Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

infected with gdown adware


  • Please log in to reply
32 replies to this topic

#1 Dragonlady24

Dragonlady24

  • Members
  • 703 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Fox Lake,WI
  • Local time:12:28 PM

Posted 25 September 2012 - 04:10 PM

i am using windows xp on dell dimension desktop. i am writing this from google chrome. this is the only browser i use anymore as it is the safest and fastest browser yet.
the issues i have been having lately is a really slow computer and chrome as well as any other program i am using will freeze up a lot. this has been going on since i have gotten this computer which was about 2 months ago. i really noticed the speed difference within the last month. everything just seems to take longer to load.
i downloaded malwarebytes today and decided to do a scan to see if my computer had any viruses or adware problems. after the scan was finished it had found Gdown adware and myway web search. i have also done a scan with ESET and they found the file Adware.Agent.LCKGTSG. these seem to be all from an old restore point. no other issues have happened since the scan and removal of these.

here is the log from mabam.

alwarebytes Anti-Malware (Trial) 1.65.0.1400
www.malwarebytes.org

Database version: v2012.09.25.10

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
jody :: D9HB5S61 [administrator]

Protection: Enabled

9/25/2012 1:32:09 PM
mbam-log-2012-09-25 (13-32-09).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 206273
Time elapsed: 10 minute(s), 22 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 8
HKCR\CLSID\{4D25F926-B9FE-4682-BF72-8AB8210D6D75} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{E856B973-45FD-4559-8F82-EAB539144667} (Adware.Gdown) -> Quarantined and deleted successfully.
HKCR\TypeLib\{DF058C45-CD18-453e-8745-5A77F60722AB} (Adware.Gdown) -> Quarantined and deleted successfully.
HKCR\Interface\{B5A33C35-7298-4D15-8753-A2E851E2EAB3} (Adware.Gdown) -> Quarantined and deleted successfully.
HKCR\GTDOWNDE.GTAutoFixDLCtrl.1 (Adware.Gdown) -> Quarantined and deleted successfully.
HKCR\GTDOWNDE.GTAutoFixDLCtrl (Adware.Gdown) -> Quarantined and deleted successfully.
HKCR\MyWaySearchAssistantDE.Auxiliary (Adware.MyWaySearch) -> Quarantined and deleted successfully.
HKCR\MyWaySearchAssistantDE.Auxiliary.1 (Adware.MyWaySearch) -> Quarantined and deleted successfully.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 3
C:\Program Files\MyWaySA\SrchAsDe\1.bin (PUP.MyWebSearch) -> No action taken.
C:\Program Files\MyWaySA (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWaySA\SrchAsDe (PUP.MyWebSearch) -> Quarantined and deleted successfully.

Files Detected: 1
C:\WINDOWS\SYSTEM32\GTDownDE_87.ocx (Adware.Gdown) -> Quarantined and deleted successfully.

(end)

BC AdBot (Login to Remove)

 


#2 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:28 PM

Posted 25 September 2012 - 04:30 PM

Update do a quick scan with Superantispyware remove all this finds reboot.
http://www.superantispyware.com/downloadfile.html?productid=SUPERANTISPYWAREFREE


Post the log here.



Then run a scan with eset remove all that it finds reboot your machine and if the issue persist see below.
http://www.eset.com/us/online-scanner/

When the scan finish list found threats save to clipboard post to notepad Post the log here.



Please download FarbarServiceScanner and run it on the computer with the issue.
http://download.bleepingcomputer.com/farbar/FSS.exe


Make sure the following options are checked:
Internet Services
Windows Firewall
System Restore
Security Center/Action Center
Windows Update

Press "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.
Please copy and paste the log to your reply.

Please download MINITOOLBOX and run it.
http://download.bleepingcomputer.com/farbar/MiniToolBox.exe

Checkmark following boxes:


Report IE Proxy Settings
Report FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List Devices (problems only)



Click Go and post the result.



Download Adware Cleaner run it as admin Click the delete button allow it to run and post the log it creates.

http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/2-adwcleaner


Download tdss killer

http://support.kaspersky.com/downloads/utils/tdsskiller.exe



Right Click it Run as Admin . Click on Change parameters Select TDLFS file system

Hit the Scan button Post the LOG In your next reply

Do not change the default options on scan results

#3 Dragonlady24

Dragonlady24
  • Topic Starter

  • Members
  • 703 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Fox Lake,WI
  • Local time:12:28 PM

Posted 25 September 2012 - 05:11 PM

i already did a scan with eset. so ill do the other 3

#4 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:28 PM

Posted 25 September 2012 - 05:21 PM

i already did a scan with eset. so ill do the other 3



:thumbup2:

#5 Dragonlady24

Dragonlady24
  • Topic Starter

  • Members
  • 703 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Fox Lake,WI
  • Local time:12:28 PM

Posted 25 September 2012 - 06:09 PM

tracking cookies. nothing to really worry about except for the privacy issue.
SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 09/25/2012 at 05:43 PM

Application Version : 5.5.1022

Core Rules Database Version : 9292
Trace Rules Database Version: 7104

Scan type : Quick Scan
Total Scan Time : 00:13:41

Operating System Information
Windows XP Home Edition 32-bit, Service Pack 3 (Build 5.01.2600)
Administrator

Memory items scanned : 514
Memory threats detected : 0
Registry items scanned : 28696
Registry threats detected : 0
File items scanned : 7230
File threats detected : 153

Adware.Tracking Cookie
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.doubleclick.net [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\Documents and Settings\jody\Cookies\jody@ad.yieldmanager[1].txt [ /ad.yieldmanager ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\Documents and Settings\jody\Cookies\jody@doubleclick[1].txt [ /doubleclick ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.realmedia.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\Documents and Settings\jody\Cookies\jody@server.cpmstar[1].txt [ /server.cpmstar ]
.serving-sys.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.apmebf.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.realmedia.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tacoda.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tacoda.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tacoda.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.saymedia.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.realmedia.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.realmedia.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.realmedia.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.fastclick.net [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.realmedia.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adserver.adtechus.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.saymedia.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.www.burstnet.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.burstnet.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.burstnet.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.saymedia.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.247realmedia.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.247realmedia.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.realmedia.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.network.realmedia.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
network.realmedia.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.realmedia.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
network.realmedia.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.kanoodle.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.martiniadnetwork.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.martiniadnetwork.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.martiniadnetwork.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.martiniadnetwork.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
mediaservices-d.openxenterprise.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.googleadservices.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.specificclick.net [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.apmebf.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.game-advertising-online.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.server.cpmstar.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.server.cpmstar.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.server.cpmstar.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.server.cpmstar.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tribalfusion.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.server.cpmstar.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
supremeadserver.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.doubleclick.net [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.warnerbros.112.2o7.net [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.questionmarket.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.questionmarket.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.googleadservices.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.dmtracker.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.burstnet.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.kontera.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.eset.122.2o7.net [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.kaspersky.122.2o7.net [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lucidmedia.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.yieldmanager.net [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.bs.serving-sys.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.questionmarket.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.questionmarket.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\JODY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\Documents and Settings\jody\Cookies\CPBHY6TM.txt [ /media6degrees.com ]
C:\Documents and Settings\jody\Cookies\FRHKP8ZM.txt [ /www.windowsmedia.com ]
C:\Documents and Settings\jody\Cookies\TZOOZB6C.txt [ /statcounter.com ]
C:\Documents and Settings\jody\Cookies\QRRCPIQE.txt [ /invitemedia.com ]
C:\Documents and Settings\jody\Cookies\YN4QVYLT.txt [ /amazon-adsystem.com ]

Farbar Service Scanner Version: 19-09-2012
Ran by jody (administrator) on 25-09-2012 at 18:11:08
Running from "C:\Documents and Settings\jody\My Documents\Downloads"
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
aswTdi(8) Gpc(6) IPSec(4) NetBT(5) PSched(7) Tcpip(3)
0x080000000400000001000000020000000300000008000000050000000600000007000000
IpSec Tag value is correct.

**** End of log ****

Edited by Dragonlady24, 25 September 2012 - 06:12 PM.


#6 Dragonlady24

Dragonlady24
  • Topic Starter

  • Members
  • 703 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Fox Lake,WI
  • Local time:12:28 PM

Posted 25 September 2012 - 06:15 PM

the sites in host file are ones i put in to have blocked.

