Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Being Redirected


  • Please log in to reply
19 replies to this topic

#1 sceniccityred

sceniccityred

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:05:37 AM

Posted 12 October 2012 - 09:12 PM



Hello,
I was referred by a friend who has received help on your site for their troubled computer and I am seeking the same. I am running Windows XP
and for about two weeks, when clicking on links, I am redirected to some sites I have never seen.

I have run Microsoft Security Essentials but am still having the problem.

Any help you could give me would be appreciated!

Sceniccityred


*** Mod Edit: Moved topic from to the more appropriate forum. ~ bloopie ***


Edited by bloopie, 12 October 2012 - 09:26 PM.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:37 AM

Posted 12 October 2012 - 09:13 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 sceniccityred

sceniccityred
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:05:37 AM

Posted 13 October 2012 - 02:41 PM

Thanks so much. Here is the list. I am going to reboot and see how it goes. Thanks again!

C:\Documents and Settings\Owner\My Documents\Downloads\cnet2_imdemosetup_exe.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined
C:\Documents and Settings\Owner\My Documents\Downloads\PDFCreatorSetup.exe a variant of Win32/InstallCore.F application cleaned by deleting - quarantined
C:\Documents and Settings\Owner\My Documents\Downloads\PDFReaderSetup.exe a variant of Win32/InstallCore.F application cleaned by deleting - quarantined
C:\Documents and Settings\Owner\My Documents\Downloads\clipartcollection_1339.exe a variant of Win32/InstallIQ application cleaned by deleting - quarantined
C:\Documents and Settings\Owner\My Documents\Downloads\freefileviewer_2_1283.exe a variant of Win32/InstallIQ application cleaned by deleting - quarantined
C:\Documents and Settings\Owner\My Documents\Downloads\couponprinter (14).exe probably a variant of Win32/Adware.Softomate.AD application cleaned by deleting - quarantined
C:\Documents and Settings\Owner\My Documents\Downloads\couponprinter (6).exe probably a variant of Win32/Adware.Softomate.AD application cleaned by deleting - quarantined
C:\Documents and Settings\Owner\My Documents\Downloads\PDFCreatorSetup (1).exe probably a variant of Win32/InstallCore.H application deleted - quarantined
C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Default\aadbgbgdgddhgcdageggdjdddegbdhdf\background.html Win32/BHO.OEI trojan cleaned by deleting - quarantined
C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Default\aadbgbgdgddhgcdageggdjdddegbdhdf\ContentScript.js Win32/BHO.OEI trojan cleaned by deleting - quarantined
C:\Program Files\I Want This\I Want This.dll Win32/Toolbar.CrossRider application cleaned by deleting - quarantined

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:37 AM

Posted 13 October 2012 - 02:50 PM

TDSSkiller and ASWMBR logs?

#5 sceniccityred

sceniccityred
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:05:37 AM

Posted 13 October 2012 - 04:14 PM

ASWMBR

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-10-13 16:58:21
-----------------------------
16:58:21.705 OS Version: Windows 5.1.2600 Service Pack 3
16:58:21.705 Number of processors: 1 586 0x209
16:58:21.705 ComputerName: DONNA-P1H6ZMSNM UserName: Owner
16:58:23.142 Initialize success
16:59:48.606 AVAST engine defs: 12101301
17:01:15.710 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
17:01:15.710 Disk 0 Vendor: WDC_WD3200AVJB-63WKA0 00.02C01 Size: 305245MB BusType: 3
17:01:15.742 Disk 0 MBR read successfully
17:01:15.742 Disk 0 MBR scan
17:01:16.335 Disk 0 Windows XP default MBR code
17:01:16.367 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 305234 MB offset 63
17:01:16.648 Disk 0 scanning sectors +625121280
17:01:16.992 Disk 0 scanning C:\WINDOWS\system32\drivers
17:01:55.715 Service scanning
17:02:15.092 Service MpKsl8614c0b8 c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{217414C1-8917-4592-8AB7-9D12542FAD15}\MpKsl8614c0b8.sys **LOCKED** 32
17:02:31.969 Modules scanning
17:02:37.845 Disk 0 trace - called modules:
17:02:37.876 ntoskrnl.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll pciide.sys PCIIDEX.SYS
17:02:38.282 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x82f81ab8]
17:02:38.298 3 CLASSPNP.SYS[f75a5fd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x82f90b00]
17:02:40.626 AVAST engine scan C:\WINDOWS
17:03:09.958 AVAST engine scan C:\WINDOWS\system32
17:09:08.312 AVAST engine scan C:\WINDOWS\system32\drivers
17:09:50.160 AVAST engine scan C:\Documents and Settings\Owner
17:12:52.072 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Owner\Desktop\MBR.dat"
17:12:52.103 The log file has been saved successfully to "C:\Documents and Settings\Owner\Desktop\aswMBR.txt"

