Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Can't access google services / sites.


  • Please log in to reply
13 replies to this topic

#1 ErazmusNZ

ErazmusNZ

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:38 AM

Posted 31 August 2012 - 01:32 AM

Hi guys,

I've been having a problem accessing google services for a while now.

For all browsers if I try to access google search, gmail, youtube, g+, google docs, etc I get a page timeout constantly. It is irrespective of browser used.

All other sites appear to load fine in a reasonable time but nothing google related. General PC performance is fine with no random crashes.

I have the 3 main browsers installed.

IE 8, FF, and Chrome.

IE seems to use some default search provider called Babylon (or Conduit) which I can't seem to change (says Google is default search).
FF and Chrome seem fine.

Chrome is my main browser and there is no evidence of redirects.

Where do I start? Can someone help please?

Cheers,
E.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:38 AM

Posted 31 August 2012 - 07:48 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 ErazmusNZ

ErazmusNZ
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:38 AM

Posted 01 September 2012 - 05:21 AM

Hi and thanks :)

TDSSkiller log.


15:04:13.0728 4076 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
15:04:14.0634 4076 ============================================================
15:04:14.0634 4076 Current date / time: 2012/09/01 15:04:14.0634
15:04:14.0634 4076 SystemInfo:
15:04:14.0634 4076
15:04:14.0634 4076 OS Version: 5.1.2600 ServicePack: 3.0
15:04:14.0634 4076 Product type: Workstation
15:04:14.0634 4076 ComputerName: MUM-DADS-PC
15:04:14.0634 4076 UserName: ***********
15:04:14.0634 4076 Windows directory: C:\WINDOWS
15:04:14.0634 4076 System windows directory: C:\WINDOWS
15:04:14.0634 4076 Processor architecture: Intel x86
15:04:14.0634 4076 Number of processors: 2
15:04:14.0634 4076 Page size: 0x1000
15:04:14.0634 4076 Boot type: Normal boot
15:04:14.0634 4076 ============================================================
15:04:16.0431 4076 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x50C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000054
15:04:16.0462 4076 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
15:04:16.0478 4076 ============================================================
15:04:16.0478 4076 \Device\Harddisk0\DR0:
15:04:16.0478 4076 MBR partitions:
15:04:16.0478 4076 \Device\Harddisk0\DR0\Partition1: MBR, Type 0xB, StartLBA 0x3F, BlocksNum 0x87E391
15:04:16.0478 4076 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x87E3D0, BlocksNum 0x12196830
15:04:16.0478 4076 \Device\Harddisk1\DR1:
15:04:16.0478 4076 MBR partitions:
15:04:16.0478 4076 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xC34F28D
15:04:16.0478 4076 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0xC34F2CC, BlocksNum 0x2E035975
15:04:16.0478 4076 ============================================================
15:04:16.0478 4076 C: <-> \Device\Harddisk1\DR1\Partition1
15:04:16.0541 4076 D: <-> \Device\Harddisk0\DR0\Partition2
15:04:16.0572 4076 I: <-> \Device\Harddisk1\DR1\Partition2
15:04:16.0572 4076 J: <-> \Device\Harddisk0\DR0\Partition1
15:04:16.0572 4076 ============================================================
15:04:16.0572 4076 Initialize success
15:04:16.0572 4076 ============================================================
15:04:41.0244 0144 ============================================================
15:04:41.0244 0144 Scan started
15:04:41.0244 0144 Mode: Manual; TDLFS;
15:04:41.0244 0144 ============================================================
15:04:41.0556 0144 ================ Scan system memory ========================
15:04:41.0556 0144 System memory - ok
15:04:41.0556 0144 ================ Scan services =============================
15:04:41.0650 0144 [ C07D5197410AAB28D0D93F943F59656D ] 6to4 C:\WINDOWS\System32\6to4svc.dll
15:04:41.0650 0144 6to4 - ok
15:04:41.0728 0144 [ A8A4E18857CDFD8D9AB81E2C9EAF89B5 ] a2acc C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2accx86.sys
15:04:41.0728 0144 a2acc - ok
15:04:41.0806 0144 [ 0D050186CF421131B43D00024BD9B8BB ] a2AntiMalware C:\Program Files\Emsisoft Anti-Malware\a2service.exe
15:04:41.0822 0144 a2AntiMalware - ok
15:04:41.0853 0144 [ F7EABCA8375EA2DC6F35C4BCA4757515 ] A2DDA C:\Program Files\Emsisoft Anti-Malware\a2ddax86.sys
15:04:41.0853 0144 A2DDA - ok
15:04:41.0900 0144 Abiosdsk - ok
15:04:41.0900 0144 abp480n5 - ok
15:04:41.0916 0144 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
15:04:41.0916 0144 ACPI - ok
15:04:41.0947 0144 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
15:04:41.0947 0144 ACPIEC - ok
15:04:41.0962 0144 [ 6D7F09CD92A9FEF3A8EFCE66231FDD79 ] adfs C:\WINDOWS\system32\drivers\adfs.sys
15:04:41.0962 0144 adfs - ok
15:04:41.0978 0144 adpu160m - ok
15:04:42.0009 0144 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
15:04:42.0009 0144 aec - ok
15:04:42.0041 0144 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
15:04:42.0041 0144 AFD - ok
15:04:42.0087 0144 [ 10816C326423E5E660A4B2BB4F023B3F ] AffinegyService C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe
15:04:42.0212 0144 AffinegyService - ok
15:04:42.0228 0144 AFGMp50 - ok
15:04:42.0228 0144 [ 1961590AA191B6B7DCF18A6A693AF7B8 ] AFGSp50 C:\WINDOWS\system32\Drivers\AFGSp50.sys
15:04:42.0244 0144 AFGSp50 - ok
15:04:42.0259 0144 [ EFBC44FBD75E4F80BD927AEBF6E7EADE ] AgereModemAudio C:\WINDOWS\system32\agrsmsvc.exe
15:04:42.0259 0144 AgereModemAudio - ok
15:04:42.0306 0144 [ 35C391E40471A0B479328FC7B1B5F40F ] AgereSoftModem C:\WINDOWS\system32\DRIVERS\AGRSM.sys
15:04:42.0322 0144 AgereSoftModem - ok
15:04:42.0322 0144 Aha154x - ok
15:04:42.0322 0144 aic78u2 - ok
15:04:42.0337 0144 aic78xx - ok
15:04:42.0353 0144 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
15:04:42.0369 0144 Alerter - ok
15:04:42.0369 0144 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
15:04:42.0369 0144 ALG - ok
15:04:42.0384 0144 AliIde - ok
15:04:42.0384 0144 amsint - ok
15:04:42.0416 0144 [ E94E2EA7FAAA05C776A711EDB198B9FD ] androidusb C:\WINDOWS\system32\Drivers\smhwadb.sys
15:04:42.0416 0144 androidusb - ok
15:04:42.0416 0144 AppMgmt - ok
15:04:42.0431 0144 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
15:04:42.0431 0144 Arp1394 - ok
15:04:42.0431 0144 asc - ok
15:04:42.0447 0144 asc3350p - ok
15:04:42.0447 0144 asc3550 - ok
15:04:42.0525 0144 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
15:04:42.0525 0144 aspnet_state - ok
15:04:42.0556 0144 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
15:04:42.0556 0144 AsyncMac - ok
15:04:42.0572 0144 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
15:04:42.0572 0144 atapi - ok
15:04:42.0572 0144 Atdisk - ok
15:04:42.0603 0144 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
15:04:42.0603 0144 Atmarpc - ok
15:04:42.0634 0144 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
15:04:42.0634 0144 AudioSrv - ok
15:04:42.0650 0144 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
15:04:42.0650 0144 audstub - ok
15:04:42.0681 0144 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
15:04:42.0681 0144 Beep - ok
15:04:42.0712 0144 [ ACC9C8C560C567FAD6F79C977AB2EA09 ] bgsvcgen C:\WINDOWS\system32\bgsvcgen.exe
15:04:42.0712 0144 bgsvcgen - ok
15:04:42.0744 0144 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
15:04:42.0791 0144 BITS - ok
15:04:42.0837 0144 [ 673CF4F6BB1FBE09331B526802FBB892 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:04:42.0837 0144 Bonjour Service - ok
15:04:42.0869 0144 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
15:04:42.0869 0144 Browser - ok
15:04:42.0900 0144 [ 4E1FA0C5252EAEFE6DA6A38A107910B4 ] Cap7134 C:\WINDOWS\system32\DRIVERS\Cap7134.sys
15:04:42.0900 0144 Cap7134 - ok
15:04:42.0916 0144 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
15:04:42.0916 0144 cbidf2k - ok
15:04:42.0947 0144 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
15:04:42.0947 0144 CCDECODE - ok
15:04:42.0947 0144 cd20xrnt - ok
15:04:42.0978 0144 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
15:04:42.0978 0144 Cdaudio - ok
15:04:43.0009 0144 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
15:04:43.0009 0144 Cdfs - ok
15:04:43.0041 0144 [ E0042BD5BEF17A6A3EF1DF576BDE24D1 ] cdrbsdrv C:\WINDOWS\system32\drivers\cdrbsdrv.sys
15:04:43.0041 0144 cdrbsdrv - ok
15:04:43.0056 0144 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
15:04:43.0056 0144 Cdrom - ok
15:04:43.0056 0144 Changer - ok
15:04:43.0072 0144 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
15:04:43.0072 0144 CiSvc - ok
15:04:43.0087 0144 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
15:04:43.0087 0144 ClipSrv - ok
15:04:43.0119 0144 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:04:43.0166 0144 clr_optimization_v2.0.50727_32 - ok
15:04:43.0166 0144 CmdIde - ok
15:04:43.0181 0144 COMSysApp - ok
15:04:43.0181 0144 Cpqarray - ok
15:04:43.0212 0144 [ C2EB4539A4F6AB6EDD01BDC191619975 ] cpuz135 C:\WINDOWS\system32\drivers\cpuz135_x32.sys
15:04:43.0212 0144 cpuz135 - ok
15:04:43.0228 0144 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
15:04:43.0228 0144 CryptSvc - ok
15:04:43.0244 0144 dac2w2k - ok
15:04:43.0244 0144 dac960nt - ok
15:04:43.0275 0144 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
15:04:43.0275 0144 DcomLaunch - ok
15:04:43.0306 0144 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
15:04:43.0306 0144 Dhcp - ok
15:04:43.0322 0144 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
15:04:43.0322 0144 Disk - ok
15:04:43.0337 0144 dmadmin - ok
15:04:43.0369 0144 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
15:04:43.0384 0144 dmboot - ok
15:04:43.0400 0144 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
15:04:43.0400 0144 dmio - ok
15:04:43.0416 0144 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
