.194.43.7
173.194.43.9, 173.194.43.2



Pinging google.com [74.125.226.197] with 32 bytes of data:



Reply from 74.125.226.197: bytes=32 time=13ms TTL=56

Reply from 74.125.226.197: bytes=32 time=14ms TTL=56



Ping statistics for 74.125.226.197:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 13ms, Maximum = 14ms, Average = 13ms

Server: UnKnown
Address: 192.168.0.1

Name: yahoo.com
Addresses: 72.30.38.140, 98.138.253.109, 98.139.183.24



Pinging yahoo.com [98.139.183.24] with 32 bytes of data:



Reply from 98.139.183.24: bytes=32 time=66ms TTL=53

Reply from 98.139.183.24: bytes=32 time=96ms TTL=53



Ping statistics for 98.139.183.24:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 66ms, Maximum = 96ms, Average = 81ms

Server: UnKnown
Address: 192.168.0.1

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:



Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 22 fb 9c cb a2 ...... Intel® WiFi Link 5100 AGN - Packet Scheduler Miniport
0x3 ...00 25 64 4b a1 e2 ...... Marvell Yukon 88E8040 PCI-E Fast Ethernet Controller - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.198 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
169.254.0.0 255.255.0.0 192.168.0.198 192.168.0.198 20
192.168.0.0 255.255.255.0 192.168.0.198 192.168.0.198 20
192.168.0.198 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.0.255 255.255.255.255 192.168.0.198 192.168.0.198 20
224.0.0.0 240.0.0.0 192.168.0.198 192.168.0.198 20
255.255.255.255 255.255.255.255 192.168.0.198 3 1
255.255.255.255 255.255.255.255 192.168.0.198 192.168.0.198 1
Default Gateway: 192.168.0.1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 mswsock.dll [File Not found] ()
Catalog9 02 mswsock.dll [File Not found] ()
Catalog9 03 mswsock.dll [File Not found] ()
Catalog9 04 mswsock.dll [File Not found] ()
Catalog9 05 mswsock.dll [File Not found] ()
Catalog9 06 mswsock.dll [File Not found] ()
Catalog9 07 mswsock.dll [File Not found] ()
Catalog9 08 mswsock.dll [File Not found] ()
Catalog9 09 mswsock.dll [File Not found] ()
Catalog9 10 mswsock.dll [File Not found] ()
Catalog9 11 mswsock.dll [File Not found] ()
Catalog9 12 mswsock.dll [File Not found] ()
Catalog9 13 mswsock.dll [File Not found] ()
Catalog9 14 mswsock.dll [File Not found] ()
Catalog9 15 mswsock.dll [File Not found] ()
Catalog9 16 mswsock.dll [File Not found] ()
Catalog9 17 mswsock.dll [File Not found] ()

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/27/2012 05:29:38 PM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (08/27/2012 06:48:00 AM) (Source: Application Error) (User: )
Description: Faulting application svchost.exe, version 5.1.2600.2180, faulting module Flash32_11_3_300_271.ocx, version 11.3.300.271, fault address 0x001cfb90.
Processing media-specific event for [svchost.exe!ws!]

Error: (08/27/2012 06:39:50 AM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module unknown, version 0.0.0.0, fault address 0x053d4238.
Processing media-specific event for [iexplore.exe!ws!]

Error: (08/27/2012 06:18:45 AM) (Source: Application Hang) (User: )
Description: Hanging application rundll32.exe, version 5.1.2600.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (08/26/2012 04:29:12 PM) (Source: Application Error) (User: )
Description: Faulting application svchost.exe, version 5.1.2600.2180, faulting module mshtml.dll, version 8.0.6001.18928, fault address 0x00088d07.
Processing media-specific event for [svchost.exe!ws!]

Error: (08/09/2012 08:06:42 PM) (Source: Application Error) (User: )
Description: Faulting application acrord32.exe, version 10.1.3.23, faulting module msvcr90.dll, version 9.0.30729.4148, fault address 0x0003afac.
Processing media-specific event for [acrord32.exe!ws!]

Error: (07/08/2012 00:13:48 PM) (Source: Application Hang) (User: )
Description: Hanging application mbam.exe, version 1.60.0.80, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (07/08/2012 00:13:46 PM) (Source: Application Hang) (User: )
Description: Hanging application mbam.exe, version 1.60.0.80, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (07/08/2012 02:29:45 AM) (Source: Application Hang) (User: )
Description: Hanging application javaw.exe, version 6.0.290.11, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (06/17/2012 06:41:11 PM) (Source: Application Error) (User: )
Description: Faulting application drwtsn32.exe, version 5.1.2600.0, faulting module dbghelp.dll, version 5.1.2600.2180, fault address 0x0001295d.
Processing media-specific event for [drwtsn32.exe!ws!]


System errors:
=============
Error: (08/28/2012 07:02:39 AM) (Source: Service Control Manager) (User: )
Description: The Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows XP 32 Bit service failed to start due to the following error:
%%1058

Error: (08/28/2012 07:02:39 AM) (Source: Service Control Manager) (User: )
Description: The Leapfrog-USBLAN service failed to start due to the following error:
%%1058

Error: (08/28/2012 04:48:27 AM) (Source: Service Control Manager) (User: )
Description: The Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows XP 32 Bit service failed to start due to the following error:
%%1058

Error: (08/28/2012 04:48:27 AM) (Source: Service Control Manager) (User: )
Description: The Leapfrog-USBLAN service failed to start due to the following error:
%%1058

Error: (08/27/2012 08:14:45 PM) (Source: Service Control Manager) (User: )
Description: The Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows XP 32 Bit service failed to start due to the following error:
%%1058

Error: (08/27/2012 08:14:45 PM) (Source: Service Control Manager) (User: )
Description: The Leapfrog-USBLAN service failed to start due to the following error:
%%1058

Error: (08/27/2012 04:45:58 PM) (Source: 0) (User: )
Description: \Device\LanmanServer

Error: (08/27/2012 04:45:58 PM) (Source: 0) (User: )
Description: \Device\LanmanServer

Error: (08/27/2012 03:52:05 PM) (Source: Service Control Manager) (User: )
Description: The Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows XP 32 Bit service failed to start due to the following error:
%%1058

Error: (08/27/2012 03:52:05 PM) (Source: Service Control Manager) (User: )
Description: The Leapfrog-USBLAN service failed to start due to the following error:
%%1058