#6 sceniccityred

sceniccityred
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:05:37 AM

Posted 13 October 2012 - 04:20 PM

13:32:35.0437 2220 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
13:32:35.0828 2220 ============================================================
13:32:35.0828 2220 Current date / time: 2012/10/13 13:32:35.0828
13:32:35.0828 2220 SystemInfo:
13:32:35.0828 2220
13:32:35.0828 2220 OS Version: 5.1.2600 ServicePack: 3.0
13:32:35.0828 2220 Product type: Workstation
13:32:35.0828 2220 ComputerName: DONNA-P1H6ZMSNM
13:32:35.0828 2220 UserName: Owner
13:32:35.0828 2220 Windows directory: C:\WINDOWS
13:32:35.0828 2220 System windows directory: C:\WINDOWS
13:32:35.0828 2220 Processor architecture: Intel x86
13:32:35.0828 2220 Number of processors: 1
13:32:35.0828 2220 Page size: 0x1000
13:32:35.0828 2220 Boot type: Normal boot
13:32:35.0828 2220 ============================================================
13:32:51.0109 2220 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
13:32:51.0390 2220 ============================================================
13:32:51.0390 2220 \Device\Harddisk0\DR0:
13:32:51.0687 2220 MBR partitions:
13:32:51.0734 2220 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x254297C1
13:32:51.0734 2220 ============================================================
13:32:52.0515 2220 C: <-> \Device\Harddisk0\DR0\Partition1
13:32:52.0515 2220 ============================================================
13:32:52.0515 2220 Initialize success
13:32:52.0515 2220 ============================================================
13:33:37.0234 3324 ============================================================
13:33:37.0234 3324 Scan started
13:33:37.0234 3324 Mode: Manual; TDLFS;
13:33:37.0234 3324 ============================================================
13:33:38.0968 3324 ================ Scan system memory ========================
13:33:46.0453 3324 System memory - ok
13:33:46.0453 3324 ================ Scan services =============================
13:33:50.0125 3324 Abiosdsk - ok
13:33:50.0125 3324 abp480n5 - ok
13:33:50.0640 3324 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
13:33:50.0671 3324 ACPI - ok
13:33:50.0781 3324 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
13:33:50.0781 3324 ACPIEC - ok
13:33:50.0906 3324 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
13:33:50.0921 3324 AdobeFlashPlayerUpdateSvc - ok
13:33:50.0953 3324 adpu160m - ok
13:33:51.0015 3324 [ 11C04B17ED2ABBB4833694BCD644AC90 ] aeaudio C:\WINDOWS\system32\drivers\aeaudio.sys
13:33:51.0062 3324 aeaudio - ok
13:33:51.0218 3324 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
13:33:51.0265 3324 aec - ok
13:33:51.0421 3324 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
13:33:51.0453 3324 AFD - ok
13:33:51.0468 3324 Aha154x - ok
13:33:51.0484 3324 aic78u2 - ok
13:33:51.0500 3324 aic78xx - ok
13:33:51.0625 3324 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
13:33:51.0640 3324 Alerter - ok
13:33:51.0828 3324 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
13:33:51.0843 3324 ALG - ok
13:33:51.0875 3324 AliIde - ok
13:33:51.0890 3324 amsint - ok
13:33:51.0906 3324 AppMgmt - ok
13:33:51.0921 3324 asc - ok
13:33:51.0937 3324 asc3350p - ok
13:33:51.0953 3324 asc3550 - ok
13:33:52.0046 3324 [ B979979AB8027F7F53FB16EC4229B7DB ] Aspi32 C:\WINDOWS\system32\drivers\Aspi32.sys
13:33:52.0062 3324 Aspi32 - ok
13:33:52.0921 3324 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
13:33:53.0093 3324 aspnet_state - ok
13:33:53.0218 3324 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
13:33:53.0234 3324 AsyncMac - ok
13:33:53.0281 3324 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
13:33:53.0281 3324 atapi - ok
13:33:53.0296 3324 Atdisk - ok
13:33:53.0375 3324 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
13:33:53.0421 3324 Atmarpc - ok
13:33:53.0781 3324 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
13:33:53.0796 3324 AudioSrv - ok
13:33:53.0968 3324 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
13:33:53.0968 3324 audstub - ok
13:33:54.0093 3324 [ B60F57B4D9CDBC663CC03EB8AF7EC34E ] bcm4sbxp C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
13:33:54.0125 3324 bcm4sbxp - ok
13:33:55.0140 3324 [ 41347688046D49CDE0F6D138A534F73D ] BCMModem C:\WINDOWS\system32\DRIVERS\BCMSM.sys
13:33:55.0437 3324 BCMModem - ok
13:33:55.0765 3324 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
13:33:55.0828 3324 Beep - ok
13:33:56.0500 3324 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
13:33:56.0578 3324 BITS - ok
13:33:57.0187 3324 [ 3F56903E124E820AEECE6D471583C6C1 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
13:33:58.0593 3324 Bonjour Service - ok
13:33:58.0718 3324 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
13:33:58.0718 3324 Browser - ok
13:33:58.0765 3324 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
13:33:58.0781 3324 cbidf2k - ok
13:33:58.0859 3324 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
13:33:58.0921 3324 CCDECODE - ok
13:33:58.0968 3324 cd20xrnt - ok
13:33:59.0046 3324 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
13:33:59.0062 3324 Cdaudio - ok
13:33:59.0187 3324 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
13:33:59.0203 3324 Cdfs - ok
13:33:59.0296 3324 [ 4B0A100EAF5C49EF3CCA8C641431EACC ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
13:33:59.0343 3324 Cdrom - ok
13:33:59.0359 3324 Changer - ok
13:33:59.0546 3324 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
13:33:59.0625 3324 CiSvc - ok
13:33:59.0765 3324 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
13:33:59.0781 3324 ClipSrv - ok
13:34:02.0625 3324 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:34:04.0078 3324 clr_optimization_v2.0.50727_32 - ok
13:34:04.0093 3324 CmdIde - ok
13:34:04.0109 3324 COMSysApp - ok
13:34:04.0125 3324 Cpqarray - ok
13:34:04.0203 3324 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
13:34:04.0234 3324 CryptSvc - ok
13:34:04.0250 3324 dac2w2k - ok
13:34:04.0265 3324 dac960nt - ok
13:34:04.0890 3324 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
13:34:04.0937 3324 DcomLaunch - ok