15:04:43.0416 0144 dmload - ok
15:04:43.0431 0144 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
15:04:43.0431 0144 dmserver - ok
15:04:43.0462 0144 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
15:04:43.0462 0144 DMusic - ok
15:04:43.0478 0144 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
15:04:43.0478 0144 Dnscache - ok
15:04:43.0509 0144 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
15:04:43.0509 0144 Dot3svc - ok
15:04:43.0525 0144 dpti2o - ok
15:04:43.0541 0144 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
15:04:43.0541 0144 drmkaud - ok
15:04:43.0572 0144 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
15:04:43.0572 0144 EapHost - ok
15:04:43.0603 0144 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
15:04:43.0603 0144 ERSvc - ok
15:04:43.0619 0144 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
15:04:43.0634 0144 Eventlog - ok
15:04:43.0650 0144 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\System32\es.dll
15:04:43.0666 0144 EventSystem - ok
15:04:43.0666 0144 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
15:04:43.0666 0144 Fastfat - ok
15:04:43.0697 0144 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
15:04:43.0697 0144 FastUserSwitchingCompatibility - ok
15:04:43.0728 0144 [ E97D6A8684466DF94FF3BC24FB787A07 ] Fax C:\WINDOWS\system32\fxssvc.exe
15:04:43.0728 0144 Fax - ok
15:04:43.0744 0144 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
15:04:43.0744 0144 Fdc - ok
15:04:43.0759 0144 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
15:04:43.0759 0144 Fips - ok
15:04:43.0822 0144 [ 1F63900E2EB00101B9ACA2B7A870704E ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
15:04:43.0837 0144 FLEXnet Licensing Service - ok
15:04:43.0853 0144 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
15:04:43.0853 0144 Flpydisk - ok
15:04:43.0869 0144 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
15:04:43.0869 0144 FltMgr - ok
15:04:43.0916 0144 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
15:04:43.0916 0144 FontCache3.0.0.0 - ok
15:04:43.0931 0144 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
15:04:43.0931 0144 Fs_Rec - ok
15:04:43.0931 0144 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
15:04:43.0931 0144 Ftdisk - ok
15:04:43.0962 0144 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
15:04:43.0962 0144 GEARAspiWDM - ok
15:04:43.0994 0144 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
15:04:43.0994 0144 Gpc - ok
15:04:44.0025 0144 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
15:04:44.0025 0144 gusvc - ok
15:04:44.0041 0144 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
15:04:44.0041 0144 HDAudBus - ok
15:04:44.0087 0144 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
15:04:44.0087 0144 helpsvc - ok
15:04:44.0119 0144 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
15:04:44.0119 0144 HidServ - ok
15:04:44.0134 0144 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
15:04:44.0134 0144 hidusb - ok
15:04:44.0166 0144 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
15:04:44.0166 0144 hkmsvc - ok
15:04:44.0166 0144 hpn - ok
15:04:44.0197 0144 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
15:04:44.0197 0144 HTTP - ok
15:04:44.0212 0144 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
15:04:44.0228 0144 HTTPFilter - ok
15:04:44.0228 0144 i2omgmt - ok
15:04:44.0228 0144 i2omp - ok
15:04:44.0244 0144 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
15:04:44.0244 0144 i8042prt - ok
15:04:44.0275 0144 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:04:44.0291 0144 idsvc - ok
15:04:44.0306 0144 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
15:04:44.0306 0144 Imapi - ok
15:04:44.0337 0144 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\System32\imapi.exe
15:04:44.0337 0144 ImapiService - ok
15:04:44.0353 0144 ini910u - ok
15:04:44.0431 0144 [ A30685283F90AE02F1CD50972C6065E3 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
15:04:44.0462 0144 IntcAzAudAddService - ok
15:04:44.0478 0144 IntelIde - ok
15:04:44.0494 0144 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
15:04:44.0494 0144 intelppm - ok
15:04:44.0494 0144 [ 3BB22519A194418D5FEC05D800A19AD0 ] ip6fw C:\WINDOWS\system32\drivers\ip6fw.sys
15:04:44.0494 0144 ip6fw - ok
15:04:44.0525 0144 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
15:04:44.0525 0144 IpFilterDriver - ok
15:04:44.0541 0144 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
15:04:44.0541 0144 IpInIp - ok
15:04:44.0556 0144 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
15:04:44.0556 0144 IpNat - ok
15:04:44.0603 0144 [ 32CDEDD15E2D1A557CD54552AE78FF86 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
15:04:44.0619 0144 iPod Service - ok
15:04:44.0650 0144 [ F08D74EC300B8BA60CA953C58A24D19E ] Iprip C:\WINDOWS\System32\iprip.dll
15:04:44.0650 0144 Iprip - ok
15:04:44.0650 0144 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
15:04:44.0650 0144 IPSec - ok
15:04:44.0681 0144 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
15:04:44.0681 0144 IRENUM - ok
15:04:44.0697 0144 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
15:04:44.0697 0144 isapnp - ok
15:04:44.0712 0144 iWinTrusted - ok
15:04:44.0775 0144 [ 5472D771C0197355C1D347F20392B982 ] JavaQuickStarterService C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
15:04:44.0775 0144 JavaQuickStarterService - ok
15:04:44.0791 0144 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
15:04:44.0791 0144 Kbdclass - ok
15:04:44.0791 0144 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
15:04:44.0806 0144 kbdhid - ok
15:04:44.0822 0144 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
15:04:44.0822 0144 kmixer - ok
15:04:44.0853 0144 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
15:04:44.0853 0144 KSecDD - ok
15:04:44.0884 0144 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
15:04:44.0884 0144 lanmanserver - ok
15:04:44.0916 0144 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
15:04:44.0931 0144 lanmanworkstation - ok
15:04:44.0931 0144 lbrtfdc - ok
15:04:44.0962 0144 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
15:04:44.0962 0144 LmHosts - ok
15:04:44.0994 0144 [ 32933B07FC16D9F778BEE12545FA1B1A ] LPDSVC C:\WINDOWS\System32\tcpsvcs.exe
15:04:44.0994 0144 LPDSVC - ok
15:04:44.0994 0144 lxcg_device - ok
15:04:45.0009 0144 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
15:04:45.0025 0144 Messenger - ok
15:04:45.0041 0144 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
15:04:45.0041 0144 mnmdd - ok
15:04:45.0072 0144 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\System32\mnmsrvc.exe
15:04:45.0072 0144 mnmsrvc - ok
15:04:45.0087 0144 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
15:04:45.0087 0144 Modem - ok
15:04:45.0103 0144 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
15:04:45.0103 0144 Mouclass - ok
15:04:45.0103 0144 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
15:04:45.0103 0144 mouhid - ok
15:04:45.0119 0144 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
15:04:45.0119 0144 MountMgr - ok
15:04:45.0134 0144 [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
15:04:45.0150 0144 MozillaMaintenance - ok
15:04:45.0166 0144 [ D993BEA500E7382DC4E760BF4F35EFCB ] MpFilter C:\WINDOWS\system32\DRIVERS\MpFilter.sys
15:04:45.0181 0144 MpFilter - ok
15:04:45.0275 0144 [ A69630D039C38018689190234F866D77 ] MpKsl3e73ea71 C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{6E594032-4873-4114-90CA-A250F5AB555A}\MpKsl3e73ea71.sys
15:04:45.0275 0144 MpKsl3e73ea71 - ok
15:04:45.0275 0144 mraid35x - ok
15:04:45.0291 0144 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
15:04:45.0291 0144 MRxDAV - ok
15:04:45.0322 0144 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
15:04:45.0322 0144 MRxSmb - ok
15:04:45.0337 0144 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\System32\msdtc.exe
15:04:45.0337 0144 MSDTC - ok
15:04:45.0353 0144 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
15:04:45.0353 0144 Msfs - ok
15:04:45.0353 0144 MSIServer - ok
15:04:45.0384 0144 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
15:04:45.0384 0144 MSKSSRV - ok
15:04:45.0431 0144 [ 24516BF4E12A46CB67302E2CDCB8CDDF ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe
15:04:45.0431 0144 MsMpSvc - ok
15:04:45.0462 0144 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
15:04:45.0462 0144 MSPCLOCK - ok
15:04:45.0478 0144 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
15:04:45.0478 0144 MSPQM - ok
15:04:45.0478 0144 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
15:04:45.0478 0144 mssmbios - ok
15:04:45.0509 0144 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
15:04:45.0509 0144 MSTEE - ok
15:04:45.0525 0144 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
15:04:45.0525 0144 Mup - ok
15:04:45.0541 0144 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
15:04:45.0541 0144 NABTSFEC - ok
15:04:45.0587 0144 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
15:04:45.0587 0144 napagent - ok
15:04:45.0603 0144 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
15:04:45.0603 0144 NDIS - ok
15:04:45.0634 0144 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
15:04:45.0634 0144 NdisIP - ok
15:04:45.0666 0144 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
15:04:45.0666 0144 NdisTapi - ok
15:04:45.0666 0144 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
15:04:45.0666 0144 Ndisuio - ok
15:04:45.0681 0144 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
15:04:45.0681 0144 NdisWan - ok
15:04:45.0697 0144 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
15:04:45.0697 0144 NDProxy - ok
15:04:45.0728 0144 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
15:04:45.0728 0144 NetBIOS - ok
15:04:45.0744 0144 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
15:04:45.0744 0144 NetBT - ok