MiniToolBox by Farbar Version: 23-07-2012
Ran by jody (administrator) on 25-09-2012 at 18:13:18
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.
========================= Hosts content: =================================


127.0.0.1 localhost
127.0.0.1 www.freeonlinegamesmonkey.com
127.0.0.1 www.zuhu.com
127.0.0.1 www.bearshare.com
127.0.0.1 www.searchmp3.com

========================= IP Configuration: ================================

Intel® PRO/100 VE Network Connection = Local Area Connection (Connected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : D9HB5S61

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Hybrid

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No



Ethernet adapter Local Area Connection:



Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Intel® PRO/100 VE Network Connection

Physical Address. . . . . . . . . : 00-11-11-BF-DE-F1

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.1.2

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.1.1

DHCP Server . . . . . . . . . . . : 192.168.1.1

DNS Servers . . . . . . . . . . . : 192.168.1.1

Lease Obtained. . . . . . . . . . : Tuesday, September 25, 2012 1:58:06 PM

Lease Expires . . . . . . . . . . : Wednesday, September 26, 2012 1:58:06 PM

Server: UnKnown
Address: 192.168.1.1

Name: google.com
Addresses: 74.125.225.129, 74.125.225.128, 74.125.225.133, 74.125.225.136
74.125.225.142, 74.125.225.137, 74.125.225.135, 74.125.225.131, 74.125.225.132
74.125.225.130, 74.125.225.134



Pinging google.com [74.125.225.67] with 32 bytes of data:



Reply from 74.125.225.67: bytes=32 time=37ms TTL=53

Reply from 74.125.225.67: bytes=32 time=27ms TTL=51



Ping statistics for 74.125.225.67:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 27ms, Maximum = 37ms, Average = 32ms

Server: UnKnown
Address: 192.168.1.1

Name: yahoo.com
Addresses: 98.138.253.109, 72.30.38.140, 98.139.183.24



Pinging yahoo.com [98.138.253.109] with 32 bytes of data:



Reply from 98.138.253.109: bytes=32 time=49ms TTL=50

Reply from 98.138.253.109: bytes=32 time=43ms TTL=50



Ping statistics for 98.138.253.109:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 43ms, Maximum = 49ms, Average = 46ms

Server: UnKnown
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:



Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 11 11 bf de f1 ...... Intel® PRO/100 VE Network Connection - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.2 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.1.0 255.255.255.0 192.168.1.2 192.168.1.2 20
192.168.1.2 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.1.255 255.255.255.255 192.168.1.2 192.168.1.2 20
224.0.0.0 240.0.0.0 192.168.1.2 192.168.1.2 20
255.255.255.255 255.255.255.255 192.168.1.2 192.168.1.2 1
Default Gateway: 192.168.1.1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/25/2012 01:32:18 PM) (Source: Application Hang) (User: )
Description: Hanging application mbam.exe, version 1.62.0.140, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (09/25/2012 01:32:08 PM) (Source: Application Hang) (User: )
Description: Hanging application mbam.exe, version 1.62.0.140, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (09/25/2012 01:31:20 PM) (Source: Application Hang) (User: )
Description: Hanging application mbam-setup-1.65.0.1400.tmp, version 51.52.0.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (09/22/2012 01:58:20 PM) (Source: Application Hang) (User: )
Description: Hanging application chrome.exe, version 21.0.1180.89, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (09/22/2012 01:58:19 PM) (Source: Application Hang) (User: )
Description: Hanging application chrome.exe, version 21.0.1180.89, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (09/21/2012 10:40:55 PM) (Source: Application Hang) (User: )
Description: Hanging application chrome.exe, version 21.0.1180.89, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (09/21/2012 05:09:28 PM) (Source: Application Hang) (User: )
Description: Hanging application chrome.exe, version 21.0.1180.89, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (09/21/2012 03:32:42 PM) (Source: Application Hang) (User: )
Description: Hanging application chrome.exe, version 21.0.1180.89, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (09/13/2012 11:55:39 AM) (Source: Application Hang) (User: )
Description: Hanging application chrome.exe, version 21.0.1180.89, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (09/13/2012 11:55:39 AM) (Source: Application Hang) (User: )
Description: Hanging application chrome.exe, version 21.0.1180.89, hang module hungapp, version 0.0.0.0, hang address 0x00000000.


System errors:
=============
Error: (09/25/2012 01:56:03 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
abp480n5
adpu160m
agp440
agpCPQ
Aha154x
aic78u2
aic78xx
AliIde
alim1541
amdagp
amsint
asc
asc3350p
asc3550
cbidf
cd20xrnt
CmdIde
Cpqarray
dac2w2k
dac960nt
dpti2o
hpn
i2omp
ini910u
IntelIde
mraid35x
perc2
perc2hib
ql1080
Ql10wnt
ql12160
ql1240
ql1280
sisagp
Sparrow
symc810
symc8xx
sym_hi
sym_u3
TosIde
ultra
viaagp
ViaIde

Error: (09/25/2012 01:55:57 PM) (Source: 0) (User: )
Description: 0xC0000001HarddiskVolume2

Error: (09/23/2012 07:48:47 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (09/23/2012 07:46:36 PM) (Source: DCOM) (User: D9HB5S61)
Description: DCOM got error "%%1084" attempting to start the service wuauserv with arguments ""
in order to run the server:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (09/23/2012 07:46:35 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Aavmker4
AFD
AswRdr
aswSnx
aswSP
aswTdi
Fips
intelppm
IPSec
MRxSmb
NetBIOS
NetBT
RasAcd
Rdbss
Tcpip

Error: (09/23/2012 07:46:35 PM) (Source: Service Control Manager) (User: )
Description: The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error:
%%31

Error: (09/23/2012 07:46:35 PM) (Source: Service Control Manager) (User: )
Description: The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error:
%%31

Error: (09/23/2012 07:46:35 PM) (Source: Service Control Manager) (User: )
Description: The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error:
%%31

Error: (09/23/2012 07:46:35 PM) (Source: Service Control Manager) (User: )
Description: The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error:
%%31

Error: (09/23/2012 07:45:33 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}


Microsoft Office Sessions:
=========================
Error: (09/25/2012 01:32:18 PM) (Source: Application Hang)(User: )
Description: mbam.exe1.62.0.140hungapp0.0.0.000000000

Error: (09/25/2012 01:32:08 PM) (Source: Application Hang)(User: )
Description: mbam.exe1.62.0.140hungapp0.0.0.000000000

Error: (09/25/2012 01:31:20 PM) (Source: Application Hang)(User: )
Description: mbam-setup-1.65.0.1400.tmp51.52.0.0hungapp0.0.0.000000000

Error: (09/22/2012 01:58:20 PM) (Source: Application Hang)(User: )
Description: chrome.exe21.0.1180.89hungapp0.0.0.000000000

Error: (09/22/2012 01:58:19 PM) (Source: Application Hang)(User: )
Description: chrome.exe21.0.1180.89hungapp0.0.0.000000000

Error: (09/21/2012 10:40:55 PM) (Source: Application Hang)(User: )
Description: chrome.exe21.0.1180.89hungapp0.0.0.000000000

Error: (09/21/2012 05:09:28 PM) (Source: Application Hang)(User: )
Description: chrome.exe21.0.1180.89hungapp0.0.0.000000000

Error: (09/21/2012 03:32:42 PM) (Source: Application Hang)(User: )
Description: chrome.exe21.0.1180.89hungapp0.0.0.000000000

Error: (09/13/2012 11:55:39 AM) (Source: Application Hang)(User: )
Description: chrome.exe21.0.1180.89hungapp0.0.0.000000000

Error: (09/13/2012 11:55:39 AM) (Source: Application Hang)(User: )
Description: chrome.exe21.0.1180.89hungapp0.0.0.000000000