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

Adobe AIR (Version: 3.1.0.4880)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.271)
Adobe Flash Player 11 Plugin (Version: 11.3.300.271)
Adobe Reader X (10.1.4) (Version: 10.1.4)
Air Video Server 2.4.3 (Version: 2.4.3)
Apple Application Support (Version: 2.1.9)
Apple Mobile Device Support (Version: 5.2.0.6)
Apple Software Update (Version: 2.1.3.127)
ATI - Software Uninstall Utility (Version: 6.14.10.1022)
avast! Free Antivirus (Version: 7.0.1466.0)
AviSynth 2.5
Bonjour (Version: 3.0.0.10)
ConvertXtoDVD 4.1.19.365 (Version: 4.1.19.365)
Dell Resource CD (Version: 1.00.0000)
Dell Support Center (Support Software) (Version: 2.2.08335)
Dell Touchpad (Version: 7.2.115.201)
ESET Online Scanner v3
Garmin VoiceStudio v2.10 (Version: 2.10.0.0)
High Definition Audio Driver Package - KB835221 (Version: 20040219.000000)
IDT Audio (Version: 1.0.6017.1)
Intel PROSet Wireless
Intel® Graphics Media Accelerator Driver
Intel® PROSet/Wireless WiFi Driver (Version: 12.00.4000)
iTunes (Version: 10.6.3.25)
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 29 (Version: 6.0.290)
K-Lite Mega Codec Pack 8.0.0 (Version: 8.0.0)
LeapFrog Connect (Version: 3.2.19.13664)
LeapFrog Leapster Explorer Plugin (Version: 3.2.22.13714)
Logitech Harmony Remote Software (Version: 1.0.110307)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
Marvell Miniport Driver (Version: 10.63.3.3)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Office Professional Edition 2003 (Version: 11.0.7969.0)
Microsoft Office Proof (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (French) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Visio MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Visio Professional 2007 (Version: 12.0.4518.1014)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft Software Update for Web Folders (English) 12 (Version: 12.0.4518.1014)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.50727.42)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
MSXML 6 Service Pack 2 (KB973686) (Version: 6.20.2003.0)
Nero 7 Demo (Version: 7.00.1461)
Newshosting (Version: 1.3.2)
QuickSet (Version: 9.1.5)
RapidShare Manager (Version: 0.1)
Realtek Card Reader (Version: 6.0.6000.72)
SUPERAntiSpyware (Version: 5.0.1134)
SuperNZB v4.0.8
Total Commander (Remove or Repair) (Version: 8.01)
Ultra MKV Converter 4.3.0206
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Windows Internet Explorer 8 (KB976662) (Version: 1)
Update for Windows XP (KB894391) (Version: 1)
Update for Windows XP (KB896256) (Version: 4)
Update for Windows XP (KB898461) (Version: 1)
Update for Windows XP (KB900485) (Version: 2)
Update for Windows XP (KB908531) (Version: 2)
Update for Windows XP (KB910437) (Version: 1)
Update for Windows XP (KB911280) (Version: 2)
Update for Windows XP (KB916595) (Version: 1)
Update for Windows XP (KB920872) (Version: 1)
Update for Windows XP (KB922582) (Version: 1)
Update for Windows XP (KB925720) (Version: 1)
Update for Windows XP (KB927891) (Version: 3)
Update for Windows XP (KB930916) (Version: 1)
Update for Windows XP (KB932823-v3) (Version: 3)
Update for Windows XP (KB936357) (Version: 1)
Update for Windows XP (KB938828) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
USB2.0 Card Reader Software (Version: 6.0.6000.75)
Use the entry named LeapFrog Connect to uninstall (LeapFrog Leapster Explorer Plugin)
Videora iPod Converter 4.06 (Version: 4.06)
VistaMizer 3.3.0.0 (Version: 3.3.0.0)
VPN Client
WebFldrs XP (Version: 9.50.6513)
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012) (Version: 09/10/2009 02.03.05.012)
Windows Imaging Component (Version: 3.0.0.0)
Windows Installer 3.1 (KB893803) (Version: 3.1)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Hotfix - KB873339 (Version: 20041117.092459)
Windows XP Hotfix - KB885835 (Version: 20041027.181713)
Windows XP Hotfix - KB885836 (Version: 20041028.173203)
Windows XP Hotfix - KB885855 (Version: 20040930.104104)
Windows XP Hotfix - KB886185 (Version: 20041021.090540)
Windows XP Hotfix - KB887472 (Version: 20041014.162858)
Windows XP Hotfix - KB888302 (Version: 20041207.111426)
Windows XP Hotfix - KB890859 (Version: 1)
Windows XP Service Pack 2 (Version: 20040803.231319)
WinRAR 4.01 (32-bit) (Version: 4.01.0)
XMedia Recode 3.0.8.5 (Version: 3.0.8.5)

========================= Memory info: ===================================

Percentage of memory in use: 26%
Total physical RAM: 3034.29 MB
Available physical RAM: 2228.25 MB
Total Pagefile: 4920.38 MB
Available Pagefile: 4275.52 MB
Total Virtual: 2047.88 MB
Available Virtual: 1958.47 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:298.08 GB) (Free:56.21 GB) NTFS

========================= Users: ========================================

User accounts for \\NOEL-MNR7BSKA4M

Administrator Guest HelpAssistant
Noel SUPPORT_388945a0

**** End of log ****

FSS Results:
Farbar Service Scanner Version: 06-08-2012
Ran by Noel (administrator) on 28-08-2012 at 19:04:10
Running from "C:\Documents and Settings\Noel\Local Settings\Temporary Internet Files\Content.IE5\RX8BU2RT"
Microsoft Windows XP Home Edition Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll
[2003-07-16 16:26] - [2006-05-19 08:59] - 0111616 ____A (Microsoft Corporation) EF545E1A4B043DA4C84E230DD471C55F

C:\WINDOWS\system32\Drivers\afd.sys
[2003-07-16 16:23] - [2008-08-14 05:51] - 0138368 ____A (Microsoft Corporation) 55E6E1C51B6D30E54335750955453702

C:\WINDOWS\system32\Drivers\netbt.sys
[2003-07-16 16:37] - [2004-08-04 03:14] - 0162816 ____A (Microsoft Corporation) 0C80E410CD2F47134407EE7DD19CC86B

C:\WINDOWS\system32\Drivers\tcpip.sys
[2003-07-16 16:47] - [2008-06-20 06:45] - 0360320 ____A (Microsoft Corporation) 2A5554FC5B1E04E131230E3CE035C3F9

C:\WINDOWS\system32\Drivers\ipsec.sys
[2012-04-11 07:33] - [2004-08-04 03:14] - 0074752 ____A (Microsoft Corporation) 64537AA5C003A6AFEEE1DF819062D0D1

C:\WINDOWS\system32\dnsrslvr.dll
[2003-07-16 16:27] - [2008-02-20 01:32] - 0045568 ____A (Microsoft Corporation) AAC8FFBFD61E784FA3BAC851D4A0BD5F

C:\WINDOWS\system32\ipnathlp.dll
[2003-07-16 16:30] - [2004-08-04 04:56] - 0331264 ____A (Microsoft Corporation) 36CC8C01B5E50163037BEF56CB96DEFF

C:\WINDOWS\system32\netman.dll
[2003-07-16 16:38] - [2005-08-22 14:29] - 0197632 ____A (Microsoft Corporation) 36739B39267914BA69AD0610A0299732

C:\WINDOWS\system32\wbem\WMIsvc.dll
[2011-11-26 05:37] - [2004-08-04 04:56] - 0144896 ____A (Microsoft Corporation) F399242A80C4066FD155EFA4CF96658E

C:\WINDOWS\system32\srsvc.dll
[2011-11-26 05:38] - [2004-08-04 04:56] - 0170496 ____A (Microsoft Corporation) 92BDF74F12D6CBEC43C94D4B7F804838

C:\WINDOWS\system32\Drivers\sr.sys
[2011-11-26 05:38] - [2004-08-04 03:06] - 0073472 ____A (Microsoft Corporation) E41B6D037D6CD08461470AF04500DC24

