Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Constant sponsored ads and redirects


  • Please log in to reply
5 replies to this topic

#1 mikeblac

mikeblac

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:01:01 AM

Posted 10 September 2012 - 07:46 PM

Seems that I am infected with something that AVG, SAS, and Malwarebytes can not uncover. What used to be a pleasant browsing experience has become a nightmare. The sites that used to load in 5 seconds, now take 2-3 minutes. My work sites are not immune from this, it seems that and site I go to is delayed due to "sponsored ads", and other popups. I have tried many other things, but nothing seems to work. If I could afford it, I would take this laptop and run over it with the truck and be done. But....that is not an option.

I have run the check listed, and the results are below. Any help is greatly appreciated! I am only a basic user, so may need detailed instructions, if anyone can assist.

Results of screen317's Security Check version 0.99.50
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
AVG Anti-Virus Free Edition 2012
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
AOL Spyware Protection
SUPERAntiSpyware
Malwarebytes Anti-Malware version 1.62.0.1300
AVG PC Tuneup 2011
Java™ 6 Update 29
Java version out of Date!
Adobe Flash Player 10 Flash Player out of Date!
Adobe Reader 7 Adobe Reader out of Date!
````````Process Check: objlist.exe by Laurent````````
AVG avgwdsvc.exe
AVG avgtray.exe
AVG avgrsx.exe
AVG avgnsx.exe
AVG avgemc.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:: 8%
````````````````````End of Log``````````````````````




Thanks,
Mike

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:01 AM

Posted 10 September 2012 - 09:02 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 mikeblac

mikeblac
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:01:01 AM

Posted 17 September 2012 - 02:26 PM

Thanks for the help.

Here are the logs you requested.