13:34:05.0031 3324 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
13:34:05.0031 3324 Dhcp - ok
13:34:05.0078 3324 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
13:34:05.0093 3324 Disk - ok
13:34:05.0093 3324 dmadmin - ok
13:34:05.0296 3324 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
13:34:05.0468 3324 dmboot - ok
13:34:05.0515 3324 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
13:34:05.0515 3324 dmio - ok
13:34:05.0609 3324 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
13:34:05.0609 3324 dmload - ok
13:34:05.0703 3324 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
13:34:05.0703 3324 dmserver - ok
13:34:05.0781 3324 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
13:34:05.0796 3324 DMusic - ok
13:34:05.0859 3324 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
13:34:05.0859 3324 Dnscache - ok
13:34:05.0968 3324 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
13:34:06.0031 3324 Dot3svc - ok
13:34:06.0046 3324 dpti2o - ok
13:34:06.0109 3324 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
13:34:06.0109 3324 drmkaud - ok
13:34:06.0218 3324 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
13:34:06.0250 3324 EapHost - ok
13:34:06.0343 3324 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
13:34:06.0359 3324 ERSvc - ok
13:34:06.0437 3324 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
13:34:06.0500 3324 Eventlog - ok
13:34:06.0640 3324 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\System32\es.dll
13:34:06.0671 3324 EventSystem - ok
13:34:06.0718 3324 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
13:34:06.0734 3324 Fastfat - ok
13:34:06.0828 3324 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
13:34:06.0828 3324 FastUserSwitchingCompatibility - ok
13:34:06.0890 3324 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
13:34:06.0921 3324 Fdc - ok
13:34:06.0968 3324 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
13:34:06.0984 3324 Fips - ok
13:34:07.0031 3324 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
13:34:07.0046 3324 Flpydisk - ok
13:34:07.0109 3324 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
13:34:07.0125 3324 FltMgr - ok
13:34:07.0281 3324 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
13:34:07.0281 3324 FontCache3.0.0.0 - ok
13:34:07.0328 3324 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
13:34:07.0328 3324 Fs_Rec - ok
13:34:07.0343 3324 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
13:34:07.0359 3324 Ftdisk - ok
13:34:07.0421 3324 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
13:34:07.0421 3324 Gpc - ok
13:34:07.0546 3324 [ 626A24ED1228580B9518C01930936DF9 ] gupdate1cabbc8d86f3320 C:\Program Files\Google\Update\GoogleUpdate.exe
13:34:07.0562 3324 gupdate1cabbc8d86f3320 - ok
13:34:07.0593 3324 [ 626A24ED1228580B9518C01930936DF9 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
13:34:07.0593 3324 gupdatem - ok
13:34:07.0718 3324 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
13:34:07.0734 3324 helpsvc - ok
13:34:07.0750 3324 HidServ - ok
13:34:07.0812 3324 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
13:34:07.0812 3324 hidusb - ok
13:34:07.0875 3324 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
13:34:07.0890 3324 hkmsvc - ok
13:34:07.0906 3324 hpn - ok
13:34:07.0968 3324 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
13:34:08.0000 3324 HTTP - ok
13:34:08.0062 3324 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
13:34:08.0078 3324 HTTPFilter - ok
13:34:08.0093 3324 i2omgmt - ok
13:34:08.0109 3324 i2omp - ok
13:34:08.0125 3324 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
13:34:08.0140 3324 i8042prt - ok
13:34:08.0218 3324 [ 1406D6EF4436AEE970EFE13193123965 ] ialm C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
13:34:08.0234 3324 ialm - ok
13:34:08.0421 3324 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
13:34:08.0546 3324 idsvc - ok
13:34:08.0640 3324 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
13:34:08.0656 3324 Imapi - ok
13:34:08.0828 3324 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\System32\imapi.exe
13:34:08.0859 3324 ImapiService - ok
13:34:08.0937 3324 ini910u - ok
13:34:09.0000 3324 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
13:34:09.0000 3324 IntelIde - ok
13:34:09.0093 3324 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
13:34:09.0109 3324 intelppm - ok
13:34:09.0156 3324 [ 3BB22519A194418D5FEC05D800A19AD0 ] ip6fw C:\WINDOWS\system32\drivers\ip6fw.sys
13:34:09.0156 3324 ip6fw - ok
13:34:09.0234 3324 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
13:34:09.0265 3324 IpFilterDriver - ok
13:34:09.0312 3324 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
13:34:09.0312 3324 IpInIp - ok
13:34:09.0375 3324 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
13:34:09.0390 3324 IpNat - ok
13:34:09.0421 3324 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
13:34:09.0421 3324 IPSec - ok
13:34:09.0468 3324 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
13:34:09.0500 3324 IRENUM - ok
13:34:09.0562 3324 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
13:34:09.0578 3324 isapnp - ok
13:34:09.0843 3324 [ 0A5709543986843D37A92290B7838340 ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
13:34:09.0859 3324 JavaQuickStarterService - ok
13:34:09.0921 3324 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
13:34:09.0921 3324 Kbdclass - ok
13:34:09.0953 3324 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
13:34:09.0968 3324 kmixer - ok
13:34:10.0265 3324 [ 162A5E3A691B903111526147C8D29E6D ] Kodak AiO Network Discovery Service C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe
13:34:10.0296 3324 Kodak AiO Network Discovery Service - ok
13:34:10.0390 3324 [ B5E53FCA219A6491E9A1BA146A5D2452 ] Kodak AiO Status Monitor Service C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
13:34:10.0437 3324 Kodak AiO Status Monitor Service - ok
13:34:10.0500 3324 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
13:34:10.0515 3324 KSecDD - ok
13:34:10.0593 3324 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
