Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Malwarebytes access denied


  • Please log in to reply
26 replies to this topic

#1 R.Peter

R.Peter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:05:12 AM

Posted 22 September 2012 - 12:30 PM

Malwarebytes access denied on loading program, -Redirect with firefox on google search

Edited by hamluis, 22 September 2012 - 12:56 PM.
Moved from XP to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:12 AM

Posted 22 September 2012 - 12:36 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 R.Peter

R.Peter
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:05:12 AM

Posted 22 September 2012 - 02:49 PM

How do I attach a file to my response post

#4 R.Peter

R.Peter
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:05:12 AM

Posted 22 September 2012 - 02:57 PM

13:44:23.0390 3820 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
13:44:23.0703 3820 ============================================================
13:44:23.0703 3820 Current date / time: 2012/09/22 13:44:23.0703
13:44:23.0703 3820 SystemInfo:
13:44:23.0703 3820
13:44:23.0703 3820 OS Version: 5.1.2600 ServicePack: 3.0
13:44:23.0703 3820 Product type: Workstation
13:44:23.0703 3820 ComputerName: 670WINXP
13:44:23.0703 3820 UserName: Wayne
13:44:23.0703 3820 Windows directory: C:\WINDOWS
13:44:23.0703 3820 System windows directory: C:\WINDOWS
13:44:23.0703 3820 Processor architecture: Intel x86
13:44:23.0703 3820 Number of processors: 4
13:44:23.0703 3820 Page size: 0x1000
13:44:23.0703 3820 Boot type: Normal boot
13:44:23.0703 3820 ============================================================
13:44:27.0296 3820 Drive \Device\Harddisk0\DR0 - Size: 0x87ACE3E00 (33.92 Gb), SectorSize: 0x200, Cylinders: 0x114B, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000058
13:44:27.0296 3820 Drive \Device\Harddisk1\DR1 - Size: 0x87ACE3E00 (33.92 Gb), SectorSize: 0x200, Cylinders: 0x114B, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000058
13:44:27.0312 3820 ============================================================
13:44:27.0312 3820 \Device\Harddisk0\DR0:
13:44:27.0312 3820 MBR partitions:
13:44:27.0312 3820 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x43D334C
13:44:27.0312 3820 \Device\Harddisk1\DR1:
13:44:27.0328 3820 MBR partitions:
13:44:27.0328 3820 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x43CF48B
13:44:27.0328 3820 ============================================================
13:44:27.0343 3820 C: <-> \Device\Harddisk0\DR0\Partition1
13:44:27.0375 3820 D: <-> \Device\Harddisk1\DR1\Partition1
13:44:27.0375 3820 ============================================================
13:44:27.0375 3820 Initialize success
13:44:27.0375 3820 ============================================================
13:45:06.0750 0368 ============================================================
13:45:06.0750 0368 Scan started
13:45:06.0750 0368 Mode: Manual; TDLFS;
13:45:06.0750 0368 ============================================================
13:45:07.0312 0368 ================ Scan system memory ========================
13:45:08.0828 0368 System memory - ok
13:45:08.0828 0368 ================ Scan services =============================
13:45:08.0921 0368 [ 28615E07C5B8803841A038418406B98E ] a320raid C:\WINDOWS\system32\DRIVERS\a320raid.sys
13:45:08.0921 0368 a320raid - ok
13:45:08.0937 0368 [ CBC2F80F0C6DA201886B0FB61901C241 ] aarich C:\WINDOWS\system32\DRIVERS\aarich.sys
13:45:09.0062 0368 aarich - ok
13:45:09.0062 0368 Abiosdsk - ok
13:45:09.0078 0368 abp480n5 - ok
13:45:09.0093 0368 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
13:45:09.0125 0368 ACPI - ok
13:45:09.0171 0368 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
13:45:09.0203 0368 ACPIEC - ok
13:45:09.0218 0368 [ 6D7F09CD92A9FEF3A8EFCE66231FDD79 ] adfs C:\WINDOWS\system32\drivers\adfs.sys
13:45:09.0218 0368 adfs - ok
13:45:09.0265 0368 [ E12CFCF1DDBFC50948A75E6E38793225 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
13:45:09.0265 0368 AdobeFlashPlayerUpdateSvc - ok
13:45:09.0281 0368 adpu160m - ok
13:45:09.0296 0368 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
13:45:09.0359 0368 aec - ok
13:45:09.0390 0368 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
13:45:09.0421 0368 AFD - ok
13:45:09.0421 0368 Aha154x - ok
13:45:09.0437 0368 aic78u2 - ok
13:45:09.0453 0368 aic78xx - ok
13:45:09.0468 0368 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
13:45:09.0500 0368 Alerter - ok
13:45:09.0515 0368 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
13:45:09.0546 0368 ALG - ok
13:45:09.0562 0368 AliIde - ok
13:45:09.0562 0368 amsint - ok
13:45:09.0593 0368 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
13:45:09.0640 0368 AppMgmt - ok
13:45:09.0640 0368 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
13:45:09.0703 0368 Arp1394 - ok
13:45:09.0703 0368 asc - ok
13:45:09.0718 0368 asc3350p - ok
13:45:09.0718 0368 asc3550 - ok
13:45:09.0781 0368 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
13:45:09.0843 0368 aspnet_state - ok
13:45:09.0859 0368 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
13:45:09.0890 0368 AsyncMac - ok
13:45:09.0921 0368 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
13:45:09.0984 0368 atapi - ok
13:45:10.0000 0368 Atdisk - ok
13:45:10.0015 0368 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
13:45:10.0078 0368 Atmarpc - ok
13:45:10.0093 0368 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
13:45:10.0109 0368 AudioSrv - ok
13:45:10.0125 0368 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
13:45:10.0140 0368 audstub - ok
13:45:10.0171 0368 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
13:45:10.0203 0368 Beep - ok
13:45:10.0234 0368 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
13:45:10.0281 0368 BITS - ok
13:45:10.0296 0368 [ A06CE3399D16DB864F55FAEB1F1927A9 ] Browser C:\WINDOWS\System32\browser.dll
13:45:10.0328 0368 Browser - ok
13:45:10.0343 0368 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
13:45:10.0375 0368 cbidf2k - ok
13:45:10.0390 0368 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
13:45:10.0421 0368 CCDECODE - ok
13:45:10.0468 0368 [ 8B2DB91DFCD1D0418CA0EC890C059219 ] ccEvtMgr C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
13:45:10.0484 0368 ccEvtMgr - ok
13:45:10.0484 0368 [ 8B2DB91DFCD1D0418CA0EC890C059219 ] ccSetMgr C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
13:45:10.0484 0368 ccSetMgr - ok
13:45:10.0500 0368 cd20xrnt - ok
13:45:10.0515 0368 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
13:45:10.0562 0368 Cdaudio - ok
13:45:10.0578 0368 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
13:45:10.0625 0368 Cdfs - ok
13:45:10.0640 0368 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
13:45:10.0703 0368 Cdrom - ok
13:45:10.0703 0368 cerc6 - ok
13:45:10.0718 0368 Changer - ok
13:45:10.0718 0368 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
13:45:10.0765 0368 CiSvc - ok
13:45:10.0781 0368 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
13:45:10.0843 0368 ClipSrv - ok
13:45:10.0859 0368 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:45:10.0921 0368 clr_optimization_v2.0.50727_32 - ok
13:45:10.0953 0368 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:45:10.0968 0368 clr_optimization_v4.0.30319_32 - ok
13:45:10.0984 0368 CmdIde - ok
13:45:11.0000 0368 [ 86A22DFF16E8CA67601044EFE6825537 ] COH_Mon C:\WINDOWS\system32\Drivers\COH_Mon.sys
13:45:11.0000 0368 COH_Mon - ok
13:45:11.0015 0368 [ 8ED4497E4CC0C030EAC8E2FFA1DD9679 ] COMMONFX C:\WINDOWS\system32\drivers\COMMONFX.SYS
13:45:11.0031 0368 COMMONFX - ok
13:45:11.0031 0368 [ 8ED4497E4CC0C030EAC8E2FFA1DD9679 ] COMMONFX.SYS C:\WINDOWS\System32\drivers\COMMONFX.SYS
13:45:11.0031 0368 COMMONFX.SYS - ok
13:45:11.0046 0368 COMSysApp - ok
13:45:11.0062 0368 Cpqarray - ok
13:45:11.0078 0368 [ 3411FDF098AA20193EEE5FFA36BA43B2 ] cpuz135 C:\WINDOWS\system32\drivers\cpuz135_x32.sys
13:45:11.0093 0368 cpuz135 - ok
13:45:11.0125 0368 [ C0EAD9F8AB83D41FF07303C75589C2B8 ] Creative Audio Engine Licensing Service C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
13:45:11.0390 0368 Creative Audio Engine Licensing Service - ok
13:45:11.0406 0368 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
13:45:11.0437 0368 CryptSvc - ok
13:45:11.0468 0368 [ C1E3B24CA4871BD2A8C3B95110E78721 ] ctac32k C:\WINDOWS\system32\drivers\ctac32k.sys
13:45:11.0468 0368 ctac32k - ok
13:45:11.0484 0368 [ 13E797253EA98C2574C878DE78CA691E ] ctaud2k C:\WINDOWS\system32\drivers\ctaud2k.sys
13:45:11.0500 0368 ctaud2k - ok
13:45:11.0515 0368 [ AB3456984B59D1425BEFC0D457D41DD4 ] CTAUDFX C:\WINDOWS\system32\drivers\CTAUDFX.SYS
13:45:11.0515 0368 CTAUDFX - ok
13:45:11.0546 0368 [ AB3456984B59D1425BEFC0D457D41DD4 ] CTAUDFX.SYS C:\WINDOWS\System32\drivers\CTAUDFX.SYS
13:45:11.0546 0368 CTAUDFX.SYS - ok
13:45:11.0578 0368 [ 87CB26A58E2B8BF57F4FC92838318C12 ] CTAudSvcService C:\Program Files\Creative\Shared Files\CTAudSvc.exe
13:45:11.0718 0368 CTAudSvcService - ok
13:45:11.0734 0368 [ D5E38C394787C1FBFC70E0C50345C25C ] ctdvda2k C:\WINDOWS\system32\drivers\ctdvda2k.sys
13:45:14.0890 0368 ctdvda2k - ok
13:45:14.0890 0368 [ B4297863E9FCE34C0493FCA66F0970A2 ] CTERFXFX C:\WINDOWS\system32\drivers\CTERFXFX.SYS
13:45:14.0906 0368 CTERFXFX - ok
13:45:14.0921 0368 [ B4297863E9FCE34C0493FCA66F0970A2 ] CTERFXFX.SYS C:\WINDOWS\System32\drivers\CTERFXFX.SYS
13:45:14.0921 0368 CTERFXFX.SYS - ok
13:45:14.0937 0368 [ D19AB3A7DF104250429000F26E0D4049 ] ctprxy2k C:\WINDOWS\system32\drivers\ctprxy2k.sys
13:45:14.0937 0368 ctprxy2k - ok
13:45:14.0968 0368 [ D665DA6B6AEA45B9DB090096F2AEF023 ] CTSBLFX C:\WINDOWS\system32\drivers\CTSBLFX.SYS
13:45:14.0968 0368 CTSBLFX - ok
13:45:14.0984 0368 [ D665DA6B6AEA45B9DB090096F2AEF023 ] CTSBLFX.SYS C:\WINDOWS\System32\drivers\CTSBLFX.SYS
13:45:15.0000 0368 CTSBLFX.SYS - ok
13:45:15.0015 0368 [ 27C23069325ACDC27021671424F11BC1 ] ctsfm2k C:\WINDOWS\system32\drivers\ctsfm2k.sys
13:45:15.0015 0368 ctsfm2k - ok
13:45:15.0015 0368 dac2w2k - ok
13:45:15.0031 0368 dac960nt - ok
13:45:15.0046 0368 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
13:45:15.0062 0368 DcomLaunch - ok
13:45:15.0078 0368 [ 1C420FBB33FDF3CE282B39E0C20B0E82 ] DefragFS C:\WINDOWS\system32\drivers\DefragFS.sys
13:45:15.0078 0368 DefragFS - ok
13:45:15.0109 0368 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
13:45:15.0109 0368 Dhcp - ok
13:45:15.0125 0368 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
13:45:15.0171 0368 Disk - ok
13:45:15.0187 0368 [ A0500678A33802D8954153839301D539 ] DLABMFSM C:\WINDOWS\system32\Drivers\DLABMFSM.SYS
13:45:15.0187 0368 DLABMFSM - ok
13:45:15.0203 0368 [ B8D2F68CAC54D46281399F9092644794 ] DLABOIOM C:\WINDOWS\system32\Drivers\DLABOIOM.SYS
13:45:15.0203 0368 DLABOIOM - ok
13:45:15.0218 0368 [ 0EE93AB799D1CB4EC90B36F3612FE907 ] DLACDBHM C:\WINDOWS\system32\Drivers\DLACDBHM.SYS
13:45:15.0234 0368 DLACDBHM - ok
13:45:15.0234 0368 [ 87413B94AE1FABC117C4E8AE6725134E ] DLADResM C:\WINDOWS\system32\Drivers\DLADResM.SYS
13:45:15.0234 0368 DLADResM - ok
13:45:15.0250 0368 [ 766A148235BE1C0039C974446E4C0EDC ] DLAIFS_M C:\WINDOWS\system32\Drivers\DLAIFS_M.SYS
13:45:15.0250 0368 DLAIFS_M - ok
13:45:15.0250 0368 [ 38267CCA177354F1C64450A43A4F7627 ] DLAOPIOM C:\WINDOWS\system32\Drivers\DLAOPIOM.SYS
13:45:15.0250 0368 DLAOPIOM - ok
13:45:15.0265 0368 [ FD363369FD313B46B5AEAB1A688B52E9 ] DLAPoolM C:\WINDOWS\system32\Drivers\DLAPoolM.SYS
13:45:15.0265 0368 DLAPoolM - ok
13:45:15.0281 0368 [ 336AE18F0912EF4FBE5518849E004D74 ] DLARTL_M C:\WINDOWS\system32\Drivers\DLARTL_M.SYS
13:45:15.0281 0368 DLARTL_M - ok
13:45:15.0281 0368 [ FD85F682C1CC2A7CA878C7A448E6D87E ] DLAUDFAM C:\WINDOWS\system32\Drivers\DLAUDFAM.SYS
13:45:15.0296 0368 DLAUDFAM - ok
13:45:15.0296 0368 [ AF389CE587B6BF5BBDCD6F6ABE5EABC0 ] DLAUDF_M C:\WINDOWS\system32\Drivers\DLAUDF_M.SYS
13:45:15.0296 0368 DLAUDF_M - ok
13:45:15.0312 0368 dmadmin - ok
13:45:15.0343 0368 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
13:45:15.0421 0368 dmboot - ok
13:45:15.0437 0368 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
13:45:15.0468 0368 dmio - ok
13:45:15.0484 0368 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
13:45:15.0500 0368 dmload - ok
13:45:15.0515 0368 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
13:45:15.0531 0368 dmserver - ok
13:45:15.0562 0368 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
13:45:15.0609 0368 DMusic - ok
13:45:15.0625 0368 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
13:45:15.0656 0368 Dnscache - ok
13:45:15.0671 0368 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
13:45:15.0734 0368 Dot3svc - ok
13:45:15.0734 0368 dpti2o - ok
13:45:15.0750 0368 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
13:45:15.0781 0368 drmkaud - ok
13:45:15.0781 0368 [ 5D3B71BB2BB0009D65D290E2EF374BD3 ] DRVMCDB C:\WINDOWS\system32\Drivers\DRVMCDB.SYS
13:45:15.0796 0368 DRVMCDB - ok
13:45:15.0812 0368 [ C591BA9F96F40A1FD6494DAFDCD17185 ] DRVNDDM C:\WINDOWS\system32\Drivers\DRVNDDM.SYS
13:45:15.0812 0368 DRVNDDM - ok
13:45:15.0828 0368 [ D94437E7EE086677B266099F695CDEA1 ] E1000 C:\WINDOWS\system32\DRIVERS\e1000325.sys
13:45:15.0906 0368 E1000 - ok
13:45:15.0921 0368 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
13:45:15.0953 0368 EapHost - ok
13:45:16.0000 0368 [ 85B8B4032A895A746D46A288A9B30DED ] eeCtrl C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
13:45:16.0015 0368 eeCtrl - ok
13:45:16.0031 0368 [ D03A26D94F3A24CC6C32D70BD63BAEAA ] emupia C:\WINDOWS\system32\drivers\emupia2k.sys
13:45:16.0031 0368 emupia - ok
13:45:16.0062 0368 [ B5A8A04A6E5B4E86B95B1553AA918F5F ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
13:45:16.0078 0368 EraserUtilRebootDrv - ok
13:45:16.0093 0368 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
13:45:16.0125 0368 ERSvc - ok
13:45:16.0140 0368 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
13:45:16.0203 0368 Eventlog - ok
13:45:16.0218 0368 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
13:45:16.0281 0368 EventSystem - ok
13:45:16.0296 0368 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
13:45:16.0343 0368 Fastfat - ok