09:44:07.0702 2268 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
09:44:13.0686 2268 ============================================================
09:44:13.0686 2268 Current date / time: 2012/09/17 09:44:13.0686
09:44:13.0686 2268 SystemInfo:
09:44:13.0686 2268
09:44:13.0686 2268 OS Version: 5.1.2600 ServicePack: 3.0
09:44:13.0686 2268 Product type: Workstation
09:44:13.0686 2268 ComputerName: MIKE
09:44:13.0686 2268 UserName: Owner
09:44:13.0686 2268 Windows directory: C:\WINDOWS
09:44:13.0686 2268 System windows directory: C:\WINDOWS
09:44:13.0686 2268 Processor architecture: Intel x86
09:44:13.0686 2268 Number of processors: 1
09:44:13.0686 2268 Page size: 0x1000
09:44:13.0686 2268 Boot type: Normal boot
09:44:13.0686 2268 ============================================================
09:44:16.0108 2268 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
09:44:16.0124 2268 ============================================================
09:44:16.0124 2268 \Device\Harddisk0\DR0:
09:44:16.0124 2268 MBR partitions:
09:44:16.0124 2268 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x8AFD77, BlocksNum 0x8C5A889
09:44:16.0124 2268 \Device\Harddisk0\DR0\Partition2: MBR, Type 0xB, StartLBA 0x3F, BlocksNum 0x8AFD38
09:44:16.0124 2268 ============================================================
09:44:16.0171 2268 C: <-> \Device\Harddisk0\DR0\Partition1
09:44:16.0171 2268 D: <-> \Device\Harddisk0\DR0\Partition2
09:44:16.0171 2268 ============================================================
09:44:16.0171 2268 Initialize success
09:44:16.0171 2268 ============================================================
09:44:43.0702 2604 ============================================================
09:44:43.0702 2604 Scan started
09:44:43.0702 2604 Mode: Manual; TDLFS;
09:44:43.0702 2604 ============================================================
09:44:46.0624 2604 ================ Scan system memory ========================
09:44:46.0624 2604 System memory - ok
09:44:46.0624 2604 ================ Scan services =============================
09:44:46.0749 2604 [ C0393EB99A6C72C6BEF9BFC4A72B33A6 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
09:44:46.0765 2604 !SASCORE - ok
09:44:46.0968 2604 Abiosdsk - ok
09:44:46.0999 2604 [ 6ABB91494FE6C59089B9336452AB2EA3 ] abp480n5 C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
09:44:46.0999 2604 abp480n5 - ok
09:44:47.0061 2604 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
09:44:47.0077 2604 ACPI - ok
09:44:47.0108 2604 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
09:44:47.0108 2604 ACPIEC - ok
09:44:47.0171 2604 [ 9A11864873DA202C996558B2106B0BBC ] adpu160m C:\WINDOWS\system32\DRIVERS\adpu160m.sys
09:44:47.0171 2604 adpu160m - ok
09:44:47.0218 2604 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
09:44:47.0218 2604 aec - ok
09:44:47.0280 2604 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
09:44:47.0280 2604 AFD - ok
09:44:47.0327 2604 [ 08FD04AA961BDC77FB983F328334E3D7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
09:44:47.0327 2604 agp440 - ok
09:44:47.0343 2604 [ 03A7E0922ACFE1B07D5DB2EEB0773063 ] agpCPQ C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
09:44:47.0358 2604 agpCPQ - ok
09:44:47.0374 2604 [ C23EA9B5F46C7F7910DB3EAB648FF013 ] Aha154x C:\WINDOWS\system32\DRIVERS\aha154x.sys
09:44:47.0374 2604 Aha154x - ok
09:44:47.0405 2604 [ 19DD0FB48B0C18892F70E2E7D61A1529 ] aic78u2 C:\WINDOWS\system32\DRIVERS\aic78u2.sys
09:44:47.0421 2604 aic78u2 - ok
09:44:47.0452 2604 [ B7FE594A7468AA0132DEB03FB8E34326 ] aic78xx C:\WINDOWS\system32\DRIVERS\aic78xx.sys
09:44:47.0452 2604 aic78xx - ok
09:44:47.0499 2604 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
09:44:47.0515 2604 Alerter - ok
09:44:47.0546 2604 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
09:44:47.0546 2604 ALG - ok
09:44:47.0561 2604 [ 1140AB9938809700B46BB88E46D72A96 ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys
09:44:47.0577 2604 AliIde - ok
09:44:47.0593 2604 [ CB08AED0DE2DD889A8A820CD8082D83C ] alim1541 C:\WINDOWS\system32\DRIVERS\alim1541.sys
09:44:47.0593 2604 alim1541 - ok
09:44:47.0608 2604 [ 95B4FB835E28AA1336CEEB07FD5B9398 ] amdagp C:\WINDOWS\system32\DRIVERS\amdagp.sys
09:44:47.0624 2604 amdagp - ok
09:44:47.0702 2604 [ A2D5F093F9CB160C183C77015704F156 ] AmdK8 C:\WINDOWS\system32\DRIVERS\AmdK8.sys
09:44:47.0718 2604 AmdK8 - ok
09:44:47.0796 2604 AMDMSRIO - ok
09:44:47.0858 2604 [ 79F5ADD8D24BD6893F2903A3E2F3FAD6 ] amsint C:\WINDOWS\system32\DRIVERS\amsint.sys
09:44:47.0858 2604 amsint - ok
09:44:47.0936 2604 [ AA2770FD967DAB91A597619C4EADC0C9 ] AOL ACS C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
09:44:47.0936 2604 AOL ACS - ok
09:44:47.0983 2604 [ 7FB54900AA9792AB6307C699EC1859D4 ] AOL TopSpeedMonitor C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
09:44:47.0999 2604 AOL TopSpeedMonitor - ok
09:44:48.0061 2604 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
09:44:48.0061 2604 AppMgmt - ok
09:44:48.0108 2604 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
09:44:48.0249 2604 Arp1394 - ok
09:44:48.0296 2604 [ 875F9079CABEE679D34B49E466B61701 ] ASAPIW2K C:\WINDOWS\system32\Drivers\ASAPIW2K.sys
09:44:49.0671 2604 ASAPIW2K - ok
09:44:49.0733 2604 [ 62D318E9A0C8FC9B780008E724283707 ] asc C:\WINDOWS\system32\DRIVERS\asc.sys
09:44:49.0733 2604 asc - ok
09:44:49.0749 2604 [ 69EB0CC7714B32896CCBFD5EDCBEA447 ] asc3350p C:\WINDOWS\system32\DRIVERS\asc3350p.sys
09:44:49.0749 2604 asc3350p - ok
09:44:49.0780 2604 [ 5D8DE112AA0254B907861E9E9C31D597 ] asc3550 C:\WINDOWS\system32\DRIVERS\asc3550.sys
09:44:49.0780 2604 asc3550 - ok
09:44:49.0843 2604 [ D880831279ED91F9A4190A2DB9539EA9 ] ASCTRM C:\WINDOWS\system32\drivers\ASCTRM.sys
09:44:49.0843 2604 ASCTRM - ok
09:44:49.0999 2604 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
09:44:50.0171 2604 aspnet_state - ok
09:44:50.0218 2604 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
09:44:50.0327 2604 AsyncMac - ok
09:44:50.0390 2604 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
09:44:50.0390 2604 atapi - ok
09:44:50.0421 2604 Atdisk - ok
09:44:50.0499 2604 [ 2C450E1E3442F3B776B301A67E8C47F0 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
09:44:50.0515 2604 Ati HotKey Poller - ok
09:44:50.0608 2604 [ B8142104502F794689C1C0BCBFB53B98 ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
09:44:50.0827 2604 ati2mtag - ok
09:44:50.0874 2604 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
09:44:50.0936 2604 Atmarpc - ok
09:44:51.0015 2604 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
09:44:51.0015 2604 AudioSrv - ok
09:44:51.0061 2604 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
09:44:51.0233 2604 audstub - ok
09:44:51.0515 2604 [ 3A457C2F798CAD79CD30224E723E01FB ] AVG Security Toolbar Service C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe
09:44:51.0702 2604 AVG Security Toolbar Service - ok
09:44:52.0108 2604 [ F6A528DE535396C2FB1A4E3C6F00CEC4 ] AVGIDSAgent C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
09:44:52.0436 2604 AVGIDSAgent - ok
09:44:52.0515 2604 [ 1074F787080068C71303B61FAE7E7CA4 ] AVGIDSDriver C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys
09:44:52.0546 2604 AVGIDSDriver - ok
09:44:52.0577 2604 [ 61A7E0B02F82CFF3DB2445BBE50B3589 ] AVGIDSFilter C:\WINDOWS\system32\DRIVERS\avgidsfilterx.sys
09:44:52.0577 2604 AVGIDSFilter - ok
09:44:52.0608 2604 [ D63D83659EEDF60B3A3E620281A888E5 ] AVGIDSHX C:\WINDOWS\system32\DRIVERS\avgidshx.sys
09:44:52.0608 2604 AVGIDSHX - ok
09:44:52.0640 2604 [ BAF975B72062F53D327788E99D64197E ] AVGIDSShim C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys
09:44:52.0640 2604 AVGIDSShim - ok
09:44:52.0718 2604 [ DCB09125C8B4766A88C86914B65487C1 ] Avgldx86 C:\WINDOWS\system32\DRIVERS\avgldx86.sys
09:44:52.0827 2604 Avgldx86 - ok
09:44:52.0874 2604 [ CCDD61545AAEA265977E4B1EFDC74E8C ] Avgmfx86 C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
09:44:52.0874 2604 Avgmfx86 - ok
09:44:52.0874 2604 [ 1FD90B28D2C3100BF4500199C8AD6358 ] Avgrkx86 C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
09:44:52.0890 2604 Avgrkx86 - ok
09:44:52.0952 2604 [ C0BC3B2E3FD625E7F55E1FF863E94592 ] Avgtdix C:\WINDOWS\system32\DRIVERS\avgtdix.sys
09:44:53.0015 2604 Avgtdix - ok
09:44:53.0093 2604 [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd C:\Program Files\AVG\AVG2012\avgwdsvc.exe
09:44:53.0093 2604 avgwd - ok
09:44:53.0155 2604 [ E7DEBB46B9EF1F28932E533BE4A3D1A9 ] BCM43XX C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
09:44:53.0202 2604 BCM43XX - ok
09:44:53.0233 2604 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
09:44:53.0311 2604 Beep - ok
09:44:53.0390 2604 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
09:44:53.0452 2604 BITS - ok
09:44:53.0530 2604 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
09:44:53.0530 2604 Browser - ok
09:44:53.0577 2604 [ 48612C10C0771600E6C571DACA3C582D ] CAMCAUD C:\WINDOWS\system32\drivers\camc6aud.sys
09:44:53.0593 2604 CAMCAUD - ok
09:44:53.0671 2604 [ 35FFAAE9AF28B27FCF215CECAEEA585A ] CAMCHALA C:\WINDOWS\system32\drivers\camc6hal.sys
09:44:53.0827 2604 CAMCHALA - ok
09:44:53.0874 2604 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
09:44:53.0874 2604 cbidf - ok
09:44:53.0890 2604 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
09:44:53.0905 2604 cbidf2k - ok
09:44:53.0952 2604 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
09:44:54.0046 2604 CCDECODE - ok
09:44:54.0077 2604 [ F3EC03299634490E97BBCE94CD2954C7 ] cd20xrnt C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
09:44:54.0077 2604 cd20xrnt - ok
09:44:54.0124 2604 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
09:44:54.0171 2604 Cdaudio - ok
09:44:54.0202 2604 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
09:44:54.0202 2604 Cdfs - ok
09:44:54.0265 2604 [ BF79E659C506674C0497CC9C61F1A165 ] Cdr4_xp C:\WINDOWS\system32\drivers\Cdr4_xp.sys
09:44:54.0343 2604 Cdr4_xp - ok
09:44:54.0374 2604 [ 2C41CD49D82D5FD85C72D57B6CA25471 ] Cdralw2k C:\WINDOWS\system32\drivers\Cdralw2k.sys
09:44:54.0452 2604 Cdralw2k - ok
09:44:54.0468 2604 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
09:44:54.0499 2604 Cdrom - ok
09:44:54.0515 2604 Changer - ok
09:44:54.0593 2604 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
09:44:54.0593 2604 CiSvc - ok
09:44:54.0624 2604 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
09:44:54.0624 2604 ClipSrv - ok
09:44:54.0686 2604 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:44:54.0843 2604 clr_optimization_v2.0.50727_32 - ok
09:44:54.0952 2604 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:44:54.0983 2604 clr_optimization_v4.0.30319_32 - ok
09:44:55.0030 2604 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
09:44:55.0077 2604 CmBatt - ok
09:44:55.0140 2604 [ E5DCB56C533014ECBC556A8357C929D5 ] CmdIde C:\WINDOWS\system32\DRIVERS\cmdide.sys
09:44:55.0140 2604 CmdIde - ok
09:44:55.0155 2604 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
09:44:55.0155 2604 Compbatt - ok
09:44:55.0186 2604 COMSysApp - ok
09:44:55.0218 2604 [ 3EE529119EED34CD212A215E8C40D4B6 ] Cpqarray C:\WINDOWS\system32\DRIVERS\cpqarray.sys
09:44:55.0233 2604 Cpqarray - ok
09:44:55.0280 2604 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
09:44:55.0280 2604 CryptSvc - ok
09:44:55.0311 2604 [ E550E7418984B65A78299D248F0A7F36 ] dac2w2k C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
09:44:55.0311 2604 dac2w2k - ok
09:44:55.0327 2604 [ 683789CAA3864EB46125AE86FF677D34 ] dac960nt C:\WINDOWS\system32\DRIVERS\dac960nt.sys
09:44:55.0327 2604 dac960nt - ok
09:44:55.0405 2604 [ 5118EA8A2F55FA4D4295516500B78229 ] DCamUSBEMPIA C:\WINDOWS\system32\DRIVERS\emDevice.sys
09:44:55.0593 2604 DCamUSBEMPIA - ok
09:44:55.0671 2604 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
09:44:55.0702 2604 DcomLaunch - ok
09:44:55.0749 2604 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
09:44:55.0765 2604 Dhcp - ok
09:44:55.0780 2604 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
09:44:55.0780 2604 Disk - ok
09:44:55.0796 2604 dmadmin - ok
09:44:55.0890 2604 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
09:44:56.0046 2604 dmboot - ok
09:44:56.0093 2604 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
09:44:56.0108 2604 dmio - ok
09:44:56.0140 2604 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
09:44:56.0155 2604 dmload - ok
09:44:56.0202 2604 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
09:44:56.0218 2604 dmserver - ok
09:44:56.0249 2604 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
09:44:56.0249 2604 DMusic - ok
09:44:56.0311 2604 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
09:44:56.0311 2604 Dnscache - ok
09:44:56.0405 2604 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
09:44:56.0405 2604 Dot3svc - ok
09:44:56.0499 2604 [ 40F3B93B4E5B0126F2F5C0A7A5E22660 ] dpti2o C:\WINDOWS\system32\DRIVERS\dpti2o.sys
09:44:56.0499 2604 dpti2o - ok
09:44:56.0546 2604 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
09:44:56.0546 2604 drmkaud - ok
09:44:56.0577 2604 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
09:44:56.0593 2604 EapHost - ok
09:44:56.0671 2604 [ 5D1347AA5AE6E2F77D7F4F8372D95AC9 ] ehRecvr C:\WINDOWS\eHome\ehRecvr.exe
09:44:56.0686 2604 ehRecvr - ok
09:44:56.0718 2604 [ A53243709439AC2A4C216B817F8D7411 ] ehSched C:\WINDOWS\eHome\ehSched.exe
09:44:56.0718 2604 ehSched - ok
09:44:56.0780 2604 [ FFA45148A2D5D05DBB3C0997E579FC9C ] emAudio C:\WINDOWS\system32\drivers\emAudio.sys
09:44:56.0905 2604 emAudio - ok
09:44:56.0952 2604 [ 3FB7B6B029DB71435101ADCE5F5E09FC ] EMCFILT C:\WINDOWS\System32\Drivers\EMcFilt.sys
09:44:58.0999 2604 EMCFILT - ok
09:44:59.0093 2604 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
09:44:59.0093 2604 ERSvc - ok
09:44:59.0155 2604 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
09:44:59.0171 2604 Eventlog - ok
09:44:59.0249 2604 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
09:44:59.0249 2604 EventSystem - ok
09:44:59.0311 2604 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
09:44:59.0311 2604 Fastfat - ok
09:44:59.0374 2604 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
09:44:59.0390 2604 FastUserSwitchingCompatibility - ok
09:44:59.0436 2604 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
09:44:59.0499 2604 Fdc - ok
09:44:59.0561 2604 [ 6F87E4706F59463B74BC4FAD0F67338F ] FiltUSBEMPIA C:\WINDOWS\system32\DRIVERS\emFilter.sys
09:44:59.0655 2604 FiltUSBEMPIA - ok
09:44:59.0686 2604 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