13:34:10.0625 3324 lanmanserver - ok
13:34:10.0687 3324 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
13:34:10.0703 3324 lanmanworkstation - ok
13:34:10.0765 3324 Lbd - ok
13:34:10.0781 3324 lbrtfdc - ok
13:34:10.0890 3324 [ E19C8550B4C6C67FABFFD998EACF440A ] LexBceS C:\WINDOWS\system32\LEXBCES.EXE
13:34:10.0921 3324 LexBceS - ok
13:34:11.0000 3324 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
13:34:11.0000 3324 LmHosts - ok
13:34:11.0171 3324 [ 9A3D4FC6B86E7E36473079AB76AC703D ] LVcKap C:\WINDOWS\system32\DRIVERS\LVcKap.sys
13:34:13.0328 3324 LVcKap - ok
13:34:13.0765 3324 [ 0ACBC11F19320AF6C19F2E20013D9095 ] LVMVDrv C:\WINDOWS\system32\DRIVERS\LVMVDrv.sys
13:34:14.0453 3324 LVMVDrv - ok
13:34:14.0578 3324 [ A005CEE9BE199C5E375FAA559CA9A7A9 ] LVSrvLauncher C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
13:34:14.0625 3324 LVSrvLauncher - ok
13:34:14.0640 3324 LVUSBSta - ok
13:34:14.0718 3324 MCSTRM - ok
13:34:14.0796 3324 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
13:34:14.0828 3324 Messenger - ok
13:34:14.0890 3324 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
13:34:14.0921 3324 mnmdd - ok
13:34:14.0984 3324 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\System32\mnmsrvc.exe
13:34:14.0984 3324 mnmsrvc - ok
13:34:15.0046 3324 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
13:34:15.0062 3324 Modem - ok
13:34:15.0125 3324 [ 1992E0D143B09653AB0F9C5E04B0FD65 ] MODEMCSA C:\WINDOWS\system32\drivers\MODEMCSA.sys
13:34:15.0125 3324 MODEMCSA - ok
13:34:15.0171 3324 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
13:34:15.0171 3324 Mouclass - ok
13:34:15.0250 3324 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
13:34:15.0265 3324 mouhid - ok
13:34:15.0312 3324 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
13:34:15.0312 3324 MountMgr - ok
13:34:15.0390 3324 [ EE728AF83850DDAD9A3FCAC0AAB3AD97 ] MpFilter C:\WINDOWS\system32\DRIVERS\MpFilter.sys
13:34:15.0406 3324 MpFilter - ok
13:34:15.0421 3324 mraid35x - ok
13:34:15.0484 3324 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
13:34:15.0484 3324 MRxDAV - ok
13:34:15.0687 3324 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
13:34:15.0750 3324 MRxSmb - ok
13:34:15.0812 3324 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\System32\msdtc.exe
13:34:15.0859 3324 MSDTC - ok
13:34:16.0015 3324 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
13:34:16.0031 3324 Msfs - ok
13:34:16.0062 3324 MSIServer - ok
13:34:16.0093 3324 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
13:34:16.0109 3324 MSKSSRV - ok
13:34:16.0265 3324 [ E077FCA2A7E79FB9BF67D3E30B5CE593 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
13:34:16.0328 3324 MsMpSvc - ok
13:34:16.0375 3324 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
13:34:16.0421 3324 MSPCLOCK - ok
13:34:16.0437 3324 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
13:34:16.0453 3324 MSPQM - ok
13:34:16.0500 3324 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
13:34:16.0515 3324 mssmbios - ok
13:34:16.0578 3324 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
13:34:16.0640 3324 MSTEE - ok
13:34:16.0718 3324 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
13:34:16.0718 3324 Mup - ok
13:34:16.0796 3324 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
13:34:16.0828 3324 NABTSFEC - ok
13:34:16.0953 3324 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
13:34:17.0015 3324 napagent - ok
13:34:17.0109 3324 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
13:34:17.0125 3324 NDIS - ok
13:34:17.0187 3324 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
13:34:17.0218 3324 NdisIP - ok
13:34:17.0281 3324 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
13:34:17.0296 3324 NdisTapi - ok
13:34:17.0359 3324 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
13:34:17.0375 3324 Ndisuio - ok
13:34:17.0453 3324 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
13:34:17.0453 3324 NdisWan - ok
13:34:17.0515 3324 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
13:34:17.0515 3324 NDProxy - ok
13:34:17.0593 3324 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
13:34:17.0609 3324 NetBIOS - ok
13:34:17.0687 3324 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
13:34:17.0734 3324 NetBT - ok
13:34:17.0812 3324 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
13:34:17.0875 3324 NetDDE - ok
13:34:17.0890 3324 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
13:34:17.0890 3324 NetDDEdsdm - ok
13:34:17.0953 3324 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\System32\lsass.exe
13:34:17.0953 3324 Netlogon - ok
13:34:18.0062 3324 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
13:34:18.0093 3324 Netman - ok
13:34:18.0171 3324 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:34:18.0218 3324 NetTcpPortSharing - ok
13:34:18.0281 3324 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
13:34:18.0359 3324 Nla - ok
13:34:18.0406 3324 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
13:34:18.0406 3324 Npfs - ok
13:34:18.0468 3324 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
13:34:18.0500 3324 Ntfs - ok
13:34:18.0515 3324 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\System32\lsass.exe
13:34:18.0515 3324 NtLmSsp - ok
13:34:18.0593 3324 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
13:34:18.0656 3324 NtmsSvc - ok
13:34:18.0687 3324 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
13:34:18.0687 3324 Null - ok
13:34:18.0750 3324 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
13:34:18.0750 3324 NwlnkFlt - ok
13:34:18.0765 3324 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
13:34:18.0765 3324 NwlnkFwd - ok
13:34:18.0859 3324 [ CEC7E2C6C1FA00C7AB2F5434F848AE51 ] OMCI C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS
13:34:19.0125 3324 OMCI - ok
13:34:19.0203 3324 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
13:34:19.0203 3324 Parport - ok
13:34:19.0265 3324 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
13:34:19.0265 3324 PartMgr - ok
13:34:19.0328 3324 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
13:34:19.0328 3324 ParVdm - ok