13:45:16.0359 0368 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
13:45:16.0406 0368 FastUserSwitchingCompatibility - ok
13:45:16.0421 0368 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
13:45:16.0453 0368 Fdc - ok
13:45:16.0468 0368 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
13:45:16.0500 0368 Fips - ok
13:45:16.0531 0368 [ 1F63900E2EB00101B9ACA2B7A870704E ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
13:45:16.0578 0368 FLEXnet Licensing Service - ok
13:45:16.0578 0368 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
13:45:16.0609 0368 Flpydisk - ok
13:45:16.0625 0368 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
13:45:16.0656 0368 FltMgr - ok
13:45:16.0687 0368 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
13:45:16.0703 0368 FontCache3.0.0.0 - ok
13:45:16.0718 0368 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
13:45:16.0734 0368 Fs_Rec - ok
13:45:16.0750 0368 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
13:45:16.0781 0368 Ftdisk - ok
13:45:16.0781 0368 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
13:45:16.0812 0368 Gpc - ok
13:45:16.0859 0368 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
13:45:16.0859 0368 gupdate - ok
13:45:16.0875 0368 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
13:45:16.0875 0368 gupdatem - ok
13:45:16.0890 0368 [ F5F17B523E467FA3DDA7D9A40D296961 ] ha10kx2k C:\WINDOWS\system32\drivers\ha10kx2k.sys
13:45:16.0906 0368 ha10kx2k - ok
13:45:16.0906 0368 [ 42C81F4691681DED6E1FC639AABED570 ] hap16v2k C:\WINDOWS\system32\drivers\hap16v2k.sys
13:45:16.0921 0368 hap16v2k - ok
13:45:16.0937 0368 [ 29EE8F6FCD5E9B206C0D91923E882F6A ] hap17v2k C:\WINDOWS\system32\drivers\hap17v2k.sys
13:45:16.0937 0368 hap17v2k - ok
13:45:16.0968 0368 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
13:45:17.0000 0368 helpsvc - ok
13:45:17.0015 0368 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
13:45:17.0046 0368 HidServ - ok
13:45:17.0062 0368 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
13:45:17.0078 0368 HidUsb - ok
13:45:17.0109 0368 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
13:45:17.0171 0368 hkmsvc - ok
13:45:17.0187 0368 hpn - ok
13:45:17.0203 0368 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
13:45:17.0203 0368 HTTP - ok
13:45:17.0218 0368 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
13:45:17.0250 0368 HTTPFilter - ok
13:45:17.0265 0368 i2omgmt - ok
13:45:17.0265 0368 i2omp - ok
13:45:17.0281 0368 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
13:45:17.0328 0368 i8042prt - ok
13:45:17.0375 0368 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
13:45:17.0437 0368 idsvc - ok
13:45:17.0453 0368 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
13:45:17.0484 0368 Imapi - ok
13:45:17.0500 0368 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
13:45:17.0593 0368 ImapiService - ok
13:45:17.0609 0368 ini910u - ok
13:45:17.0625 0368 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
13:45:17.0640 0368 IntelIde - ok
13:45:17.0671 0368 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
13:45:17.0687 0368 intelppm - ok
13:45:17.0703 0368 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
13:45:17.0765 0368 Ip6Fw - ok
13:45:17.0781 0368 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
13:45:17.0812 0368 IpFilterDriver - ok
13:45:17.0828 0368 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
13:45:17.0875 0368 IpInIp - ok
13:45:17.0890 0368 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
13:45:17.0921 0368 IpNat - ok
13:45:17.0953 0368 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
13:45:18.0000 0368 IPSec - ok
13:45:18.0015 0368 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
13:45:18.0046 0368 IRENUM - ok
13:45:18.0078 0368 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
13:45:18.0109 0368 isapnp - ok
13:45:18.0156 0368 [ 9DBA73C2F1E76EC4CB837E67C5743596 ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
13:45:18.0156 0368 JavaQuickStarterService - ok
13:45:18.0171 0368 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
13:45:18.0203 0368 Kbdclass - ok
13:45:18.0218 0368 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
13:45:18.0234 0368 kbdhid - ok
13:45:18.0250 0368 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
13:45:18.0250 0368 kmixer - ok
13:45:18.0281 0368 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
13:45:18.0328 0368 KSecDD - ok
13:45:18.0343 0368 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
13:45:18.0390 0368 LanmanServer - ok
13:45:18.0406 0368 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
13:45:18.0437 0368 lanmanworkstation - ok
13:45:18.0453 0368 lbrtfdc - ok
13:45:18.0562 0368 [ 8098BB044FA73FF8F9EB3AC5128D3B11 ] LiveUpdate C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
13:45:18.0656 0368 LiveUpdate - ok
13:45:18.0687 0368 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
13:45:18.0703 0368 LmHosts - ok
13:45:18.0718 0368 [ 65E794E86468B61F2BC79ABC48BC4433 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
13:45:18.0765 0368 MBAMProtector - ok
13:45:18.0812 0368 [ BA400ED640BCA1EAE5C727AE17C10207 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
13:45:18.0812 0368 MBAMService - ok
13:45:18.0843 0368 [ 0DB7527DB188C7D967A37BB51BBF3963 ] MBAMSwissArmy C:\WINDOWS\system32\drivers\mbamswissarmy.sys
13:45:18.0890 0368 MBAMSwissArmy - ok
13:45:18.0921 0368 [ 7CF1B716372B89568AE4C0FE769F5869 ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
13:45:19.0328 0368 MDM - ok
13:45:19.0343 0368 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
13:45:19.0375 0368 Messenger - ok
13:45:19.0406 0368 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
13:45:19.0437 0368 Microsoft Office Groove Audit Service - ok
13:45:19.0453 0368 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
13:45:19.0468 0368 mnmdd - ok
13:45:19.0484 0368 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
13:45:19.0562 0368 mnmsrvc - ok
13:45:19.0578 0368 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
13:45:19.0625 0368 Modem - ok
13:45:19.0640 0368 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
13:45:19.0656 0368 Mouclass - ok
13:45:19.0671 0368 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
13:45:19.0703 0368 mouhid - ok
13:45:19.0718 0368 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
13:45:19.0765 0368 MountMgr - ok
13:45:19.0781 0368 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
13:45:19.0828 0368 MozillaMaintenance - ok
13:45:19.0843 0368 [ D993BEA500E7382DC4E760BF4F35EFCB ] MpFilter C:\WINDOWS\system32\DRIVERS\MpFilter.sys
13:45:19.0843 0368 MpFilter - ok
13:45:19.0906 0368 [ A69630D039C38018689190234F866D77 ] MpKsl14593a66 C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{1D39660D-9A0C-40AC-8451-1014F8D04F73}\MpKsl14593a66.sys
13:45:19.0906 0368 MpKsl14593a66 - ok
13:45:19.0921 0368 mraid35x - ok
13:45:19.0953 0368 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
13:45:19.0953 0368 MRxDAV - ok
13:45:19.0984 0368 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
13:45:20.0015 0368 MRxSmb - ok
13:45:20.0031 0368 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
13:45:20.0078 0368 MSDTC - ok
13:45:20.0093 0368 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
13:45:20.0187 0368 Msfs - ok
13:45:20.0187 0368 MSIServer - ok
13:45:20.0203 0368 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
13:45:20.0234 0368 MSKSSRV - ok
13:45:20.0265 0368 [ 24516BF4E12A46CB67302E2CDCB8CDDF ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe
13:45:20.0265 0368 MsMpSvc - ok
13:45:20.0281 0368 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
13:45:20.0312 0368 MSPCLOCK - ok
13:45:20.0312 0368 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
13:45:20.0343 0368 MSPQM - ok
13:45:20.0359 0368 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
13:45:20.0390 0368 mssmbios - ok
13:45:20.0437 0368 MSSQLSERVER - ok
13:45:20.0453 0368 [ 8E8E74C953EB0C4F8828D99D6F27FD6F ] MSSQLServerADHelper100 c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
13:45:20.0484 0368 MSSQLServerADHelper100 - ok
13:45:20.0500 0368 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
13:45:20.0515 0368 MSTEE - ok
13:45:20.0531 0368 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
13:45:20.0578 0368 Mup - ok
13:45:20.0593 0368 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
13:45:20.0640 0368 NABTSFEC - ok
13:45:20.0671 0368 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
13:45:20.0750 0368 napagent - ok
13:45:20.0796 0368 [ 8E4C77AD9BB279900C00F870CC0C674B ] NAVENG C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20120921.033\NAVENG.SYS
13:45:20.0796 0368 NAVENG - ok
13:45:20.0843 0368 [ 826F699B69E88A3920C70F344DD42D88 ] NAVEX15 C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20120921.033\NAVEX15.SYS
13:45:20.0859 0368 NAVEX15 - ok
13:45:20.0890 0368 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
13:45:20.0921 0368 NDIS - ok
13:45:20.0937 0368 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
13:45:20.0968 0368 NdisIP - ok
13:45:20.0984 0368 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
13:45:21.0000 0368 NdisTapi - ok
13:45:21.0015 0368 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
13:45:21.0046 0368 Ndisuio - ok
13:45:21.0062 0368 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
13:45:21.0125 0368 NdisWan - ok
13:45:21.0156 0368 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
13:45:21.0187 0368 NDProxy - ok
13:45:21.0203 0368 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
13:45:21.0234 0368 NetBIOS - ok
13:45:21.0250 0368 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
13:45:21.0296 0368 NetBT - ok
13:45:21.0312 0368 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
13:45:21.0421 0368 NetDDE - ok
13:45:21.0437 0368 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
13:45:21.0437 0368 NetDDEdsdm - ok
13:45:21.0453 0368 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
13:45:21.0468 0368 Netlogon - ok
13:45:21.0484 0368 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
13:45:21.0546 0368 Netman - ok
13:45:21.0562 0368 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:45:21.0578 0368 NetTcpPortSharing - ok
13:45:21.0593 0368 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
13:45:21.0640 0368 NIC1394 - ok
13:45:21.0656 0368 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
13:45:21.0671 0368 Nla - ok
13:45:21.0687 0368 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
13:45:21.0718 0368 Npfs - ok
13:45:21.0734 0368 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
13:45:21.0796 0368 Ntfs - ok
13:45:21.0812 0368 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
13:45:21.0812 0368 NtLmSsp - ok
13:45:21.0828 0368 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
13:45:21.0890 0368 NtmsSvc - ok
13:45:21.0906 0368 [ CF7E041663119E09D2E118521ADA9300 ] NuidFltr C:\WINDOWS\system32\DRIVERS\NuidFltr.sys
13:45:21.0906 0368 NuidFltr - ok
13:45:21.0921 0368 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
13:45:21.0937 0368 Null - ok
13:45:22.0109 0368 [ B961FA7CDB31E7F6D97185D8763A1267 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
13:45:22.0328 0368 nv - ok
13:45:22.0359 0368 [ 8314B51E228E23BEB34312795E10F2C2 ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
13:45:22.0437 0368 NVSvc - ok
13:45:22.0468 0368 [ DF7E53C78CB35FC8FEEF9B5EAAD4998D ] NVWMI C:\WINDOWS\system32\nvwmi.exe
13:45:22.0468 0368 NVWMI - ok
13:45:22.0484 0368 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
13:45:22.0515 0368 NwlnkFlt - ok
13:45:22.0515 0368 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
13:45:22.0562 0368 NwlnkFwd - ok
13:45:22.0593 0368 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
13:45:22.0656 0368 odserv - ok
13:45:22.0671 0368 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
13:45:22.0718 0368 ohci1394 - ok
13:45:22.0718 0368 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:45:22.0812 0368 ose - ok
13:45:22.0828 0368 [ 4B8AABB697AE81A61395A19CE4447D49 ] ossrv C:\WINDOWS\system32\drivers\ctoss2k.sys
13:45:22.0828 0368 ossrv - ok
13:45:22.0843 0368 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
13:45:22.0890 0368 Parport - ok
13:45:22.0906 0368 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
13:45:22.0921 0368 PartMgr - ok
13:45:22.0937 0368 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
13:45:22.0953 0368 ParVdm - ok
13:45:22.0968 0368 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
13:45:23.0031 0368 PCI - ok
13:45:23.0031 0368 PCIDump - ok
13:45:23.0046 0368 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
13:45:23.0062 0368 PCIIde - ok
13:45:23.0078 0368 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
13:45:23.0125 0368 Pcmcia - ok
13:45:23.0187 0368 [ 8C961BFBB8299457ABA0074B380AA1C0 ] PDAgent C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
13:45:23.0437 0368 PDAgent - ok
13:45:23.0453 0368 PDCOMP - ok
13:45:23.0515 0368 [ 4FEE2CC07B7E21260F989E165AE740E5 ] PDEngine C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe
13:45:23.0703 0368 PDEngine - ok
13:45:23.0703 0368 PDFRAME - ok
13:45:23.0718 0368 [ 40C611622882C3FCAFEB845C1E12A10F ] PDFSFilter C:\WINDOWS\system32\DRIVERS\PDFsFilter.sys
13:45:23.0781 0368 PDFSFilter - ok
13:45:23.0781 0368 PDRELI - ok
13:45:23.0796 0368 PDRFRAME - ok
13:45:23.0796 0368 perc2 - ok
13:45:23.0812 0368 perc2hib - ok
13:45:23.0828 0368 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
13:45:23.0843 0368 PlugPlay - ok
13:45:23.0859 0368 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
13:45:23.0859 0368 PolicyAgent - ok
13:45:23.0859 0368 PORTIO - ok
13:45:23.0875 0368 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
13:45:23.0906 0368 PptpMiniport - ok
13:45:23.0906 0368 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
13:45:23.0906 0368 ProtectedStorage - ok
13:45:23.0921 0368 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
13:45:23.0968 0368 PSched - ok
13:45:23.0968 0368 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
13:45:24.0000 0368 Ptilink - ok
13:45:24.0015 0368 [ 49452BFCEC22F36A7A9B9C2181BC3042 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