09:44:59.0765 2604 Fips - ok
09:44:59.0811 2604 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
09:44:59.0843 2604 Flpydisk - ok
09:44:59.0921 2604 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
09:44:59.0921 2604 FltMgr - ok
09:45:00.0046 2604 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
09:45:00.0108 2604 FontCache3.0.0.0 - ok
09:45:00.0186 2604 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
09:45:00.0233 2604 Fs_Rec - ok
09:45:00.0280 2604 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
09:45:00.0280 2604 Ftdisk - ok
09:45:00.0343 2604 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
09:45:00.0452 2604 Gpc - ok
09:45:00.0515 2604 [ 6003BC70F1A8307262BD3C941BDA0B7E ] grmnusb C:\WINDOWS\system32\drivers\grmnusb.sys
09:45:00.0718 2604 grmnusb - ok
09:45:00.0843 2604 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
09:45:00.0858 2604 gupdate - ok
09:45:00.0905 2604 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
09:45:00.0905 2604 gupdatem - ok
09:45:00.0999 2604 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
09:45:01.0015 2604 gusvc - ok
09:45:01.0155 2604 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
09:45:01.0155 2604 helpsvc - ok
09:45:01.0202 2604 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
09:45:01.0218 2604 HidServ - ok
09:45:01.0265 2604 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
09:45:01.0390 2604 HidUsb - ok
09:45:01.0796 2604 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
09:45:01.0796 2604 hkmsvc - ok
09:45:01.0858 2604 [ B028377DEA0546A5FCFBA928A8AEFAE0 ] hpn C:\WINDOWS\system32\DRIVERS\hpn.sys
09:45:01.0858 2604 hpn - ok
09:45:01.0921 2604 [ 13D4B70BF2F9BC550E9079DA864D3EC1 ] HSFHWATI C:\WINDOWS\system32\DRIVERS\HSFHWATI.sys
09:45:01.0999 2604 HSFHWATI - ok
09:45:02.0077 2604 [ DFA8F86C0DBCA7DB948043AA3BE6793B ] HSF_DP C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
09:45:02.0218 2604 HSF_DP - ok
09:45:02.0296 2604 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
09:45:02.0296 2604 HTTP - ok
09:45:02.0343 2604 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
09:45:02.0343 2604 HTTPFilter - ok
09:45:02.0358 2604 [ 9368670BD426EBEA5E8B18A62416EC28 ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys
09:45:02.0436 2604 i2omgmt - ok
09:45:02.0483 2604 [ F10863BF1CCC290BABD1A09188AE49E0 ] i2omp C:\WINDOWS\system32\DRIVERS\i2omp.sys
09:45:02.0483 2604 i2omp - ok
09:45:02.0546 2604 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
09:45:02.0577 2604 i8042prt - ok
09:45:02.0718 2604 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
09:45:02.0811 2604 idsvc - ok
09:45:02.0858 2604 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
09:45:02.0921 2604 Imapi - ok
09:45:02.0999 2604 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
09:45:02.0999 2604 ImapiService - ok
09:45:03.0077 2604 [ 4A40E045FAEE58631FD8D91AFC620719 ] ini910u C:\WINDOWS\system32\DRIVERS\ini910u.sys
09:45:03.0077 2604 ini910u - ok
09:45:03.0108 2604 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
09:45:03.0108 2604 IntelIde - ok
09:45:03.0186 2604 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
09:45:03.0233 2604 Ip6Fw - ok
09:45:03.0280 2604 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
09:45:03.0311 2604 IpFilterDriver - ok
09:45:03.0374 2604 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
09:45:03.0483 2604 IpInIp - ok
09:45:03.0530 2604 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
09:45:03.0546 2604 IpNat - ok
09:45:03.0577 2604 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
09:45:03.0608 2604 IPSec - ok
09:45:03.0655 2604 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
09:45:03.0749 2604 IRENUM - ok
09:45:03.0796 2604 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
09:45:03.0811 2604 isapnp - ok
09:45:03.0936 2604 [ 381B25DC8E958D905B33130D500BBF29 ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
09:45:03.0936 2604 JavaQuickStarterService - ok
09:45:03.0983 2604 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
09:45:04.0030 2604 Kbdclass - ok
09:45:04.0077 2604 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
09:45:04.0077 2604 kbdhid - ok
09:45:04.0108 2604 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
09:45:04.0124 2604 kmixer - ok
09:45:04.0186 2604 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
09:45:04.0202 2604 KSecDD - ok
09:45:04.0249 2604 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
09:45:04.0265 2604 lanmanserver - ok
09:45:04.0311 2604 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
09:45:04.0327 2604 lanmanworkstation - ok
09:45:04.0343 2604 lbrtfdc - ok
09:45:04.0421 2604 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
09:45:04.0421 2604 LmHosts - ok
09:45:04.0499 2604 [ D1D8CFBEF7C608B2D40D0E0E9FBC8E52 ] lxdmCATSCustConnectService C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdmserv.exe
09:45:04.0499 2604 lxdmCATSCustConnectService - ok
09:45:04.0530 2604 lxdm_device - ok
09:45:04.0593 2604 [ 269C14D512B74CC28D2812FF7D1EB066 ] MarvinBus C:\WINDOWS\system32\DRIVERS\MarvinBus.sys
09:45:04.0608 2604 MarvinBus - ok
09:45:04.0686 2604 [ 6DFE7F2E8E8A337263AA5C92A215F161 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
09:45:04.0718 2604 MBAMProtector - ok
09:45:04.0843 2604 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
09:45:04.0905 2604 MBAMService - ok
09:45:04.0968 2604 [ DF0A511F38F16016BF658FCA0090CB87 ] McrdSvc C:\WINDOWS\ehome\mcrdsvc.exe
09:45:04.0968 2604 McrdSvc - ok
09:45:05.0015 2604 [ 3C318B9CD391371BED62126581EE9961 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
09:45:05.0015 2604 mdmxsdk - ok
09:45:05.0061 2604 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
09:45:05.0061 2604 Messenger - ok
09:45:05.0108 2604 [ B7521F69C0A9B29D356157229376FB21 ] MHN C:\WINDOWS\System32\mhn.dll
09:45:05.0108 2604 MHN - ok
09:45:05.0171 2604 [ 7F2F1D2815A6449D346FCCCBC569FBD6 ] MHNDRV C:\WINDOWS\system32\DRIVERS\mhndrv.sys
09:45:05.0265 2604 MHNDRV - ok
09:45:05.0390 2604 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
09:45:05.0421 2604 Microsoft Office Groove Audit Service - ok
09:45:05.0499 2604 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
09:45:05.0561 2604 mnmdd - ok
09:45:05.0624 2604 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
09:45:05.0624 2604 mnmsrvc - ok
09:45:05.0671 2604 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
09:45:05.0686 2604 Modem - ok
09:45:05.0702 2604 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
09:45:05.0796 2604 Mouclass - ok
09:45:05.0890 2604 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
09:45:05.0936 2604 mouhid - ok
09:45:05.0983 2604 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
09:45:05.0983 2604 MountMgr - ok
09:45:06.0015 2604 [ 3F4BB95E5A44F3BE34824E8E7CAF0737 ] mraid35x C:\WINDOWS\system32\DRIVERS\mraid35x.sys
09:45:06.0015 2604 mraid35x - ok
09:45:06.0046 2604 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
09:45:06.0046 2604 MRxDAV - ok
09:45:06.0108 2604 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
09:45:06.0140 2604 MRxSmb - ok
09:45:06.0218 2604 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
09:45:06.0218 2604 MSDTC - ok
09:45:06.0249 2604 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
09:45:06.0265 2604 Msfs - ok
09:45:06.0280 2604 MSIServer - ok
09:45:06.0327 2604 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
09:45:06.0374 2604 MSKSSRV - ok
09:45:06.0421 2604 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
09:45:06.0468 2604 MSPCLOCK - ok
09:45:06.0499 2604 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
09:45:06.0561 2604 MSPQM - ok
09:45:06.0593 2604 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
09:45:06.0608 2604 mssmbios - ok
09:45:06.0655 2604 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
09:45:06.0702 2604 MSTEE - ok
09:45:06.0749 2604 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
09:45:06.0749 2604 Mup - ok
09:45:06.0827 2604 [ E1CDF20697D992CF83FF86DD04DF1285 ] mxnic C:\WINDOWS\system32\DRIVERS\mxnic.sys
09:45:06.0858 2604 mxnic - ok
09:45:06.0921 2604 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
09:45:06.0968 2604 NABTSFEC - ok
09:45:07.0077 2604 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
09:45:07.0108 2604 napagent - ok
09:45:07.0171 2604 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
09:45:07.0171 2604 NDIS - ok
09:45:07.0233 2604 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
09:45:07.0296 2604 NdisIP - ok
09:45:07.0358 2604 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
09:45:07.0358 2604 NdisTapi - ok
09:45:07.0405 2604 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
09:45:07.0405 2604 Ndisuio - ok
09:45:07.0436 2604 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
09:45:07.0811 2604 NdisWan - ok
09:45:07.0858 2604 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
09:45:07.0874 2604 NDProxy - ok
09:45:07.0905 2604 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
09:45:07.0905 2604 NetBIOS - ok
09:45:07.0968 2604 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
09:45:08.0046 2604 NetBT - ok
09:45:08.0108 2604 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
09:45:08.0108 2604 NetDDE - ok
09:45:08.0140 2604 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
09:45:08.0140 2604 NetDDEdsdm - ok
09:45:08.0218 2604 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
09:45:08.0233 2604 Netlogon - ok
09:45:08.0280 2604 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
09:45:08.0280 2604 Netman - ok
09:45:08.0327 2604 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:45:08.0358 2604 NetTcpPortSharing - ok
09:45:08.0390 2604 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
09:45:08.0390 2604 NIC1394 - ok
09:45:08.0483 2604 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
09:45:08.0483 2604 Nla - ok
09:45:08.0530 2604 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
09:45:08.0546 2604 Npfs - ok
09:45:08.0577 2604 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
09:45:08.0608 2604 Ntfs - ok
09:45:08.0624 2604 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
09:45:08.0624 2604 NtLmSsp - ok
09:45:08.0686 2604 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
09:45:08.0718 2604 NtmsSvc - ok
09:45:08.0765 2604 [ CF7E041663119E09D2E118521ADA9300 ] NuidFltr C:\WINDOWS\system32\DRIVERS\NuidFltr.sys
09:45:08.0780 2604 NuidFltr - ok
09:45:09.0030 2604 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
09:45:09.0030 2604 Null - ok
09:45:09.0155 2604 [ 2B298519EDBFCF451D43E0F1E8F1006D ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
09:45:09.0249 2604 nv - ok
09:45:09.0311 2604 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
09:45:09.0390 2604 NwlnkFlt - ok
09:45:09.0405 2604 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
09:45:09.0436 2604 NwlnkFwd - ok
09:45:09.0624 2604 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
09:45:09.0718 2604 odserv - ok
09:45:09.0796 2604 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
09:45:09.0796 2604 ohci1394 - ok
09:45:09.0890 2604 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:45:09.0968 2604 ose - ok
09:45:10.0015 2604 [ C90018BAFDC7098619A4A95B046B30F3 ] P3 C:\WINDOWS\system32\DRIVERS\p3.sys
09:45:10.0077 2604 P3 - ok
09:45:10.0124 2604 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\drivers\Parport.sys
09:45:10.0186 2604 Parport - ok
09:45:10.0202 2604 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
09:45:10.0202 2604 PartMgr - ok
09:45:10.0249 2604 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
09:45:10.0358 2604 ParVdm - ok
09:45:10.0405 2604 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
09:45:10.0405 2604 PCI - ok
09:45:10.0421 2604 PCIDump - ok
09:45:10.0483 2604 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
09:45:10.0483 2604 PCIIde - ok
09:45:10.0530 2604 [ 1BEBE7DE8508A02650CDCE45C664C2A2 ] PCLEPCI C:\WINDOWS\system32\drivers\pclepci.sys
09:45:10.0624 2604 PCLEPCI - ok
09:45:10.0671 2604 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys
09:45:10.0671 2604 Pcmcia - ok
09:45:10.0702 2604 PDCOMP - ok
09:45:10.0718 2604 PDFRAME - ok
09:45:10.0733 2604 PDRELI - ok
09:45:10.0765 2604 PDRFRAME - ok
09:45:10.0780 2604 [ 6C14B9C19BA84F73D3A86DBA11133101 ] perc2 C:\WINDOWS\system32\DRIVERS\perc2.sys
09:45:10.0796 2604 perc2 - ok
09:45:10.0811 2604 [ F50F7C27F131AFE7BEBA13E14A3B9416 ] perc2hib C:\WINDOWS\system32\DRIVERS\perc2hib.sys
09:45:10.0811 2604 perc2hib - ok
09:45:10.0921 2604 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
09:45:10.0921 2604 PlugPlay - ok
09:45:10.0952 2604 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
09:45:10.0952 2604 PolicyAgent - ok
09:45:10.0968 2604 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
09:45:11.0015 2604 PptpMiniport - ok
09:45:11.0077 2604 [ 33D7285F12D934268A34206DFC4AD1B3 ] PrismXL C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
09:45:11.0077 2604 PrismXL - ok
09:45:11.0140 2604 [ A32BEBAF723557681BFC6BD93E98BD26 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
09:45:11.0233 2604 Processor - ok
09:45:11.0249 2604 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
09:45:11.0249 2604 ProtectedStorage - ok
09:45:11.0265 2604 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
09:45:11.0280 2604 PSched - ok
09:45:11.0343 2604 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
09:45:11.0374 2604 Ptilink - ok
09:45:11.0436 2604 [ 49452BFCEC22F36A7A9B9C2181BC3042 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
09:45:11.0436 2604 PxHelp20 - ok
09:45:11.0452 2604 [ 0A63FB54039EB5662433CABA3B26DBA7 ] ql1080 C:\WINDOWS\system32\DRIVERS\ql1080.sys
09:45:11.0452 2604 ql1080 - ok
09:45:11.0468 2604 [ 6503449E1D43A0FF0201AD5CB1B8C706 ] Ql10wnt C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
09:45:11.0468 2604 Ql10wnt - ok
09:45:11.0483 2604 [ 156ED0EF20C15114CA097A34A30D8A01 ] ql12160 C:\WINDOWS\system32\DRIVERS\ql12160.sys
09:45:11.0499 2604 ql12160 - ok
09:45:11.0515 2604 [ 70F016BEBDE6D29E864C1230A07CC5E6 ] ql1240 C:\WINDOWS\system32\DRIVERS\ql1240.sys
09:45:11.0515 2604 ql1240 - ok
09:45:11.0530 2604 [ 907F0AEEA6BC451011611E732BD31FCF ] ql1280 C:\WINDOWS\system32\DRIVERS\ql1280.sys
09:45:11.0530 2604 ql1280 - ok
09:45:11.0577 2604 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
09:45:11.0655 2604 RasAcd - ok
09:45:11.0702 2604 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
09:45:11.0718 2604 RasAuto - ok