=========================== Installed Programs ============================

ABBYY FineReader 5.0 Sprint Plus (Version: 5.0.0.3262)
Adobe Acrobat - Reader 6.0.2 Update (Version: 6.0.2)
Adobe Flash Player 11 ActiveX (Version: 11.4.402.265)
Adobe Flash Player 11 Plugin (Version: 11.4.402.265)
Adobe Reader 6.0.1 (Version: 006.000.001)
Ask Toolbar (Version: 1.17.0.0)
avast! Free Antivirus (Version: 7.0.1466.0)
Conexant D850 56K V.9x DFVc Modem
Dell Driver Reset Tool (Version: 1.02.0000)
Dell Media Experience
Dell Picture Studio v3.0 (Version: 3.0.0)
Dell Support 5.0.0 (630)
Digital Line Detect (Version: 1.10)
EarthLink setup files (Version: 2005.1.47.0)
ESET Online Scanner v3
G10A942EN (Version: 1.0.0.0)
Google Chrome (Version: 21.0.1180.89)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3230.2052)
Google Update Helper (Version: 1.3.21.123)
H&R Block Tax Offer (Version: 1.00.0000)
Intel® Extreme Graphics 2 Driver (Version: 6.14.10.4396)
Intel® PRO Network Adapters and Drivers
Intel® PROSet for Wired Connections (Version: 8.00.5000)
Internet Explorer Default Page (Version: 1.00.03)
Jasc Paint Shop Photo Album 5 (Version: 5.1.0)
Jasc Paint Shop Pro Studio, Dell Editon (Version: 1.00.0000)
Java Auto Updater (Version: 2.1.6.0)
Java™ 7 Update 5 (Version: 7.0.50)
JavaFX 2.1.1 (Version: 2.1.1)
Learn2 Player (Uninstall Only)
Malwarebytes Anti-Malware version 1.65.0.1400 (Version: 1.65.0.1400)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Download Manager (Version: 1.2.1)
Microsoft Plus! Digital Media Edition Installer (Version: 1.1.0.3514)
Microsoft Plus! Photo Story 2 LE (Version: 1.1.0.3463)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Modem Helper (Version: 2.25)
MP3 Rocket
MP3 Rocket Toolbar Updater (Version: 1.4.0.25589)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Musicmatch® Jukebox (Version: 9.00.2028)
My Way Search Assistant
My Way Search Assistant (Version: 1.0.256)
NetWaiting (Version: 2.5.12)
NetZeroInstallers (Version: 1.0.0)
PowerDVD 5.3
Qualxserve Service Agreement (Version: 1.10.0000)
QuickTime
RealPlayer Basic
SMCWUSB-G 802.11g Wireless USB 2.0 Adapter (Version: 2.0.0.00)
Sonic DLA (Version: 4.95)
Sonic RecordNow! Plus (Version: 7.3)
Sonic Update Manager (Version: 2.9)
SpywareBlaster 4.6 (Version: 4.6.0)
SUPERAntiSpyware (Version: 5.5.1022)
Unity Web Player (Version: )
Update for Windows Internet Explorer 8 (KB2598845) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB2736233) (Version: 1)
Update for Windows XP (KB898461) (Version: 1)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
Viewpoint Media Player
WebFldrs XP (Version: 9.50.7523)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Media Format 11 runtime
Windows Media Player 10 (Version: 9.00.3636)
Windows Media Player 11
Windows XP Service Pack 3 (Version: 20080414.031525)
WordPerfect Office 12 (Version: 12.0.0.238)

========================= Devices: ================================


**** End of log ****

#7 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:28 PM

Posted 25 September 2012 - 06:15 PM

As soon as we get the tdss minitool box and adware we will continue. :thumbup2:

#8 Dragonlady24

Dragonlady24
  • Topic Starter

  • Members
  • 703 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Fox Lake,WI
  • Local time:12:28 PM

Posted 25 September 2012 - 06:38 PM

As soon as we get the tdss minitool box and adware we will continue. :thumbup2:


the adware is below and the minitool is above. just need tdss. new problem. with this computer being really old all the stuff you had me download is making chrome and my computer slow.
# AdwCleaner v2.003 - Logfile created 09/25/2012 at 18:21:37
# Updated 23/09/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : jody - D9HB5S61
# Boot Mode : Normal
# Running from : C:\Documents and Settings\jody\My Documents\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
Folder Deleted : C:\DOCUME~1\jody\LOCALS~1\Temp\AskSearch
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Viewpoint
Folder Deleted : C:\Documents and Settings\jody\Local Settings\Application Data\APN
Folder Deleted : C:\Documents and Settings\jody\Local Settings\Application Data\AskToolbar
Folder Deleted : C:\Program Files\Ask.com
Folder Deleted : C:\Program Files\Viewpoint
Folder Deleted : C:\WINDOWS\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

***** [Registry] *****

Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\AskToolbar
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKLM\Software\APN
Key Deleted : HKLM\Software\AskToolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\Software\MetaStream
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Key Deleted : HKLM\Software\Viewpoint
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

Restored : [HKCU\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]

-\\ Google Chrome v21.0.1180.89

File : C:\Documents and Settings\jody\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S2].txt - [5362 octets] - [25/09/2012 18:21:37]

########## EOF - C:\AdwCleaner[S2].txt - [5422 octets] ##########

#9 Dragonlady24

Dragonlady24
  • Topic Starter

  • Members
  • 703 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Fox Lake,WI
  • Local time:12:28 PM