15:04:45.0775 0144 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
15:04:45.0775 0144 NetDDE - ok
15:04:45.0775 0144 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
15:04:45.0775 0144 NetDDEdsdm - ok
15:04:45.0806 0144 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\System32\lsass.exe
15:04:45.0806 0144 Netlogon - ok
15:04:45.0837 0144 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
15:04:45.0837 0144 Netman - ok
15:04:45.0869 0144 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:04:45.0869 0144 NetTcpPortSharing - ok
15:04:45.0900 0144 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
15:04:45.0900 0144 NIC1394 - ok
15:04:45.0916 0144 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
15:04:45.0916 0144 Nla - ok
15:04:45.0947 0144 [ 357DDB51E03CAE598C096D95497373D0 ] nmwcd C:\WINDOWS\system32\drivers\ccdcmb.sys
15:04:45.0962 0144 nmwcd - ok
15:04:45.0978 0144 [ 7CD443F9D36C80E152FADB274089577A ] nmwcdc C:\WINDOWS\system32\drivers\ccdcmbo.sys
15:04:45.0978 0144 nmwcdc - ok
15:04:46.0009 0144 [ D21FEE8DB254BA762656878168AC1DB6 ] NPF C:\WINDOWS\system32\drivers\npf.sys
15:04:46.0009 0144 NPF - ok
15:04:46.0009 0144 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
15:04:46.0009 0144 Npfs - ok
15:04:46.0025 0144 npggsvc - ok
15:04:46.0056 0144 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
15:04:46.0056 0144 Ntfs - ok
15:04:46.0056 0144 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\System32\lsass.exe
15:04:46.0056 0144 NtLmSsp - ok
15:04:46.0103 0144 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
15:04:46.0103 0144 NtmsSvc - ok
15:04:46.0134 0144 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
15:04:46.0134 0144 Null - ok
15:04:46.0384 0144 [ 7B5A17BD54BB9142843DBE99A1CAAED8 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
15:04:46.0462 0144 nv - ok
15:04:46.0509 0144 [ 5150B108EA88831E1C599603D8B89621 ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
15:04:46.0509 0144 NVSvc - ok
15:04:46.0572 0144 [ 83E8AB7BB3C8956C53FEC071C94F0BBB ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
15:04:46.0587 0144 nvUpdatusService - ok
15:04:46.0619 0144 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
15:04:46.0619 0144 NwlnkFlt - ok
15:04:46.0619 0144 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
15:04:46.0619 0144 NwlnkFwd - ok
15:04:46.0634 0144 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
15:04:46.0634 0144 ohci1394 - ok
15:04:46.0650 0144 [ 937A02981F11B2CE96B1D493C95AED2B ] p2pgasvc C:\WINDOWS\system32\p2pgasvc.dll
15:04:46.0666 0144 p2pgasvc - ok
15:04:46.0681 0144 [ 4A1035CB8F0D57BE41873B5183D96CF4 ] p2pimsvc C:\WINDOWS\system32\p2psvc.dll
15:04:46.0697 0144 p2pimsvc - ok
15:04:46.0712 0144 [ 4A1035CB8F0D57BE41873B5183D96CF4 ] p2psvc C:\WINDOWS\system32\p2psvc.dll
15:04:46.0712 0144 p2psvc - ok
15:04:46.0744 0144 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
15:04:46.0744 0144 Parport - ok
15:04:46.0759 0144 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
15:04:46.0759 0144 PartMgr - ok
15:04:46.0775 0144 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
15:04:46.0775 0144 ParVdm - ok
15:04:46.0791 0144 [ FD2041E9BA03DB7764B2248F02475079 ] pccsmcfd C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
15:04:46.0791 0144 pccsmcfd - ok
15:04:46.0806 0144 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
15:04:46.0822 0144 PCI - ok
15:04:46.0822 0144 PCIDump - ok
15:04:46.0837 0144 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
15:04:46.0837 0144 PCIIde - ok
15:04:46.0900 0144 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
15:04:46.0900 0144 Pcmcia - ok
15:04:46.0900 0144 PDCOMP - ok
15:04:46.0916 0144 PDFRAME - ok
15:04:46.0916 0144 PDRELI - ok
15:04:46.0931 0144 PDRFRAME - ok
15:04:46.0931 0144 perc2 - ok
15:04:46.0947 0144 perc2hib - ok
15:04:46.0978 0144 [ BBA084B7934057673DDA2C2160E6ED47 ] PhTVTune C:\WINDOWS\system32\DRIVERS\PhTVTune.sys
15:04:46.0978 0144 PhTVTune - ok
15:04:46.0994 0144 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
15:04:46.0994 0144 PlugPlay - ok
15:04:47.0009 0144 [ 3A2BDD76E7D2A5F40A7174793D1BA794 ] PnkBstrA C:\WINDOWS\system32\PnkBstrA.exe
15:04:47.0009 0144 PnkBstrA - ok
15:04:47.0041 0144 [ 137216004E8DC1820AB8FEEC5919366C ] PnkBstrB C:\WINDOWS\system32\PnkBstrB.exe
15:04:47.0056 0144 PnkBstrB - ok
15:04:47.0087 0144 [ 5A511EA02ADB74CC303578C127F30975 ] PnkBstrK C:\WINDOWS\system32\drivers\PnkBstrK.sys
15:04:47.0087 0144 PnkBstrK - ok
15:04:47.0087 0144 [ 4A1035CB8F0D57BE41873B5183D96CF4 ] PNRPSvc C:\WINDOWS\system32\p2psvc.dll
15:04:47.0103 0144 PNRPSvc - ok
15:04:47.0103 0144 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\System32\lsass.exe
15:04:47.0103 0144 PolicyAgent - ok
15:04:47.0134 0144 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
15:04:47.0134 0144 PptpMiniport - ok
15:04:47.0150 0144 [ A32BEBAF723557681BFC6BD93E98BD26 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
15:04:47.0150 0144 Processor - ok
15:04:47.0150 0144 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
15:04:47.0150 0144 ProtectedStorage - ok
15:04:47.0166 0144 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
15:04:47.0166 0144 PSched - ok
15:04:47.0181 0144 [ A6A7AD767BF5141665F5C675F671B3E1 ] PSI_SVC_2 c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
15:04:47.0275 0144 PSI_SVC_2 - ok
15:04:47.0306 0144 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
15:04:47.0306 0144 Ptilink - ok
15:04:47.0322 0144 [ 49452BFCEC22F36A7A9B9C2181BC3042 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
15:04:47.0322 0144 PxHelp20 - ok
15:04:47.0322 0144 ql1080 - ok
15:04:47.0337 0144 Ql10wnt - ok
15:04:47.0337 0144 ql12160 - ok
15:04:47.0337 0144 ql1240 - ok
15:04:47.0353 0144 ql1280 - ok
15:04:47.0369 0144 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
15:04:47.0369 0144 RasAcd - ok
15:04:47.0400 0144 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
15:04:47.0400 0144 RasAuto - ok
15:04:47.0400 0144 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
15:04:47.0400 0144 Rasl2tp - ok
15:04:47.0431 0144 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
15:04:47.0431 0144 RasMan - ok
15:04:47.0447 0144 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
15:04:47.0447 0144 RasPppoe - ok
15:04:47.0447 0144 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
15:04:47.0447 0144 Raspti - ok
15:04:47.0462 0144 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
15:04:47.0462 0144 Rdbss - ok
15:04:47.0478 0144 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
15:04:47.0478 0144 RDPCDD - ok
15:04:47.0509 0144 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
15:04:47.0509 0144 RDPWD - ok
15:04:47.0541 0144 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
15:04:47.0541 0144 RDSessMgr - ok
15:04:47.0572 0144 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
15:04:47.0572 0144 redbook - ok
15:04:47.0603 0144 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
15:04:47.0603 0144 RemoteAccess - ok
15:04:47.0619 0144 [ 67C607857CCD6EBFFE768DAD5B2CA239 ] rpcapd C:\Program Files\WinPcap\rpcapd.exe
15:04:47.0619 0144 rpcapd - ok
15:04:47.0634 0144 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\System32\locator.exe
15:04:47.0634 0144 RpcLocator - ok
15:04:47.0650 0144 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\system32\rpcss.dll
15:04:47.0650 0144 RpcSs - ok
15:04:47.0681 0144 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\System32\rsvp.exe
15:04:47.0681 0144 RSVP - ok
15:04:47.0712 0144 [ CF84B1F0E8B14D4120AAF9CF35CBB265 ] RTL8023xp C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys
15:04:47.0712 0144 RTL8023xp - ok
15:04:47.0744 0144 [ D507C1400284176573224903819FFDA3 ] rtl8139 C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
15:04:47.0744 0144 rtl8139 - ok
15:04:47.0744 0144 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
15:04:47.0744 0144 SamSs - ok
15:04:47.0759 0144 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
15:04:47.0759 0144 SCardSvr - ok
15:04:47.0791 0144 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
15:04:47.0791 0144 Schedule - ok
15:04:47.0822 0144 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
15:04:47.0822 0144 Secdrv - ok
15:04:47.0837 0144 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
15:04:47.0837 0144 seclogon - ok
15:04:47.0869 0144 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
15:04:47.0869 0144 SENS - ok
15:04:47.0900 0144 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\drivers\Serial.sys
15:04:47.0900 0144 Serial - ok
15:04:47.0962 0144 [ 8988D1F32F56B3CD3F0F6C39F8A91A98 ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
15:04:47.0978 0144 ServiceLayer - ok
15:04:48.0009 0144 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
15:04:48.0009 0144 Sfloppy - ok
15:04:48.0056 0144 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
15:04:48.0056 0144 SharedAccess - ok
15:04:48.0072 0144 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
15:04:48.0072 0144 ShellHWDetection - ok
15:04:48.0072 0144 Simbad - ok
15:04:48.0087 0144 [ 32933B07FC16D9F778BEE12545FA1B1A ] SimpTcp C:\WINDOWS\System32\tcpsvcs.exe
15:04:48.0087 0144 SimpTcp - ok
15:04:48.0119 0144 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
15:04:48.0119 0144 SkypeUpdate - ok
15:04:48.0134 0144 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
15:04:48.0134 0144 SLIP - ok
15:04:48.0181 0144 [ 2A0BDE6DD58AC2935A80F984B3AF0B0E ] smhwdev C:\WINDOWS\system32\DRIVERS\smhwdev.sys
15:04:48.0181 0144 smhwdev - ok
15:04:48.0212 0144 [ 54B5DD15EEF72AEE8D1C765AB2235610 ] smhwser C:\WINDOWS\system32\DRIVERS\smhwser.sys
15:04:48.0212 0144 smhwser - ok
15:04:48.0228 0144 [ 60C377BE6B3CC83F6A8584934B181D2E ] SNMP C:\WINDOWS\System32\snmp.exe
15:04:48.0228 0144 SNMP - ok
15:04:48.0259 0144 [ 80A050795A107A76C2B1CD4CFBE010E6 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
15:04:48.0259 0144 SNMPTRAP - ok