13:45:24.0015 0368 PxHelp20 - ok
13:45:24.0015 0368 ql1080 - ok
13:45:24.0031 0368 Ql10wnt - ok
13:45:24.0031 0368 ql12160 - ok
13:45:24.0046 0368 ql1240 - ok
13:45:24.0062 0368 ql1280 - ok
13:45:24.0078 0368 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
13:45:24.0078 0368 RasAcd - ok
13:45:24.0078 0368 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
13:45:24.0125 0368 RasAuto - ok
13:45:24.0140 0368 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
13:45:24.0171 0368 Rasl2tp - ok
13:45:24.0187 0368 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
13:45:24.0234 0368 RasMan - ok
13:45:24.0234 0368 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
13:45:24.0265 0368 RasPppoe - ok
13:45:24.0281 0368 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
13:45:24.0312 0368 Raspti - ok
13:45:24.0328 0368 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
13:45:24.0328 0368 Rdbss - ok
13:45:24.0328 0368 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
13:45:24.0343 0368 RDPCDD - ok
13:45:24.0375 0368 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
13:45:24.0375 0368 rdpdr - ok
13:45:24.0390 0368 [ 5B3055DAA788BD688594D2F5981F2A83 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
13:45:24.0406 0368 RDPWD - ok
13:45:24.0421 0368 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
13:45:24.0515 0368 RDSessMgr - ok
13:45:24.0531 0368 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
13:45:24.0578 0368 redbook - ok
13:45:24.0593 0368 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
13:45:24.0656 0368 RemoteAccess - ok
13:45:24.0671 0368 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
13:45:24.0703 0368 RemoteRegistry - ok
13:45:24.0718 0368 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
13:45:24.0765 0368 RpcLocator - ok
13:45:24.0796 0368 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\system32\rpcss.dll
13:45:24.0796 0368 RpcSs - ok
13:45:24.0828 0368 [ 66A54BF20084400A7DD5E3B69E008799 ] RsFx0151 C:\WINDOWS\system32\DRIVERS\RsFx0151.sys
13:45:24.0843 0368 RsFx0151 - ok
13:45:24.0875 0368 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
13:45:24.0968 0368 RSVP - ok
13:45:24.0968 0368 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
13:45:24.0968 0368 SamSs - ok
13:45:24.0984 0368 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
13:45:25.0062 0368 SCardSvr - ok
13:45:25.0078 0368 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
13:45:25.0125 0368 Schedule - ok
13:45:25.0140 0368 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
13:45:25.0187 0368 Secdrv - ok
13:45:25.0203 0368 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
13:45:25.0234 0368 seclogon - ok
13:45:25.0265 0368 [ B9C7617C1E8AB6FDFF75D3C8DAFCB4C8 ] senfilt C:\WINDOWS\system32\drivers\senfilt.sys
13:45:25.0375 0368 senfilt - ok
13:45:25.0390 0368 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
13:45:25.0421 0368 SENS - ok
13:45:25.0437 0368 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
13:45:25.0515 0368 serenum - ok
13:45:25.0531 0368 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
13:45:25.0625 0368 Serial - ok
13:45:25.0656 0368 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
13:45:25.0687 0368 Sfloppy - ok
13:45:25.0703 0368 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
13:45:25.0781 0368 SharedAccess - ok
13:45:25.0796 0368 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
13:45:25.0796 0368 ShellHWDetection - ok
13:45:25.0812 0368 Simbad - ok
13:45:25.0828 0368 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
13:45:25.0859 0368 SLIP - ok
13:45:25.0921 0368 [ 78C10C39FD37AD30DA47A3B44AFA3CD6 ] SmcService C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe
13:45:25.0937 0368 SmcService - ok
13:45:25.0968 0368 [ 0066FF77AEB4AE70066F7E94D5A6D866 ] smwdm C:\WINDOWS\system32\drivers\smwdm.sys
13:45:26.0000 0368 smwdm - ok
13:45:26.0031 0368 [ D1F0648103414146847DE8EEFCF86CFE ] SNAC C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE
13:45:26.0062 0368 SNAC - ok
13:45:26.0078 0368 Sparrow - ok
13:45:26.0109 0368 [ D7BB213566E16BCA372E2CB517EDA907 ] SPBBCDrv C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys
13:45:26.0125 0368 SPBBCDrv - ok
13:45:26.0140 0368 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
13:45:26.0156 0368 splitter - ok
13:45:26.0187 0368 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
13:45:26.0218 0368 Spooler - ok
13:45:26.0265 0368 [ 7D67C07C63796775CC5492BCFEAFF125 ] SQLBrowser c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
13:45:26.0312 0368 SQLBrowser - ok
13:45:26.0343 0368 [ 230C6AA1091190D2FDB40766CBD3DBBD ] SQLSERVERAGENT c:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE
13:45:26.0421 0368 SQLSERVERAGENT - ok
13:45:26.0437 0368 [ 8E6E5CFA06769A417B03FD6FAA29E010 ] SQLWriter c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
13:45:26.0437 0368 SQLWriter - ok
13:45:26.0468 0368 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
13:45:26.0515 0368 sr - ok
13:45:26.0531 0368 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
13:45:26.0578 0368 srservice - ok
13:45:26.0593 0368 [ 4D61A5C45F82E02E73019CD4B31BA6E0 ] SRTSP C:\WINDOWS\system32\Drivers\SRTSP.SYS
13:45:26.0593 0368 SRTSP - ok
13:45:26.0609 0368 [ 932381C43C212901B38F30D6B1B54BF6 ] SRTSPL C:\WINDOWS\system32\Drivers\SRTSPL.SYS
13:45:26.0640 0368 SRTSPL - ok
13:45:26.0656 0368 [ 0FBDA1995A1389EE36E5C9335C4EA3EB ] SRTSPX C:\WINDOWS\system32\Drivers\SRTSPX.SYS
13:45:26.0656 0368 SRTSPX - ok
13:45:26.0687 0368 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
13:45:26.0718 0368 Srv - ok
13:45:26.0750 0368 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
13:45:26.0781 0368 SSDPSRV - ok
13:45:26.0812 0368 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
13:45:26.0875 0368 stisvc - ok
13:45:26.0890 0368 [ DE3E7A2345EBAA3CE8E6957DFB55FB15 ] stllssvr C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
13:45:26.0953 0368 stllssvr - ok
13:45:26.0968 0368 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
13:45:27.0000 0368 streamip - ok
13:45:27.0015 0368 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
13:45:27.0046 0368 swenum - ok
13:45:27.0062 0368 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
13:45:27.0109 0368 swmidi - ok
13:45:27.0109 0368 SwPrv - ok
13:45:27.0187 0368 [ 6D76BDBDDF28A42A2B360CE4E7241602 ] Symantec AntiVirus C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
13:45:27.0203 0368 Symantec AntiVirus - ok
13:45:27.0218 0368 symc810 - ok
13:45:27.0218 0368 symc8xx - ok
13:45:27.0234 0368 [ C5EAFB6A8C73FB26B73EE613C1A5AEF6 ] SymEvent C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
13:45:27.0250 0368 SymEvent - ok
13:45:27.0265 0368 [ BE3C117150C055E50A4CAF23E548C856 ] SYMREDRV C:\WINDOWS\System32\Drivers\SYMREDRV.SYS
13:45:27.0265 0368 SYMREDRV - ok
13:45:27.0281 0368 [ 7B0AF4E22B32F8C5BFBA5A5D53522160 ] SYMTDI C:\WINDOWS\System32\Drivers\SYMTDI.SYS
13:45:27.0281 0368 SYMTDI - ok
13:45:27.0296 0368 sym_hi - ok
13:45:27.0296 0368 sym_u3 - ok
13:45:27.0312 0368 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
13:45:27.0359 0368 sysaudio - ok
13:45:27.0375 0368 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
13:45:27.0453 0368 SysmonLog - ok
13:45:27.0468 0368 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
13:45:27.0515 0368 TapiSrv - ok
13:45:27.0531 0368 [ 812AF6449F388331F5F3A952E551C84E ] tccp C:\WINDOWS\system32\DRIVERS\tccp.sys
13:45:27.0578 0368 tccp - ok
13:45:27.0593 0368 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
13:45:27.0640 0368 Tcpip - ok
13:45:27.0656 0368 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
13:45:27.0671 0368 TDPIPE - ok
13:45:27.0687 0368 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
13:45:27.0703 0368 TDTCP - ok
13:45:27.0718 0368 [ 0DC098CC18A974E7C1E96E6846BD06E4 ] Teefer2 C:\WINDOWS\system32\DRIVERS\teefer2.sys
13:45:27.0718 0368 Teefer2 - ok
13:45:27.0734 0368 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
13:45:27.0734 0368 TermDD - ok
13:45:27.0750 0368 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
13:45:27.0796 0368 TermService - ok
13:45:27.0812 0368 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
13:45:27.0812 0368 Themes - ok
13:45:27.0828 0368 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
13:45:27.0906 0368 TlntSvr - ok
13:45:27.0906 0368 TosIde - ok
13:45:27.0921 0368 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
13:45:27.0953 0368 TrkWks - ok
13:45:27.0968 0368 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
13:45:28.0031 0368 Udfs - ok
13:45:28.0046 0368 ultra - ok
13:45:28.0078 0368 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
13:45:28.0109 0368 Update - ok
13:45:28.0125 0368 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
13:45:28.0187 0368 upnphost - ok
13:45:28.0203 0368 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
13:45:28.0281 0368 UPS - ok
13:45:28.0312 0368 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
13:45:28.0359 0368 usbaudio - ok
13:45:28.0375 0368 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
13:45:28.0406 0368 usbccgp - ok
13:45:28.0421 0368 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
13:45:28.0453 0368 usbehci - ok
13:45:28.0468 0368 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
13:45:28.0515 0368 usbhub - ok
13:45:28.0546 0368 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
13:45:28.0578 0368 usbprint - ok
13:45:28.0593 0368 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
13:45:28.0640 0368 USBSTOR - ok
13:45:28.0656 0368 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
13:45:28.0687 0368 usbuhci - ok
13:45:28.0703 0368 [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
13:45:28.0718 0368 usbvideo - ok
13:45:28.0734 0368 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
13:45:28.0765 0368 VgaSave - ok
13:45:28.0765 0368 ViaIde - ok
13:45:28.0781 0368 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
13:45:28.0828 0368 VolSnap - ok
13:45:28.0843 0368 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
13:45:28.0921 0368 VSS - ok
13:45:28.0937 0368 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
13:45:28.0968 0368 W32Time - ok
13:45:28.0984 0368 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
13:45:29.0015 0368 Wanarp - ok
13:45:29.0031 0368 [ D6EFAF429FD30C5DF613D220E344CCE7 ] WDC_SAM C:\WINDOWS\system32\DRIVERS\wdcsam.sys
13:45:29.0062 0368 WDC_SAM - ok
13:45:29.0093 0368 [ FD47474BD21794508AF449D9D91AF6E6 ] Wdf01000 C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
13:45:29.0109 0368 Wdf01000 - ok
13:45:29.0109 0368 WDICA - ok
13:45:29.0125 0368 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
13:45:29.0171 0368 wdmaud - ok
13:45:29.0187 0368 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
13:45:29.0218 0368 WebClient - ok
13:45:29.0265 0368 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
13:45:29.0312 0368 winmgmt - ok
13:45:29.0359 0368 [ 18F347402DA544A780949B8FDF83351B ] WinRM C:\WINDOWS\system32\WsmSvc.dll
13:45:29.0453 0368 WinRM - ok
13:45:29.0484 0368 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
13:45:29.0515 0368 WmdmPmSN - ok
13:45:29.0546 0368 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll
13:45:29.0546 0368 Wmi - ok
13:45:29.0578 0368 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
13:45:29.0671 0368 WmiApSrv - ok
13:45:29.0718 0368 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
13:45:30.0046 0368 WMPNetworkSvc - ok
13:45:30.0093 0368 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
13:45:30.0171 0368 WPFFontCache_v0400 - ok
13:45:30.0187 0368 [ E52098E11A66288106D1FF4951C681E5 ] WPS C:\WINDOWS\system32\drivers\wpsdrvnt.sys
13:45:30.0203 0368 WPS - ok
13:45:30.0218 0368 [ FF983A25AE6F7D3F87F26BF51F02A201 ] WpsHelper C:\WINDOWS\system32\drivers\WpsHelper.sys
13:45:30.0218 0368 WpsHelper - ok
13:45:30.0234 0368 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
13:45:30.0281 0368 wscsvc - ok
13:45:30.0281 0368 WSearch - ok
13:45:30.0312 0368 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
13:45:30.0343 0368 WSTCODEC - ok
13:45:30.0375 0368 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
13:45:30.0390 0368 wuauserv - ok
13:45:30.0421 0368 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
13:45:30.0484 0368 WudfPf - ok
13:45:30.0500 0368 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
13:45:30.0578 0368 WudfRd - ok
13:45:30.0593 0368 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
13:45:30.0625 0368 WudfSvc - ok
13:45:30.0656 0368 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
13:45:30.0703 0368 WZCSVC - ok
13:45:30.0718 0368 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
13:45:30.0781 0368 xmlprov - ok
13:45:30.0796 0368 ================ Scan global ===============================
13:45:30.0812 0368 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
13:45:30.0875 0368 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
13:45:30.0937 0368 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
13:45:30.0953 0368 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
13:45:30.0953 0368 [Global] - ok
13:45:30.0953 0368 ================ Scan MBR ==================================
13:45:30.0968 0368 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
13:45:31.0171 0368 \Device\Harddisk0\DR0 - ok
13:45:31.0187 0368 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
13:45:31.0703 0368 \Device\Harddisk1\DR1 - ok
13:45:31.0703 0368 ================ Scan VBR ==================================
13:45:31.0718 0368 [ 50B456FA0C1C36A7A51852DF5D57A0C8 ] \Device\Harddisk0\DR0\Partition1
13:45:31.0718 0368 \Device\Harddisk0\DR0\Partition1 - ok
13:45:31.0718 0368 [ 9B2CA2422BC952647266FC3A33C5F083 ] \Device\Harddisk1\DR1\Partition1
13:45:31.0734 0368 \Device\Harddisk1\DR1\Partition1 - ok
13:45:31.0734 0368 ============================================================
13:45:31.0734 0368 Scan finished
13:45:31.0734 0368 ============================================================
13:45:31.0750 1472 Detected object count: 0
13:45:31.0750 1472 Actual detected object count: 0