Posted 25 September 2012 - 06:43 PM

tdss scan i have avast and avast considers tdss a problem. ill have to disable avast the next time lol.
18:39:12.0750 3512 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
18:39:13.0546 3512 ============================================================
18:39:13.0546 3512 Current date / time: 2012/09/25 18:39:13.0546
18:39:13.0546 3512 SystemInfo:
18:39:13.0546 3512
18:39:13.0546 3512 OS Version: 5.1.2600 ServicePack: 3.0
18:39:13.0546 3512 Product type: Workstation
18:39:13.0546 3512 ComputerName: D9HB5S61
18:39:13.0562 3512 UserName: jody
18:39:13.0562 3512 Windows directory: C:\WINDOWS
18:39:13.0562 3512 System windows directory: C:\WINDOWS
18:39:13.0562 3512 Processor architecture: Intel x86
18:39:13.0562 3512 Number of processors: 1
18:39:13.0562 3512 Page size: 0x1000
18:39:13.0562 3512 Boot type: Normal boot
18:39:13.0562 3512 ============================================================
18:39:15.0703 3512 Drive \Device\Harddisk0\DR0 - Size: 0x12A05F2000 (74.51 Gb), SectorSize: 0x200, Cylinders: 0x25FE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
18:39:15.0734 3512 ============================================================
18:39:15.0734 3512 \Device\Harddisk0\DR0:
18:39:15.0734 3512 MBR partitions:
18:39:15.0734 3512 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x17886, BlocksNum 0x8EA6D9F
18:39:15.0734 3512 ============================================================
18:39:15.0796 3512 C: <-> \Device\Harddisk0\DR0\Partition1
18:39:15.0812 3512 ============================================================
18:39:15.0812 3512 Initialize success
18:39:15.0812 3512 ============================================================
18:39:19.0125 2944 ============================================================
18:39:19.0125 2944 Scan started
18:39:19.0125 2944 Mode: Manual;
18:39:19.0125 2944 ============================================================
18:39:20.0984 2944 ================ Scan system memory ========================
18:39:20.0984 2944 Scan interrupted by user!
18:39:20.0984 2944 ================ Scan services =============================
18:39:20.0984 2944 Scan interrupted by user!
18:39:20.0984 2944 ================ Scan global ===============================
18:39:20.0984 2944 Scan interrupted by user!
18:39:20.0984 2944 ================ Scan MBR ==================================
18:39:20.0984 2944 Scan interrupted by user!
18:39:20.0984 2944 ================ Scan VBR ==================================
18:39:20.0984 2944 Scan interrupted by user!
18:39:20.0984 2944 ============================================================
18:39:20.0984 2944 Scan finished
18:39:20.0984 2944 ============================================================
18:39:21.0000 3756 Detected object count: 0
18:39:21.0000 3756 Actual detected object count: 0
18:39:38.0437 3404 ============================================================
18:39:38.0437 3404 Scan started
18:39:38.0437 3404 Mode: Manual; TDLFS;
18:39:38.0437 3404 ============================================================
18:39:38.0546 3404 ================ Scan system memory ========================
18:39:38.0546 3404 System memory - ok
18:39:38.0546 3404 ================ Scan services =============================
18:39:38.0640 3404 [ 01E81C84AD1D0ACC61CF3CFD06632210 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
18:39:38.0640 3404 !SASCORE - ok
18:39:38.0765 3404 [ 0352A73CD6B1782EA3ED7A03A8268F55 ] Aavmker4 C:\WINDOWS\system32\drivers\Aavmker4.sys
18:39:38.0781 3404 Aavmker4 - ok
18:39:38.0781 3404 Abiosdsk - ok
18:39:38.0828 3404 [ 6ABB91494FE6C59089B9336452AB2EA3 ] abp480n5 C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
18:39:38.0828 3404 abp480n5 - ok
18:39:38.0875 3404 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
18:39:38.0906 3404 ACPI - ok
18:39:38.0937 3404 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
18:39:38.0937 3404 ACPIEC - ok
18:39:39.0031 3404 [ B2B64AF436FACCFA854DD397027C5360 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
18:39:39.0062 3404 AdobeFlashPlayerUpdateSvc - ok
18:39:39.0109 3404 [ 9A11864873DA202C996558B2106B0BBC ] adpu160m C:\WINDOWS\system32\DRIVERS\adpu160m.sys
18:39:39.0109 3404 adpu160m - ok
18:39:39.0140 3404 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
18:39:39.0140 3404 aec - ok
18:39:39.0203 3404 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
18:39:39.0234 3404 AFD - ok
18:39:39.0250 3404 [ 08FD04AA961BDC77FB983F328334E3D7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
18:39:39.0250 3404 agp440 - ok
18:39:39.0281 3404 [ 03A7E0922ACFE1B07D5DB2EEB0773063 ] agpCPQ C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
18:39:39.0281 3404 agpCPQ - ok
18:39:39.0296 3404 [ C23EA9B5F46C7F7910DB3EAB648FF013 ] Aha154x C:\WINDOWS\system32\DRIVERS\aha154x.sys
18:39:39.0296 3404 Aha154x - ok
18:39:39.0312 3404 [ 19DD0FB48B0C18892F70E2E7D61A1529 ] aic78u2 C:\WINDOWS\system32\DRIVERS\aic78u2.sys
18:39:39.0312 3404 aic78u2 - ok
18:39:39.0328 3404 [ B7FE594A7468AA0132DEB03FB8E34326 ] aic78xx C:\WINDOWS\system32\DRIVERS\aic78xx.sys
18:39:39.0328 3404 aic78xx - ok
18:39:39.0375 3404 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
18:39:39.0390 3404 Alerter - ok
18:39:39.0406 3404 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
18:39:39.0406 3404 ALG - ok
18:39:39.0421 3404 [ 1140AB9938809700B46BB88E46D72A96 ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys
18:39:39.0421 3404 AliIde - ok
18:39:39.0437 3404 [ CB08AED0DE2DD889A8A820CD8082D83C ] alim1541 C:\WINDOWS\system32\DRIVERS\alim1541.sys
18:39:39.0437 3404 alim1541 - ok
18:39:39.0437 3404 [ 95B4FB835E28AA1336CEEB07FD5B9398 ] amdagp C:\WINDOWS\system32\DRIVERS\amdagp.sys
18:39:39.0453 3404 amdagp - ok
18:39:39.0453 3404 [ 79F5ADD8D24BD6893F2903A3E2F3FAD6 ] amsint C:\WINDOWS\system32\DRIVERS\amsint.sys
18:39:39.0453 3404 amsint - ok
18:39:39.0468 3404 AppMgmt - ok
18:39:39.0468 3404 [ 62D318E9A0C8FC9B780008E724283707 ] asc C:\WINDOWS\system32\DRIVERS\asc.sys
18:39:39.0484 3404 asc - ok
18:39:39.0484 3404 [ 69EB0CC7714B32896CCBFD5EDCBEA447 ] asc3350p C:\WINDOWS\system32\DRIVERS\asc3350p.sys
18:39:39.0484 3404 asc3350p - ok
18:39:39.0500 3404 [ 5D8DE112AA0254B907861E9E9C31D597 ] asc3550 C:\WINDOWS\system32\DRIVERS\asc3550.sys
18:39:39.0500 3404 asc3550 - ok
18:39:39.0546 3404 [ D880831279ED91F9A4190A2DB9539EA9 ] ASCTRM C:\WINDOWS\system32\drivers\ASCTRM.sys
18:39:39.0546 3404 ASCTRM - ok
18:39:39.0640 3404 [ E1A1206A4FB19B675E947B29CCD25FBA ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
18:39:39.0640 3404 aspnet_state - ok
18:39:39.0687 3404 [ F5DC168BF77572D51BE28BA261B30CB4 ] aswFsBlk C:\WINDOWS\system32\drivers\aswFsBlk.sys
18:39:39.0687 3404 aswFsBlk - ok
18:39:39.0718 3404 [ 2B9B1DF809E965EF63402CBBA6DB50AE ] aswMon2 C:\WINDOWS\system32\drivers\aswMon2.sys
18:39:39.0718 3404 aswMon2 - ok
18:39:39.0750 3404 [ B7D5E4486BA658ED08624D8084ABB830 ] AswRdr C:\WINDOWS\system32\drivers\AswRdr.sys
18:39:39.0750 3404 AswRdr - ok
18:39:39.0781 3404 [ 30E45AF8B4D83176CA850FC9699E860B ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
18:39:39.0812 3404 aswSnx - ok
18:39:39.0843 3404 [ F04BDBCB965C05C51F4A7DE7B62063D6 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
18:39:39.0859 3404 aswSP - ok
18:39:39.0890 3404 [ DFE9152ABFA89BB8CFDC057409B2D4DA ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys
18:39:39.0890 3404 aswTdi - ok
18:39:39.0937 3404 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
18:39:39.0937 3404 AsyncMac - ok
18:39:39.0968 3404 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
18:39:39.0968 3404 atapi - ok
18:39:39.0968 3404 Atdisk - ok
18:39:40.0000 3404 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
18:39:40.0000 3404 Atmarpc - ok
18:39:40.0046 3404 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
18:39:40.0062 3404 AudioSrv - ok
18:39:40.0093 3404 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
18:39:40.0109 3404 audstub - ok
18:39:40.0203 3404 [ 04AC21E821F259845BD7367CEE057290 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
18:39:40.0203 3404 avast! Antivirus - ok
18:39:40.0250 3404 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
18:39:40.0250 3404 Beep - ok
18:39:40.0312 3404 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
18:39:40.0437 3404 BITS - ok
18:39:40.0468 3404 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
18:39:40.0468 3404 Browser - ok
18:39:40.0484 3404 bvrp_pci - ok
18:39:40.0531 3404 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
18:39:40.0531 3404 cbidf - ok
18:39:40.0531 3404 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
18:39:40.0546 3404 cbidf2k - ok
18:39:40.0562 3404 [ F3EC03299634490E97BBCE94CD2954C7 ] cd20xrnt C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
18:39:40.0562 3404 cd20xrnt - ok
18:39:40.0593 3404 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
18:39:40.0593 3404 Cdaudio - ok
18:39:40.0625 3404 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
18:39:40.0625 3404 Cdfs - ok
18:39:40.0656 3404 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
18:39:40.0656 3404 Cdrom - ok
18:39:40.0671 3404 Changer - ok
18:39:40.0718 3404 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
18:39:40.0718 3404 CiSvc - ok
18:39:40.0718 3404 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
18:39:40.0718 3404 ClipSrv - ok
18:39:40.0750 3404 [ E5DCB56C533014ECBC556A8357C929D5 ] CmdIde C:\WINDOWS\system32\DRIVERS\cmdide.sys
18:39:40.0750 3404 CmdIde - ok
18:39:40.0750 3404 COMSysApp - ok
18:39:40.0765 3404 [ 3EE529119EED34CD212A215E8C40D4B6 ] Cpqarray C:\WINDOWS\system32\DRIVERS\cpqarray.sys
18:39:40.0765 3404 Cpqarray - ok