09:45:11.0733 2604 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
09:45:11.0796 2604 Rasl2tp - ok
09:45:11.0858 2604 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
09:45:11.0874 2604 RasMan - ok
09:45:11.0890 2604 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
09:45:11.0983 2604 RasPppoe - ok
09:45:12.0046 2604 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
09:45:12.0061 2604 Raspti - ok
09:45:12.0108 2604 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
09:45:12.0108 2604 Rdbss - ok
09:45:12.0155 2604 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
09:45:12.0171 2604 RDPCDD - ok
09:45:12.0202 2604 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
09:45:12.0218 2604 rdpdr - ok
09:45:12.0280 2604 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
09:45:12.0296 2604 RDPWD - ok
09:45:12.0358 2604 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
09:45:12.0358 2604 RDSessMgr - ok
09:45:12.0421 2604 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
09:45:12.0499 2604 redbook - ok
09:45:12.0546 2604 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
09:45:12.0546 2604 RemoteAccess - ok
09:45:12.0608 2604 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
09:45:12.0608 2604 RemoteRegistry - ok
09:45:12.0640 2604 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
09:45:12.0655 2604 RpcLocator - ok
09:45:12.0702 2604 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\system32\rpcss.dll
09:45:12.0718 2604 RpcSs - ok
09:45:12.0780 2604 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
09:45:12.0796 2604 RSVP - ok
09:45:12.0827 2604 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
09:45:12.0827 2604 SamSs - ok
09:45:12.0921 2604 [ 39763504067962108505BFF25F024345 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
09:45:12.0921 2604 SASDIFSV - ok
09:45:12.0983 2604 [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
09:45:12.0983 2604 SASKUTIL - ok
09:45:13.0030 2604 [ F5A633609777C212EC5FF19927FC5955 ] ScanUSBEMPIA C:\WINDOWS\system32\DRIVERS\emScan.sys
09:45:13.0108 2604 ScanUSBEMPIA - ok
09:45:13.0171 2604 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
09:45:13.0171 2604 SCardSvr - ok
09:45:13.0233 2604 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
09:45:13.0249 2604 Schedule - ok
09:45:13.0311 2604 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
09:45:13.0405 2604 Secdrv - ok
09:45:13.0452 2604 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
09:45:13.0452 2604 seclogon - ok
09:45:13.0499 2604 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
09:45:13.0499 2604 SENS - ok
09:45:13.0546 2604 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\drivers\Serial.sys
09:45:13.0577 2604 Serial - ok
09:45:13.0671 2604 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
09:45:13.0718 2604 Sfloppy - ok
09:45:13.0780 2604 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
09:45:13.0796 2604 SharedAccess - ok
09:45:13.0827 2604 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
09:45:13.0843 2604 ShellHWDetection - ok
09:45:13.0858 2604 Simbad - ok
09:45:13.0905 2604 [ 6B33D0EBD30DB32E27D1D78FE946A754 ] sisagp C:\WINDOWS\system32\DRIVERS\sisagp.sys
09:45:13.0921 2604 sisagp - ok
09:45:13.0968 2604 [ 886DBE1E6DE104591E8B7334B6D42ED8 ] slabbus C:\WINDOWS\system32\DRIVERS\slabbus.sys
09:45:14.0108 2604 slabbus - ok
09:45:14.0171 2604 [ 2F3A6EEBBBBB158CAAA78790FD49E7C3 ] slabser C:\WINDOWS\system32\DRIVERS\slabser.sys
09:45:14.0296 2604 slabser - ok
09:45:14.0358 2604 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
09:45:14.0405 2604 SLIP - ok
09:45:14.0499 2604 [ 83C0F71F86D3BDAF915685F3D568B20E ] Sparrow C:\WINDOWS\system32\DRIVERS\sparrow.sys
09:45:14.0499 2604 Sparrow - ok
09:45:14.0546 2604 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
09:45:14.0561 2604 splitter - ok
09:45:14.0624 2604 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
09:45:14.0624 2604 Spooler - ok
09:45:14.0655 2604 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
09:45:14.0671 2604 sr - ok
09:45:14.0718 2604 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
09:45:14.0718 2604 srservice - ok
09:45:14.0811 2604 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
09:45:14.0843 2604 Srv - ok
09:45:14.0905 2604 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
09:45:14.0905 2604 SSDPSRV - ok
09:45:14.0983 2604 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
09:45:14.0999 2604 stisvc - ok
09:45:15.0046 2604 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
09:45:15.0093 2604 streamip - ok
09:45:15.0171 2604 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
09:45:15.0218 2604 swenum - ok
09:45:15.0265 2604 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
09:45:15.0265 2604 swmidi - ok
09:45:15.0296 2604 SwPrv - ok
09:45:15.0358 2604 [ 1FF3217614018630D0A6758630FC698C ] symc810 C:\WINDOWS\system32\DRIVERS\symc810.sys
09:45:15.0358 2604 symc810 - ok
09:45:15.0374 2604 [ 070E001D95CF725186EF8B20335F933C ] symc8xx C:\WINDOWS\system32\DRIVERS\symc8xx.sys
09:45:15.0390 2604 symc8xx - ok
09:45:15.0405 2604 [ 80AC1C4ABBE2DF3B738BF15517A51F2C ] sym_hi C:\WINDOWS\system32\DRIVERS\sym_hi.sys
09:45:15.0405 2604 sym_hi - ok
09:45:15.0436 2604 [ BF4FAB949A382A8E105F46EBB4937058 ] sym_u3 C:\WINDOWS\system32\DRIVERS\sym_u3.sys
09:45:15.0436 2604 sym_u3 - ok
09:45:15.0483 2604 [ EB363DDFBE8B6D51003CCAB29D93D744 ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
09:45:15.0593 2604 SynTP - ok
09:45:15.0608 2604 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
09:45:15.0624 2604 sysaudio - ok
09:45:15.0671 2604 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
09:45:15.0686 2604 SysmonLog - ok
09:45:15.0749 2604 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
09:45:15.0765 2604 TapiSrv - ok
09:45:15.0827 2604 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
09:45:15.0858 2604 Tcpip - ok
09:45:15.0905 2604 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
09:45:15.0983 2604 TDPIPE - ok
09:45:16.0030 2604 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
09:45:16.0046 2604 TDTCP - ok
09:45:16.0077 2604 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
09:45:16.0108 2604 TermDD - ok
09:45:16.0218 2604 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
09:45:16.0218 2604 TermService - ok
09:45:16.0265 2604 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
09:45:16.0265 2604 Themes - ok
09:45:16.0327 2604 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
09:45:16.0343 2604 TlntSvr - ok
09:45:16.0374 2604 [ F2790F6AF01321B172AA62F8E1E187D9 ] TosIde C:\WINDOWS\system32\DRIVERS\toside.sys
09:45:16.0374 2604 TosIde - ok
09:45:16.0421 2604 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
09:45:16.0452 2604 TrkWks - ok
09:45:16.0515 2604 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
09:45:16.0546 2604 Udfs - ok
09:45:16.0561 2604 [ 1B698A51CD528D8DA4FFAED66DFC51B9 ] ultra C:\WINDOWS\system32\DRIVERS\ultra.sys
09:45:16.0561 2604 ultra - ok
09:45:16.0858 2604 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
09:45:16.0983 2604 Update - ok
09:45:17.0046 2604 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
09:45:17.0061 2604 upnphost - ok
09:45:17.0108 2604 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
09:45:17.0108 2604 UPS - ok
09:45:17.0171 2604 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
09:45:17.0202 2604 usbccgp - ok
09:45:17.0249 2604 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
09:45:17.0296 2604 usbehci - ok
09:45:17.0343 2604 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
09:45:17.0405 2604 usbhub - ok
09:45:17.0452 2604 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
09:45:17.0561 2604 usbohci - ok
09:45:17.0593 2604 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
09:45:17.0671 2604 usbprint - ok
09:45:17.0733 2604 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
09:45:17.0780 2604 usbscan - ok
09:45:17.0827 2604 [ A32426D9B14A089EAA1D922E0C5801A9 ] usbstor C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
09:45:17.0890 2604 usbstor - ok
09:45:17.0936 2604 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
09:45:17.0968 2604 usbuhci - ok
09:45:18.0015 2604 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
09:45:18.0077 2604 VgaSave - ok
09:45:18.0140 2604 [ 754292CE5848B3738281B4F3607EAEF4 ] viaagp C:\WINDOWS\system32\DRIVERS\viaagp.sys
09:45:18.0140 2604 viaagp - ok
09:45:18.0186 2604 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
09:45:18.0186 2604 ViaIde - ok
09:45:18.0202 2604 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
09:45:18.0218 2604 VolSnap - ok
09:45:18.0265 2604 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
09:45:18.0280 2604 VSS - ok
09:45:18.0421 2604 [ 8ED347BAD8D1FB7C40B593BFB01786D2 ] vToolbarUpdater11.2.0 C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe
09:45:18.0515 2604 vToolbarUpdater11.2.0 - ok
09:45:18.0577 2604 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
09:45:18.0593 2604 W32Time - ok
09:45:18.0624 2604 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
09:45:18.0749 2604 Wanarp - ok
09:45:18.0796 2604 [ 0A716C08CB13C3A8F4F51E882DBF7416 ] wanatw C:\WINDOWS\system32\DRIVERS\wanatw4.sys
09:45:18.0936 2604 wanatw - ok
09:45:19.0030 2604 [ FD47474BD21794508AF449D9D91AF6E6 ] Wdf01000 C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
09:45:19.0093 2604 Wdf01000 - ok
09:45:19.0108 2604 WDICA - ok
09:45:19.0171 2604 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
09:45:19.0171 2604 wdmaud - ok
09:45:19.0233 2604 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
09:45:19.0233 2604 WebClient - ok
09:45:19.0311 2604 [ 473EE64C368CE2EED110376C11960259 ] winachsf C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
09:45:19.0452 2604 winachsf - ok
09:45:19.0546 2604 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
09:45:19.0546 2604 winmgmt - ok
09:45:19.0640 2604 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
09:45:19.0640 2604 WmdmPmSN - ok
09:45:19.0718 2604 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll
09:45:19.0765 2604 Wmi - ok
09:45:19.0843 2604 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
09:45:19.0936 2604 WmiApSrv - ok
09:45:20.0108 2604 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
09:45:20.0296 2604 WMPNetworkSvc - ok
09:45:20.0436 2604 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
09:45:20.0608 2604 WPFFontCache_v0400 - ok
09:45:20.0686 2604 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
09:45:20.0702 2604 WS2IFSL - ok
09:45:20.0827 2604 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
09:45:20.0843 2604 wscsvc - ok
09:45:20.0905 2604 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
09:45:20.0936 2604 WSTCODEC - ok
09:45:20.0999 2604 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
09:45:20.0999 2604 wuauserv - ok
09:45:21.0061 2604 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
09:45:21.0265 2604 WudfPf - ok
09:45:21.0311 2604 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
09:45:21.0358 2604 WudfRd - ok
09:45:21.0436 2604 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
09:45:21.0436 2604 WudfSvc - ok
09:45:21.0530 2604 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
09:45:21.0561 2604 WZCSVC - ok
09:45:21.0608 2604 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
09:45:21.0640 2604 xmlprov - ok
09:45:21.0702 2604 [ E279C4E1287751DFFA0A1F3EC4097491 ] yukonwxp C:\WINDOWS\system32\DRIVERS\yk51x86.sys
09:45:21.0718 2604 yukonwxp - ok
09:45:21.0780 2604 ================ Scan global ===============================
09:45:21.0827 2604 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
09:45:21.0921 2604 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
09:45:21.0968 2604 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
09:45:21.0999 2604 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
09:45:22.0015 2604 [Global] - ok
09:45:22.0015 2604 ================ Scan MBR ==================================
09:45:22.0046 2604 [ B20939CD98B7710036274839082AE757 ] \Device\Harddisk0\DR0
09:45:22.0108 2604 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
09:45:22.0108 2604 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
09:45:22.0186 2604 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
09:45:22.0186 2604 \Device\Harddisk0\DR0 - detected TDSS File System (1)
09:45:22.0202 2604 ================ Scan VBR ==================================
09:45:22.0202 2604 [ F4A9E849F8E041A4F693973E7F163C78 ] \Device\Harddisk0\DR0\Partition1
09:45:22.0218 2604 \Device\Harddisk0\DR0\Partition1 - ok
09:45:22.0233 2604 [ 0817A4F41572AEA9B3865A20F6D06420 ] \Device\Harddisk0\DR0\Partition2
09:45:22.0233 2604 \Device\Harddisk0\DR0\Partition2 - ok
09:45:22.0233 2604 ============================================================
09:45:22.0233 2604 Scan finished
09:45:22.0233 2604 ============================================================
09:45:22.0265 2576 Detected object count: 2
09:45:22.0265 2576 Actual detected object count: 2
09:45:46.0608 2576 \Device\Harddisk0\DR0\# - copied to quarantine
09:45:46.0624 2576 \Device\Harddisk0\DR0 - copied to quarantine
09:45:46.0702 2576 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
09:45:46.0718 2576 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
09:45:46.0749 2576 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
09:45:46.0780 2576 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
09:45:46.0827 2576 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine
09:45:46.0843 2576 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine
09:45:46.0999 2576 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
09:45:47.0030 2576 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
09:45:47.0061 2576 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
09:45:47.0061 2576 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
09:45:47.0061 2576 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
09:45:47.0077 2576 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
09:45:47.0077 2576 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
09:45:47.0108 2576 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot
09:45:47.0124 2576 \Device\Harddisk0\DR0 - ok
09:45:47.0124 2576 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure
09:45:47.0140 2576 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
09:45:47.0140 2576 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
09:46:01.0233 1688 Deinitialize success