ASW Report
aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-09-22 13:50:47
-----------------------------
13:50:47.828 OS Version: Windows 5.1.2600 Service Pack 3
13:50:47.828 Number of processors: 4 586 0x403
13:50:47.828 ComputerName: 670WINXP UserName: Wayne
13:50:48.375 Initialize success
13:52:59.046 AVAST engine defs: 12092200
13:53:33.031 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Scsi\a320raid1Port1Path0Target0Lun0
13:53:33.031 Disk 0 Vendor: FUJITSU_ 5B08 Size: 34732MB BusType: 1
13:53:33.031 Disk 1 \Device\Harddisk1\DR1 -> \Device\Scsi\a320raid1Port1Path0Target1Lun0
13:53:33.046 Disk 1 Vendor: FUJITSU_ 5605 Size: 34732MB BusType: 1
13:53:33.046 Disk 0 MBR read successfully
13:53:33.046 Disk 0 MBR scan
13:53:33.078 Disk 0 Windows XP default MBR code
13:53:33.093 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 34726 MB offset 63
13:53:33.109 Disk 0 scanning sectors +71119755
13:53:33.156 Disk 0 scanning C:\WINDOWS\system32\drivers
13:54:01.906 Service scanning
13:54:26.406 Service MpKsl14593a66 C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{1D39660D-9A0C-40AC-8451-1014F8D04F73}\MpKsl14593a66.sys **LOCKED** 32
13:54:44.734 Service Teefer2 C:\WINDOWS\system32\DRIVERS\teefer2.sys **LOCKED** 32
13:54:48.671 Service WPS C:\WINDOWS\system32\drivers\wpsdrvnt.sys **LOCKED** 32
13:54:48.781 Service WpsHelper C:\WINDOWS\system32\drivers\WpsHelper.sys **LOCKED** 32
13:54:50.109 Modules scanning
13:55:07.468 Disk 0 trace - called modules:
13:55:07.468 ntkrnlpa.exe CLASSPNP.SYS disk.sys SCSIPORT.SYS hal.dll a320raid.sys
13:55:07.484 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8ae11030]
13:55:07.484 3 CLASSPNP.SYS[b8108fd7] -> nt!IofCallDriver -> \Device\Scsi\a320raid1Port1Path0Target0Lun0[0x8ae15a38]
13:55:07.734 AVAST engine scan C:\WINDOWS
13:55:17.203 AVAST engine scan C:\WINDOWS\system32
14:03:32.734 AVAST engine scan C:\WINDOWS\system32\drivers
14:04:07.984 AVAST engine scan C:\Documents and Settings\Wayne
14:28:31.140 AVAST engine scan C:\Documents and Settings\All Users
14:30:24.671 Scan finished successfully
14:32:53.093 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Wayne\Desktop\MBR.dat"
14:32:53.093 The log file has been saved successfully to "C:\Documents and Settings\Wayne\Desktop\aswMBR -Report.txt"