18:39:40.0796 3404 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
18:39:40.0796 3404 CryptSvc - ok
18:39:40.0828 3404 [ E550E7418984B65A78299D248F0A7F36 ] dac2w2k C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
18:39:40.0843 3404 dac2w2k - ok
18:39:40.0843 3404 [ 683789CAA3864EB46125AE86FF677D34 ] dac960nt C:\WINDOWS\system32\DRIVERS\dac960nt.sys
18:39:40.0843 3404 dac960nt - ok
18:39:40.0890 3404 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
18:39:40.0937 3404 DcomLaunch - ok
18:39:40.0984 3404 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
18:39:40.0984 3404 Dhcp - ok
18:39:41.0031 3404 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
18:39:41.0046 3404 Disk - ok
18:39:41.0046 3404 dmadmin - ok
18:39:41.0125 3404 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
18:39:41.0156 3404 dmboot - ok
18:39:41.0203 3404 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
18:39:41.0218 3404 dmio - ok
18:39:41.0250 3404 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
18:39:41.0250 3404 dmload - ok
18:39:41.0281 3404 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
18:39:41.0281 3404 dmserver - ok
18:39:41.0312 3404 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
18:39:41.0312 3404 DMusic - ok
18:39:41.0359 3404 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
18:39:41.0359 3404 Dnscache - ok
18:39:41.0406 3404 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
18:39:41.0406 3404 Dot3svc - ok
18:39:41.0437 3404 [ 40F3B93B4E5B0126F2F5C0A7A5E22660 ] dpti2o C:\WINDOWS\system32\DRIVERS\dpti2o.sys
18:39:41.0437 3404 dpti2o - ok
18:39:41.0468 3404 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
18:39:41.0484 3404 drmkaud - ok
18:39:41.0515 3404 [ B15F9E526BA511A48B1B1B8537815740 ] drvmcdb C:\WINDOWS\system32\drivers\drvmcdb.sys
18:39:41.0531 3404 drvmcdb - ok
18:39:41.0546 3404 [ FA4670CAE95AE2BB857C68E535661145 ] drvnddm C:\WINDOWS\system32\drivers\drvnddm.sys
18:39:41.0562 3404 drvnddm - ok
18:39:41.0609 3404 [ 7D91DC6342248369F94D6EBA0CF42E99 ] E100B C:\WINDOWS\system32\DRIVERS\e100b325.sys
18:39:41.0640 3404 E100B - ok
18:39:41.0687 3404 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
18:39:41.0687 3404 EapHost - ok
18:39:41.0718 3404 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
18:39:41.0734 3404 ERSvc - ok
18:39:41.0750 3404 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
18:39:41.0765 3404 Eventlog - ok
18:39:41.0828 3404 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
18:39:41.0843 3404 EventSystem - ok
18:39:41.0859 3404 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
18:39:41.0859 3404 Fastfat - ok
18:39:41.0906 3404 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
18:39:41.0921 3404 FastUserSwitchingCompatibility - ok
18:39:41.0984 3404 [ E97D6A8684466DF94FF3BC24FB787A07 ] Fax C:\WINDOWS\system32\fxssvc.exe
18:39:42.0015 3404 Fax - ok
18:39:42.0062 3404 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
18:39:42.0062 3404 Fdc - ok
18:39:42.0109 3404 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
18:39:42.0109 3404 Fips - ok
18:39:42.0125 3404 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
18:39:42.0125 3404 Flpydisk - ok
18:39:42.0171 3404 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
18:39:42.0171 3404 FltMgr - ok
18:39:42.0203 3404 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
18:39:42.0203 3404 Fs_Rec - ok
18:39:42.0250 3404 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
18:39:42.0281 3404 Ftdisk - ok
18:39:42.0343 3404 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
18:39:42.0343 3404 Gpc - ok
18:39:42.0437 3404 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
18:39:42.0468 3404 gupdate - ok
18:39:42.0484 3404 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
18:39:42.0484 3404 gupdatem - ok
18:39:42.0546 3404 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
18:39:42.0546 3404 gusvc - ok
18:39:42.0625 3404 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
18:39:42.0625 3404 helpsvc - ok
18:39:42.0640 3404 HidServ - ok
18:39:42.0671 3404 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
18:39:42.0671 3404 HidUsb - ok
18:39:42.0734 3404 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
18:39:42.0765 3404 hkmsvc - ok
18:39:42.0796 3404 [ B028377DEA0546A5FCFBA928A8AEFAE0 ] hpn C:\WINDOWS\system32\DRIVERS\hpn.sys
18:39:42.0796 3404 hpn - ok
18:39:42.0843 3404 [ 77E4FF0B73BC0AEAAF39BF0C8104231F ] HSFHWBS2 C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
18:39:42.0875 3404 HSFHWBS2 - ok
18:39:42.0937 3404 [ 60E1604729A15EF4A3B05F298427B3B1 ] HSF_DP C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
18:39:42.0984 3404 HSF_DP - ok
18:39:43.0031 3404 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
18:39:43.0062 3404 HTTP - ok
18:39:43.0109 3404 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
18:39:43.0125 3404 HTTPFilter - ok
18:39:43.0140 3404 [ 9368670BD426EBEA5E8B18A62416EC28 ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys
18:39:43.0140 3404 i2omgmt - ok
18:39:43.0156 3404 [ F10863BF1CCC290BABD1A09188AE49E0 ] i2omp C:\WINDOWS\system32\DRIVERS\i2omp.sys
18:39:43.0171 3404 i2omp - ok
18:39:43.0187 3404 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
18:39:43.0187 3404 i8042prt - ok
18:39:43.0265 3404 [ 9A883C3C4D91292C0D09DE7C728E781C ] ialm C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
18:39:43.0296 3404 ialm - ok
18:39:43.0343 3404 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
18:39:43.0343 3404 Imapi - ok
18:39:43.0390 3404 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
18:39:43.0421 3404 ImapiService - ok
18:39:43.0437 3404 [ 4A40E045FAEE58631FD8D91AFC620719 ] ini910u C:\WINDOWS\system32\DRIVERS\ini910u.sys
18:39:43.0437 3404 ini910u - ok
18:39:43.0453 3404 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
18:39:43.0453 3404 IntelIde - ok
18:39:43.0500 3404 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
18:39:43.0500 3404 intelppm - ok
18:39:43.0531 3404 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
18:39:43.0531 3404 Ip6Fw - ok
18:39:43.0562 3404 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
18:39:43.0578 3404 IpFilterDriver - ok
18:39:43.0593 3404 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
18:39:43.0593 3404 IpInIp - ok
18:39:43.0609 3404 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
18:39:43.0625 3404 IpNat - ok
18:39:43.0671 3404 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
18:39:43.0671 3404 IPSec - ok
18:39:43.0687 3404 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
18:39:43.0687 3404 IRENUM - ok
18:39:43.0718 3404 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
18:39:43.0718 3404 isapnp - ok
18:39:43.0781 3404 [ 4F2143570D2250CA4C4A4C98553C82CD ] JavaQuickStarterService C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
18:39:43.0781 3404 JavaQuickStarterService - ok
18:39:43.0812 3404 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
18:39:43.0812 3404 Kbdclass - ok
18:39:43.0859 3404 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
18:39:43.0859 3404 kmixer - ok
18:39:43.0906 3404 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
18:39:43.0906 3404 KSecDD - ok
18:39:43.0937 3404 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
18:39:43.0953 3404 lanmanserver - ok
18:39:44.0000 3404 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
18:39:44.0046 3404 lanmanworkstation - ok
18:39:44.0046 3404 lbrtfdc - ok
18:39:44.0093 3404 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
18:39:44.0109 3404 LmHosts - ok
18:39:44.0140 3404 [ 65E794E86468B61F2BC79ABC48BC4433 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
18:39:44.0140 3404 MBAMProtector - ok
18:39:44.0187 3404 [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
18:39:44.0218 3404 MBAMScheduler - ok
18:39:44.0265 3404 [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
18:39:44.0296 3404 MBAMService - ok
18:39:44.0343 3404 [ EEAEA6514BA7C9D273B5E87C4E1AAB30 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
18:39:44.0343 3404 mdmxsdk - ok
18:39:44.0390 3404 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
18:39:44.0406 3404 Messenger - ok
18:39:44.0437 3404 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
18:39:44.0437 3404 mnmdd - ok
18:39:44.0468 3404 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
18:39:44.0484 3404 mnmsrvc - ok
18:39:44.0500 3404 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
18:39:44.0500 3404 Modem - ok
18:39:44.0515 3404 [ 1992E0D143B09653AB0F9C5E04B0FD65 ] MODEMCSA C:\WINDOWS\system32\drivers\MODEMCSA.sys
18:39:44.0515 3404 MODEMCSA - ok
18:39:44.0531 3404 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
18:39:44.0531 3404 Mouclass - ok
18:39:44.0578 3404 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
18:39:44.0578 3404 mouhid - ok
18:39:44.0609 3404 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
18:39:44.0609 3404 MountMgr - ok
18:39:44.0640 3404 [ 3F4BB95E5A44F3BE34824E8E7CAF0737 ] mraid35x C:\WINDOWS\system32\DRIVERS\mraid35x.sys
18:39:44.0640 3404 mraid35x - ok
18:39:44.0656 3404 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
18:39:44.0671 3404 MRxDAV - ok
18:39:44.0734 3404 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
18:39:44.0765 3404 MRxSmb - ok
18:39:44.0812 3404 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
18:39:44.0828 3404 MSDTC - ok
18:39:44.0843 3404 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
18:39:44.0843 3404 Msfs - ok
18:39:44.0859 3404 MSIServer - ok
18:39:44.0875 3404 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
18:39:44.0875 3404 MSKSSRV - ok