C:\WINDOWS\system32\wscsvc.dll
[2011-11-26 05:57] - [2004-08-04 04:56] - 0081408 ____N (Microsoft Corporation) 4D59DAA66C60858CDF4F67A900F42D4A

C:\WINDOWS\system32\wbem\WMIsvc.dll
[2011-11-26 05:37] - [2004-08-04 04:56] - 0144896 ____A (Microsoft Corporation) F399242A80C4066FD155EFA4CF96658E

C:\WINDOWS\system32\wuauserv.dll
[2011-11-26 05:37] - [2004-08-04 04:56] - 0006656 ____A (Microsoft Corporation) 13D72740963CBA12D9FF76A7F218BCD8

C:\WINDOWS\system32\qmgr.dll
[2011-11-26 05:38] - [2004-08-04 04:56] - 0382464 ____A (Microsoft Corporation) 2C69EC7E5A311334D10DD95F338FCCEA

C:\WINDOWS\system32\es.dll
[2003-07-16 16:27] - [2008-07-07 16:32] - 0253952 ____A (Microsoft Corporation) 60D1A6342238378BFB7545C81EE3606C

C:\WINDOWS\system32\cryptsvc.dll
[2003-07-16 16:26] - [2004-08-04 04:56] - 0060416 ____A (Microsoft Corporation) 10654F9DDCEA9C46CFB77554231BE73B

C:\WINDOWS\system32\svchost.exe
[2003-07-16 16:47] - [2004-08-04 04:56] - 0014336 ____A (Microsoft Corporation) 8F078AE4ED187AAABC0A305146DE6716

C:\WINDOWS\system32\rpcss.dll
[2003-07-16 16:43] - [2009-02-09 06:20] - 0399360 ____A (Microsoft Corporation) 01095FEBF33BEEA00C2A0730B9B3EC28

C:\WINDOWS\system32\services.exe
[2003-07-16 16:44] - [2009-02-06 13:14] - 0110592 ____A (Microsoft Corporation) 37561F8D4160D62DA86D24AE41FAE8DE


Extra List:
=======
aswTdi(8) DNE(10) Gpc(3) IPSec(5) NetBT(6) PSched(7) Tcpip(4)
0x0A0000000500000001000000020000000300000004000000080000000900000006000000070000000A000000
IpSec Tag value is correct.

**** End of log ****

Adware Cleaner:
# AdwCleaner v1.801 - Logfile created 08/28/2012 at 19:06:28
# Updated 14/08/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 2 (32 bits)
# User : Noel - NOEL-MNR7BSKA4M
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Noel\Local Settings\Temporary Internet Files\Content.IE5\0BC782D2\adwcleaner[1].exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****


***** [Registre - GUID] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

*************************

AdwCleaner[S1].txt - [886 octets] - [27/08/2012 15:42:20]
AdwCleaner[R1].txt - [812 octets] - [28/08/2012 19:05:10]
AdwCleaner[R2].txt - [871 octets] - [28/08/2012 19:06:21]
AdwCleaner[S2].txt - [803 octets] - [28/08/2012 19:06:28]

########## EOF - C:\AdwCleaner[S2].txt - [930 octets] ##########

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:30 PM

Posted 28 August 2012 - 06:58 PM

download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here

#8 toicy4ya

toicy4ya
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:02:30 PM

Posted 29 August 2012 - 05:34 AM

RKill Results:
Rkill 2.3.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 08/29/2012 06:28:32 AM in x86 mode.
Windows Version: Microsoft Windows XP Service Pack 2

Checking for Windows services to stop.

* No malware services found to stop.

Checking for processes to terminate.

* C:\WINDOWS\system32\AESTFltr.exe (PID: 860) [WD-HEUR]
* C:\WINDOWS\system32\RUNDLL32.EXE (PID: 2320) [WD-HEUR]
* C:\Program Files\Internet Explorer\iexplore.exe (PID: 3360) [FI]
* C:\Program Files\Internet Explorer\iexplore.exe (PID: 1120) [FI]
* C:\Program Files\Internet Explorer\iexplore.exe (PID: 3992) [FI]

5 proccesses terminated!

Possibly Patched Files.

* C:\WINDOWS\system32\ctfmon.exe

Checking Registry for malware related settings.

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks.
* No issues found.

Checking Windows Service Integrity:

* wscsvc [Missing Service]

Searching for Missing Digital Signatures:

* C:\WINDOWS\System32\clipsrv.exe [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\clipsrv.exe : 30,720 : 07/16/2003 04:25 PM : 08ebc742345ab7ef2ec29bc92d6d33dd [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\clipsrv.exe : 43,008 : 08/04/2004 00:56 AM : f00ab7543840ac1ca06ad5c155bcc06f [Pos Repl]
+-> C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\clipsrv.exe : 33,280 : 04/13/2008 08:12 PM : 34cbe729f38138217f9c80212a2a0c82 [Pos Repl]
+-> C:\WINDOWS\VistaMizer\old\clipsrv.exe : 33,280 : 08/04/2004 00:56 AM : c8dec22c4137d7a90f8bdf41ca4b82ae [Pos Repl]

* C:\WINDOWS\System32\comres.dll [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\comres.dll : 792,064 : 07/16/2003 04:25 PM : 1f51839eccf908fd86558198909262e4 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\comres.dll : 1,390,080 : 08/04/2004 00:56 AM : 751cb8b1bc6f428dc37c0c4d8a97f47a [Pos Repl]
+-> C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\comres.dll : 792,064 : 04/13/2008 08:11 PM : 1280a158c722fa95a80fb7aebe78fa7d [Pos Repl]
+-> C:\WINDOWS\VistaMizer\old\comres.dll : 792,064 : 08/04/2004 00:56 AM : 6728270cb7dbb776ed086f5ac4c82310 [Pos Repl]

* C:\WINDOWS\System32\ctfmon.exe [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\ctfmon.exe : 13,312 : 07/16/2003 04:26 PM : 414de7cf9d3f19c3ea902f1bb38ec116 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\ctfmon.exe : 25,088 : 08/04/2004 00:56 AM : 5f1724d0e11eb88c95a3b73a6dd72779 [Pos Repl]
+-> C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\ctfmon.exe : 15,360 : 04/13/2008 08:12 PM : 5f1d5f88303d4a4dbc8e5f97ba967cc3 [Pos Repl]
+-> C:\WINDOWS\VistaMizer\old\ctfmon.exe : 15,360 : 08/04/2004 00:56 AM : 24232996a38c0b0cf151c2140ae29fc8 [Pos Repl]

* C:\WINDOWS\System32\hnetcfg.dll [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\hnetcfg.dll : 240,640 : 07/16/2003 04:29 PM : f5fbcabfe303d309df5163abfbbb6958 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\hnetcfg.dll : 368,640 : 08/04/2004 00:56 AM : 79b459fe99a864c3db778e5aa821339b [Pos Repl]
+-> C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\hnetcfg.dll : 344,064 : 04/13/2008 08:11 PM : 3cb32d3b8cbe79899d63280bb7a83cd9 [Pos Repl]
+-> C:\WINDOWS\VistaMizer\old\hnetcfg.dll : 344,064 : 08/04/2004 00:56 AM : 765b30c776a1780b46b479fe614f707c [Pos Repl]