ESET SCan no report

#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:12 AM

Posted 22 September 2012 - 02:58 PM

Explain what are the issues you currently have.

Is your files hidden?

Can you boot into normal mode?

Did you run ESET scan in safemode or normal mode?

Edited by narenxp, 22 September 2012 - 03:18 PM.


#6 R.Peter

R.Peter
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:05:12 AM

Posted 22 September 2012 - 03:45 PM

Redirect with firefox on google search
Malwarebytes "access denied" on installing---loading Malwarebytes program,
ESET Scanned! no issues no report

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:12 AM

Posted 22 September 2012 - 03:50 PM

Is your files hidden?


?

#8 R.Peter

R.Peter
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:05:12 AM

Posted 22 September 2012 - 04:39 PM

The only files I can say are that hidden right now are my favorites in "Internet explorer"

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:12 AM

Posted 22 September 2012 - 04:45 PM

Boot into safemode with networking and run this tool

http://www.bleepingcomputer.com/download/unhide/

This should unhide your files

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.



Download

adware cleaner

Launch it click on Delete

post the generated log

#10 R.Peter

R.Peter
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:05:12 AM

Posted 25 September 2012 - 03:04 AM

Hi,
Ia sorry I have not responded back earlier. I have tried and executed all the steps you gave in the last post.