18:39:44.0921 3404 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
18:39:44.0921 3404 MSPCLOCK - ok
18:39:44.0953 3404 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
18:39:44.0953 3404 MSPQM - ok
18:39:44.0984 3404 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
18:39:44.0984 3404 mssmbios - ok
18:39:45.0015 3404 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
18:39:45.0015 3404 Mup - ok
18:39:45.0078 3404 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
18:39:45.0093 3404 napagent - ok
18:39:45.0109 3404 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
18:39:45.0125 3404 NDIS - ok
18:39:45.0171 3404 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
18:39:45.0171 3404 NdisTapi - ok
18:39:45.0203 3404 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
18:39:45.0218 3404 Ndisuio - ok
18:39:45.0234 3404 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
18:39:45.0250 3404 NdisWan - ok
18:39:45.0281 3404 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
18:39:45.0281 3404 NDProxy - ok
18:39:45.0328 3404 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
18:39:45.0328 3404 NetBIOS - ok
18:39:45.0343 3404 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
18:39:45.0359 3404 NetBT - ok
18:39:45.0390 3404 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
18:39:45.0406 3404 NetDDE - ok
18:39:45.0406 3404 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
18:39:45.0421 3404 NetDDEdsdm - ok
18:39:45.0453 3404 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
18:39:45.0468 3404 Netlogon - ok
18:39:45.0515 3404 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
18:39:45.0531 3404 Netman - ok
18:39:45.0625 3404 [ 02D0798F376FCBD0210EDA58476D0B1B ] NetSvc C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
18:39:45.0671 3404 NetSvc - ok
18:39:45.0687 3404 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
18:39:45.0703 3404 Nla - ok
18:39:45.0750 3404 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
18:39:45.0750 3404 Npfs - ok
18:39:45.0781 3404 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
18:39:45.0796 3404 Ntfs - ok
18:39:45.0812 3404 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
18:39:45.0828 3404 NtLmSsp - ok
18:39:45.0890 3404 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
18:39:45.0953 3404 NtmsSvc - ok
18:39:45.0984 3404 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
18:39:45.0984 3404 Null - ok
18:39:46.0062 3404 [ 2B298519EDBFCF451D43E0F1E8F1006D ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
18:39:46.0125 3404 nv - ok
18:39:46.0156 3404 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
18:39:46.0171 3404 NwlnkFlt - ok
18:39:46.0171 3404 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
18:39:46.0171 3404 NwlnkFwd - ok
18:39:46.0218 3404 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
18:39:46.0218 3404 Parport - ok
18:39:46.0250 3404 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
18:39:46.0250 3404 PartMgr - ok
18:39:46.0281 3404 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
18:39:46.0281 3404 ParVdm - ok
18:39:46.0312 3404 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
18:39:46.0312 3404 PCI - ok
18:39:46.0328 3404 PCIDump - ok
18:39:46.0328 3404 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
18:39:46.0328 3404 PCIIde - ok
18:39:46.0390 3404 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
18:39:46.0390 3404 Pcmcia - ok
18:39:46.0406 3404 PDCOMP - ok
18:39:46.0421 3404 PDFRAME - ok
18:39:46.0421 3404 PDRELI - ok
18:39:46.0437 3404 PDRFRAME - ok
18:39:46.0437 3404 [ 6C14B9C19BA84F73D3A86DBA11133101 ] perc2 C:\WINDOWS\system32\DRIVERS\perc2.sys
18:39:46.0437 3404 perc2 - ok
18:39:46.0453 3404 [ F50F7C27F131AFE7BEBA13E14A3B9416 ] perc2hib C:\WINDOWS\system32\DRIVERS\perc2hib.sys
18:39:46.0453 3404 perc2hib - ok
18:39:46.0500 3404 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
18:39:46.0500 3404 PlugPlay - ok
18:39:46.0515 3404 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
18:39:46.0515 3404 PolicyAgent - ok
18:39:46.0562 3404 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
18:39:46.0562 3404 PptpMiniport - ok
18:39:46.0562 3404 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
18:39:46.0578 3404 ProtectedStorage - ok
18:39:46.0593 3404 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
18:39:46.0593 3404 PSched - ok
18:39:46.0609 3404 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
18:39:46.0625 3404 Ptilink - ok
18:39:46.0640 3404 [ 30CBAE0A34359F1CD19D1576245149ED ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
18:39:46.0656 3404 PxHelp20 - ok
18:39:46.0671 3404 [ 0A63FB54039EB5662433CABA3B26DBA7 ] ql1080 C:\WINDOWS\system32\DRIVERS\ql1080.sys
18:39:46.0671 3404 ql1080 - ok
18:39:46.0687 3404 [ 6503449E1D43A0FF0201AD5CB1B8C706 ] Ql10wnt C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
18:39:46.0687 3404 Ql10wnt - ok
18:39:46.0703 3404 [ 156ED0EF20C15114CA097A34A30D8A01 ] ql12160 C:\WINDOWS\system32\DRIVERS\ql12160.sys
18:39:46.0703 3404 ql12160 - ok
18:39:46.0734 3404 [ 70F016BEBDE6D29E864C1230A07CC5E6 ] ql1240 C:\WINDOWS\system32\DRIVERS\ql1240.sys
18:39:46.0734 3404 ql1240 - ok
18:39:46.0750 3404 [ 907F0AEEA6BC451011611E732BD31FCF ] ql1280 C:\WINDOWS\system32\DRIVERS\ql1280.sys
18:39:46.0750 3404 ql1280 - ok
18:39:46.0765 3404 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
18:39:46.0765 3404 RasAcd - ok
18:39:46.0812 3404 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
18:39:46.0828 3404 RasAuto - ok
18:39:46.0843 3404 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
18:39:46.0843 3404 Rasl2tp - ok
18:39:46.0906 3404 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
18:39:46.0937 3404 RasMan - ok
18:39:46.0968 3404 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
18:39:46.0968 3404 RasPppoe - ok
18:39:47.0000 3404 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
18:39:47.0000 3404 Raspti - ok
18:39:47.0046 3404 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
18:39:47.0078 3404 Rdbss - ok
18:39:47.0093 3404 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
18:39:47.0093 3404 RDPCDD - ok
18:39:47.0156 3404 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
18:39:47.0171 3404 rdpdr - ok
18:39:47.0218 3404 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
18:39:47.0250 3404 RDPWD - ok
18:39:47.0296 3404 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
18:39:47.0312 3404 RDSessMgr - ok
18:39:47.0328 3404 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
18:39:47.0328 3404 redbook - ok
18:39:47.0375 3404 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
18:39:47.0390 3404 RemoteAccess - ok
18:39:47.0437 3404 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
18:39:47.0437 3404 RpcLocator - ok
18:39:47.0468 3404 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\system32\rpcss.dll
18:39:47.0484 3404 RpcSs - ok
18:39:47.0531 3404 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
18:39:47.0531 3404 RSVP - ok
18:39:47.0562 3404 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
18:39:47.0562 3404 SamSs - ok
18:39:47.0593 3404 [ 39763504067962108505BFF25F024345 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
18:39:47.0609 3404 SASDIFSV - ok
18:39:47.0625 3404 [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
18:39:47.0625 3404 SASKUTIL - ok
18:39:47.0656 3404 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
18:39:47.0671 3404 SCardSvr - ok
18:39:47.0718 3404 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
18:39:47.0734 3404 Schedule - ok
18:39:47.0765 3404 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
18:39:47.0765 3404 Secdrv - ok
18:39:47.0812 3404 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
18:39:47.0812 3404 seclogon - ok
18:39:47.0890 3404 [ B9C7617C1E8AB6FDFF75D3C8DAFCB4C8 ] senfilt C:\WINDOWS\system32\drivers\senfilt.sys
18:39:47.0968 3404 senfilt - ok
18:39:48.0000 3404 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
18:39:48.0015 3404 SENS - ok
18:39:48.0046 3404 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
18:39:48.0046 3404 serenum - ok
18:39:48.0062 3404 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
18:39:48.0078 3404 Serial - ok
18:39:48.0093 3404 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
18:39:48.0093 3404 Sfloppy - ok
18:39:48.0187 3404 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
18:39:48.0265 3404 SharedAccess - ok
18:39:48.0312 3404 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
18:39:48.0328 3404 ShellHWDetection - ok
18:39:48.0343 3404 Simbad - ok
18:39:48.0390 3404 [ 6B33D0EBD30DB32E27D1D78FE946A754 ] sisagp C:\WINDOWS\system32\DRIVERS\sisagp.sys
18:39:48.0390 3404 sisagp - ok
18:39:48.0453 3404 [ 86C4D93B7B7818D066C52FDB03C6C921 ] smwdm C:\WINDOWS\system32\drivers\smwdm.sys
18:39:48.0500 3404 smwdm - ok
18:39:48.0546 3404 [ 83C0F71F86D3BDAF915685F3D568B20E ] Sparrow C:\WINDOWS\system32\DRIVERS\sparrow.sys
18:39:48.0546 3404 Sparrow - ok
18:39:48.0578 3404 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
18:39:48.0578 3404 splitter - ok
18:39:48.0609 3404 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
18:39:48.0625 3404 Spooler - ok
18:39:48.0671 3404 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
18:39:48.0671 3404 sr - ok
18:39:48.0718 3404 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
18:39:48.0734 3404 srservice - ok
18:39:48.0781 3404 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
18:39:48.0828 3404 Srv - ok
18:39:48.0859 3404 [ D7968049BE0ADBB6A57CEE3960320911 ] sscdbhk5 C:\WINDOWS\system32\drivers\sscdbhk5.sys
18:39:48.0859 3404 sscdbhk5 - ok
18:39:48.0875 3404 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