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-09-17 09:47:41
-----------------------------
09:47:41.374 OS Version: Windows 5.1.2600 Service Pack 3
09:47:41.374 Number of processors: 1 586 0x2402
09:47:41.374 ComputerName: MIKE UserName:
09:47:43.296 Initialize success
09:51:49.796 AVAST engine defs: 12091400
09:51:58.421 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
09:51:58.421 Disk 0 Vendor: FUJITSU_MHV2080AT_PL 000000A0 Size: 76319MB BusType: 3
09:51:58.468 Disk 0 MBR read successfully
09:51:58.468 Disk 0 MBR scan
09:51:59.905 Disk 0 unknown MBR code
09:51:59.921 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 71861 MB offset 9108855
09:52:01.515 Disk 0 Partition 2 00 0B FAT32 RECOVERY 4447 MB offset 63
09:52:03.030 Disk 0 scanning sectors +156280320
09:52:04.093 Disk 0 scanning C:\WINDOWS\system32\drivers
09:53:00.983 Service scanning
09:53:40.890 Modules scanning
09:53:56.796 Disk 0 trace - called modules:
09:53:56.811 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x83d277d8]<<
09:53:57.343 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x84d71030]
09:53:57.343 3 CLASSPNP.SYS[f771efd7] -> nt!IofCallDriver -> \Device\000000a5[0x84de1478]
09:53:57.358 5 ACPI.sys[f7535620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x84d61030]
09:53:57.358 \Driver\atapi[0x84de1b30] -> IRP_MJ_INTERNAL_DEVICE_CONTROL -> 0x83d277d8
09:53:58.702 AVAST engine scan C:\WINDOWS
09:54:28.515 AVAST engine scan C:\WINDOWS\system32
10:01:25.546 AVAST engine scan C:\WINDOWS\system32\drivers
10:01:50.890 AVAST engine scan C:\Documents and Settings\Owner.Mike
10:36:10.483 AVAST engine scan C:\Documents and Settings\All Users
10:41:26.843 Scan finished successfully
10:50:30.640 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Owner.Mike\Desktop\MBR.dat"
10:50:30.718 The log file has been saved successfully to "C:\Documents and Settings\Owner.Mike\Desktop\aswmbr log.txt"