13:34:19.0375 3324 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
13:34:19.0390 3324 PCI - ok
13:34:19.0406 3324 PCIDump - ok
13:34:19.0453 3324 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
13:34:19.0468 3324 PCIIde - ok
13:34:19.0515 3324 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
13:34:19.0546 3324 Pcmcia - ok
13:34:19.0562 3324 PDCOMP - ok
13:34:19.0578 3324 PDFRAME - ok
13:34:19.0593 3324 PDRELI - ok
13:34:19.0609 3324 PDRFRAME - ok
13:34:19.0625 3324 pepifilter - ok
13:34:19.0640 3324 perc2 - ok
13:34:19.0656 3324 perc2hib - ok
13:34:19.0703 3324 PID_PEPI - ok
13:34:19.0750 3324 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
13:34:19.0750 3324 PlugPlay - ok
13:34:19.0765 3324 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\System32\lsass.exe
13:34:19.0765 3324 PolicyAgent - ok
13:34:19.0796 3324 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
13:34:19.0796 3324 PptpMiniport - ok
13:34:19.0828 3324 [ A32BEBAF723557681BFC6BD93E98BD26 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
13:34:19.0828 3324 Processor - ok
13:34:19.0843 3324 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
13:34:19.0843 3324 ProtectedStorage - ok
13:34:19.0859 3324 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
13:34:19.0859 3324 PSched - ok
13:34:19.0875 3324 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
13:34:19.0890 3324 Ptilink - ok
13:34:19.0890 3324 ql1080 - ok
13:34:19.0906 3324 Ql10wnt - ok
13:34:19.0921 3324 ql12160 - ok
13:34:19.0937 3324 ql1240 - ok
13:34:19.0953 3324 ql1280 - ok
13:34:19.0968 3324 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
13:34:19.0968 3324 RasAcd - ok
13:34:20.0015 3324 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
13:34:20.0015 3324 RasAuto - ok
13:34:20.0062 3324 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
13:34:20.0062 3324 Rasl2tp - ok
13:34:20.0125 3324 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
13:34:20.0171 3324 RasMan - ok
13:34:20.0187 3324 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
13:34:20.0187 3324 RasPppoe - ok
13:34:20.0203 3324 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
13:34:20.0218 3324 Raspti - ok
13:34:20.0281 3324 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
13:34:20.0359 3324 Rdbss - ok
13:34:20.0593 3324 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
13:34:20.0609 3324 RDPCDD - ok
13:34:20.0687 3324 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
13:34:20.0703 3324 RDPWD - ok
13:34:20.0796 3324 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
13:34:20.0812 3324 RDSessMgr - ok
13:34:20.0875 3324 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
13:34:20.0890 3324 redbook - ok
13:34:20.0921 3324 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
13:34:20.0953 3324 RemoteAccess - ok
13:34:21.0000 3324 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\System32\locator.exe
13:34:21.0000 3324 RpcLocator - ok
13:34:21.0062 3324 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\system32\rpcss.dll
13:34:21.0078 3324 RpcSs - ok
13:34:21.0125 3324 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\System32\rsvp.exe
13:34:21.0125 3324 RSVP - ok
13:34:21.0171 3324 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
13:34:21.0171 3324 SamSs - ok
13:34:21.0218 3324 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
13:34:21.0234 3324 SCardSvr - ok
13:34:21.0281 3324 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
13:34:21.0296 3324 Schedule - ok
13:34:21.0343 3324 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
13:34:21.0359 3324 Secdrv - ok
13:34:21.0390 3324 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
13:34:21.0390 3324 seclogon - ok
13:34:21.0421 3324 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
13:34:21.0421 3324 SENS - ok
13:34:21.0437 3324 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
13:34:21.0437 3324 serenum - ok
13:34:21.0453 3324 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
13:34:21.0453 3324 Serial - ok
13:34:21.0500 3324 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
13:34:21.0500 3324 Sfloppy - ok
13:34:21.0593 3324 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
13:34:21.0625 3324 SharedAccess - ok
13:34:21.0656 3324 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
13:34:21.0671 3324 ShellHWDetection - ok
13:34:21.0687 3324 Simbad - ok
13:34:21.0750 3324 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
13:34:21.0781 3324 SLIP - ok
13:34:21.0906 3324 [ 31FD0707C7DBE715234F2823B27214FE ] smwdm C:\WINDOWS\system32\drivers\smwdm.sys
13:34:22.0000 3324 smwdm - ok
13:34:22.0109 3324 [ A1ECEEAA5C5E74B2499EB51D38185B84 ] SONYPVU1 C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
13:34:22.0125 3324 SONYPVU1 - ok
13:34:22.0140 3324 Sparrow - ok
13:34:22.0203 3324 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
13:34:22.0203 3324 splitter - ok
13:34:22.0265 3324 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
13:34:22.0265 3324 Spooler - ok
13:34:22.0296 3324 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
13:34:22.0312 3324 sr - ok
13:34:22.0375 3324 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\System32\srsvc.dll
13:34:22.0390 3324 srservice - ok
13:34:22.0453 3324 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
13:34:22.0468 3324 Srv - ok
13:34:22.0500 3324 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
13:34:22.0515 3324 SSDPSRV - ok
13:34:22.0609 3324 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
13:34:22.0625 3324 stisvc - ok
13:34:22.0671 3324 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
13:34:22.0671 3324 streamip - ok
13:34:22.0781 3324 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
13:34:22.0781 3324 swenum - ok
13:34:22.0812 3324 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
13:34:22.0812 3324 swmidi - ok
13:34:22.0828 3324 SwPrv - ok
13:34:22.0859 3324 symc810 - ok
13:34:22.0875 3324 symc8xx - ok
13:34:22.0875 3324 sym_hi - ok
13:34:22.0890 3324 sym_u3 - ok
13:34:22.0953 3324 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
13:34:22.0968 3324 sysaudio - ok