18:39:48.0890 3404 SSDPSRV - ok
18:39:48.0906 3404 [ C3FFD65ABFB6441E7606CF74F1155273 ] ssrtln C:\WINDOWS\system32\drivers\ssrtln.sys
18:39:48.0906 3404 ssrtln - ok
18:39:48.0953 3404 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
18:39:49.0015 3404 stisvc - ok
18:39:49.0031 3404 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
18:39:49.0031 3404 swenum - ok
18:39:49.0078 3404 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
18:39:49.0078 3404 swmidi - ok
18:39:49.0093 3404 SwPrv - ok
18:39:49.0109 3404 [ 1FF3217614018630D0A6758630FC698C ] symc810 C:\WINDOWS\system32\DRIVERS\symc810.sys
18:39:49.0109 3404 symc810 - ok
18:39:49.0109 3404 [ 070E001D95CF725186EF8B20335F933C ] symc8xx C:\WINDOWS\system32\DRIVERS\symc8xx.sys
18:39:49.0125 3404 symc8xx - ok
18:39:49.0140 3404 [ 80AC1C4ABBE2DF3B738BF15517A51F2C ] sym_hi C:\WINDOWS\system32\DRIVERS\sym_hi.sys
18:39:49.0140 3404 sym_hi - ok
18:39:49.0156 3404 [ BF4FAB949A382A8E105F46EBB4937058 ] sym_u3 C:\WINDOWS\system32\DRIVERS\sym_u3.sys
18:39:49.0156 3404 sym_u3 - ok
18:39:49.0171 3404 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
18:39:49.0171 3404 sysaudio - ok
18:39:49.0218 3404 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
18:39:49.0234 3404 SysmonLog - ok
18:39:49.0265 3404 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
18:39:49.0281 3404 TapiSrv - ok
18:39:49.0328 3404 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
18:39:49.0343 3404 Tcpip - ok
18:39:49.0390 3404 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
18:39:49.0390 3404 TDPIPE - ok
18:39:49.0390 3404 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
18:39:49.0406 3404 TDTCP - ok
18:39:49.0437 3404 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
18:39:49.0437 3404 TermDD - ok
18:39:49.0500 3404 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
18:39:49.0531 3404 TermService - ok
18:39:49.0593 3404 [ 1D265CD2FB1673A0873BF8CEC19DDC7F ] tfsnboio C:\WINDOWS\system32\dla\tfsnboio.sys
18:39:49.0609 3404 tfsnboio - ok
18:39:49.0609 3404 [ 62E4901295E0467CAC78E5B4B131AE5C ] tfsncofs C:\WINDOWS\system32\dla\tfsncofs.sys
18:39:49.0609 3404 tfsncofs - ok
18:39:49.0625 3404 [ A2F380F9252AB3464C859ADF91EEAD9C ] tfsndrct C:\WINDOWS\system32\dla\tfsndrct.sys
18:39:49.0625 3404 tfsndrct - ok
18:39:49.0640 3404 [ EEE79BBEFE9C6A2A3CE6C8753CFEA950 ] tfsndres C:\WINDOWS\system32\dla\tfsndres.sys
18:39:49.0640 3404 tfsndres - ok
18:39:49.0656 3404 [ 9D644EB11FEC9487450C4CFCD63A5DF4 ] tfsnifs C:\WINDOWS\system32\dla\tfsnifs.sys
18:39:49.0656 3404 tfsnifs - ok
18:39:49.0671 3404 [ E656AF05C67EDB7C0E9230A5DF71ED1B ] tfsnopio C:\WINDOWS\system32\dla\tfsnopio.sys
18:39:49.0671 3404 tfsnopio - ok
18:39:49.0687 3404 [ 64FCCB9CCE703CA507DFFC3CEBF6B2CB ] tfsnpool C:\WINDOWS\system32\dla\tfsnpool.sys
18:39:49.0687 3404 tfsnpool - ok
18:39:49.0703 3404 [ 48BC9D8AB4E4B9BFF70FB18E55CEC3D6 ] tfsnudf C:\WINDOWS\system32\dla\tfsnudf.sys
18:39:49.0703 3404 tfsnudf - ok
18:39:49.0718 3404 [ 79F60822224256B49BFC855DA8D651D5 ] tfsnudfa C:\WINDOWS\system32\dla\tfsnudfa.sys
18:39:49.0718 3404 tfsnudfa - ok
18:39:49.0734 3404 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
18:39:49.0750 3404 Themes - ok
18:39:49.0765 3404 [ F2790F6AF01321B172AA62F8E1E187D9 ] TosIde C:\WINDOWS\system32\DRIVERS\toside.sys
18:39:49.0765 3404 TosIde - ok
18:39:49.0812 3404 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
18:39:49.0812 3404 TrkWks - ok
18:39:49.0843 3404 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
18:39:49.0859 3404 Udfs - ok
18:39:49.0859 3404 [ 1B698A51CD528D8DA4FFAED66DFC51B9 ] ultra C:\WINDOWS\system32\DRIVERS\ultra.sys
18:39:49.0859 3404 ultra - ok
18:39:49.0953 3404 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
18:39:49.0984 3404 Update - ok
18:39:50.0031 3404 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
18:39:50.0046 3404 upnphost - ok
18:39:50.0078 3404 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
18:39:50.0093 3404 UPS - ok
18:39:50.0125 3404 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
18:39:50.0125 3404 usbaudio - ok
18:39:50.0140 3404 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
18:39:50.0156 3404 usbccgp - ok
18:39:50.0171 3404 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
18:39:50.0171 3404 usbehci - ok
18:39:50.0203 3404 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
18:39:50.0203 3404 usbhub - ok
18:39:50.0234 3404 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
18:39:50.0234 3404 usbprint - ok
18:39:50.0234 3404 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
18:39:50.0250 3404 usbscan - ok
18:39:50.0250 3404 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
18:39:50.0250 3404 USBSTOR - ok
18:39:50.0281 3404 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
18:39:50.0281 3404 usbuhci - ok
18:39:50.0312 3404 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
18:39:50.0312 3404 VgaSave - ok
18:39:50.0359 3404 [ 754292CE5848B3738281B4F3607EAEF4 ] viaagp C:\WINDOWS\system32\DRIVERS\viaagp.sys
18:39:50.0359 3404 viaagp - ok
18:39:50.0390 3404 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
18:39:50.0390 3404 ViaIde - ok
18:39:50.0406 3404 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
18:39:50.0406 3404 VolSnap - ok
18:39:50.0468 3404 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
18:39:50.0484 3404 VSS - ok
18:39:50.0515 3404 [ 54AF4B1D5459500EF0937F6D33B1914F ] w32time C:\WINDOWS\system32\w32time.dll
18:39:50.0546 3404 w32time - ok
18:39:50.0562 3404 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
18:39:50.0562 3404 Wanarp - ok
18:39:50.0578 3404 wanatw - ok
18:39:50.0578 3404 WDICA - ok
18:39:50.0625 3404 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
18:39:50.0640 3404 wdmaud - ok
18:39:50.0671 3404 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
18:39:50.0687 3404 WebClient - ok
18:39:50.0750 3404 [ F59ED5A43B988A18EF582BB07B2327A7 ] winachsf C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
18:39:50.0796 3404 winachsf - ok
18:39:50.0875 3404 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
18:39:50.0906 3404 winmgmt - ok
18:39:50.0953 3404 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
18:39:50.0968 3404 WmdmPmSN - ok
18:39:51.0000 3404 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
18:39:51.0015 3404 WmiApSrv - ok
18:39:51.0093 3404 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
18:39:51.0140 3404 WMPNetworkSvc - ok
18:39:51.0171 3404 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\Drivers\wpdusb.sys
18:39:51.0171 3404 WpdUsb - ok
18:39:51.0234 3404 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
18:39:51.0234 3404 wscsvc - ok
18:39:51.0281 3404 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
18:39:51.0328 3404 wuauserv - ok
18:39:51.0390 3404 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
18:39:51.0390 3404 WudfPf - ok
18:39:51.0421 3404 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
18:39:51.0468 3404 WudfRd - ok
18:39:51.0500 3404 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
18:39:51.0500 3404 WudfSvc - ok
18:39:51.0562 3404 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
18:39:51.0609 3404 WZCSVC - ok
18:39:51.0671 3404 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
18:39:51.0687 3404 xmlprov - ok
18:39:51.0750 3404 [ B8F451C48E8C5580C3B4521A17A52149 ] ZD1211BU(Atheros) C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys
18:39:51.0781 3404 ZD1211BU(Atheros) - ok
18:39:51.0796 3404 [ 00AE175B903D45ED4A62384D3315DC2A ] ZDPSp50 C:\WINDOWS\system32\Drivers\ZDPSp50.sys
18:39:51.0812 3404 ZDPSp50 - ok
18:39:51.0812 3404 ================ Scan global ===============================
18:39:51.0859 3404 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
18:39:51.0937 3404 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
18:39:51.0984 3404 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
18:39:52.0000 3404 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
18:39:52.0015 3404 [Global] - ok
18:39:52.0015 3404 ================ Scan MBR ==================================
18:39:52.0031 3404 [ A03E065717CB65F3034AD33AD58B6BBA ] \Device\Harddisk0\DR0
18:39:52.0281 3404 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
18:39:52.0281 3404 \Device\Harddisk0\DR0 - detected TDSS File System (1)
18:39:52.0281 3404 ================ Scan VBR ==================================
18:39:52.0328 3404 [ 1BCBBA0962598C531443817613B91537 ] \Device\Harddisk0\DR0\Partition1
18:39:52.0328 3404 \Device\Harddisk0\DR0\Partition1 - ok
18:39:52.0328 3404 ============================================================
18:39:52.0328 3404 Scan finished
18:39:52.0328 3404 ============================================================
18:39:52.0343 3744 Detected object count: 1
18:39:52.0343 3744 Actual detected object count: 1
18:40:14.0625 3744 \Device\Harddisk0\DR0\TDLFS\cfg.ini - copied to quarantine
18:40:14.0656 3744 \Device\Harddisk0\DR0\TDLFS\mbr - copied to quarantine
18:40:14.0718 3744 \Device\Harddisk0\DR0\TDLFS\bckfg.tmp - copied to quarantine
18:40:14.0718 3744 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
18:40:31.0734 3744 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
18:40:31.0765 3744 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
18:40:32.0421 3744 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
18:40:32.0671 3744 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
18:40:33.0093 3744 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
18:40:33.0453 3744 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
18:40:33.0828 3744 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Quarantine