15:04:48.0259 0144 Sparrow - ok
15:04:48.0275 0144 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
15:04:48.0291 0144 splitter - ok
15:04:48.0322 0144 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
15:04:48.0322 0144 Spooler - ok
15:04:48.0337 0144 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
15:04:48.0353 0144 sr - ok
15:04:48.0369 0144 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\System32\srsvc.dll
15:04:48.0384 0144 srservice - ok
15:04:48.0416 0144 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
15:04:48.0416 0144 Srv - ok
15:04:48.0447 0144 [ D6870895FE46A464A19141440EB6CC1E ] sscdbus C:\WINDOWS\system32\DRIVERS\sscdbus.sys
15:04:48.0447 0144 sscdbus - ok
15:04:48.0462 0144 [ 0FE167362E4689B716CDC8D93ADEDDA8 ] sscdmdfl C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys
15:04:48.0478 0144 sscdmdfl - ok
15:04:48.0494 0144 [ 55A15707E32B6709242AD127E62CA55A ] sscdmdm C:\WINDOWS\system32\DRIVERS\sscdmdm.sys
15:04:48.0494 0144 sscdmdm - ok
15:04:48.0509 0144 [ 9FA66E361A99F8920C7609BAE6814A0E ] sscdserd C:\WINDOWS\system32\DRIVERS\sscdserd.sys
15:04:48.0509 0144 sscdserd - ok
15:04:48.0525 0144 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
15:04:48.0541 0144 SSDPSRV - ok
15:04:48.0556 0144 [ 306521935042FC0A6988D528643619B3 ] StarOpen C:\WINDOWS\system32\drivers\StarOpen.sys
15:04:48.0556 0144 StarOpen - ok
15:04:48.0587 0144 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
15:04:48.0587 0144 stisvc - ok
15:04:48.0619 0144 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
15:04:48.0619 0144 streamip - ok
15:04:48.0634 0144 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
15:04:48.0634 0144 swenum - ok
15:04:48.0650 0144 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
15:04:48.0650 0144 swmidi - ok
15:04:48.0650 0144 SwPrv - ok
15:04:48.0666 0144 symc810 - ok
15:04:48.0666 0144 symc8xx - ok
15:04:48.0681 0144 sym_hi - ok
15:04:48.0681 0144 sym_u3 - ok
15:04:48.0697 0144 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
15:04:48.0697 0144 sysaudio - ok
15:04:48.0712 0144 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
15:04:48.0712 0144 SysmonLog - ok
15:04:48.0728 0144 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
15:04:48.0744 0144 TapiSrv - ok
15:04:48.0759 0144 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
15:04:48.0775 0144 Tcpip - ok
15:04:48.0791 0144 [ 4E53BBCC4BE37D7A4BD6EF1098C89FF7 ] Tcpip6 C:\WINDOWS\system32\DRIVERS\tcpip6.sys
15:04:48.0791 0144 Tcpip6 - ok
15:04:48.0822 0144 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
15:04:48.0822 0144 TDPIPE - ok
15:04:48.0822 0144 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
15:04:48.0822 0144 TDTCP - ok
15:04:48.0853 0144 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
15:04:48.0853 0144 TermDD - ok
15:04:48.0869 0144 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
15:04:48.0869 0144 TermService - ok
15:04:48.0884 0144 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
15:04:48.0884 0144 Themes - ok
15:04:48.0900 0144 TosIde - ok
15:04:48.0916 0144 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
15:04:48.0931 0144 TrkWks - ok
15:04:48.0947 0144 [ 8F861EDA21C05857EB8197300A92501C ] tunmp C:\WINDOWS\system32\DRIVERS\tunmp.sys
15:04:48.0947 0144 tunmp - ok
15:04:48.0962 0144 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
15:04:48.0962 0144 Udfs - ok
15:04:48.0978 0144 ultra - ok
15:04:48.0994 0144 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
15:04:48.0994 0144 Update - ok
15:04:49.0009 0144 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
15:04:49.0009 0144 upnphost - ok
15:04:49.0041 0144 [ 15629E4D65F97AB5432D6D9597CF6A33 ] upperdev C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys
15:04:49.0041 0144 upperdev - ok
15:04:49.0041 0144 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
15:04:49.0056 0144 UPS - ok
15:04:49.0056 0144 USBAAPL - ok
15:04:49.0087 0144 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
15:04:49.0087 0144 usbaudio - ok
15:04:49.0119 0144 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
15:04:49.0119 0144 usbccgp - ok
15:04:49.0150 0144 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
15:04:49.0150 0144 usbehci - ok
15:04:49.0166 0144 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
15:04:49.0166 0144 usbhub - ok
15:04:49.0181 0144 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
15:04:49.0181 0144 usbprint - ok
15:04:49.0197 0144 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
15:04:49.0197 0144 usbscan - ok
15:04:49.0228 0144 [ 1C888B000C2F9492F4B15B5B6B84873E ] usbser C:\WINDOWS\system32\drivers\usbser.sys
15:04:49.0228 0144 usbser - ok
15:04:49.0244 0144 [ 5C17E6A11AA8BE53F79FD364BA19F0CE ] UsbserFilt C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys
15:04:49.0244 0144 UsbserFilt - ok
15:04:49.0275 0144 [ A32426D9B14A089EAA1D922E0C5801A9 ] usbstor C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
15:04:49.0275 0144 usbstor - ok
15:04:49.0291 0144 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
15:04:49.0291 0144 usbuhci - ok
15:04:49.0306 0144 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
15:04:49.0306 0144 VgaSave - ok
15:04:49.0306 0144 ViaIde - ok
15:04:49.0337 0144 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
15:04:49.0337 0144 VolSnap - ok
15:04:49.0353 0144 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
15:04:49.0353 0144 VSS - ok
15:04:49.0384 0144 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\System32\w32time.dll
15:04:49.0384 0144 W32Time - ok
15:04:49.0400 0144 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
15:04:49.0400 0144 Wanarp - ok
15:04:49.0431 0144 [ 4074C9CBB02F817B508265A13546C79E ] wanusb C:\WINDOWS\system32\DRIVERS\gwausb.sys
15:04:49.0431 0144 wanusb - ok
15:04:49.0462 0144 [ BBCFEAB7E871CDDAC2D397EE7FA91FDC ] Wdf01000 C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
15:04:49.0462 0144 Wdf01000 - ok
15:04:49.0462 0144 WDICA - ok
15:04:49.0478 0144 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
15:04:49.0478 0144 wdmaud - ok
15:04:49.0494 0144 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
15:04:49.0494 0144 WebClient - ok
15:04:49.0541 0144 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
15:04:49.0541 0144 winmgmt - ok
15:04:49.0619 0144 [ 5144AE67D60EC653F97DDF3FEED29E77 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:04:49.0619 0144 wlidsvc - ok
15:04:49.0650 0144 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
15:04:49.0650 0144 WmdmPmSN - ok
15:04:49.0666 0144 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\System32\wbem\wmiapsrv.exe
15:04:49.0666 0144 WmiApSrv - ok
15:04:49.0728 0144 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
15:04:49.0744 0144 WMPNetworkSvc - ok
15:04:49.0759 0144 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
15:04:49.0759 0144 WpdUsb - ok
15:04:49.0791 0144 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
15:04:49.0791 0144 wscsvc - ok
15:04:49.0822 0144 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
15:04:49.0822 0144 WSTCODEC - ok
15:04:49.0837 0144 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
15:04:49.0837 0144 wuauserv - ok
15:04:49.0853 0144 [ 6FF66513D372D479EF1810223C8D20CE ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
15:04:49.0853 0144 WudfPf - ok
15:04:49.0869 0144 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
15:04:49.0869 0144 WudfRd - ok
15:04:49.0884 0144 [ 575A4190D989F64732119E4114045A4F ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
15:04:49.0884 0144 WudfSvc - ok
15:04:49.0916 0144 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
15:04:49.0947 0144 WZCSVC - ok
15:04:49.0962 0144 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
15:04:49.0978 0144 xmlprov - ok
15:04:49.0994 0144 [ F2C38CD7B6696566DA0C3485A41B43DC ] zgwhsdiag C:\WINDOWS\system32\DRIVERS\zgwhsdiag.sys
15:04:49.0994 0144 zgwhsdiag - ok
15:04:50.0025 0144 [ F2C38CD7B6696566DA0C3485A41B43DC ] zgwhsmdm C:\WINDOWS\system32\DRIVERS\zgwhsmdm.sys
15:04:50.0025 0144 zgwhsmdm - ok
15:04:50.0056 0144 [ F2C38CD7B6696566DA0C3485A41B43DC ] zgwhsnmea C:\WINDOWS\system32\DRIVERS\zgwhsnmea.sys
15:04:50.0056 0144 zgwhsnmea - ok
15:04:50.0072 0144 ================ Scan global ===============================
15:04:50.0087 0144 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
15:04:50.0119 0144 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
15:04:50.0134 0144 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
15:04:50.0150 0144 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
15:04:50.0150 0144 [Global] - ok
15:04:50.0150 0144 ================ Scan MBR ==================================
15:04:50.0166 0144 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
15:04:50.0416 0144 \Device\Harddisk0\DR0 - ok
15:04:50.0431 0144 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
15:04:50.0650 0144 \Device\Harddisk1\DR1 - ok
15:04:50.0650 0144 ================ Scan VBR ==================================
15:04:50.0650 0144 [ 47A27345603DE8AAFBB10CACD1E52955 ] \Device\Harddisk0\DR0\Partition1
15:04:50.0650 0144 \Device\Harddisk0\DR0\Partition1 - ok
15:04:50.0666 0144 [ 4DB32ACC7420546CAAEEC99D787489D6 ] \Device\Harddisk0\DR0\Partition2
15:04:50.0666 0144 \Device\Harddisk0\DR0\Partition2 - ok
15:04:50.0666 0144 [ A215977726450E8FD4E8EFAD087791D6 ] \Device\Harddisk1\DR1\Partition1
15:04:50.0666 0144 \Device\Harddisk1\DR1\Partition1 - ok
15:04:50.0681 0144 [ 740E4B7FA46340A356217A58A28757E0 ] \Device\Harddisk1\DR1\Partition2
15:04:50.0697 0144 \Device\Harddisk1\DR1\Partition2 - ok
15:04:50.0697 0144 ============================================================
15:04:50.0697 0144 Scan finished
15:04:50.0697 0144 ============================================================
15:04:50.0697 0184 Detected object count: 0
15:04:50.0697 0184 Actual detected object count: 0
15:06:59.0134 0128 Deinitialize success