13:34:23.0015 3324 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
13:34:23.0031 3324 SysmonLog - ok
13:34:23.0109 3324 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
13:34:23.0125 3324 TapiSrv - ok
13:34:23.0218 3324 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
13:34:23.0234 3324 Tcpip - ok
13:34:23.0281 3324 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
13:34:23.0312 3324 TDPIPE - ok
13:34:23.0343 3324 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
13:34:23.0343 3324 TDTCP - ok
13:34:23.0406 3324 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
13:34:23.0421 3324 TermDD - ok
13:34:23.0468 3324 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
13:34:23.0500 3324 TermService - ok
13:34:23.0531 3324 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
13:34:23.0531 3324 Themes - ok
13:34:23.0546 3324 TosIde - ok
13:34:23.0578 3324 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
13:34:23.0609 3324 TrkWks - ok
13:34:23.0656 3324 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
13:34:23.0687 3324 Udfs - ok
13:34:23.0718 3324 ultra - ok
13:34:23.0828 3324 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
13:34:23.0859 3324 Update - ok
13:34:23.0906 3324 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
13:34:23.0921 3324 upnphost - ok
13:34:23.0984 3324 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
13:34:24.0000 3324 UPS - ok
13:34:24.0062 3324 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
13:34:24.0062 3324 usbaudio - ok
13:34:24.0140 3324 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
13:34:24.0156 3324 usbccgp - ok
13:34:24.0218 3324 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
13:34:24.0218 3324 usbehci - ok
13:34:24.0281 3324 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
13:34:24.0296 3324 usbhub - ok
13:34:24.0375 3324 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
13:34:24.0375 3324 usbprint - ok
13:34:24.0453 3324 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
13:34:24.0484 3324 usbscan - ok
13:34:24.0531 3324 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
13:34:24.0562 3324 USBSTOR - ok
13:34:24.0593 3324 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
13:34:24.0609 3324 usbuhci - ok
13:34:24.0640 3324 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
13:34:24.0656 3324 VgaSave - ok
13:34:24.0671 3324 ViaIde - ok
13:34:24.0828 3324 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
13:34:24.0843 3324 VolSnap - ok
13:34:24.0937 3324 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
13:34:24.0953 3324 VSS - ok
13:34:25.0031 3324 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\System32\w32time.dll
13:34:25.0062 3324 W32Time - ok
13:34:25.0093 3324 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
13:34:25.0109 3324 Wanarp - ok
13:34:25.0125 3324 WDICA - ok
13:34:25.0156 3324 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
13:34:25.0171 3324 wdmaud - ok
13:34:25.0234 3324 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
13:34:25.0250 3324 WebClient - ok
13:34:25.0421 3324 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
13:34:25.0421 3324 winmgmt - ok
13:34:25.0500 3324 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
13:34:25.0500 3324 WmdmPmSN - ok
13:34:25.0562 3324 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\System32\wbem\wmiapsrv.exe
13:34:25.0609 3324 WmiApSrv - ok
13:34:25.0859 3324 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
13:34:26.0046 3324 WMPNetworkSvc - ok
13:34:26.0109 3324 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
13:34:26.0109 3324 WpdUsb - ok
13:34:26.0203 3324 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
13:34:26.0203 3324 wscsvc - ok
13:34:26.0265 3324 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
13:34:26.0265 3324 WSTCODEC - ok
13:34:26.0328 3324 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
13:34:26.0328 3324 wuauserv - ok
13:34:26.0421 3324 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
13:34:26.0453 3324 WudfPf - ok
13:34:26.0484 3324 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
13:34:26.0515 3324 WudfRd - ok
13:34:26.0578 3324 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
13:34:26.0593 3324 WudfSvc - ok
13:34:26.0765 3324 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
13:34:26.0812 3324 WZCSVC - ok
13:34:26.0890 3324 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
13:34:26.0921 3324 xmlprov - ok
13:34:27.0078 3324 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
13:34:27.0125 3324 YahooAUService - ok
13:34:27.0234 3324 [ FD1F4E9CF06C71C8D73A24ACF18D8296 ] {6080A529-897E-4629-A488-ABA0C29B635E} C:\WINDOWS\system32\drivers\ialmsbw.sys
13:34:27.0250 3324 {6080A529-897E-4629-A488-ABA0C29B635E} - ok
13:34:27.0281 3324 [ D4D7331D33D1FA73E588E5CE0D90A4C1 ] {D31A0762-0CEB-444e-ACFF-B049A1F6FE91} C:\WINDOWS\system32\drivers\ialmkchw.sys
13:34:27.0281 3324 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91} - ok
13:34:27.0296 3324 ================ Scan global ===============================
13:34:27.0390 3324 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
13:34:27.0468 3324 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
13:34:27.0515 3324 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
13:34:27.0546 3324 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
13:34:27.0546 3324 [Global] - ok
13:34:27.0562 3324 ================ Scan MBR ==================================
13:34:27.0593 3324 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
13:34:29.0125 3324 \Device\Harddisk0\DR0 - ok
13:34:29.0125 3324 ================ Scan VBR ==================================
13:34:29.0140 3324 [ 1C46DCA58252706B340ECF7B35F5F151 ] \Device\Harddisk0\DR0\Partition1
13:34:29.0140 3324 \Device\Harddisk0\DR0\Partition1 - ok
13:34:29.0140 3324 ============================================================
13:34:29.0140 3324 Scan finished
13:34:29.0140 3324 ============================================================
13:34:29.0234 2388 Detected object count: 0
13:34:29.0234 2388 Actual detected object count: 0
15:42:07.0062 2632 Deinitialize success