* C:\WINDOWS\System32\midimap.dll [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\midimap.dll : 17,920 : 07/16/2003 04:33 PM : 5a80cd832a19d92ceaed6d5c0316d1b1 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\midimap.dll : 42,496 : 08/04/2004 00:56 AM : 3cd62cbd1e262d9a5aa1b7a44721c848 [Pos Repl]
+-> C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\midimap.dll : 18,944 : 04/13/2008 08:11 PM : 5c12660a97822f6e61576943b49aaad6 [Pos Repl]
+-> C:\WINDOWS\VistaMizer\old\midimap.dll : 18,944 : 08/04/2004 00:56 AM : 3b4702155bb2ae9dc00c06a68834bdfa [Pos Repl]

* C:\WINDOWS\System32\mshtml.dll [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB982381-IE8\SP3QFE\mshtml.dll : 5,953,024 : 05/06/2010 08:36 AM : 9be28f749a7fe7f8f177c6aa2e9da609 [Pos Repl]
+-> C:\WINDOWS\$NtServicePackUninstall$\mshtml.dll : 2,833,920 : 07/16/2003 04:35 PM : 448ee0a3edfc3339ec70e93c027e28c8 [Pos Repl]
+-> C:\WINDOWS\ie8\mshtml.dll : 3,003,392 : 08/04/2004 04:56 AM : 376e0843b2356ca91cec8d9837a56ff7 [Pos Repl]
+-> C:\WINDOWS\ie8updates\KB982381-IE8\mshtml.dll : 5,937,152 : 03/08/2009 00:41 AM : d469a0eba2ef5c6bee8065b7e3196e5e [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\mshtml.dll : 6,175,744 : 05/06/2010 00:41 AM : a222c8be00e15e92ad8427d99409b8e5 [Pos Repl]
+-> C:\WINDOWS\SoftwareDistribution\Download\0b504340f946b3169ee83e54ac1011c8\SP2GDR\mshtml.dll : 3,065,344 : 04/16/2010 00:36 AM : 44a6bb3de8ff814209a1cdfec4bb51bd [Pos Repl]
+-> C:\WINDOWS\SoftwareDistribution\Download\0b504340f946b3169ee83e54ac1011c8\SP2QFE\mshtml.dll : 3,073,024 : 04/16/2010 00:20 AM : 149f37c9702f24a50741e56fbc7ae56b [Pos Repl]
+-> C:\WINDOWS\SoftwareDistribution\Download\0b504340f946b3169ee83e54ac1011c8\SP3GDR\mshtml.dll : 3,073,024 : 04/16/2010 00:09 AM : 6b930309a4a246d133a49eade11e5773 [Pos Repl]
+-> C:\WINDOWS\SoftwareDistribution\Download\0b504340f946b3169ee83e54ac1011c8\SP3QFE\mshtml.dll : 3,073,536 : 04/17/2010 00:31 AM : 9574d5b0c784da0fd8f6a9bb37936a52 [Pos Repl]
+-> C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\mshtml.dll : 3,066,880 : 04/13/2008 08:11 PM : a706e122b398fe1ab85cb9b75d044223 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\mshtml.dll : 6,175,744 : 05/06/2010 00:41 AM : a222c8be00e15e92ad8427d99409b8e5 [Pos Repl]
+-> C:\WINDOWS\VistaMizer\old\mshtml.dll : 5,950,976 : 05/06/2010 00:41 AM : c7b7a88cc7d7aba5c395145bf92f46f7 [Pos Repl]

* C:\WINDOWS\System32\ntkrnlpa.exe [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\ntkrnlpa.exe : 2,056,832 : 03/01/2005 07:36 PM : d8aba3eab509627e707a3b14f00fbb6b [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB896256\SP2QFE\ntkrnlpa.exe : 2,059,264 : 10/30/2006 07:27 AM : 972df9bc435b2f077b02c5e8a09acf83 [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB956572\SP2QFE\ntkrnlpa.exe : 2,062,976 : 02/06/2009 07:49 AM : 9d832af3fd1917db0e1e8b2f000a2e3a [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB956572\SP3GDR\ntkrnlpa.exe : 2,066,048 : 02/07/2009 10:02 PM : 5ba7f2141bc6db06100d0e5a732c617a [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe : 2,066,176 : 02/06/2009 10:30 AM : 607352b9cb3d708c67f6039097801b5a [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB979683\SP2QFE\ntkrnlpa.exe : 2,063,744 : 02/17/2010 02:57 PM : 1811afc2fadb60b88947e3d08e250860 [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB979683\SP3GDR\ntkrnlpa.exe : 2,066,816 : 02/16/2010 02:25 AM : a046c627ec20456e2959b7bd628e1fd0 [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB979683\SP3QFE\ntkrnlpa.exe : 2,066,944 : 02/16/2010 02:12 AM : ded8b5a89b085284634502e9d75ac78c [Pos Repl]
+-> C:\WINDOWS\$NtServicePackUninstall$\ntkrnlpa.exe : 1,920,512 : 07/16/2003 04:46 PM : 71ff7ec0eeea4896dd219c661c90db29 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB956572$\ntkrnlpa.exe : 2,015,744 : 10/30/2006 04:50 AM : 076d6532e995110709497a8c3ee53d15 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB979683$\ntkrnlpa.exe : 2,015,744 : 02/06/2009 04:49 AM : b238ab60093babfe76aec8f34b4d399d [Pos Repl]
+-> C:\WINDOWS\Driver Cache\i386\ntkrnlpa.exe : 2,058,368 : 02/16/2010 00:39 AM : 1ee6b94aca7be115a1813bbca65099a8 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\ntkrnlpa.exe : 2,273,792 : 02/16/2010 00:39 AM : 7cbbace5074393991e040810465c3ec2 [Pos Repl]
+-> C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\ntkrnlpa.exe : 2,065,792 : 04/13/2008 02:31 PM : 109f8e3e3c82e337bb71b6bc9b895d61 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\ntkrnlpa.exe : 2,273,792 : 02/16/2010 00:39 AM : 7cbbace5074393991e040810465c3ec2 [Pos Repl]
+-> C:\WINDOWS\VistaMizer\old\ntkrnlpa.exe : 2,016,768 : 02/16/2010 00:39 AM : 26a901a1840e9e46fffc6d09b9618cdf [Pos Repl]