aswMBR Log.


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-09-01 15:07:04
-----------------------------
15:07:04.244 OS Version: Windows 5.1.2600 Service Pack 3
15:07:04.244 Number of processors: 2 586 0x401
15:07:04.244 ComputerName: MUM-DADS-PC UserName:
15:07:04.712 Initialize success
15:12:07.228 AVAST engine defs: 12083102
15:12:21.447 Disk 0 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-e
15:12:21.447 Disk 0 Vendor: ST3160023AS 3.20 Size: 152627MB BusType: 3
15:12:21.447 Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP3T0L0-19
15:12:21.447 Disk 1 Vendor: WDC_WD5000AAKS-22A7B0 01.03B01 Size: 476940MB BusType: 3
15:12:21.462 Disk 1 MBR read successfully
15:12:21.462 Disk 1 MBR scan
15:12:21.509 Disk 1 Windows XP default MBR code
15:12:21.509 Disk 1 Partition 1 80 (A) 07 HPFS/NTFS NTFS 99998 MB offset 63
15:12:21.525 Disk 1 Partition 2 00 07 HPFS/NTFS NTFS 376939 MB offset 204796620
15:12:21.541 Disk 1 scanning sectors +976768065
15:12:21.603 Disk 1 scanning C:\WINDOWS\system32\drivers
15:12:39.041 Service scanning
15:12:51.134 Service MpKsl3e73ea71 C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{6E594032-4873-4114-90CA-A250F5AB555A}\MpKsl3e73ea71.sys **LOCKED** 32
15:13:32.181 Modules scanning
15:13:35.447 Disk 1 trace - called modules:
15:13:35.478 ntkrnlpa.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll pciide.sys PCIIDEX.SYS
15:13:35.478 1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0x8bbd4ab8]
15:13:35.478 3 CLASSPNP.SYS[b80e8fd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP3T0L0-19[0x8bbcdd98]
15:13:35.837 AVAST engine scan C:\WINDOWS
15:13:47.994 AVAST engine scan C:\WINDOWS\system32
15:17:48.041 AVAST engine scan C:\WINDOWS\system32\drivers
15:18:10.634 AVAST engine scan C:\Documents and Settings\**********
15:48:45.228 AVAST engine scan C:\Documents and Settings\All Users
16:02:58.041 Scan finished successfully
16:04:38.025 Disk 1 MBR has been saved successfully to "C:\Documents and Settings\**********\Desktop\MBR.dat"
16:04:38.025 The log file has been saved successfully to "C:\Documents and Settings\**********\Desktop\aswMBR.txt"