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:37 AM

Posted 13 October 2012 - 04:22 PM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

#8 sceniccityred

sceniccityred
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:05:37 AM

Posted 14 October 2012 - 07:56 PM

Log for Malware Bytes:
Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Database version: v2012.10.14.08

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Owner :: DONNA-P1H6ZMSNM [administrator]

10/14/2012 7:15:35 PM
mbam-log-2012-10-14 (19-15-35).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 285732
Time elapsed: 1 hour(s), 38 minute(s), 5 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 20
HKCU\SOFTWARE\I WANT THIS (PUP.GamesPlayLab) -> No action taken.
HKLM\SOFTWARE\Google\Chrome\Extensions\mpfapcdfbbledbojijcbcclmlieaoogk (PUP.GamesPlayLab) -> No action taken.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\mpfapcdfbbledbojijcbcclmlieaoogk (PUP.GamesPlayLab) -> No action taken.
HKCR\CLSID\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKCR\TypeLib\{44444444-4444-4444-4444-440044224458} (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKCR\Interface\{55555555-5555-5555-5555-550055225558} (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKCR\CrossriderApp0002258.BHO.1 (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKCR\CLSID\{22222222-2222-2222-2222-220022222258} (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKCR\CrossriderApp0002258.Sandbox.1 (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKCR\CrossriderApp0002258.Sandbox (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKCR\CLSID\{33333333-3333-3333-3333-330033223358} (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKCR\CrossriderApp0002258.FBApi.1 (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKCR\CrossriderApp0002258.FBApi (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{65bcd620-07dd-012f-819f-073cf1b8f7c6} (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKCR\CrossriderApp0002258.BHO (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\I Want This (Adware.GamePlayLabs) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\CROSSRIDER (Adware.GamePlayLab) -> Quarantined and deleted successfully.

Registry Values Detected: 3
HKCU\Software\I Want This|HelperRunningVersion (PUP.GamesPlayLab) -> Data: 149 -> No action taken.
HKCU\Software\Crossrider|215AppVerifier (Adware.GamePlayLab) -> Data: 19a3df7ccf8d537537b3a180ed0f1015 -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\I Want This|Publisher (Adware.GamePlayLab) -> Data: 215 Apps -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 3
C:\Program Files\I Want This (Adware.GamePlayLab) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Application Data\I Want This (Adware.GamePlayLab) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Application Data\I Want This\Chrome (Adware.GamePlayLab) -> Quarantined and deleted successfully.

Files Detected: 10
C:\Program Files\I Want This\I Want This.exe (Adware.GamePlayLabs) -> Quarantined and deleted successfully.
C:\Program Files\I Want This\I Want ThisGui.exe (Adware.GamePlayLabs) -> Quarantined and deleted successfully.
C:\Program Files\I Want This\Uninstall.exe (Adware.GamePlayLabs) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB72B945-46CE-4066-AD2C-3F9C3E4D1DAB}\RP1902\A0096454.dll (Adware.GamePlayLabs) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB72B945-46CE-4066-AD2C-3F9C3E4D1DAB}\RP1902\A0096455.exe (Adware.GamePlayLabs) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB72B945-46CE-4066-AD2C-3F9C3E4D1DAB}\RP1902\A0096458.exe (Adware.GamePlayLabs) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB72B945-46CE-4066-AD2C-3F9C3E4D1DAB}\RP1902\A0096459.exe (Adware.GamePlayLabs) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EB72B945-46CE-4066-AD2C-3F9C3E4D1DAB}\RP1915\A0097903.dll (Adware.GamePlayLabs) -> Quarantined and deleted successfully.
C:\Program Files\I Want This\I Want This.ini (Adware.GamePlayLab) -> Quarantined and deleted successfully.
C:\Program Files\I Want This\I Want This.ico (Adware.GamePlayLab) -> Quarantined and deleted successfully.