C:\Program Files\GridinSoft Trojan Killer\trojankiller.exe a variant of Win32/1AntiVirus application cleaned by deleting - quarantined
C:\RECYCLER\S-1-5-21-2184955269-1971560106-2858983886-1006\Dc1988.exe a variant of Win32/1AntiVirus application cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\17.09.2012_09.44.13\mbr0000\tdlfs0000\tsk0001.dta Win32/Olmarik.AYI trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\17.09.2012_09.44.13\mbr0000\tdlfs0000\tsk0002.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\17.09.2012_09.44.13\mbr0000\tdlfs0000\tsk0004.dta Win32/Olmarik.AYH trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\17.09.2012_09.44.13\mbr0000\tdlfs0000\tsk0005.dta Win64/Olmarik.AL trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\17.09.2012_09.44.13\mbr0000\tdlfs0000\tsk0006.dta a variant of Win32/Rootkit.Kryptik.NP trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\17.09.2012_09.44.13\mbr0000\tdlfs0000\tsk0007.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\17.09.2012_09.44.13\mbr0000\tdlfs0000\tsk0010.dta Win32/Olmarik.AFK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\17.09.2012_09.44.13\mbr0000\tdlfs0000\tsk0011.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\WINDOWS\system32\drivers\etc\hosts Win32/Qhost trojan cleaned by deleting (after the next restart) - quarantined