* C:\WINDOWS\System32\ntoskrnl.exe [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\ntoskrnl.exe : 2,179,456 : 03/01/2005 08:04 PM : 28187802b7c368c0d3aef7d4c382aabb [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB896256\SP2QFE\ntoskrnl.exe : 2,182,016 : 10/30/2006 08:13 AM : 29664b5a66f187790006014f87adccdf [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB956572\SP2QFE\ntoskrnl.exe : 2,186,112 : 02/06/2009 08:32 AM : 6a936e9d7badaf3caaeed1e1966ec1b0 [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB956572\SP3GDR\ntoskrnl.exe : 2,189,056 : 02/06/2009 08:08 AM : 7a95b10a73737ebf24139aaa63f5212b [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe : 2,189,184 : 02/07/2009 10:35 PM : efe8eace83eaad5849a7a548fb75b584 [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB979683\SP2QFE\ntoskrnl.exe : 2,186,880 : 02/16/2010 10:37 AM : 97e2bf68857818a4d142b872404dc41b [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB979683\SP3GDR\ntoskrnl.exe : 2,189,952 : 02/17/2010 10:10 AM : d41c3cbad0e1c0728d1cdfd541f60cfa [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB979683\SP3QFE\ntoskrnl.exe : 2,190,080 : 02/16/2010 10:52 AM : e1f653a542449d54fa2d27463d99b6b6 [Pos Repl]
+-> C:\WINDOWS\$NtServicePackUninstall$\ntoskrnl.exe : 1,891,840 : 07/16/2003 04:39 PM : 25a90eb7d1eee12ab198dc9421bfa353 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB956572$\ntoskrnl.exe : 2,136,064 : 10/30/2006 04:25 AM : e8217a37c19b39ff04b635cce6a137f2 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB979683$\ntoskrnl.exe : 2,136,064 : 02/06/2009 04:22 AM : 16b5ebe97f243441264a8f8694c2f2aa [Pos Repl]
+-> C:\WINDOWS\Driver Cache\i386\ntoskrnl.exe : 2,181,376 : 02/16/2010 00:19 AM : ebb75b113e74e90074382347b74d652b [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\ntoskrnl.exe : 2,394,112 : 02/16/2010 00:17 AM : 70dab25007e4a8a4644f3dae64840889 [Pos Repl]
+-> C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\ntoskrnl.exe : 2,188,928 : 04/13/2008 03:27 PM : 0c89243c7c3ee199b96fcc16990e0679 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\ntoskrnl.exe : 2,394,112 : 02/16/2010 00:17 AM : 70dab25007e4a8a4644f3dae64840889 [Pos Repl]
+-> C:\WINDOWS\VistaMizer\old\ntoskrnl.exe : 2,137,088 : 02/16/2010 00:17 AM : a63052fa8fb8685382e10ee83c326864 [Pos Repl]

* C:\WINDOWS\System32\psbase.dll [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\psbase.dll : 82,944 : 07/16/2003 04:42 PM : 56eb43b38fe9c373b207aa391411930b [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\psbase.dll : 121,856 : 08/04/2004 00:56 AM : a1202380f3ad46bdcc9075fd073b4612 [Pos Repl]
+-> C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\psbase.dll : 96,768 : 04/13/2008 08:12 PM : 22d89d84e8e081cda529dbf8c0255a38 [Pos Repl]
+-> C:\WINDOWS\VistaMizer\old\psbase.dll : 96,768 : 08/04/2004 00:56 AM : 4d3ccdf22d2b4bae229ba73b81d13e26 [Pos Repl]

* C:\WINDOWS\System32\setupapi.dll [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\setupapi.dll : 932,864 : 07/16/2003 04:44 PM : d82c5fb1175bc5e0975184cc5aeb35e6 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\setupapi.dll : 2,716,160 : 08/04/2004 00:56 AM : 3e13e49454e52ca6b9c2b0f60234b92d [Pos Repl]
+-> C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\setupapi.dll : 985,088 : 04/14/2008 08:42 AM : 24192246760e0e64435522e246b1d6c2 [Pos Repl]
+-> C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\update\setupapi.dll : 985,088 : 04/14/2008 00:42 AM : 24192246760e0e64435522e246b1d6c2 [Pos Repl]
+-> C:\WINDOWS\VistaMizer\old\setupapi.dll : 983,552 : 08/04/2004 00:56 AM : 7808313cbc634ee08346d5ddfef1cc5f [Pos Repl]

* C:\WINDOWS\System32\UxTheme.dll [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\uxtheme.dll : 203,264 : 07/16/2003 04:49 PM : a33f4af655381e7e7c4581ff2b8992b2 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\uxtheme.dll : 218,624 : 11/26/2011 00:04 AM : 640fa5586878da19a498afd53a8c689c [Pos Repl]
+-> C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\uxtheme.dll : 218,624 : 04/13/2008 08:12 PM : 7a2cc3719b255e6b5d74396183b7715b [Pos Repl]

* C:\WINDOWS\System32\wininet.dll [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB982381-IE8\SP3QFE\wininet.dll : 919,040 : 05/06/2010 08:36 AM : c1490f68b44af8b781f52f12f564625d [Pos Repl]
+-> C:\WINDOWS\$NtServicePackUninstall$\wininet.dll : 599,040 : 07/16/2003 04:51 PM : f3587750a7481dccbea13d473a0700be [Pos Repl]
+-> C:\WINDOWS\ie8\wininet.dll : 656,384 : 08/04/2004 04:56 AM : c0823fc5469663ba63e7db88f9919d70 [Pos Repl]
+-> C:\WINDOWS\ie8updates\KB982381-IE8\wininet.dll : 914,944 : 03/08/2009 00:34 AM : 6ce32f7778061ccc5814d5e0f282d369 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\wininet.dll : 1,017,856 : 05/06/2010 00:41 AM : 0e0d2d14ab4cf33024b77033433d85be [Pos Repl]
+-> C:\WINDOWS\SoftwareDistribution\Download\0b504340f946b3169ee83e54ac1011c8\SP2GDR\wininet.dll : 662,016 : 04/16/2010 00:36 AM : 602bb82e56758bc6e50b17741cd5f081 [Pos Repl]
+-> C:\WINDOWS\SoftwareDistribution\Download\0b504340f946b3169ee83e54ac1011c8\SP2QFE\wininet.dll : 668,672 : 04/16/2010 00:20 AM : 9ce5def97e55e52c23201098db755280 [Pos Repl]
+-> C:\WINDOWS\SoftwareDistribution\Download\0b504340f946b3169ee83e54ac1011c8\SP3GDR\wininet.dll : 667,136 : 04/16/2010 00:09 AM : b43b18fb0eb577856883e5a0708ab9ef [Pos Repl]
+-> C:\WINDOWS\SoftwareDistribution\Download\0b504340f946b3169ee83e54ac1011c8\SP3QFE\wininet.dll : 668,672 : 04/16/2010 00:01 AM : c3052a99a24f462b418632a05328bb38 [Pos Repl]
+-> C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\wininet.dll : 666,112 : 04/13/2008 08:12 PM : 7a4f775abb2f1c97def3e73afa2faedd [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\wininet.dll : 1,017,856 : 05/06/2010 00:41 AM : 0e0d2d14ab4cf33024b77033433d85be [Pos Repl]
+-> C:\WINDOWS\VistaMizer\old\wininet.dll : 916,480 : 05/06/2010 00:41 AM : 2d9c7b010409372c34f725da5cced083 [Pos Repl]

* C:\WINDOWS\System32\winlogon.exe [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe : 516,608 : 07/16/2003 04:51 PM : 2246d8d8f4714a2cedb21ab9b1849abb [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\winlogon.exe : 541,696 : 08/04/2004 00:56 AM : 55aca85eb80e2155e20211aaaddd711a [Pos Repl]
+-> C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\winlogon.exe : 507,904 : 04/13/2008 08:12 PM : ed0ef0a136dec83df69f04118870003e [Pos Repl]
+-> C:\WINDOWS\VistaMizer\old\winlogon.exe : 502,272 : 08/04/2004 00:56 AM : 01c3346c241652f43aed8e2149881bfe [Pos Repl]

Program finished at: 08/29/2012 06:29:58 AM
Execution time: 0 hours(s), 1 minute(s), and 25 seconds(s)