#10 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:28 PM

Posted 25 September 2012 - 06:51 PM

all the stuff you had me download is making chrome and my computer slow.


We will get to that i assure you that will be taken care of You can go ahead and uninstall Supersntispyware it is the only thing that could have possibly slowed you mahcine down the other stuff does not run unless you run it.So for the other programs to slow your machine that is impossible.


Please download TFC by Old Timer and save it to your desktop.
http://oldtimer.geekstogo.com/TFC.exe
Save any unsaved work. TFC will close ALL open programs including your browser!
Double-click on TFC.exe to run it. Click the Start button to begin the cleaning process and let it run uninterrupted to completion.Important! If TFC prompts you to reboot, please do so immediately.


Also open msconfig and disable everything except your antivirus and reboot.
http://www.netsquirrel.com/msconfig/index.html

Download Norman Malware Cleaner Run it Hit the quick scan>>>>>>>>Let it finish>>>>>>>>Go to the quarantine Tab>>>>>>> Tick the Select All>>>>>Then the Delete>>>>>>Quit
http://normanasa.vo.llnwd.net/o29/public/Norman_Malware_Cleaner.exe


REBoot after Norman.


Run the program below as admin hit the scan button allow it to finish then hit the delete button.

http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe



Hit the start button and type services.msc scroll down to the dns client service right click it and select properties then change the startup type to disabled.Then stop the service.

Reboot your machine.

Run Rkill post the log it creates.
http://www.bleepingcomputer.com/download/rkill/

Edited by InadequateInfirmity, 25 September 2012 - 06:54 PM.


#11 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:28 PM

Posted 25 September 2012 - 06:54 PM

Post the log from Rouge killer as well please.Also a log will appear on your desktop after you run norman please post that here.

Edited by InadequateInfirmity, 25 September 2012 - 07:05 PM.


#12 Dragonlady24

Dragonlady24
  • Topic Starter

  • Members
  • 703 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Fox Lake,WI
  • Local time:12:28 PM

Posted 25 September 2012 - 07:04 PM

why disable the dns client. i have wireless wont that stop the wireless from working?

#13 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:28 PM

Posted 25 September 2012 - 07:07 PM

why disable the dns client. i have wireless wont that stop the wireless from working?


Not needed I am typing from my machine with that service disabled it ususally slows down the internet actually.

#14 Dragonlady24

Dragonlady24
  • Topic Starter

  • Members
  • 703 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Fox Lake,WI
  • Local time:12:28 PM

Posted 25 September 2012 - 07:31 PM

ok. it seems tfc wont work. it gets to stopping processes and just hangs. that and im not sure if i should disable all these processes as most of them are needed.

Edited by Dragonlady24, 25 September 2012 - 07:35 PM.


#15 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:28 PM

Posted 25 September 2012 - 07:34 PM

Ok That usually means there is a build up of temp files Download ATF cleaner then tick all boxes and then hit empty selected.
http://www.atribune.org/downloads/ATF-Cleaner.exe

Continue with the instructions. :thumbup2:




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users