ESET Log

D:\Documents and Settings\***********\My Documents\My Games\Games\Downloads\fractalheartss.exe multiple threats cleaned by deleting - quarantined
D:\VundoFix Backups\ddvofin.bak2.bad Win32/Adware.Virtumonde.NEO application cleaned by deleting - quarantined
D:\VundoFix Backups\ddvofin.ini.bad Win32/Adware.Virtumonde.NEO application cleaned by deleting - quarantined
D:\VundoFix Backups\ddvofin.ini2.bad Win32/Adware.Virtumonde.NEO application cleaned by deleting - quarantined
D:\WINDOWS\system32\fhkmp.tmp Win32/Adware.Virtumonde.NEO application cleaned by deleting - quarantined

Everything was going well until I ran the ESET scan. 1st attempt it froze on a single file for well over 20 mins, it was a part download of something from Aeria games (it was about 5 gigs), so I deleted the folder and tried again. 2nd attempt was going really well. It said 3 threats found and then the kids turned the computer off... 3rd attempt and finally completed however the threats listed aren't the same as the other 3 that were found on the 2nd attempt :(

Cheers,
E.

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:38 AM

Posted 01 September 2012 - 05:26 AM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#5 ErazmusNZ

ErazmusNZ
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:38 AM

Posted 01 September 2012 - 10:06 PM

Hi Narenxp,

MBAM done.

Minitoolbox log.


MiniToolBox by Farbar Version: 23-07-2012
Ran by ******** (administrator) on 02-09-2012 at 14:56:15
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================





127.0.0.1 localhost
127.0.0.1 www.bebo.com
127.0.0.1 www.bearshare.com
127.0.0.1 www.alot.com
127.0.0.1 bebo.com
127.0.0.1 bearshare.com
127.0.0.1 alot.com
127.0.0.1 www.youtube123.com
127.0.0.1 youtube123.com
127.0.0.1 www.zillion.co.nz
127.0.0.1 www.huntingandfishing.co.nz
127.0.0.1 huntingandfishing.co.nz
127.0.0.1 zillion.co.nz
127.0.0.1 possumtraps.co.nz
127.0.0.1 www.possumtraps.co.nz
127.0.0.1 connovation.co.nz
127.0.0.1 www.connovation.co.nz
127.0.0.1 www.nopests.co.nz
127.0.0.1 www.nzhuntinginfo.com

There are 2 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

Realtek RTL8139/810x Family Fast Ethernet NIC = Local Area Connection (Connected)
1394 Net Adapter = 1394 Connection 2 (Connected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : MUM-DADS-PC

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Mixed

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No



Ethernet adapter Local Area Connection:



Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Realtek RTL8139/810x Family Fast Ethernet NIC

Physical Address. . . . . . . . . : 00-15-F2-55-FF-9D

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 10.1.1.7

Subnet Mask . . . . . . . . . . . : 255.0.0.0

IP Address. . . . . . . . . . . . : fe80::215:f2ff:fe55:ff9d%4

Default Gateway . . . . . . . . . : 10.1.1.1

DHCP Server . . . . . . . . . . . : 10.1.1.1

DNS Servers . . . . . . . . . . . : 10.1.1.1

fec0:0:0:ffff::1%1

fec0:0:0:ffff::2%1

fec0:0:0:ffff::3%1

Lease Obtained. . . . . . . . . . : Sunday, 2 September 2012 2:34:05 p.m.

Lease Expires . . . . . . . . . . : Sunday, 2 September 2012 3:34:05 p.m.



Tunnel adapter Teredo Tunneling Pseudo-Interface:



Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface

Physical Address. . . . . . . . . : 00-00-FB-BF-34-52-38-EF

Dhcp Enabled. . . . . . . . . . . : No

IP Address. . . . . . . . . . . . : 2001:0:4137:9e76:0:fbbf:3452:38ef

IP Address. . . . . . . . . . . . : fe80::ffff:ffff:fffd%5

Default Gateway . . . . . . . . . : ::

NetBIOS over Tcpip. . . . . . . . : Disabled



Tunnel adapter Automatic Tunneling Pseudo-Interface:



Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Automatic Tunneling Pseudo-Interface

Physical Address. . . . . . . . . : 0A-01-01-07

Dhcp Enabled. . . . . . . . . . . : No

IP Address. . . . . . . . . . . . : fe80::5efe:10.1.1.7%2

Default Gateway . . . . . . . . . :

DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1

fec0:0:0:ffff::2%1

fec0:0:0:ffff::3%1

NetBIOS over Tcpip. . . . . . . . : Disabled

Server: mygateway1.ar7
Address: 10.1.1.1

Name: google.com
Addresses: 74.125.237.102, 74.125.237.103, 74.125.237.104, 74.125.237.105
74.125.237.110, 74.125.237.96, 74.125.237.97, 74.125.237.98, 74.125.237.99
74.125.237.100, 74.125.237.101



Pinging google.com [74.125.237.102] with 32 bytes of data:



Reply from 74.125.237.102: bytes=32 time=53ms TTL=55

Reply from 74.125.237.102: bytes=32 time=53ms TTL=55



Ping statistics for 74.125.237.102:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 53ms, Maximum = 53ms, Average = 53ms

Server: mygateway1.ar7
Address: 10.1.1.1

Name: yahoo.com
Addresses: 98.139.183.24, 72.30.38.140, 98.138.253.109



Pinging yahoo.com [98.139.183.24] with 32 bytes of data:



Reply from 98.139.183.24: bytes=32 time=292ms TTL=48

Reply from 98.139.183.24: bytes=32 time=283ms TTL=48



Ping statistics for 98.139.183.24:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 283ms, Maximum = 292ms, Average = 287ms

Server: mygateway1.ar7
Address: 10.1.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:



Request timed out.

Request timed out.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 15 f2 55 ff 9d ...... Realtek RTL8139 Family PCI Fast Ethernet NIC - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.1.1.1 10.1.1.7 20
10.0.0.0 255.0.0.0 10.1.1.7 10.1.1.7 20
10.1.1.7 255.255.255.255 127.0.0.1 127.0.0.1 20
10.255.255.255 255.255.255.255 10.1.1.7 10.1.1.7 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
169.254.0.0 255.255.0.0 10.1.1.7 10.1.1.7 20
224.0.0.0 240.0.0.0 10.1.1.7 10.1.1.7 20
255.255.255.255 255.255.255.255 10.1.1.7 10.1.1.7 1
Default Gateway: 10.1.1.1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\WINDOWS\system32\pnrpnsp.dll [58880] (Microsoft Corporation)
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\pnrpnsp.dll"

Catalog5 05 C:\WINDOWS\system32\pnrpnsp.dll [58880] (Microsoft Corporation)
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\pnrpnsp.dll"

Catalog5 06 C:\Program Files\Bonjour\mdnsNSP.dll [152864] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 30 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/02/2012 01:16:52 PM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 2152759308, P2 unspecified, P3 scanfile, P4 4.0.1526.0, P5 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P6 unspecified, P7 unspecified, P8 NIL, P9 mptelemetry0, P10 mptelemetry1.

Error: (09/02/2012 10:01:06 AM) (Source: Application Error) (User: )
Description: Faulting application teatimer.exe, version 1.6.4.26, faulting module teatimer.exe, version 1.6.4.26, fault address 0x0006e60e.
Processing media-specific event for [teatimer.exe!ws!]

Error: (09/02/2012 06:30:37 AM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 2152759308, P2 unspecified, P3 scanfile, P4 4.0.1526.0, P5 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P6 unspecified, P7 unspecified, P8 NIL, P9 mptelemetry0, P10 mptelemetry1.

Error: (09/01/2012 08:31:34 AM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (09/01/2012 07:34:37 AM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (08/31/2012 08:40:52 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3789391

Error: (08/31/2012 08:40:52 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3789391

Error: (08/31/2012 08:40:52 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/26/2012 08:05:18 AM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (08/26/2012 08:05:17 AM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.


System errors:
=============
Error: (09/02/2012 02:36:45 AM) (Source: 0) (User: )
Description: \Device\Harddisk1\D

Error: (08/31/2012 08:56:00 PM) (Source: Service Control Manager) (User: )
Description: The Bonjour Service service terminated unexpectedly. It has done this 1 time(s).

Error: (08/31/2012 08:55:55 PM) (Source: Service Control Manager) (User: )
Description: The Indexing Service service terminated unexpectedly. It has done this 1 time(s).

Error: (08/31/2012 08:40:43 PM) (Source: Dhcp) (User: )
Description: Your computer has lost the lease to its IP address 10.1.1.7 on the
Network Card with network address 0015F255FF9D.

Error: (08/31/2012 07:29:39 PM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for a transaction response from the NVSvc service.

Error: (08/30/2012 08:12:02 PM) (Source: Service Control Manager) (User: )
Description: The Bonjour Service service terminated unexpectedly. It has done this 1 time(s).

Error: (08/30/2012 08:11:53 PM) (Source: Service Control Manager) (User: )
Description: The Indexing Service service terminated unexpectedly. It has done this 1 time(s).

Error: (08/28/2012 07:48:55 PM) (Source: Service Control Manager) (User: )
Description: The Bonjour Service service terminated unexpectedly. It has done this 1 time(s).

Error: (08/28/2012 07:48:51 PM) (Source: Service Control Manager) (User: )
Description: The Indexing Service service terminated unexpectedly. It has done this 1 time(s).

Error: (08/28/2012 07:48:36 PM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for a transaction response from the NVSvc service.