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:30 PM

Posted 29 August 2012 - 08:37 AM

Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the text contents here

#10 toicy4ya

toicy4ya
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:02:30 PM

Posted 29 August 2012 - 07:46 PM

narenxp,

Im not sure if i did this correctly. Please let me know if this is how the report is supposed to look. Thanks

"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files\common files\adobe\arm\1.0\adobearm.exe"
+ "AESTFltr" "AEFltrs MFC Application" "Andrea Electronics Corporation" "c:\windows\system32\aestfltr.exe"
+ "Apoint" "Alps Pointing-device Driver" "Alps Electric Co., Ltd." "c:\program files\delltpad\apoint.exe"
+ "APSDaemon" "Apple Push" "Apple Inc." "c:\program files\common files\apple\apple application support\apsdaemon.exe"
+ "avast" "avast! Antivirus" "AVAST Software" "c:\program files\avast software\avast\avastui.exe"
+ "Dell QuickSet" "QuickSet" "Dell Inc." "c:\program files\dell\quickset\quickset.exe"
+ "dellsupportcenter" "" "SupportSoft, Inc." "c:\program files\dell support center\bin\sprtcmd.exe"
+ "HotKeysCmds" "hkcmd Module" "Intel Corporation" "c:\windows\system32\hkcmd.exe"
+ "IgfxTray" "igfxTray Module" "Intel Corporation" "c:\windows\system32\igfxtray.exe"
+ "iTunesHelper" "iTunesHelper" "Apple Inc." "c:\program files\itunes\ituneshelper.exe"
+ "Persistence" "persistence Module" "Intel Corporation" "c:\windows\system32\igfxpers.exe"
+ "SysTrayApp" "IDT PC Audio" "IDT, Inc." "c:\program files\idt\wdm\sttray.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Address Book 6" "Outlook Express Setup Library" "Microsoft Corporation" "c:\program files\outlook express\setup50.exe"
+ "Microsoft Outlook Express 6" "Outlook Express Setup Library" "Microsoft Corporation" "c:\program files\outlook express\setup50.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office12\msoxmlmf.dll"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "ms-help" "Microsoft® Help Data Services Module" "Microsoft Corporation" "c:\program files\common files\microsoft shared\help\hxds.dll"
+ "mso-offdap11" "Microsoft Office Web Components 2003" "Microsoft Corporation" "c:\program files\common files\microsoft shared\web components\11\owc11.dll"
"HKCU\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components" "" "" ""
+ "0" "" "" "File not found: About:Home"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" "" "" ""
+ "SABShellExecuteHook Class" "ShellExecuteHook" "SuperAdBlocker.com" "c:\program files\superantispyware\sasseh.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "avast" "avast! Shell Extension" "AVAST Software" "c:\program files\avast software\avast\ashshell.dll"
+ "NBShellHook Class" "Nero BackItUp Application" "Nero AG" "c:\program files\nero\nero 7\nero backitup\nbshell.dll"
+ "SASContextMenu Class" "SUPERAntiSpyware Context Menu Extension" "SUPERAntiSpyware.com" "c:\program files\superantispyware\sasctxmn.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "00avast" "avast! Shell Extension" "AVAST Software" "c:\program files\avast software\avast\ashshell.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "SASContextMenu Class" "SUPERAntiSpyware Context Menu Extension" "SUPERAntiSpyware.com" "c:\program files\superantispyware\sasctxmn.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "NeroDigitalColumnHandler Class" "Nero Digital Shell Extension" "Nero AG" "c:\program files\common files\ahead\lib\nerodigitalext.dll"
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "avast" "avast! Shell Extension" "AVAST Software" "c:\program files\avast software\avast\ashshell.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
+ "NBShellHook Class" "Nero BackItUp Application" "Nero AG" "c:\program files\nero\nero 7\nero backitup\nbshell.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "NBShellHook" "Nero BackItUp Application" "Nero AG" "c:\program files\nero\nero 7\nero backitup\nbshell.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "00avast" "avast! Shell Extension" "AVAST Software" "c:\program files\avast software\avast\ashshell.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "avast! WebRep" "avast! WebRep Plugin" "AVAST Software" "c:\program files\avast software\avast\aswwebrepie.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\jp2ssv.dll"
+ "JQSIEStartDetectorImpl Class" "Java™ Quick Starter binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "avast! WebRep" "avast! WebRep Plugin" "AVAST Software" "c:\program files\avast software\avast\aswwebrepie.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "Windows Messenger" "Windows Messenger" "Microsoft Corporation" "c:\program files\messenger\msmsgs.exe"
"Task Scheduler" "" "" ""
+ "Adobe Flash Player Updater.job" "Adobe® Flash® Player Update Service 11.3 r300" "Adobe Systems Incorporated" "c:\windows\system32\macromed\flash\flashplayerupdateservice.exe"
+ "avast! Emergency Update.job" "avast! Emergency Update" "AVAST Software" "c:\program files\avast software\avast\avastemupdate.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "!SASCORE" "SUPERAntiSpyware Core Service" "SUPERAntiSpyware.com" "c:\program files\superantispyware\sascore.exe"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.ac3acm" "AC-3 ACM Codec" "fccHandler" "c:\windows\system32\ac3acm.acm"
+ "msacm.ac3filter" "" "" "c:\windows\system32\ac3filter.acm"
+ "msacm.divxa32" "DivX;-) Audio Codec" "Packed With Joy !" "c:\windows\system32\divxa32.acm"
+ "msacm.iac2" "Indeo® audio software" "Intel Corporation" "c:\windows\system32\iac25_32.ax"
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
+ "msacm.l3fhg" "MPEG Audio Layer-3 Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\mp3fhg.acm"
+ "msacm.lameacm" "Lame MP3 codec engine" "http://www.mp3dev.org/" "c:\windows\system32\lameacm.acm"
+ "msacm.sl_anet" "Audio codec for MS ACM" "Sipro Lab Telecom Inc." "c:\windows\system32\sl_anet.acm"
+ "msacm.trspch" "DSP Group TrueSpeech™ Audio Codec for MSACM V3.50" "DSP GROUP, INC." "c:\windows\system32\tssoft32.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\system32\iccvid.dll"
+ "VIDC.FFDS" "" "" "c:\windows\system32\ff_vfw.dll"
+ "vidc.iv31" "" "" "c:\windows\system32\ir32_32.dll"
+ "vidc.iv32" "" "" "c:\windows\system32\ir32_32.dll"
+ "vidc.iv41" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "vidc.iv50" "Intel Indeo® video 5.10" "Intel Corporation" "c:\windows\system32\ir50_32.dll"
+ "vidc.xvid" "" "" "c:\windows\system32\xvidvfw.dll"
+ "VIDC.YV12" "" "" "c:\windows\system32\xvidvfw.dll"
"HKLM\Software\Classes\Filter" "" "" ""