(1) the missing files have come back. Thanks

(2) However, MBam is having a real problem with "Spyware.Password"
Safe mode-with and without network almost gets it
MBam then freezes op in standard mode after about a minute of scanning.
(3)MiniToolBox by Farbar Version: 23-07-2012
Ran by Wayne (administrator) on 24-09-2012 at 03:33:09
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

========================= Hosts content: =================================


127.0.0.1 localhost
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com

========================= IP Configuration: ================================

1394 Net Adapter = 1394 Connection (Connected)
Intel® PRO/1000 MTW Network Connection = Local Area Connection 2 (Connected)
1394 Net Adapter = 1394 Connection 3 (Connected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection 2"

set address name="Local Area Connection 2" source=dhcp
set dns name="Local Area Connection 2" source=dhcp register=PRIMARY
set wins name="Local Area Connection 2" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : 670winxp

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Broadcast

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No

DNS Suffix Search List. . . . . . : launchmodem.com



Ethernet adapter Local Area Connection 2:



Connection-specific DNS Suffix . : launchmodem.com

Description . . . . . . . . . . . : Intel® PRO/1000 MTW Network Connection

Physical Address. . . . . . . . . : 00-13-72-7D-28-E6

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.2.102

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.2.1

DHCP Server . . . . . . . . . . . : 192.168.2.1

DNS Servers . . . . . . . . . . . : 192.168.1.254

Lease Obtained. . . . . . . . . . : Monday, September 24, 2012 3:21:51 AM

Lease Expires . . . . . . . . . . : Tuesday, September 25, 2012 3:21:51 AM

Server: launchmodem
Address: 192.168.1.254

Name: google.com
Addresses: 74.125.229.160, 74.125.229.161, 74.125.229.162, 74.125.229.163
74.125.229.164, 74.125.229.165, 74.125.229.166, 74.125.229.167, 74.125.229.168
74.125.229.169, 74.125.229.174



Pinging google.com [74.125.229.160] with 32 bytes of data:



Reply from 74.125.229.160: bytes=32 time=33ms TTL=51

Reply from 74.125.229.160: bytes=32 time=19ms TTL=51



Ping statistics for 74.125.229.160:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 19ms, Maximum = 33ms, Average = 26ms

Server: launchmodem
Address: 192.168.1.254

Name: yahoo.com
Addresses: 72.30.38.140, 98.138.253.109, 98.139.183.24



Pinging yahoo.com [72.30.38.140] with 32 bytes of data:



Reply from 72.30.38.140: bytes=32 time=289ms TTL=46

Reply from 72.30.38.140: bytes=32 time=338ms TTL=46



Ping statistics for 72.30.38.140:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 289ms, Maximum = 338ms, Average = 313ms

Server: launchmodem
Address: 192.168.1.254

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:



Request timed out.

Request timed out.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 13 72 7d 28 e6 ...... Intel® PRO/1000 MTW Network Connection - Teefer2 Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.2.1 192.168.2.102 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.2.0 255.255.255.0 192.168.2.102 192.168.2.102 20
192.168.2.102 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.2.255 255.255.255.255 192.168.2.102 192.168.2.102 20
224.0.0.0 240.0.0.0 192.168.2.102 192.168.2.102 20
255.255.255.255 255.255.255.255 192.168.2.102 192.168.2.102 1
Default Gateway: 192.168.2.1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/23/2012 08:41:34 PM) (Source: Outlook) (User: )
Description: Failed to determine if the store is in the crawl scope (error=0x8007043c).

Error: (09/23/2012 08:41:34 PM) (Source: Outlook) (User: )
Description: Failed to get the Crawl Scope Manager with error=0x8007043c.

Error: (09/23/2012 08:41:33 PM) (Source: Outlook) (User: )
Description: Failed to determine if the store is in the crawl scope (error=0x8007043c).

Error: (09/23/2012 08:41:33 PM) (Source: Outlook) (User: )
Description: Failed to get the Crawl Scope Manager with error=0x8007043c.

Error: (09/23/2012 08:10:36 PM) (Source: Outlook) (User: )
Description: Failed to determine if the store is in the crawl scope (error=0x8007043c).

Error: (09/23/2012 08:10:36 PM) (Source: Outlook) (User: )
Description: Failed to get the Crawl Scope Manager with error=0x8007043c.

Error: (09/23/2012 08:10:35 PM) (Source: Outlook) (User: )
Description: Failed to determine if the store is in the crawl scope (error=0x8007043c).

Error: (09/23/2012 08:10:35 PM) (Source: Outlook) (User: )
Description: Failed to get the Crawl Scope Manager with error=0x8007043c.

Error: (09/23/2012 11:00:05 AM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown

Error: (09/22/2012 11:51:53 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\MALWAREBYTES' ANTI-MALWARE\UNINSTALL MALWAREBYTES ANTI-MALWARE.LNK> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)


System errors:
=============
Error: (09/24/2012 02:00:33 AM) (Source: 0) (User: )
Description: 0xC0000001HarddiskVolume1

Error: (09/24/2012 02:00:27 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service MSIServer with arguments ""
in order to run the server:
{000C101C-0000-0000-C000-000000000046}

Error: (09/24/2012 02:00:26 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service MSIServer with arguments ""
in order to run the server:
{000C101C-0000-0000-C000-000000000046}

Error: (09/24/2012 01:57:39 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (09/24/2012 01:33:07 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
AFD
eeCtrl
Fips
IntelIde
intelppm
IPSec
MpFilter
MRxSmb
NetBIOS
NetBT
ohci1394
RasAcd
Rdbss
SPBBCDrv
SRTSP
SRTSPX
SYMTDI
Tcpip
WPS

Error: (09/24/2012 01:33:07 AM) (Source: Service Control Manager) (User: )
Description: The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error:
%%31

Error: (09/24/2012 01:33:07 AM) (Source: Service Control Manager) (User: )
Description: The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error:
%%31

Error: (09/24/2012 01:33:07 AM) (Source: Service Control Manager) (User: )
Description: The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error:
%%31

Error: (09/24/2012 01:33:07 AM) (Source: Service Control Manager) (User: )
Description: The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error:
%%31

Error: (09/24/2012 01:32:41 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}


Microsoft Office Sessions:
=========================
Error: (08/25/2012 00:39:39 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 26796 seconds with 360 seconds of active time. This session ended with a crash.

Error: (06/06/2012 07:28:04 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 56493 seconds with 480 seconds of active time. This session ended with a crash.

Error: (04/02/2012 08:58:09 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 137303 seconds with 360 seconds of active time. This session ended with a crash.

Error: (03/31/2012 06:35:24 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 112390 seconds with 1980 seconds of active time. This session ended with a crash.


=========================== Installed Programs ============================

Adobe AIR (Version: 2.7.0.19530)
Adobe Anchor Service CS4 (Version: 2.0)
Adobe Bridge CS4 (Version: 3)
Adobe CMaps CS4 (Version: 2.0)
Adobe Color - Photoshop Specific CS4 (Version: 2.0)
Adobe Color EU Extra Settings CS4 (Version: 2.0)
Adobe Color JA Extra Settings CS4 (Version: 2.0)
Adobe Color NA Recommended Settings CS4 (Version: 2.0)
Adobe Color Video Profiles CS CS4 (Version: 2.0)
Adobe CSI CS4 (Version: 1)
Adobe Default Language CS4 (Version: 2.0)
Adobe Device Central CS4 (Version: 2)
Adobe Drive CS4 (Version: 1)
Adobe ExtendScript Toolkit CS4 (Version: 3.0.0)
Adobe Extension Manager CS4 (Version: 2.0)
Adobe Flash Player 11 ActiveX (Version: 11.4.402.278)
Adobe Flash Player 11 Plugin (Version: 11.4.402.265)
Adobe Fonts All (Version: 2.0)
Adobe FrameMaker v8 (Version: 8)
Adobe InDesign CS4 (Version: 6.0)
Adobe InDesign CS4 Application Feature Set Files (Roman) (Version: 6.0)
Adobe InDesign CS4 Common Base Files (Version: 6.0)
Adobe InDesign CS4 Icon Handler (Version: 6.0)
Adobe Linguistics CS4 (Version: 4.0.0)
Adobe Output Module (Version: 2.0)
Adobe PDF Library Files CS4 (Version: 9.0)
Adobe Photoshop CS4 (Version: 11.0)
Adobe Photoshop CS4 Support (Version: 11.0)
Adobe Reader X (10.1.4) (Version: 10.1.4)
Adobe Search for Help (Version: 1.0)
Adobe Service Manager Extension (Version: 1.0)
Adobe Setup (Version: 2.0)
Adobe SGM CS4 (Version: 3.0)
Adobe Shockwave Player 11.6 (Version: 11.6.0.626)
Adobe SING CS4 (Version: 2.0)
Adobe SVG Viewer 3.0 (Version: 3.0)
Adobe Type Support CS4 (Version: 9.0)
Adobe Update Manager CS4 (Version: 6.0.0)
Adobe WinSoft Linguistics Plugin (Version: 1.1)
Adobe XMP Panels CS4 (Version: 2.0)
AdobeColorCommonSetCMYK (Version: 2.0)
AdobeColorCommonSetRGB (Version: 2.0)
Apple Application Support (Version: 2.1.7)
Apple Software Update (Version: 2.1.3.127)
Ask Toolbar (Version: 1.14.1.0)
Ask Toolbar Updater (Version: 1.2.0.20007)
Combined Community Codec Pack 2008-09-21 16:18 (Version: 2008.09.21.0)
Connect (Version: 1.0.0.1)
CoreAVC Professional Edition (remove only)
CPUID CPU-Z 1.60
Creative Audio Console (Version: 1.32)
Creative Software AutoUpdate (Version: 1.40)
ESET Online Scanner v3
Google Earth (Version: 6.2.2.6613)
Google Update Helper (Version: 1.3.21.123)
Haali Media Splitter
hp deskjet 5550 series (Remove only)
Image Plugin (Version: 3.04.0226)
Intel® PRO Network Connections Drivers
Java Auto Updater (Version: 2.0.5.1)
Java™ 6 Update 26 (Version: 6.0.260)
Junk Mail filter update (Version: 14.0.8117.416)
kuler (Version: 2.0)
LiveUpdate 3.3 (Symantec Corporation) (Version: 3.3.0.83)
Malwarebytes Anti-Malware version 1.65.0.1400 (Version: 1.65.0.1400)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Mathematics (Version: 4.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Report Viewer Redistributable 2008 (KB971119) (Version: 9.0.30731)
Microsoft Report Viewer Redistributable 2008 SP1
Microsoft Security Client (Version: 4.0.1526.0)
Microsoft Security Essentials (Version: 4.0.1526.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft Software Update for Web Folders (English) 12 (Version: 12.0.6612.1000)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft SQL Server 2008 R2
Microsoft SQL Server 2008 R2 Native Client (Version: 10.51.2500.0)
Microsoft SQL Server 2008 R2 Policies (Version: 10.50.1600.1)
Microsoft SQL Server 2008 R2 RsFx Driver (Version: 10.51.2500.0)
Microsoft SQL Server 2008 R2 Setup (English) (Version: 10.51.2500.0)
Microsoft SQL Server 2008 Setup Support Files (Version: 10.1.2731.0)
Microsoft SQL Server Browser (Version: 10.51.2500.0)
Microsoft SQL Server Compact 3.5 SP2 ENU (Version: 3.5.8080.0)
Microsoft SQL Server Compact 3.5 SP2 Query Tools ENU (Version: 3.5.8080.0)
Microsoft SQL Server VSS Writer (Version: 10.51.2500.0)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft VC80 Support DLLs (Version: 1.0.0)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (Version: 9.0.35191)
Mozilla Firefox 15.0.1 (x86 en-US) (Version: 15.0.1)
Mozilla Maintenance Service (Version: 15.0.1)
MSVCRT (Version: 14.0.1468.721)
NVIDIA Control Panel 275.89 (Version: 275.89)
NVIDIA Drivers
NVIDIA Graphics Driver 275.89 (Version: 275.89)
NVIDIA Install Application (Version: 2.275.82.0)
NVIDIA nView 135.85 (Version: 135.85)
NVIDIA nView Desktop Manager (Version: 6.14.10.13585)
NVIDIA Performance Drivers (Version: 1.0.0.1)
NVIDIA WMI 275.89 (Version: 275.89)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
PC TuneUp Maestro (Version: 2.10.3.114)
PDF Settings CS4 (Version: 9.0)
PerfectDisk 12.5 Professional (Version: 12.05.311)
Photoshop Camera Raw (Version: 5.0)
PowerDVD (Version: 8.1)
QuickTime (Version: 7.72.80.56)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealUpgrade 1.1 (Version: 1.1.0)
Rhinoceros 4.0 (Version: 4.0.20118)
Roxio Activation Module (Version: 1.0)
Roxio Creator Audio (Version: 3.5.0)
Roxio Creator Copy (Version: 3.5.0)
Roxio Creator Data (Version: 3.5.0)
Roxio Creator DE (Version: 3.5.0)
Roxio Creator Tools (Version: 3.5.0)
Roxio Drag-to-Disc (Version: 9.1)
Roxio Express Labeler 3 (Version: 3.2.1)
Segoe UI (Version: 14.0.4327.805)
Service Pack 1 for SQL Server 2008 R2 (KB2528583) (Version: 10.51.2500.0)
Sonic CinePlayer Decoder Pack (Version: 4.2.0)
SoundMAX (Version: 5.12.01.7000)
SQL Server 2008 R2 SP1 Common Files (Version: 10.51.2500.0)
SQL Server 2008 R2 SP1 Database Engine Services (Version: 10.51.2500.0)
SQL Server 2008 R2 SP1 Database Engine Shared (Version: 10.51.2500.0)
SQL Server 2008 R2 SP1 Management Studio (Version: 10.51.2500.0)
Sql Server Customer Experience Improvement Program (Version: 10.50.1600.1)
Suite Shared Configuration CS4 (Version: 1.0)
Super Flexible File Synchronizer v4.95 (Version: 4.95)
swMSM (Version: 12.0.0.1)
Symantec Endpoint Protection Client (Version: 12.0.122.192)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687407) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Microsoft Windows (KB971513)
Update for Windows Internet Explorer 8 (KB2447568) (Version: 1)
Update for Windows Internet Explorer 8 (KB976662) (Version: 1)
Update for Windows Internet Explorer 8 (KB982632) (Version: 1)
Update for Windows XP (KB2141007) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2492386) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2616676-v2) (Version: 2)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB2736233) (Version: 1)
Update for Windows XP (KB898461) (Version: 1)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
WebFldrs XP (Version: 9.50.7523)
Windows 7 Upgrade Advisor (Version: 2.0.5000.0)
Windows Genuine Advantage Notifications (KB905474) (Version: 1.9.0040.0)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Essentials (Version: 14.0.8117.0416)
Windows Live Essentials (Version: 14.0.8117.416)
Windows Live Mail (Version: 14.0.8117.0416)
Windows Live Photo Gallery (Version: 14.0.8117.416)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Sync (Version: 14.0.8117.416)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Live Writer (Version: 14.0.8117.0416)
Windows Management Framework Core
Windows Media Format 11 runtime
Windows Media Player 11
Windows Search 4.0 (Version: 04.00.6001.503)
WinRAR archiver