Microsoft Office Sessions:
=========================
Error: (09/02/2012 01:16:52 PM) (Source: MPSampleSubmission)(User: )
Description: mptelemetry2152759308unspecifiedscanfile4.0.1526.0microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094)unspecifiedunspecifiedNILNILNIL

Error: (09/02/2012 10:01:06 AM) (Source: Application Error)(User: )
Description: teatimer.exe1.6.4.26teatimer.exe1.6.4.260006e60e

Error: (09/02/2012 06:30:37 AM) (Source: MPSampleSubmission)(User: )
Description: mptelemetry2152759308unspecifiedscanfile4.0.1526.0microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094)unspecifiedunspecifiedNILNILNIL

Error: (09/01/2012 08:31:34 AM) (Source: Application Hang)(User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000

Error: (09/01/2012 07:34:37 AM) (Source: Application Hang)(User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000

Error: (08/31/2012 08:40:52 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3789391

Error: (08/31/2012 08:40:52 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3789391

Error: (08/31/2012 08:40:52 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/26/2012 08:05:18 AM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (08/26/2012 08:05:17 AM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.


=========================== Installed Programs ============================

Acrobat.com (Version: 2.0.0)
Adobe AIR (Version: 1.5.3.9130)
Adobe Anchor Service CS4 (Version: 2.0)
Adobe Bridge CS4 (Version: 3)
Adobe CMaps CS4 (Version: 2.0)
Adobe Color EU Extra Settings CS4 (Version: 2.0)
Adobe Color JA Extra Settings CS4 (Version: 2.0)
Adobe Color NA Recommended Settings CS4 (Version: 2.0)
Adobe CSI CS4 (Version: 1)
Adobe Default Language CS4 (Version: 2.0)
Adobe Device Central CS4 (Version: 2)
Adobe Drive CS4 (Version: 1)
Adobe ExtendScript Toolkit CS4 (Version: 3.0.0)
Adobe Extension Manager CS4 (Version: 2.0)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.270)
Adobe Flash Player 11 Plugin (Version: 11.3.300.268)
Adobe Fonts All (Version: 2.0)
Adobe Illustrator CS4 (Version: 14.0)
Adobe Linguistics CS4 (Version: 4.0.0)
Adobe Media Player (Version: 0.0.0)
Adobe Output Module (Version: 2.0)
Adobe PDF Library Files CS4 (Version: 9.0)
Adobe Reader 9 (Version: 9.0.0)
Adobe Search for Help (Version: 1.0)
Adobe Service Manager Extension (Version: 1.0)
Adobe Setup (Version: 2.0)
Adobe Shockwave Player 11.5 (Version: 11.5.9.620)
Adobe Type Support CS4 (Version: 9.0)
Adobe Update Manager CS4 (Version: 6.0.0)
Adobe WinSoft Linguistics Plugin (Version: 1.1)
Adobe XMP Panels CS4 (Version: 2.0)
AdobeColorCommonSetCMYK (Version: 2.0)
AdobeColorCommonSetRGB (Version: 2.0)
Agere Systems PCI Soft Modem
Aptana Studio 3 (Version: 3.0.0)
ArtRage 2 Starter Edition (Version: 2.6.0)
Auslogics Disk Defrag (Version: version 3.1)
Battlefield Heroes (********)
BDE_ENT (Version: 5.1.1)
Belkin Setup and Router Monitor
Bonjour (Version: 2.0.3.0)
Candy Land - Dora the Explorer Edition
Canon Easy-PhotoPrint EX
Canon MP Navigator EX 4.0
Canon MP280 series MP Drivers
Canon My Printer
Cars
Clone Wars
CodeSite Express 4.6.2 (Version: 4.0)
CollabNet Subversion Client 1.6.12 (Version: 1.6.12)
Company of Heroes (Version: 2.103.0)
Connect (Version: 1.0.0.1)
CorelDRAW Graphics Suite X4 - Capture (Version: 14.2)
CorelDRAW Graphics Suite X4 - Content (Version: 14.2)
CorelDRAW Graphics Suite X4 - Draw (Version: 14.2)
CorelDRAW Graphics Suite X4 - Filters (Version: 14.2)
CorelDRAW Graphics Suite X4 - FontNav (Version: 14.2)
CorelDRAW Graphics SUite X4 - ICA (Version: 14.2)
CorelDRAW Graphics Suite X4 - IPM (Version: 14.2)
CorelDRAW Graphics Suite X4 - Lang EN (Version: 14.2)
CorelDRAW Graphics Suite X4 - PP (Version: 14.2)
CorelDRAW Graphics Suite X4 - VBA (Version: 14.2)
CorelDRAW Graphics Suite X4 (Version: 14.2)
CorelDRAW® Graphics Suite X4
CorelDRAW® Graphics Suite X4 - Windows Shell Extension
CorelDRAW® Graphics Suite X4 - Windows Shell Extension (Version: 1.1)
CPUID CPU-Z 1.58
Critical Update for Windows Media Player 11 (KB959772)
D-Link DSL-200 ADSL Modem
Diablo III (Version: 1.0.4.11327)
Dora's Big Birthday Adventure (Version: 32.0.0.0)
Dora the Explorer: Swiper's Big Adventure (Version: 32.0.0.0)
Embarcadero RAD Studio XE
Embarcadero RAD Studio XE (Version: 8.0)
Emsisoft Anti-Malware (Version: 6.0)
EPSON Printer Software
ESET Online Scanner v3
FastStone Capture 6.7 (Version: 6.7)
Fiddler2 (Version: 2.3.2.7)
FinalBuilder 7.0.0.761 Embarcadero Edition (Version: 7.0.0.761)
Fraps
GIMP 2.6.6
Google Chrome (Version: 21.0.1180.83)
HD Writer 2.5E for HDC (Version: 2.5.016.1033)
Hyperspace Invader version 2.40
iMesh (Version: 10.0.0.85069)
iTunes (Version: 10.0.1.22)
Java Auto Updater (Version: 2.1.6.0)
Java™ 7 Update 4 (Version: 7.0.40)
JavaFX 2.1.0 (Version: 2.1.0)
kuler (Version: 2.0)
League of Legends (Version: 1.3)
Lexmark 2300 Series
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
MDR WTides (Version: 3.1.7.0)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft Monster Truck Madness 2
Microsoft National Language Support Downlevel APIs
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Security Client (Version: 4.0.1526.0)
Microsoft Security Essentials (Version: 4.0.1526.0)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft User-Mode Driver Framework Feature Pack 1.7
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual J# 2.0 Redistributable Package
Microsoft Visual J# 2.0 Redistributable Package (Version: 2.0.50727)
mIRC (Version: 6.34)
Morpheus Photo Morpher v3.10
Mozilla Firefox 14.0.1 (x86 en-US) (Version: 14.0.1)
Mozilla Maintenance Service (Version: 14.0.1)
MSVC80_x86_v2 (Version: 1.0.3.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Mumble 1.2.3 (Version: 1.2.3)
Nokia Connectivity Cable Driver (Version: 7.1.22.0)
Nokia PC Suite (Version: 7.1.40.1)
Norton Security Scan (Version: 3.7.2.5)
Notepad++ (Version: 5.9.8)
NVIDIA Control Panel 301.42 (Version: 301.42)
NVIDIA Graphics Driver 301.42 (Version: 301.42)
NVIDIA Install Application (Version: 2.1002.75.420)
NVIDIA nView 136.27 (Version: 136.27)
NVIDIA Update 1.8.15 (Version: 1.8.15)
NVIDIA Update Components (Version: 1.8.15)
Oiko CSS editor 1.0 RC3 (Version: 1.0 RC3)
OpenOffice.org 3.0 (Version: 3.0.9379)
Pac-Man Adventures in Time
PC Connectivity Solution (Version: 9.44.0.3)
PDF Settings CS4 (Version: 9.0)
Photoshop Camera Raw (Version: 5.0)
Picasa 3 (Version: 3.1)
PSGame_CB
PunkBuster Services (Version: 0.990)
Quake Live Internet Explorer Plugin (Version: 1.0.520)
Quake Live Mozilla Plugin (Version: 1.0.520)
QuickTime (Version: 7.68.75.0)
Rave Reports 9.0.0 BE
REALTEK GbE & FE Ethernet PCI NIC Driver (Version: 1.23.0000)
Realtek High Definition Audio Driver
SAMSUNG Mobile Modem Driver Set
Samsung Mobile phone USB driver Software
SAMSUNG Mobile USB Modem 1.0 Software
SAMSUNG Mobile USB Modem Software
Samsung PC Studio 3 (Version: 3.0.0.71206)
Samsung PC Studio 3 (Version: 3.2.2.80705)
SequoiaView
Sesame Street First Steps (remove only)
Sins of a Solar Empire
Sins of a Solar Empire (Version: 1.00.00)
Skype™ 5.10 (Version: 5.10.116)
SolveigMM AVI Trimmer (Version: 1.6.901.20)
Spybot - Search & Destroy (Version: 1.6.2)
Star Defender 3 (Version: )
Steam (Version: 1.0.0.0)
Suite Shared Configuration CS4 (Version: 1.0)
Team Fortress 2
Telecom JoinME (Version: 2.0.3.0)
TextPad 5 (Version: 5.2.0)
Titan Quest (Version: 1.00.0000)
Tux Paint 0.9.21
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Windows Internet Explorer 8 (KB2598845) (Version: 1)
Update for Windows Internet Explorer 8 (KB2632503) (Version: 1)
Update for Windows Internet Explorer 8 (KB972636) (Version: 1)
Update for Windows Internet Explorer 8 (KB976662) (Version: 1)
Update for Windows Internet Explorer 8 (KB976749) (Version: 1)
Update for Windows Internet Explorer 8 (KB980182) (Version: 1)
Update for Windows XP (KB2141007) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2492386) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2616676-v2) (Version: 2)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB951072-v2) (Version: 2)
Update for Windows XP (KB951618-v2) (Version: 2)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB955839) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
Ventrilo Client (Version: 3.0.5)
VideoLAN VLC media player 0.8.6i (Version: 0.8.6i)
Visual Basic for Applications ® Core - English (Version: 6.4.99.69)
Visual Basic for Applications ® Core (Version: 6.4.99.69)
WebFldrs XP (Version: 9.50.6513)
Windows Driver Package - Nokia Modem (06/01/2009 7.01.0.4) (Version: 06/01/2009 7.01.0.4)
Windows Driver Package - Nokia Modem (10/05/2009 4.2) (Version: 10/05/2009 4.2)
Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0) (Version: 08/22/2008 7.0.0.0)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
Windows Media Format 11 runtime
Windows XP Service Pack 3 (Version: 20080414.031525)
WinRAR archiver
Xfire (remove only)
Xvid MPEG-4 Video Codec
Zoo Vet 2 (Version: 1.0.0.0)