Thanks,
Mike

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:01 AM

Posted 17 September 2012 - 10:53 PM

09:45:47.0140 2576 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip


Run TDSSkiller again and select DELETE

Post the new log

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#5 mikeblac

mikeblac
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:01:01 AM

Posted 18 September 2012 - 11:56 AM

Thanks.

I ran TDSSkiller again - and it comes up with nothing detected.

Also ran MBAM - with no threats detected. Lost the log, as the computer froze after I copied it to this message.

MiniToolBox by Farbar Version: 23-07-2012
Ran by Owner (administrator) on 18-09-2012 at 12:48:25
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
Hosts file not detected in the default directory
========================= IP Configuration: ================================

Marvell Yukon 88E8036 PCI-E Fast Ethernet Controller = Local Area Connection (Connected)
1394 Net Adapter = 1394 Connection (Connected)
Broadcom 802.11g Network Adapter = Wireless Network Connection (Media disconnected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Wireless Network Connection"

set address name="Wireless Network Connection" source=dhcp
set dns name="Wireless Network Connection" source=dhcp register=PRIMARY
set wins name="Wireless Network Connection" source=dhcp

# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : Mike

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Unknown

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No

DNS Suffix Search List. . . . . . : Home



Ethernet adapter Wireless Network Connection:



Media State . . . . . . . . . . . : Media disconnected

Description . . . . . . . . . . . : Broadcom 802.11g Network Adapter

Physical Address. . . . . . . . . : 00-C0-A8-AD-AB-E7



Ethernet adapter Local Area Connection:



Connection-specific DNS Suffix . : Home

Description . . . . . . . . . . . : Marvell Yukon 88E8036 PCI-E Fast Ethernet Controller

Physical Address. . . . . . . . . : 00-03-25-34-DD-08

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.254.1

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.254.254

DHCP Server . . . . . . . . . . . : 192.168.254.254

DNS Servers . . . . . . . . . . . : 192.168.254.254

Lease Obtained. . . . . . . . . . : Tuesday, September 18, 2012 7:03:57 AM

Lease Expires . . . . . . . . . . : Tuesday, March 10, 2020 10:03:57 PM

Server: MyRouter.Home
Address: 192.168.254.254

Name: google.com
Addresses: 74.125.139.138, 74.125.139.139, 74.125.139.100, 74.125.139.101
74.125.139.102, 74.125.139.113



Pinging google.com [74.125.139.138] with 32 bytes of data:



Reply from 74.125.139.138: bytes=32 time=37ms TTL=49

Reply from 74.125.139.138: bytes=32 time=35ms TTL=49



Ping statistics for 74.125.139.138:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 35ms, Maximum = 37ms, Average = 36ms

Server: MyRouter.Home
Address: 192.168.254.254

Name: yahoo.com
Addresses: 98.138.253.109, 98.139.183.24, 72.30.38.140



Pinging yahoo.com [98.138.253.109] with 32 bytes of data:



Reply from 98.138.253.109: bytes=32 time=137ms TTL=46

Reply from 98.138.253.109: bytes=32 time=94ms TTL=46



Ping statistics for 98.138.253.109:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 94ms, Maximum = 137ms, Average = 115ms

Server: MyRouter.Home
Address: 192.168.254.254

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:



Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 c0 a8 ad ab e7 ...... Broadcom 802.11g Network Adapter - Packet Scheduler Miniport
0x3 ...00 03 25 34 dd 08 ...... Marvell Yukon 88E8036 PCI-E Fast Ethernet Controller - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.254.254 192.168.254.1 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.254.0 255.255.255.0 192.168.254.1 192.168.254.1 20
192.168.254.1 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.254.255 255.255.255.255 192.168.254.1 192.168.254.1 20
224.0.0.0 240.0.0.0 192.168.254.1 192.168.254.1 20
255.255.255.255 255.255.255.255 192.168.254.1 192.168.254.1 1
255.255.255.255 255.255.255.255 192.168.254.1 2 1
Default Gateway: 192.168.254.254
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Catalog9 01 mswsock.dll [File Not found] ()
Catalog9 02 mswsock.dll [File Not found] ()
Catalog9 03 mswsock.dll [File Not found] ()
Catalog9 04 mswsock.dll [File Not found] ()
Catalog9 05 mswsock.dll [File Not found] ()
Catalog9 06 mswsock.dll [File Not found] ()
Catalog9 07 mswsock.dll [File Not found] ()
Catalog9 08 mswsock.dll [File Not found] ()
Catalog9 09 mswsock.dll [File Not found] ()
Catalog9 10 mswsock.dll [File Not found] ()
Catalog9 11 mswsock.dll [File Not found] ()
Catalog9 12 mswsock.dll [File Not found] ()
Catalog9 13 mswsock.dll [File Not found] ()
Catalog9 14 mswsock.dll [File Not found] ()
Catalog9 15 mswsock.dll [File Not found] ()
Catalog9 16 mswsock.dll [File Not found] ()
Catalog9 17 mswsock.dll [File Not found] ()
Catalog9 18 mswsock.dll [File Not found] ()
Catalog9 19 mswsock.dll [File Not found] ()

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/18/2012 00:39:32 PM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module avgdtiex.dll, version 12.0.0.2215, fault address 0x00010b1b.
Processing media-specific event for [iexplore.exe!ws!]

Error: (09/17/2012 09:46:17 AM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module avgdtiex.dll, version 12.0.0.2215, fault address 0x00010b1b.
Processing media-specific event for [iexplore.exe!ws!]

Error: (09/12/2012 08:24:00 PM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (09/12/2012 08:21:34 PM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module unknown, version 0.0.0.0, fault address 0x00000000.
Processing media-specific event for [iexplore.exe!ws!]

Error: (09/12/2012 07:46:39 PM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (09/12/2012 07:44:48 PM) (Source: Application Error) (User: )
Description: Faulting application drwtsn32.exe, version 5.1.2600.0, faulting module dbghelp.dll, version 5.1.2600.5512, fault address 0x0001295d.
Processing media-specific event for [drwtsn32.exe!ws!]

Error: (09/12/2012 07:43:51 PM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module avgdtiex.dll, version 12.0.0.2215, fault address 0x00010b1b.
Processing media-specific event for [iexplore.exe!ws!]

Error: (09/12/2012 08:51:09 AM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module avgdtiex.dll, version 12.0.0.2215, fault address 0x00010b1b.
Processing media-specific event for [iexplore.exe!ws!]

Error: (09/12/2012 08:49:47 AM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module unknown, version 0.0.0.0, fault address 0x02029473.
Processing media-specific event for [iexplore.exe!ws!]

Error: (09/09/2012 08:50:49 PM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module avgdtiex.dll, version 12.0.0.2187, fault address 0x00010cdb.
Processing media-specific event for [iexplore.exe!ws!]


System errors:
=============
Error: (09/18/2012 11:40:35 AM) (Source: 0) (User: )
Description: \Device\Harddisk0\D

Error: (09/18/2012 07:04:54 AM) (Source: Service Control Manager) (User: )
Description: The lxdmCATSCustConnectService service failed to start due to the following error:
%%1053

Error: (09/18/2012 07:04:54 AM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for the lxdmCATSCustConnectService service to connect.

Error: (09/17/2012 06:48:40 PM) (Source: DCOM) (User: MIKE)
Description: The server {0228576F-6E6C-4E1A-B175-0E46A316AFE2} did not register with DCOM within the required timeout.

Error: (09/17/2012 05:02:08 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
abp480n5
adpu160m
agp440
agpCPQ
Aha154x
aic78u2
aic78xx
AliIde
alim1541
amdagp
amsint
asc
asc3350p
asc3550
cbidf
cd20xrnt
CmdIde
Cpqarray
dac2w2k
dac960nt
dpti2o
hpn
i2omp
ini910u
IntelIde
mraid35x
perc2
perc2hib
ql1080
Ql10wnt
ql12160
ql1240
ql1280
sisagp
Sparrow
symc810
symc8xx
sym_hi
sym_u3
TosIde
ultra
viaagp
ViaIde

Error: (09/17/2012 05:02:01 PM) (Source: Service Control Manager) (User: )
Description: The lxdmCATSCustConnectService service failed to start due to the following error:
%%1053

Error: (09/17/2012 05:02:01 PM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for the lxdmCATSCustConnectService service to connect.

Error: (09/17/2012 07:49:25 AM) (Source: Service Control Manager) (User: )
Description: The lxdmCATSCustConnectService service failed to start due to the following error:
%%1053

Error: (09/17/2012 07:49:25 AM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for the lxdmCATSCustConnectService service to connect.