========================= Memory info: ===================================

Percentage of memory in use: 31%
Total physical RAM: 3070.07 MB
Available physical RAM: 2093.28 MB
Total Pagefile: 5979.3 MB
Available Pagefile: 5173.55 MB
Total Virtual: 2047.88 MB
Available Virtual: 1972.41 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:33.91 GB) (Free:7.27 GB) NTFS
3 Drive d: () (Fixed) (Total:33.9 GB) (Free:17.08 GB) NTFS

========================= Users: ========================================

User accounts for \\670WINXP

Administrator ASPNET Guest
HelpAssistant SUPPORT_388945a0 Wayne


**** End of log ****

Farbar Service Scanner Version: 19-09-2012
Ran by Wayne (administrator) on 24-09-2012 at 03:45:47
Running from "C:\Documents and Settings\Wayne\Desktop"
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
Gpc(3) IPSec(5) NetBT(6) PSched(7) SYMTDI(8) Tcpip(4) WPS(9)
0x09000000050000000100000002000000030000000400000008000000090000000600000007000000
IpSec Tag value is correct.

**** End of log ****

# AdwCleaner v2.003 - Logfile created 09/24/2012 at 03:51:49
# Updated 23/09/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Wayne - 670WINXP
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Wayne\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
Folder Deleted : C:\Documents and Settings\Wayne\Application Data\Mozilla\Firefox\Profiles\p8qmq2n6.default\extensions\toolbar@ask.com
Folder Deleted : C:\Documents and Settings\Wayne\Local Settings\Application Data\APN
Folder Deleted : C:\Documents and Settings\Wayne\Local Settings\Application Data\AskToolbar
Folder Deleted : C:\Program Files\Ask.com
Folder Deleted : C:\WINDOWS\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

***** [Registry] *****

Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\AskToolbar
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKLM\Software\APN
Key Deleted : HKLM\Software\AskToolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

Restored : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]

-\\ Mozilla Firefox v15.0.1 (en-US)

Profile name : default
File : C:\Documents and Settings\Wayne\Application Data\Mozilla\Firefox\Profiles\p8qmq2n6.default\prefs.js

[OK] File is clean.

*************************

AdwCleaner[S2].txt - [4148 octets] - [24/09/2012 03:51:49]

########## EOF - C:\AdwCleaner[S2].txt - [4208 octets] ##########

Thanks,
R.Peter

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:12 AM

Posted 25 September 2012 - 06:56 AM

Can you post the MBAM log in safemode with networking

Download

Junkware removal tool

Launch it and scan should start running.After scan gets completed,post the generated log here.


Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

Edited by narenxp, 25 September 2012 - 06:56 AM.


#12 R.Peter

R.Peter
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:05:12 AM

Posted 25 September 2012 - 11:34 AM

Hi,

Global Mutex not properly initiated Symantex update error code 2761 (when trying to update this morning)

Xp security update Windows XP KB 396 ill not install

Windows installer hangs up






Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Database version: v2012.09.23.08

Windows XP Service Pack 3 x86 NTFS (Safe Mode/Networking)
Internet Explorer 8.0.6001.18702
Wayne :: 670WINXP [administrator]

9/25/2012 10:54:35 AM
mbam-log-2012-09-25 (10-54-35).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 316319
Time elapsed: 20 minute(s), 48 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\PROGRAM FILES\SYMANTEC\SYMANTEC ENDPOINT PROTECTION\XDELTA\XDELTA3.EXE (Spyware.Password) -> Data: 1 -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 2
C:\Program Files\Symantec\Symantec Endpoint Protection\XDelta\xdelta3.exe (Spyware.Password) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{57A7B785-5B2D-4768-A733-B3F318651C30}\RP505\A0080914.exe (Spyware.Password) -> Quarantined and deleted successfully.

(end)






Junkware Removal Tool (JRT) by Thisisu
Version: 1.0.7 (09.24.2012)
OS: Microsoft Windows XP x86
Ran by Wayne on Tue 09/25/2012 at 12:04:44.84
Blog: http://thisisudax.blogspot.com
**************************************************************




*** Registry Values: 0 Detections



*** Registry Keys:

Successfully deleted: [KEY] hkey_current_user\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}
Successfully deleted: [KEY] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}



*** Files: 0 Detections



*** Folders: 0 Detections



*** FireFox detected and repaired:

Trojan:Win32/Tracur.AV Detected!
Successfully deleted: jmjlfsccsx@jmjlfsccsx.org.xpi
The below lines were deleted from [FF prefs.js]

=============================

=============================



*** Event Viewer Logs - NOT cleared





**************************************************************
Scan was completed on Tue 09/25/2012 at 12:04:45.89
End of Report



Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 09/25/2012 12:16:33 PM in x86 mode.
Windows Version: Microsoft Windows XP Service Pack 3

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\WINDOWS\system32\CTHELPER.EXE (PID: 2484) [WD-HEUR]

1 proccess terminated!

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Firewall Disabled

[HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = dword:00000000

* SMTMP folder detected. Please see this link for more information: http://www.bleepingcomputer.com/forums/topic405109.html

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com

Program finished at: 09/25/2012 12:17:25 PM
Execution time: 0 hours(s), 0 minute(s), and 51 seconds(s)