+ "Indeo® video 4.4 Compression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "Indeo® video 4.4 Compression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "Indeo® video 4.4 Decompression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "Indeo® video 4.4 Decompression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "9x8Resize" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "AC3File" "" "" "c:\program files\k-lite codec pack\filters\ac3file.ax"
+ "AC3Filter" "ac3filter" "" "c:\windows\system32\ac3filter.ax"
+ "ACELP.net Audio Decoder" "ACELP.net Audio Decoder" "Sipro Lab Telecom Inc." "c:\windows\system32\acelpdec.ax"
+ "Allocator Fix" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Bitmap" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "DC-Bass Source" "DirectShow™ Audio Decoder" "http://www.dsp-worx.de" "c:\program files\k-lite codec pack\filters\dcbasssource.ax"
+ "DirectVobSub" "VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth" "MPC-HC Team" "c:\program files\k-lite codec pack\filters\vsfilter.dll"
+ "DirectVobSub (auto-loading version)" "VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth" "MPC-HC Team" "c:\program files\k-lite codec pack\filters\vsfilter.dll"
+ "DV Scenes" "DV-Timecode based Scenechange Detection" "Nero AG" "c:\program files\nero\nero 7\nero vision\nvdv.dll"
+ "DV Source Filter" "DV-Timecode based Scenechange Detection" "Nero AG" "c:\program files\nero\nero 7\nero vision\nvdv.dll"
+ "ffdshow Audio Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\k-lite codec pack\ffdshow\ffdshow.ax"
+ "ffdshow Audio Processor" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\k-lite codec pack\ffdshow\ffdshow.ax"
+ "ffdshow DXVA Video Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\k-lite codec pack\ffdshow\ffdshow.ax"
+ "ffdshow raw video filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\k-lite codec pack\ffdshow\ffdshow.ax"
+ "ffdshow subtitles filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\k-lite codec pack\ffdshow\ffdshow.ax"
+ "ffdshow Video Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\k-lite codec pack\ffdshow\ffdshow.ax"
+ "File Source (Monkey Audio)" "" "" "c:\program files\k-lite codec pack\filters\monkeysource.ax"
+ "Frame Eater" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Haali Matroska Muxer" "Haali Media Splitter" "" "c:\program files\k-lite codec pack\filters\haali\splitter.ax"
+ "Haali Media Splitter" "Haali Media Splitter" "" "c:\program files\k-lite codec pack\filters\haali\splitter.ax"
+ "Haali Media Splitter (AR)" "Haali Media Splitter" "" "c:\program files\k-lite codec pack\filters\haali\splitter.ax"
+ "Haali Simple Media Splitter" "Haali Media Splitter" "" "c:\program files\k-lite codec pack\filters\haali\splitter.ax"
+ "Haali Video Renderer" "" "" "c:\program files\k-lite codec pack\filters\haali\dxr.dll"
+ "Haali Video Sink" "Haali Media Splitter" "" "c:\program files\k-lite codec pack\filters\haali\splitter.ax"
+ "Indeo Video ® 5.1 Progressive Download Source" "Intel Indeo® video IVF Source Filter 5.10" "Intel Corporation" "c:\windows\system32\ivfsrc.ax"
+ "Indeo® audio software" "Indeo® audio software" "Intel Corporation" "c:\windows\system32\iac25_32.ax"
+ "Indeo® video 5.10 Compression Filter" "Intel Indeo® video 5.10" "Intel Corporation" "c:\windows\system32\ir50_32.dll"
+ "Indeo® video 5.10 Decompression Filter" "Intel Indeo® video 5.10" "Intel Corporation" "c:\windows\system32\ir50_32.dll"
+ "LAV Audio Decoder" "LAV Audio Decoder - DirectShow Audio Decoder" "1f0.de - Hendrik Leppkes" "c:\program files\k-lite codec pack\filters\lav\lavaudio.ax"
+ "LAV Splitter" "LAV Splitter - DirectShow Media Splitter" "1f0.de - Hendrik Leppkes" "c:\program files\k-lite codec pack\filters\lav\lavsplitter.ax"
+ "LAV Splitter Source" "LAV Splitter - DirectShow Media Splitter" "1f0.de - Hendrik Leppkes" "c:\program files\k-lite codec pack\filters\lav\lavsplitter.ax"
+ "LAV Video Decoder" "LAV Video Decoder - DirectShow Video Decoder" "1f0.de - Hendrik Leppkes" "c:\program files\k-lite codec pack\filters\lav\lavvideo.ax"
+ "madFlac Decoder" "DirectShow FLAC Decoder" "www.madshi.net" "c:\program files\k-lite codec pack\filters\madflac.ax"
+ "madFlac Source" "DirectShow FLAC Decoder" "www.madshi.net" "c:\program files\k-lite codec pack\filters\madflac.ax"
+ "MONOGRAM AMR Decoder" "AMR Filter Pack" "MONOGRAM Multimedia, s.r.o." "c:\program files\k-lite codec pack\filters\mmamr.ax"
+ "MONOGRAM AMR Encoder" "AMR Filter Pack" "MONOGRAM Multimedia, s.r.o." "c:\program files\k-lite codec pack\filters\mmamr.ax"
+ "MONOGRAM AMR Mux" "AMR Filter Pack" "MONOGRAM Multimedia, s.r.o." "c:\program files\k-lite codec pack\filters\mmamr.ax"
+ "MONOGRAM AMR Splitter" "AMR Filter Pack" "MONOGRAM Multimedia, s.r.o." "c:\program files\k-lite codec pack\filters\mmamr.ax"
+ "MONOGRAM Musepack Decoder" "mmmpcdec" "" "c:\program files\k-lite codec pack\filters\mmmpcdec.ax"
+ "MONOGRAM Musepack Splitter" "mmmpcdmx" "" "c:\program files\k-lite codec pack\filters\mmmpcdmx.ax"
+ "MPC - AVI<->AC3/DTS" "AVI <-> AC3/DTS Converter" "MPC-HC Team" "c:\windows\system32\avi2ac3filter.ax"
+ "MPC - CDXA Reader" "CDXA Reader Filter" "MPC-HC Team" "c:\windows\system32\cdxareader.ax"
+ "MPC - DTS/AC3/DD+ Source" "DTS/AC3 Source Filter" "MPC-HC Team" "c:\windows\system32\dtsac3source.ax"
+ "MPC - FLV Source (Gabest)" "FLV Splitter" "MPC-HC Team" "c:\windows\system32\flvsplitter.ax"
+ "MPC - FLV Splitter (Gabest)" "FLV Splitter" "MPC-HC Team" "c:\windows\system32\flvsplitter.ax"
+ "MPEG Layer-3 Decoder" "MPEG Layer-3 Audio Decoder" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codecx.ax"
+ "Nero Audio CD Filter" "Nero Audio CD Source Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\neaudcd.ax"
+ "Nero Audio CD Navigator" "Nero Audio CD Source Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\neaudcd.ax"
+ "Nero Audio Processor" "Nero Audio Processor" "Nero AG" "c:\program files\common files\ahead\dsfilter\neaudioconv.ax"
+ "Nero Audio Source" "Nero Library" "Nero AG" "c:\program files\common files\ahead\dsfilter\nerender.ax"
+ "Nero Audio Stream Renderer" "Nero Library" "Nero AG" "c:\program files\common files\ahead\dsfilter\nerender.ax"
+ "Nero Audio Stream Renderer" "Nero Library" "Nero AG" "c:\program files\common files\ahead\dsfilter\nerender.ax"
+ "Nero Digital Audio Decoder" "Nero Audio Decoder" "Nero AG" "c:\program files\common files\ahead\dsfilter\neaudio.ax"
+ "Nero Digital AVC Audio Encoder" "AAC LC/HE Audio Encoder" "Nero AG" "c:\program files\common files\ahead\dsfilter\nendaud.ax"
+ "Nero Digital AVC File Writer" "NeroDigital File Format Muxer" "Nero AG" "c:\program files\common files\ahead\dsfilter\nendmux.ax"
+ "Nero Digital AVC Muxer" "NeroDigital File Format Muxer" "Nero AG" "c:\program files\common files\ahead\dsfilter\nendmux.ax"
+ "Nero Digital AVC Null Renderer" "NeroDigital File Format Muxer" "Nero AG" "c:\program files\common files\ahead\dsfilter\nendmux.ax"