Error: (09/16/2012 08:27:09 AM) (Source: Service Control Manager) (User: )
Description: The lxdmCATSCustConnectService service failed to start due to the following error:
%%1053


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

ABBYY FineReader 6.0 Sprint (Version: 6.00.1990.41618)
Adobe Acrobat 5.0 (Version: 5.0)
Adobe Flash Player 10 Plugin (Version: 10.0.32.18)
Adobe Flash Player 11 ActiveX (Version: 11.2.202.235)
Adobe Reader 7.0 (Version: 7.0.0)
America Online (Choose which version to remove)
AOL Coach Version 2.0(Build:20041026.5 en)
AOL Connectivity Services
AOL Spyware Protection (Version: 1.0.76)
AOL You've Got Pictures Screensaver
Ask Toolbar (Version: 1.12.2.0)
Athlon 64 Processor Driver (Version: 1.1.0.18)
ATI - Software Uninstall Utility (Version: 6.14.10.1012)
ATI Control Panel (Version: 6.14.10.5150)
ATI Display Driver (Version: 8.13-050414a2-023105C)
AutoUpdate (Version: 1.0)
AVG 2012 (Version: 12.0.2221)
AVG 2012 (Version: 12.0.2437)
AVG 2012 (Version: 2012.0.2221)
AVG PC Tuneup 2011 (Version: 10.0.0.26)
Conexant AC-Link Audio
CP2101 USB to UART Bridge Controller
CutePDF Writer 2.8
Deer Hunter 2004 - Legendary Hunting
Digital Media Reader (Version: 1.02)
DiscAPI (Studio 10) (Version: 2.10.0060)
DivX (Version: 5.2.1)
ESET Online Scanner v3
FLV Player 2.0 (build 25) (Version: 2.0 (build 25))
Free Picture Resize Starter 4.5 (Version: 5.5.18)
Garmin USB Drivers (Version: 2.3.0.0)
Garmin WebUpdater (Version: 2.5.1)
Google Chrome (Version: 21.0.1180.89)
Google Gmail Notifier
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3203.136)
Google Update Helper (Version: 1.3.21.123)
HiJackThis (Version: 1.0.0)
J2SE Runtime Environment 5.0 Update 2 (Version: 1.5.0.20)
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 29 (Version: 6.0.290)
Lexmark 5000 Series
Lexmark Toolbar (Version: 4.13.37.0)
Logitech Harmony Remote Software 7 (Version: 7.7.0.0)
Malwarebytes Anti-Malware version 1.65.0.1400 (Version: 1.65.0.1400)
Microsoft .NET Framework 1.0 Hotfix (KB2572066)
Microsoft .NET Framework 1.0 Hotfix (KB2604042)
Microsoft .NET Framework 1.0 Hotfix (KB2656378)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Digital Image Library 9 - Blocker (Version: 9.00.0000)
Microsoft Digital Image Starter Edition 2006 (Version: 11.0.0422)
Microsoft Digital Image Starter Edition 2006 Editor (Version: 11.0.0422)
Microsoft Digital Image Starter Edition 2006 Library (Version: 11.0.0422)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Money 2005 (Version: 14)
Microsoft National Language Support Downlevel APIs
Microsoft Office 2000 Premium (Version: 9.00.2720)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Software Update for Web Folders (English) 12 (Version: 12.0.6612.1000)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Works (Version: 08.04.0623)
MSN
MSXML 4.0 SP2 (KB925672) (Version: 4.20.9839.0)
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Napster (Version: 3.0.3.7)
Napster Burn Engine (Version: 2.5.0000)
Nero BurnRights
Nero OEM
Picasa 3 (Version: 3.8)
Pinnacle Instant DVD Recorder (Version: 2.00.103)
PowerDVD
proDAD Heroglyph 2.5
Pure Networks Port Magic (Version: 1.2.1393.0)
QuickTime
RAPID (Studio 10) (Version: 1.00.0004)
RealPlayer Basic
Recovery Software Suite Gateway (Version: 1.00.0000)
Remote Control USB Driver (Version: 2.3.2.317)
SkyCaddie Desktop
SmartSound Quicktracks Plugin (Version: 3.0.2.7)
Soft Data Fax Modem with SmartCP
Sonic Encoders (Version: 1.00)
Studio 10 (Version: 10.5)
Studio 10 Bonus DVD (Version: 10.0.000)
SUPERAntiSpyware (Version: 5.0.1142)
SymmTime (Version: 2007.00.0000)
Synaptics Pointing Device Driver (Version: 7.12.3.0)
The Rosetta Stone
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687407) 32-Bit Edition
Update for Windows Internet Explorer 7 (KB980182) (Version: 1)
Update for Windows Internet Explorer 8 (KB2598845) (Version: 1)
Update for Windows Internet Explorer 8 (KB2632503) (Version: 1)
Update for Windows Internet Explorer 8 (KB976662) (Version: 1)
Update for Windows Internet Explorer 8 (KB982632) (Version: 1)
Update for Windows XP (KB2492386) (Version: 1)
Update for Windows XP (KB2607712) (Version: 1)
Update for Windows XP (KB2616676) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB2736233) (Version: 1)
Viewpoint Media Player
WebFldrs XP (Version: 9.50.7523)
Windows Backup Utility (Version: 5.1)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0) (Version: 06/03/2009 2.3.0.0)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Internet Explorer 7 (Version: 20070813.185237)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Media Center Edition 2005 KB2619340
Windows XP Media Center Edition 2005 KB2628259
Windows XP Service Pack 3 (Version: 20080414.031525)

========================= Memory info: ===================================

Percentage of memory in use: 71%
Total physical RAM: 446.23 MB
Available physical RAM: 127.45 MB
Total Pagefile: 1216.7 MB
Available Pagefile: 478.7 MB
Total Virtual: 2047.88 MB
Available Virtual: 1971.1 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:70.18 GB) (Free:30.45 GB) NTFS
2 Drive d: () (Fixed) (Total:4.33 GB) (Free:2.37 GB) FAT32

========================= Users: ========================================

User accounts for \\MIKE

Administrator ASPNET Guest
HelpAssistant Owner SUPPORT_388945a0


**** End of log ****


Farbar Service Scanner Version: 06-08-2012
Ran by Owner (administrator) on 18-09-2012 at 12:52:27
Running from "C:\Documents and Settings\Owner.Mike\Desktop"
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
Avgtdix(9) Gpc(6) IPSec(4) NetBT(5) PSched(7) Tcpip(3)
0x09000000040000000100000002000000030000000800000009000000050000000600000007000000
IpSec Tag value is correct.

**** End of log ****

# AdwCleaner v2.002 - Logfile created 09/18/2012 at 12:55:12
# Updated 16/09/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Owner - MIKE
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Owner.Mike\Desktop\adwcleaner.exe
# Option [Search]


***** [Services] *****

Found : vToolbarUpdater11.2.0

***** [Files / Folders] *****

File Found : C:\WINDOWS\system32\Uninstall.exe
File Found : C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
Folder Found : C:\Documents and Settings\All Users\Application Data\AVG Secure Search
Folder Found : C:\Documents and Settings\All Users\Application Data\Viewpoint
Folder Found : C:\Program Files\Ask.com
Folder Found : C:\Program Files\AVG Secure Search
Folder Found : C:\Program Files\Common Files\AVG Secure Search
Folder Found : C:\Program Files\Viewpoint
Folder Found : C:\WINDOWS\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

***** [Registry] *****

Key Found : HKCU\Software\APN
Key Found : HKCU\Software\Ask.com
Key Found : HKCU\Software\AskToolbar
Key Found : HKCU\Software\AVG Secure Search
Key Found : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\Software\APN
Key Found : HKLM\Software\AskToolbar
Key Found : HKLM\Software\AVG Secure Search
Key Found : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Found : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Found : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Key Found : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Found : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
Key Found : HKLM\SOFTWARE\Classes\S
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\MetaStream
Key Found : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Found : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
Key Found : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Found : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Key Found : HKLM\Software\Viewpoint
Key Found : HKU\S-1-5-21-2184955269-1971560106-2858983886-1006\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Found : HKU\S-1-5-21-2184955269-1971560106-2858983886-1006\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform [Hotbar 11.0.175.0]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://isearch.avg.com/tab?cid={393F062F-9ACD-49B6-9B01-6B5E365667AA}&mid=72246381d22a57d62f0a275ebf553cf7-b602d594afd2b0b327e07a06f36ca6a7e42546d0&lang=en&ds=AVG&pr=fr&d=2012-06-05 20:26:01&v=11.1.0.12&sap=nt

-\\ Google Chrome v21.0.1180.89

*************************

AdwCleaner[R1].txt - [8699 octets] - [18/09/2012 12:55:12]

########## EOF - C:\AdwCleaner[R1].txt - [8759 octets] ##########

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:01 AM

Posted 18 September 2012 - 01:04 PM

Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the text contents here

Any current issues?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users