"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files\common files\adobe\arm\1.0\adobearm.exe"
+ "AdobeCS4ServiceManager" "Adobe CS4 Service Manager" "Adobe Systems Incorporated" "c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe"
+ "APSDaemon" "Apple Push" "Apple Inc." "c:\program files\common files\apple\apple application support\apsdaemon.exe"
+ "ccApp" "Symantec User Session" "Symantec Corporation" "c:\program files\common files\symantec shared\ccapp.exe"
+ "CTHelper" "CtHelper Application" "Creative Technology Ltd" "c:\windows\system32\cthelper.exe"
+ "ExtremeSync Background Scheduler" "" "Super Flexible Software Ltd. & Co. KG" "c:\program files\superflexible\extremesyncservice.exe"
+ "GrooveMonitor" "GrooveMonitor Utility" "Microsoft Corporation" "c:\program files\microsoft office\office12\groovemonitor.exe"
+ "HPDJ Taskbar Utility" "" "HP" "c:\windows\system32\spool\drivers\w32x86\3\hpztsb07.exe"
+ "LifeCam" "LifeExp.exe" "Microsoft Corporation" "c:\program files\microsoft lifecam\lifeexp.exe"
+ "MSC" "Microsoft Security Client User Interface" "Microsoft Corporation" "c:\program files\microsoft security client\msseces.exe"
+ "NvCplDaemon" "NVIDIA Display Properties Extension" "NVIDIA Corporation" "c:\windows\system32\nvcpl.dll"
+ "NvMediaCenter" "NVIDIA Media Center Library" "NVIDIA Corporation" "c:\windows\system32\nvmctray.dll"
+ "nwiz" "NVIDIA nView Wizard, Version 111.76 " "NVIDIA Corporation" "c:\windows\system32\nwiz.exe"
+ "QuickTime Task" "QuickTime Task" "Apple Inc." "c:\program files\quicktime\qttask.exe"
+ "SoundMAXPnP" "SMax4PNP MFC Application" "Analog Devices, Inc." "c:\program files\analog devices\core\smax4pnp.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Address Book 6" "Outlook Express Setup Library" "Microsoft Corporation" "c:\program files\outlook express\setup50.exe"
+ "Microsoft Outlook Express 6" "Outlook Express Setup Library" "Microsoft Corporation" "c:\program files\outlook express\setup50.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "APN" "" "" "File not found: C:\Documents and Settings\Wayne\Local Settings\Application Data\Apple\APN\lxexf.dll"
+ "ISUSPM" "Macrovision Software Manager" "Macrovision Corporation" "c:\program files\common files\installshield\updateservice\isuspm.exe"
+ "MSMSGS" "Windows Messenger" "Microsoft Corporation" "c:\program files\messenger\msmsgs.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office12\msoxmlmf.dll"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "grooveLocalGWS" "GrooveSystemServices Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\groovesystemservices.dll"
+ "ms-help" "Microsoft® Help Data Services Module" "Microsoft Corporation" "c:\program files\common files\microsoft shared\help\hxds.dll"
+ "wlmailhtml" "Windows Live Mail" "Microsoft Corporation" "c:\program files\windows live\mail\mailcomm.dll"
"HKCU\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components" "" "" ""
+ "0" "" "" "File not found: About:Home"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" "" "" ""
+ "Groove GFS Stub Execution Hook" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveshellextensions.dll"
+ "Windows Desktop Search Namespace Manager" "Windows Search Namespace Manager" "Microsoft Corporation" "c:\program files\windows desktop search\msnlnamespacemgr.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll"
+ "LDVPMenu" "Symantec AntiVirus" "Symantec Corporation" "c:\program files\symantec\symantec endpoint protection\vpshell2.dll"
+ "RhinoShExt" "Rhino 3DM File Extension" "Robert McNeel & Associates" "c:\program files\rhinoceros 4.0\system\rhinoshext.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveshellextensions.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "Adobe Drive CS4" "Adobe Drive Menu" "Adobe Systems Incorporated" "c:\program files\common files\adobe\adobe drive cs4\adfsmenu.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveshellextensions.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveshellextensions.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "Roxio DragToDisc Shell Extension" "DirectCD Shell Extention DLL" "Roxio" "c:\program files\roxio\drag-to-disc\shellex.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Classes\Directory\Shellex\CopyHookHandlers" "" "" ""
+ "Roxio DragToDisc Shell Extension" "DirectCD Shell Extention DLL" "Roxio" "c:\program files\roxio\drag-to-disc\shellex.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "00nView" "NVIDIA Desktop Explorer, Version 111.76 " "NVIDIA Corporation" "c:\windows\system32\nvshell.dll"
+ "Adobe Drive CS4" "Adobe Drive Menu" "Adobe Systems Incorporated" "c:\program files\common files\adobe\adobe drive cs4\adfsmenu.dll"
+ "NvCplDesktopContext" "NVIDIA Display Properties Extension" "NVIDIA Corporation" "c:\windows\system32\nvcpl.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveshellextensions.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "LDVPMenu" "Symantec AntiVirus" "Symantec Corporation" "c:\program files\symantec\symantec endpoint protection\vpshell2.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveshellextensions.dll"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveshellextensions.dll"
+ "Groove Explorer Icon Overlay 2 (GFS Stub)" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveshellextensions.dll"
+ "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveshellextensions.dll"
+ "Groove Explorer Icon Overlay 3 (GFS Folder)" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveshellextensions.dll"
+ "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveshellextensions.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Groove GFS Browser Helper" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveshellextensions.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\jp2ssv.dll"
+ "JQSIEStartDetectorImpl Class" "Java™ Quick Starter binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll"
+ "RealPlayer Download and Record Plugin for Internet Explorer" "RealPlayer Download and Record Plugin" "RealPlayer" "c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll"
+ "Windows Live Sign-in Helper" "WindowsLiveLogin.dll" "Microsoft Corporation" "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "&Blog This in Windows Live Writer" "Windows Live Writer Blog This Extension" "Microsoft Corporation" "c:\program files\windows live\writer\writerbrowserextension.dll"
+ "S&end to OneNote" "Microsoft Office OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office12\onbttnie.dll"
+ "Windows Messenger" "Windows Messenger" "Microsoft Corporation" "c:\program files\messenger\msmsgs.exe"
"Task Scheduler" "" "" ""
+ "Adobe Flash Player Updater.job" "Adobe® Flash® Player Update Service 11.4 r402" "Adobe Systems Incorporated" "c:\windows\system32\macromed\flash\flashplayerupdateservice.exe"
+ "AppleSoftwareUpdate.job" "Apple Software Update" "Apple Inc." "c:\program files\apple software update\softwareupdate.exe"
+ "GoogleUpdateTaskMachineCore.job" "Google Installer" "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "GoogleUpdateTaskMachineUA.job" "Google Installer" "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "Microsoft Antimalware Scheduled Scan.job" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\microsoft security client\mpcmdrun.exe"
+ "PC TuneUp Maestro Scan.job" "PC TuneUp Maestro" "CompuClever Systems Inc" "c:\program files\compuclever\pc tuneup maestro\pctum.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\system32\macromed\flash\flashplayerupdateservice.exe"
+ "ccEvtMgr" "Event propagation and logging service" "Symantec Corporation" "c:\program files\common files\symantec shared\ccsvchst.exe"
+ "ccSetMgr" "Settings storage and management service" "Symantec Corporation" "c:\program files\common files\symantec shared\ccsvchst.exe"
+ "Creative Audio Engine Licensing Service" "Provides licensing services for Creative Audio Engine." "Creative Labs" "c:\program files\common files\creative labs shared\service\ctaelicensing.exe"
+ "CTAudSvcService" "Creative Audio Service" "Creative Technology Ltd" "c:\program files\creative\shared files\ctaudsvc.exe"
+ "FLEXnet Licensing Service" "This service performs licensing functions on behalf of FLEXnet enabled products." "Acresso Software Inc." "c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "JavaQuickStarterService" "Prefetches JRE files for faster startup of Java applets and applications" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\jqs.exe"
+ "LiveUpdate" "LiveUpdate Core Engine" "Symantec Corporation" "c:\program files\symantec\liveupdate\lucomserver_3_3.exe"
+ "MBAMScheduler" "Malwarebytes Anti-Malware scheduler" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamscheduler.exe"
+ "MBAMService" "Malwarebytes Anti-Malware service" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamservice.exe"
+ "MDM" "Supports local and remote debugging for Visual Studio and script debuggers. If this service is stopped, the debuggers will not function properly." "Microsoft Corporation" "c:\program files\common files\microsoft shared\vs7debug\mdm.exe"
+ "Microsoft Office Groove Audit Service" "Groove Audit Service" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveauditservice.exe"
+ "MozillaMaintenance" "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled." "Mozilla Foundation" "c:\program files\mozilla maintenance service\maintenanceservice.exe"
+ "MSCamSvc" "MsCamSvc.exe" "Microsoft Corporation" "c:\program files\microsoft lifecam\mscams32.exe"
+ "MsMpSvc" "Helps protect users from malware and other potentially unwanted software" "Microsoft Corporation" "c:\program files\microsoft security client\msmpeng.exe"
+ "MSSQLSERVER" "Provides storage, processing and controlled access of data, and rapid transaction processing." "Microsoft Corporation" "c:\program files\microsoft sql server\mssql10_50.mssqlserver\mssql\binn\sqlservr.exe"
+ "NVSvc" "Provides system and desktop level support to the NVIDIA display driver" "NVIDIA Corporation" "c:\windows\system32\nvsvc32.exe"
+ "NVWMI" "" "" "c:\windows\system32\nvwmi.exe"
+ "odserv" "Run portions of Microsoft Office Diagnostics." "Microsoft Corporation" "c:\program files\common files\microsoft shared\office12\odserv.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files\common files\microsoft shared\source engine\ose.exe"
+ "PDAgent" "This service controls PerfectDisk's scheduling and remote communication." "Raxco Software, Inc." "c:\program files\raxco\perfectdisk\pdagent.exe"
+ "PDEngine" "PerfectDisk's defrag engine" "Raxco Software, Inc." "c:\program files\common files\raxco\shared\pdengine.exe"
+ "SmcService" "Provides communication with the Symantec Protection Center. It also provides network threat protection for the client." "Symantec Corporation" "c:\program files\symantec\symantec endpoint protection\smc.exe"
+ "SNAC" "Checks that the computer complies with the defined security policy and communicates with the Symantec Enforcers to allow your computer to access the corporate network." "Symantec Corporation" "c:\program files\symantec\symantec endpoint protection\snac.exe"
+ "SQLBrowser" "Provides SQL Server connection information to client computers." "Microsoft Corporation" "c:\program files\microsoft sql server\90\shared\sqlbrowser.exe"
+ "SQLWriter" "Provides the interface to backup/restore Microsoft SQL server through the Windows VSS infrastructure." "Microsoft Corporation" "c:\program files\microsoft sql server\90\shared\sqlwriter.exe"
+ "stllssvr" "SureThing Labelflash Disc Printer Service Module" "MicroVision Development, Inc." "c:\program files\common files\surething shared\stllssvr.exe"
+ "Symantec AntiVirus" "Provides virus-scanning for Symantec Endpoint Protection." "Symantec Corporation" "c:\program files\symantec\symantec endpoint protection\rtvscan.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "a320raid" "Adaptec hostRAID for Ultra320 SCSI" "Adaptec, Inc." "c:\windows\system32\drivers\a320raid.sys"
+ "aarich" "Adaptec HostRAID for Serial ATA" "Adaptec, Inc." "c:\windows\system32\drivers\aarich.sys"
+ "adfs" "Adobe Drive File System Driver" "Adobe Systems, Inc." "c:\windows\system32\drivers\adfs.sys"
+ "cerc6" "" "" "File not found: C:\WINDOWS\System32\Drivers\cerc6.sys"
+ "Changer" "" "" "File not found: C:\WINDOWS\System32\Drivers\Changer.sys"
+ "COH_Mon" "Confidence Online v6.1 WDM driver (6,1,4,10)" "Symantec Corporation" "c:\windows\system32\drivers\coh_mon.sys"
+ "COMMONFX" "Creative Common FX Plug-in" "Creative Technology Ltd" "c:\windows\system32\drivers\commonfx.sys"
+ "COMMONFX.SYS" "Creative Common FX Plug-in" "Creative Technology Ltd" "c:\windows\system32\drivers\commonfx.sys"
+ "cpuz135" "CPUID Driver" "CPUID" "c:\windows\system32\drivers\cpuz135_x32.sys"
+ "ctac32k" "Creative AC3 SW Decoder Device Driver (WDM)" "Creative Technology Ltd" "c:\windows\system32\drivers\ctac32k.sys"
+ "ctaud2k" "Creative WDM Audio Device Driver" "Creative Technology Ltd" "c:\windows\system32\drivers\ctaud2k.sys"
+ "CTAUDFX" "Creative SB FX Plug-in" "Creative Technology Ltd" "c:\windows\system32\drivers\ctaudfx.sys"
+ "CTAUDFX.SYS" "Creative SB FX Plug-in" "Creative Technology Ltd" "c:\windows\system32\drivers\ctaudfx.sys"
+ "ctdvda2k" "Creative DVD-Audio Device Driver (WDM)" "Creative Technology Ltd" "c:\windows\system32\drivers\ctdvda2k.sys"
+ "CTERFXFX" "E-MU E-DSP Effects Plugin Module" "Creative Technology Ltd" "c:\windows\system32\drivers\cterfxfx.sys"
+ "CTERFXFX.SYS" "E-MU E-DSP Effects Plugin Module" "Creative Technology Ltd" "c:\windows\system32\drivers\cterfxfx.sys"
+ "ctprxy2k" "Creative Proxy Device Driver (WDM)" "Creative Technology Ltd" "c:\windows\system32\drivers\ctprxy2k.sys"
+ "CTSBLFX" "Creative SB FX Plug-in" "Creative Technology Ltd" "c:\windows\system32\drivers\ctsblfx.sys"
+ "CTSBLFX.SYS" "Creative SB FX Plug-in" "Creative Technology Ltd" "c:\windows\system32\drivers\ctsblfx.sys"
+ "ctsfm2k" "SoundFont® Manager (WDM)" "Creative Technology Ltd" "c:\windows\system32\drivers\ctsfm2k.sys"
+ "DefragFS" "Defragmentation Support Driver" "Raxco Software, Inc." "c:\windows\system32\drivers\defragfs.sys"
+ "DLABMFSM" "Drive Letter Access Component" "Roxio" "c:\windows\system32\drivers\dlabmfsm.sys"
+ "DLABOIOM" "Drive Letter Access Component" "Roxio" "c:\windows\system32\drivers\dlaboiom.sys"
+ "DLACDBHM" "Shared Driver Component" "Roxio" "c:\windows\system32\drivers\dlacdbhm.sys"
+ "DLADResM" "Drive Letter Access Component" "Roxio" "c:\windows\system32\drivers\dladresm.sys"
+ "DLAIFS_M" "Drive Letter Access Component" "Roxio" "c:\windows\system32\drivers\dlaifs_m.sys"
+ "DLAOPIOM" "Drive Letter Access Component" "Roxio" "c:\windows\system32\drivers\dlaopiom.sys"
+ "DLAPoolM" "Drive Letter Access Component" "Roxio" "c:\windows\system32\drivers\dlapoolm.sys"
+ "DLARTL_M" "Shared Driver Component" "Roxio" "c:\windows\system32\drivers\dlartl_m.sys"
+ "DLAUDF_M" "Drive Letter Access Component" "Roxio" "c:\windows\system32\drivers\dlaudf_m.sys"
+ "DLAUDFAM" "Drive Letter Access Component" "Roxio" "c:\windows\system32\drivers\dlaudfam.sys"
+ "DRVMCDB" "Device Driver" "Sonic Solutions" "c:\windows\system32\drivers\drvmcdb.sys"
+ "DRVNDDM" "Device Driver Manager" "Roxio" "c:\windows\system32\drivers\drvnddm.sys"
+ "E1000" "Intel® PRO/1000 Adapter NDIS 5.1 deserialized driver" "Intel Corporation" "c:\windows\system32\drivers\e1000325.sys"
+ "eeCtrl" "Symantec Eraser Control Driver" "Symantec Corporation" "c:\program files\common files\symantec shared\eengine\eectrl.sys"
+ "emupia" "E-mu Plug-in Architecture Driver (WDM)" "Creative Technology Ltd" "c:\windows\system32\drivers\emupia2k.sys"
+ "EraserUtilRebootDrv" "Symantec Eraser Utility Driver" "Symantec Corporation" "c:\program files\common files\symantec shared\eengine\eraserutilrebootdrv.sys"
+ "ha10kx2k" "Creative EMU10KX HAL (WDM)" "Creative Technology Ltd" "c:\windows\system32\drivers\ha10kx2k.sys"
+ "hap16v2k" "Creative EMU10KX-P16v HAL (WDM)" "Creative Technology Ltd" "c:\windows\system32\drivers\hap16v2k.sys"
+ "hap17v2k" "Creative EMU10KX-P17v HAL (WDM)" "Creative Technology Ltd" "c:\windows\system32\drivers\hap17v2k.sys"
+ "i2omgmt" "" "" "File not found: C:\WINDOWS\System32\Drivers\i2omgmt.sys"
+ "lbrtfdc" "" "" "File not found: C:\WINDOWS\System32\Drivers\lbrtfdc.sys"
+ "MBAMProtector" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\windows\system32\drivers\mbam.sys"
+ "MpKsl0a66aee9" "" "" "File not found: C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0A6EB8C3-56B0-416B-B0F3-51E739208FDD}\MpKsl0a66aee9.sys"
+ "NAVENG" "AV Engine" "Symantec Corporation" "c:\program files\common files\symantec shared\virusdefs\20120924.017\naveng.sys"
+ "NAVEX15" "AV Engine" "Symantec Corporation" "c:\program files\common files\symantec shared\virusdefs\20120924.017\navex15.sys"
+ "nv" "NVIDIA Compatible Windows 2000 Miniport Driver, Version 169.96 " "NVIDIA Corporation" "c:\windows\system32\drivers\nv4_mini.sys"
+ "ossrv" "Creative OS Services Driver (WDM)" "Creative Technology Ltd." "c:\windows\system32\drivers\ctoss2k.sys"
+ "PCIDump" "" "" "File not found: C:\WINDOWS\System32\Drivers\PCIDump.sys"
+ "PDCOMP" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDCOMP.sys"
+ "PDFRAME" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDFRAME.sys"
+ "PDFSFilter" "PerfectDisk File System Minifilter Driver" "Raxco Software, Inc." "c:\windows\system32\drivers\pdfsfilter.sys"
+ "PDRELI" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDRELI.sys"
+ "PDRFRAME" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDRFRAME.sys"
+ "PORTIO" "" "" "File not found: G:\JungleFlasher v0.1.75 Beta (152)\portio32.sys"
+ "Ptilink" "Direct Parallel Link Driver" "Parallel Technologies, Inc." "c:\windows\system32\drivers\ptilink.sys"
+ "PxHelp20" "Px Engine Device Driver for Windows 2000/XP" "Sonic Solutions" "c:\windows\system32\drivers\pxhelp20.sys"
+ "Secdrv" "SafeDisc driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "senfilt" "Creative WDM Audio Driver" "Creative Technology Ltd." "c:\windows\system32\drivers\senfilt.sys"
+ "smwdm" "SoundMAX Integrated Digital Audio " "Analog Devices, Inc." "c:\windows\system32\drivers\smwdm.sys"
+ "SPBBCDrv" "SPBBC Driver" "Symantec Corporation" "c:\program files\common files\symantec shared\spbbc\spbbcdrv.sys"
+ "SRTSP" "Symantec AutoProtect" "Symantec Corporation" "c:\windows\system32\drivers\srtsp.sys"
+ "SRTSPL" "Symantec AutoProtect" "Symantec Corporation" "c:\windows\system32\drivers\srtspl.sys"
+ "SRTSPX" "Symantec AutoProtect" "Symantec Corporation" "c:\windows\system32\drivers\srtspx.sys"
+ "SymEvent" "Symantec Event Library" "Symantec Corporation" "c:\windows\system32\drivers\symevent.sys"
+ "SYMREDRV" "Redirector Filter Driver" "Symantec Corporation" "c:\windows\system32\drivers\symredrv.sys"
+ "SYMTDI" "Network Dispatch Driver" "Symantec Corporation" "c:\windows\system32\drivers\symtdi.sys"
+ "tccp" "TrusCont Content Copy Protection" "TrusCont Ltd" "c:\windows\system32\drivers\tccp.sys"
+ "Teefer2" "Symantec CMC Firewall Teefer2" "Symantec Corporation" "c:\windows\system32\drivers\teefer2.sys"
+ "WDC_SAM" "Manages WD external storage products." "Western Digital Technologies" "c:\windows\system32\drivers\wdcsam.sys"
+ "WDICA" "" "" "File not found: C:\WINDOWS\System32\Drivers\WDICA.sys"
+ "WPS" "Symantec CMC Firewall WPS" "Symantec Corporation" "c:\windows\system32\drivers\wpsdrvnt.sys"
+ "WpsHelper" "Symantec Intrusion Detection - WpsHelper" "Symantec Corporation" "c:\windows\system32\drivers\wpshelper.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.iac2" "Indeo® audio software" "Intel Corporation" "c:\windows\system32\iac25_32.ax"
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
+ "msacm.sl_anet" "Audio codec for MS ACM" "Sipro Lab Telecom Inc." "c:\windows\system32\sl_anet.acm"
+ "msacm.trspch" "DSP Group TrueSpeech™ Audio Codec for MSACM V3.50" "DSP GROUP, INC." "c:\windows\system32\tssoft32.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\system32\iccvid.dll"
+ "vidc.ffds" "" "" "c:\program files\combined community codec pack\filters\ffdshow\ff_vfw.dll"
+ "vidc.iv31" "" "" "c:\windows\system32\ir32_32.dll"
+ "vidc.iv32" "" "" "c:\windows\system32\ir32_32.dll"
+ "vidc.iv41" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "vidc.iv50" "Intel Indeo® video 5.10" "Intel Corporation" "c:\windows\system32\ir50_32.dll"
"HKLM\Software\Classes\Filter" "" "" ""
+ "Indeo® video 4.4 Compression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "Indeo® video 4.4 Compression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "Indeo® video 4.4 Decompression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "Indeo® video 4.4 Decompression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "9x8Resize" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "ACELP.net Audio Decoder" "ACELP.net Audio Decoder" "Sipro Lab Telecom Inc." "c:\windows\system32\acelpdec.ax"
+ "Allocator Fix" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Audio Destination" "WAVDest Filter (Sample)" "Microsoft Corporation" "c:\program files\google\google earth\client\wavdest.ax"
+ "Bitmap" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "CoreAVC Video Decoder" "CoreAVC DirectShow Video Decoder" "CoreCodec" "c:\program files\corecodec\coreavc professional edition\coreavcdecoder.ax"
+ "CyberLink Audio Decoder" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\kernel\movie\claud.ax"
+ "CyberLink Audio Effect" "CyberLink Audio Effect Filter" "CyberLink Corporation" "c:\program files\cyberlink\powerdvd dx\kernel\movie\claudfx.ax"
+ "CyberLink Audio Spectrum Analyzer" "CLAudSpa.ax" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\kernel\movie\claudspa.ax"
+ "CyberLink Audio Wizard" "CyberLink Audio Wizard Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\kernel\movie\claudwizard.ax"
+ "CyberLink AudioCD Filter" "CyberLink AudioCD Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\kernel\movie\claudiocd.ax"
+ "CyberLink Demultiplexer" "MPEG-2 Dempltiplexer" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\kernel\movie\cldemuxer.ax"
+ "CyberLink DVD Navigator" "CyberLink DVD Navigation Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\kernel\movie\clnavx.ax"
+ "CyberLink Line21 Decoder Filter" "CyberLink Line21 Decoder Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\kernel\movie\clline21.ax"
+ "Cyberlink SubTitle Importor" "CLSubTitle.ax" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\kernel\movie\clsubtitle.ax"
+ "CyberLink TimeStretch Filter" "CLAuTS.ax" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\kernel\movie\clauts.ax"
+ "CyberLink Video Effect" "CLVidFx" "CyberLink" "c:\program files\cyberlink\powerdvd dx\kernel\movie\clvidfx.ax"
+ "CyberLink Video/SP Decoder" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\kernel\movie\clvsd.ax"
+ "DirectVobSub" "VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth" "Gabest" "c:\program files\combined community codec pack\filters\vsfilter.dll"
+ "DirectVobSub (auto-loading version)" "VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth" "Gabest" "c:\program files\combined community codec pack\filters\vsfilter.dll"
+ "ffdshow Audio Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\combined community codec pack\filters\ffdshow\ffdshow.ax"
+ "ffdshow Audio Processor" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\combined community codec pack\filters\ffdshow\ffdshow.ax"
+ "ffdshow raw video filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\combined community codec pack\filters\ffdshow\ffdshow.ax"
+ "ffdshow subtitles filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\combined community codec pack\filters\ffdshow\ffdshow.ax"
+ "ffdshow Video Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\combined community codec pack\filters\ffdshow\ffdshow.ax"
+ "Frame Eater" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Haali Matroska Muxer" "Haali Media Splitter" "" "c:\program files\haali\matroskasplitter\splitter.ax"
+ "Haali Media Splitter" "Haali Media Splitter" "" "c:\program files\haali\matroskasplitter\splitter.ax"
+ "Haali Media Splitter (AR)" "Haali Media Splitter" "" "c:\program files\haali\matroskasplitter\splitter.ax"
+ "Haali Simple Media Splitter" "Haali Media Splitter" "" "c:\program files\haali\matroskasplitter\splitter.ax"
+ "Haali Video Renderer" "" "" "c:\program files\haali\matroskasplitter\dxr.dll"
+ "Haali Video Sink" "Haali Media Splitter" "" "c:\program files\haali\matroskasplitter\splitter.ax"
+ "Indeo® audio software" "Indeo® audio software" "Intel Corporation" "c:\windows\system32\iac25_32.ax"
+ "Indeo® video 5.10 Compression Filter" "Intel Indeo® video 5.10" "Intel Corporation" "c:\windows\system32\ir50_32.dll"
+ "Indeo® video 5.10 Decompression Filter" "Intel Indeo® video 5.10" "Intel Corporation" "c:\windows\system32\ir50_32.dll"
+ "madFlac Decoder" "" "" "File not found: G:\Software\madFlac\madFlac.ax"
+ "madFlac Source" "" "" "File not found: G:\Software\madFlac\madFlac.ax"
+ "MPC - FLV Source (Gabest)" "FLV Splitter" "Gabest" "c:\program files\combined community codec pack\filters\flvsplitter.ax"
+ "MPC - FLV Splitter (Gabest)" "FLV Splitter" "Gabest" "c:\program files\combined community codec pack\filters\flvsplitter.ax"
+ "MPC - MPEG-2 Video Decoder (Gabest)" "MPEG-2 Decoder Filter for DirectShow" "Gabest" "c:\program files\combined community codec pack\filters\mpeg2decfilter.ax"
+ "MPEG Layer-3 Decoder" "MPEG Layer-3 Audio Decoder" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codecx.ax"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "Record Queue" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "ShotDetect" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Sonic Cinemaster® Audio Decoder 4.2" "SonicHDAudio" "Sonic Solutions" "c:\program files\common files\sonic shared\cinemasteraudio.dll"
+ "Sonic Cinemaster® VideoDecoder 4.1" "CinemasterVideo" "Sonic Solutions" "c:\program files\common files\sonic shared\cinemastervideo.dll"
+ "Sonic HD Demuxer" "Sonic HD Demuxer" "" "c:\program files\common files\sonic shared\sonichddemuxer.dll"
+ "Sonic HD Nav" "SonicHDNav" "" "c:\program files\common files\sonic shared\sonichdnav.dll"
+ "Stetch" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WavPack Audio Decoder" "WavPack Audio DirectShow Decoder" "-" "c:\program files\combined community codec pack\filters\wavpackdsdecoder.ax"
+ "WavPack Audio Splitter" "WavPack Audio DirectShow Splitter" "-" "c:\program files\combined community codec pack\filters\wavpackdssplitter.ax"
+ "WIA Stream Snapshot Filter" "WIA Stream Snapshot Filter" "MyCompanyName" "c:\windows\system32\wiasf.ax"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WM VIH2 Fix" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Audio Analyzer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Black Frame Generator" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DirectX Transform Wrapper" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT FormatConversion" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Import Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Interlacer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Log Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT MuxDeMux Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Screen capture Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Volume" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
"HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute" "" "" ""
+ "PDBoot.exe" "PerfectDisk Boot Time Defragmentation" "Raxco Software, Inc." "c:\windows\system32\pdboot.exe"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "hpzlnt07" "" "HP" "c:\windows\system32\hpzlnt07.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order" "" "" ""
+ "AdobeDriveCS4_NP" "Adobe Drive CS4 Network" "Adobe Systems Incorporated" "c:\program files\common files\adobe\adobe drive cs4\adobedrivecs4_np.dll"
+ "SnacNp" "Symantec SNAC Network Provider" "Symantec Corporation" "c:\program files\symantec\symantec endpoint protection\snacnp.dll"

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:12 AM

Posted 25 September 2012 - 01:13 PM

Launch Autoruns and uncheck this entry

"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "APN" "" "" "File not found: C:\Documents and Settings\Wayne\Local Settings\Application Data\Apple\APN\lxexf.dll"

Reinstall symantec and see if the error reoccurs.

Download

Windows repair tool

Extract and launch the Repair_Windows.exe file

Click on Start repairs tab-click on Start

check mark following options alone

Reset registry permissions
reset file permissions
Remove Policies Set By Infections
Repair Winsock & DNS Cache



Checkmark Restart System When Finished option
click the Start button

System should restart after repair

Let me know how system behaves

#14 R.Peter

R.Peter
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:05:12 AM

Posted 25 September 2012 - 02:56 PM

What action should I take after I " uncheck this entry

"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "APN" "" "" "File not found: C:\Documents and Settings\Wayne\Local Settings\Application Data\Apple\APN\lxexf.dll""

Save???

#15 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:12 AM

Posted 25 September 2012 - 03:36 PM

Just close the Autoruns :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users