========================= Memory info: ===================================

Percentage of memory in use: 35%
Total physical RAM: 3199.29 MB
Available physical RAM: 2059.43 MB
Total Pagefile: 5084.23 MB
Available Pagefile: 4079.79 MB
Total Virtual: 2047.88 MB
Available Virtual: 1970.98 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:97.65 GB) (Free:8.69 GB) NTFS
2 Drive d: () (Fixed) (Total:144.79 GB) (Free:75.92 GB) NTFS
3 Drive i: (New Volume) (Fixed) (Total:368.1 GB) (Free:110.75 GB) NTFS
4 Drive j: (SECOND DISK) (Fixed) (Total:4.24 GB) (Free:1.54 GB) FAT32

========================= Users: ========================================

User accounts for \\MUM-DADS-PC

Administrator ASPNET ********
Guest HelpAssistant SUPPORT_388945a0
UpdatusUser


**** End of log ****

FSS log.

Farbar Service Scanner Version: 06-08-2012
Ran by ******** (administrator) on 02-09-2012 at 15:02:48
Running from "C:\Documents and Settings\********\My Documents\Downloads"
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
Gpc(3) IPSec(5) NetBT(6) PSched(7) Tcpip(4) Tcpip6(8)
0x080000000500000001000000020000000300000004000000060000000700000008000000
IpSec Tag value is correct.

**** End of log ****

Can't run adware cleaner, get a 404 from the link provided?

Cheers,
E.

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:38 AM

Posted 01 September 2012 - 10:07 PM

Use this

http://www.bleepstatic.com/fhost/uploads/1/adwcleaner.exe

#7 ErazmusNZ

ErazmusNZ
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:38 AM

Posted 01 September 2012 - 10:59 PM

Gah same thing, 404.

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:38 AM

Posted 01 September 2012 - 11:02 PM

Try again

#9 ErazmusNZ

ErazmusNZ
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:38 AM

Posted 01 September 2012 - 11:22 PM

Excellent, all good now :)

adware cleaner log.


# AdwCleaner v2.000 - Logfile created 09/02/2012 at 16:16:43
# Updated 30/08/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : ********** - MUM-DADS-PC
# Boot Mode : Normal
# Running from : C:\Documents and Settings\********\My Documents\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\WINDOWS\system32\conduitEngine.tmp
Folder Deleted : C:\Documents and Settings\**********\Local Settings\Application Data\Conduit
Folder Deleted : C:\Documents and Settings\**********\Local Settings\Application Data\XfireXO
Folder Deleted : C:\Program Files\XfireXO

***** [Registry] *****

Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\AskToolbar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2886E672-6101-4F75-B2CA-68435F08660F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5E5AB302-7F65-44CD-8211-C1D4CAACCEA3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2886E672-6101-4F75-B2CA-68435F08660F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5E5AB302-7F65-44CD-8211-C1D4CAACCEA3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\XfireXO
Key Deleted : HKCU\Toolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FC41815-FA4C-4F8B-B143-2C045C8EA2FC}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{21493C1F-D071-496A-9C27-450578888291}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{403A885F-CB00-40C1-BDC1-EB09053194F7}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{55C1727F-5535-4C2A-9601-8C2458608B48}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{A7DDCBDE-5C86-415c-8A37-763AE183E7E4}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\DiscoveryHelper.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GIFAnimator.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\IMTrProgress.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\IMWeb.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\WMHelper.DLL
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2886E672-6101-4F75-B2CA-68435F08660F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E5AB302-7F65-44CD-8211-C1D4CAACCEA3}
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery
Key Deleted : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Key Deleted : HKLM\SOFTWARE\Classes\imweb.imwebcontrol
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5E8CD073-21DF-4117-9BBD-D03C45D36CAE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B37B4BA6-334E-72C1-B57E-6AFE8F8A5AF3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B77AD4AC-C1C2-B293-7737-71E13A11FFEA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CA1CE38C-F04C-471F-B9F3-083C58165C10}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E773F2CF-5E6E-FF2B-81A1-AC581A26B2B2}
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT1678857
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2304157
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{252C2315-CCE0-4446-8DA7-C00292A690BA}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{403A885F-CB00-40C1-BDC1-EB09053194F7}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{55C1727F-5535-4C2A-9601-8C2458608B48}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{96F7FABC-5789-EFA4-B6ED-1272F4C1D27B}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AA734AEF-7BE5-42CA-9FDA-9BFB63223051}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C85A84F2-8451-4747-80FD-560406EC76E4}
Key Deleted : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BabylonToolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5E5AB302-7F65-44CD-8211-C1D4CAACCEA3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{2886E672-6101-4F75-B2CA-68435F08660F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{872F3C0B-4462-424C-BB9F-74C6899B9F92}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B6F8DA9F-2696-419e-A8A3-19BE41EF51BD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\XfireXO Toolbar
Key Deleted : HKLM\Software\XfireXO
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{5E5AB302-7F65-44CD-8211-C1D4CAACCEA3}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

Restored : [HKCU\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-21-842925246-1336601894-725345543-1007\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://search.babylon.com/?babsrc=NT_ss&mntrId=48a9cd8200000000000000112ff48dc7&tlver=1.4.19.19&ss=1&affID=17980 --> hxxp://www.google.com

-\\ Mozilla Firefox v14.0.1 (en-US)

Profile name : default
File : C:\Documents and Settings\**********\Application Data\Mozilla\Firefox\Profiles\2fnvzas1.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v21.0.1180.83

File : C:\Documents and Settings\**********\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [7098 octets] - [02/09/2012 16:16:43]

########## EOF - C:\AdwCleaner[S1].txt - [7158 octets] ##########

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:38 AM

Posted 01 September 2012 - 11:24 PM

download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here

Any current issues?

#11 ErazmusNZ

ErazmusNZ
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:38 AM

Posted 01 September 2012 - 11:30 PM

All seems good as far as accessing google services go. Thanks heaps.

I might give the system a good defrag afterwards as for some reason it now takes about 2 mins+ just to load my desktop icons at startup. MsMpEng.exe seems to peak at about 98% CPU around the same time which is the MS Sec Essentials right?

RKill log.


Rkill 2.3.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 09/02/2012 04:26:04 PM in x86 mode.
Windows Version: Microsoft Windows XP Service Pack 3

Checking for Windows services to stop.

* No malware services found to stop.

Checking for processes to terminate.

* No malware processes found to kill.

Checking Registry for malware related settings.

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks.
* No issues found.

Checking Windows Service Integrity:

* Background Intelligent Transfer Service (BITS) is not Running.
Startup Type set to: Manual

Searching for Missing Digital Signatures:

* No issues found.

Program finished at: 09/02/2012 04:26:43 PM
Execution time: 0 hours(s), 0 minute(s), and 38 seconds(s)

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:38 AM

Posted 01 September 2012 - 11:33 PM

MsMpEng.exe seems to peak at about 98% CPU around the same time which is the MS Sec Essentials right?


Probably its updating.Restart the PC twice or thrice and see if stabilizes.

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode

Turn off your system restore,restart the PC,create a new restore point

http://support.microsoft.com/kb/310405

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#13 ErazmusNZ

ErazmusNZ
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:38 AM

Posted 02 September 2012 - 02:31 AM

Thanks heaps :)

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:38 AM

Posted 02 September 2012 - 07:59 AM

You're welcome :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users