+ "Nero Digital AVC Subpicture Enc" "NeroDigital File Format Muxer" "Nero AG" "c:\program files\common files\ahead\dsfilter\nendmux.ax"
+ "Nero Digital Parser" "NeroDigital / mp4 / avi / mov parser" "Nero AG" "c:\program files\common files\ahead\dsfilter\ndparser.ax"
+ "Nero DV Splitter" "DV Splitter Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nedvsplitter.ax"
+ "Nero DVD Decoder" "MPEG-1/2/4 & AVC video decoder w/ DxVA" "Nero AG" "c:\program files\common files\ahead\dsfilter\nevideo.ax"
+ "Nero DVD Navigator" "DVD Navigator Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nedvd.ax"
+ "Nero ES Video Reader" "NeroDigital / mp4 / avi / mov parser" "Nero AG" "c:\program files\common files\ahead\dsfilter\ndparser.ax"
+ "Nero File Source" "Nero SVCD source filter" "Nero AG " "c:\program files\common files\ahead\dsfilter\nefilesrc.ax"
+ "Nero File Source (Async.)" "Nero Home" "Nero AG" "c:\program files\common files\ahead\dsfilter\nefilesourceasync.ax"
+ "Nero File Source / Splitter" "Push Mode VOB Source Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nefsource.ax"
+ "Nero Format Converter" "Frame rate / Color space converter" "Nero AG" "c:\program files\common files\ahead\dsfilter\neroformatconv.ax"
+ "Nero Frame Capture" "Direct Show frame grabber filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\necapture.ax"
+ "Nero InteractiveGraphics Decoder" "Graphics Decoder Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nebdgraphic.ax"
+ "Nero Mpeg2 Encoder" "MPEG 1/2 Video Encoder" "Nero AG" "c:\program files\common files\ahead\dsfilter\nevcr.ax"
+ "Nero Overlay Mixer" "Overlay Mixer Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\neoverlaymixer.ax"
+ "Nero Photo Source" "Nero Home" "Nero AG" "c:\program files\common files\ahead\dsfilter\nephotosource.ax"
+ "Nero PresentationGraphics Decoder" "Graphics Decoder Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nebdgraphic.ax"
+ "Nero PS Muxer" "PS Muxer Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nepsmuxer.ax"
+ "Nero QuickTime™ Audio Decoder" "QuickTime™ Decoder Wrapper" "Nero AG" "c:\program files\common files\ahead\dsfilter\neqtdec.ax"
+ "Nero QuickTime™ Video Decoder" "QuickTime™ Decoder Wrapper" "Nero AG" "c:\program files\common files\ahead\dsfilter\neqtdec.ax"
+ "Nero Resize" "Nero Resizing Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\neresize.ax"
+ "Nero Scene Change Detector" "Scene Change Detector" "Nero AG" "c:\program files\common files\ahead\dsfilter\nescenedetector.ax"
+ "Nero Scene Change Detector" "Scene Change Detector" "Nero AG" "c:\program files\common files\ahead\dsfilter\nescenedetector.ax"
+ "Nero Splitter" "Splitter Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nesplitter.ax"
+ "Nero Stream Buffer Sink" "Nero Stream Buffer Engine" "Nero AG" "c:\program files\common files\ahead\dsfilter\nesbe.ax"
+ "Nero Stream Buffer Source" "Nero Stream Buffer Engine" "Nero AG" "c:\program files\common files\ahead\dsfilter\nesbe.ax"
+ "Nero Subpicture Decoder" "Nero Subpicture Decoder" "Nero AG" "c:\program files\common files\ahead\dsfilter\nesubpicture.ax"
+ "Nero Vcd Navigator" "Nero Vcd Navigator Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nevcd.ax"
+ "Nero Video Analyzer" "Nero Video Analyzer" "Nero AG" "c:\program files\common files\ahead\dsfilter\nevideoanalyzer.ax"
+ "Nero Video Decoder" "MPEG-1/2/4 & AVC video decoder w/ DxVA" "Nero AG" "c:\program files\common files\ahead\dsfilter\nevideo.ax"
+ "Nero Video Decoder HD" "Nero HD Video Decoder" "Nero AG" "c:\program files\common files\ahead\dsfilter\nevideohd.ax"
+ "Nero Video Processor" "Resize / Deinterlace / Color Correction / Film Effect / Frame Capture Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nerovideoproc.ax"
+ "Nero Video Source" "Nero Library" "Nero AG" "c:\program files\common files\ahead\dsfilter\nerender.ax"
+ "QTSrc" "" "" "c:\windows\system32\aveqt.dll"
+ "RealAudio Decoder" "" "" "c:\windows\system32\averm.dll"
+ "RealMedia Source" "" "" "c:\windows\system32\averm.dll"
+ "RealMedia Splitter" "" "" "c:\windows\system32\averm.dll"
+ "RealVideo Decoder" "" "" "c:\windows\system32\averm.dll"
+ "Record Queue" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "ShotBoundaryDet" "Windows Movie Maker" "Microsoft Corporation" "c:\program files\movie maker\wmmfilt.dll"
+ "ShotDetect" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Stetch" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "T" "VP7 Decompression Filter" "On2.com Inc." "c:\program files\k-lite codec pack\filters\vp7dec.ax"
+ "WavPack Audio Decoder" "WavPack Audio DirectShow Decoder" "-" "c:\program files\k-lite codec pack\filters\wavpackdsdecoder.ax"
+ "WavPack Audio Splitter" "WavPack Audio DirectShow Splitter" "-" "c:\program files\k-lite codec pack\filters\wavpackdssplitter.ax"
+ "WIA Stream Snapshot Filter" "WIA Stream Snapshot Filter" "MyCompanyName" "c:\windows\system32\wiasf.ax"
+ "Windows Media Pad VU Data Grabber" "Windows Movie Maker" "Microsoft Corporation" "c:\program files\movie maker\wmmfilt.dll"
+ "WM VIH2 Fix" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Audio Analyzer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Black Frame Generator" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DirectX Transform Wrapper" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DV Extract Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT FormatConversion" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Import Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Interlacer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Log Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT MuxDeMux Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Sample Info Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Screen capture Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Switch Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Renderer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Source" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Volume" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Xvid MPEG-4 Video Decoder" "xvid" "http://www.xvid.org" "c:\windows\system32\xvid.ax"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "!SASWinLogon" "SUPERAntiSpyware WinLogon Processor" "SUPERAntiSpyware.com" "c:\program files\superantispyware\saswinlo.dll"
+ "igfxcui" "igfxdev Module" "Intel Corporation" "c:\windows\system32\igfxdev.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:30 PM

Posted 29 August 2012 - 08:42 PM

We need a deeper look

Read the guide here on preparing logs

http://www.bleepingcomputer.com/forums/topic34773.html

and create a topic here

http://www.bleepingcomputer.com/forums/forum22.html

Good luck




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users