(end)

#9 sceniccityred

sceniccityred
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:05:37 AM

Posted 14 October 2012 - 08:06 PM

Mini Toolbox Log:
MiniToolBox by Farbar Version: 23-07-2012
Ran by Owner (administrator) on 14-10-2012 at 21:04:40
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================


127.0.0.1 localhost

========================= IP Configuration: ================================

Broadcom 440x 10/100 Integrated Controller = Local Area Connection (Connected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : donna-p1h6zmsnm

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Unknown

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No

DNS Suffix Search List. . . . . . : hsd1.tn.comcast.net.



Ethernet adapter Local Area Connection:



Connection-specific DNS Suffix . : hsd1.tn.comcast.net.

Description . . . . . . . . . . . : Broadcom 440x 10/100 Integrated Controller

Physical Address. . . . . . . . . : 00-0D-56-56-1F-74

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 10.0.0.12

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 10.0.0.1

DHCP Server . . . . . . . . . . . : 10.0.0.1

DNS Servers . . . . . . . . . . . : 75.75.75.75

75.75.76.76

Lease Obtained. . . . . . . . . . : Sunday, October 14, 2012 8:59:17 PM

Lease Expires . . . . . . . . . . : Sunday, October 21, 2012 8:59:17 PM

Server: cdns01.comcast.net
Address: 75.75.75.75

Name: google.com
Addresses: 74.125.137.139, 74.125.137.102, 74.125.137.138, 74.125.137.100
74.125.137.101, 74.125.137.113



Pinging google.com [74.125.137.102] with 32 bytes of data:



Reply from 74.125.137.102: bytes=32 time=25ms TTL=45

Reply from 74.125.137.102: bytes=32 time=33ms TTL=45



Ping statistics for 74.125.137.102:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 25ms, Maximum = 33ms, Average = 29ms

Server: cdns01.comcast.net
Address: 75.75.75.75

Name: yahoo.com
Addresses: 98.138.253.109, 98.139.183.24, 72.30.38.140



Pinging yahoo.com [72.30.38.140] with 32 bytes of data:



Reply from 72.30.38.140: bytes=32 time=250ms TTL=47

Reply from 72.30.38.140: bytes=32 time=92ms TTL=47



Ping statistics for 72.30.38.140:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 92ms, Maximum = 250ms, Average = 171ms

Server: cdns01.comcast.net
Address: 75.75.75.75

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:



Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 0d 56 56 1f 74 ...... Broadcom 440x 10/100 Integrated Controller - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.0.0.1 10.0.0.12 20
10.0.0.0 255.255.255.0 10.0.0.12 10.0.0.12 20
10.0.0.12 255.255.255.255 127.0.0.1 127.0.0.1 20
10.255.255.255 255.255.255.255 10.0.0.12 10.0.0.12 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
169.254.0.0 255.255.0.0 10.0.0.12 10.0.0.12 20
224.0.0.0 240.0.0.0 10.0.0.12 10.0.0.12 20
255.255.255.255 255.255.255.255 10.0.0.12 10.0.0.12 1
Default Gateway: 10.0.0.1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [147456] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/06/2012 04:03:14 PM) (Source: MPSampleSubmission) (User: )
Description: EventType avsubmit, P1 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P2 1.1.8800.0, P3 1.137.1239.0, P4 1.137.1239.0, P5 backdoor_win32_qakbot.o, P6 NIL, P7 NIL, P8 NIL, P9 avsubmit0, P10 avsubmit1.

Error: (10/06/2012 05:57:14 AM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P2 4.1.522.0, P3 timeout, P4 1.1.8800.0, P5 fixed, P6 1 _ 1024, P7 5 _ not boot, P8 NIL, P9 mptelemetry0, P10 mptelemetry1.

Error: (09/29/2012 07:22:10 AM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P2 4.0.1526.0, P3 timeout, P4 1.1.8800.0, P5 fixed, P6 1 _ 1024, P7 5 _ not boot, P8 NIL, P9 mptelemetry0, P10 mptelemetry1.

Error: (09/16/2012 10:43:37 AM) (Source: Microsoft Office 10) (User: )
Description: Rejected Safe Mode action : Microsoft Word.

Error: (09/06/2012 09:37:14 AM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (08/07/2012 06:11:36 PM) (Source: .NET Runtime 2.0 Error Reporting) (User: )
Description: Faulting application aiohomecenter.exe, version 4.2.7.7, stamp 4a790ef0, faulting module kds.ds, version 9.53.16.0, stamp 4a6e68e1, debug? 0, fault address 0x000192da.

Error: (08/07/2012 06:10:29 PM) (Source: .NET Runtime 2.0 Error Reporting) (User: )
Description: Faulting application aiohomecenter.exe, version 4.2.7.7, stamp 4a790ef0, faulting module kds.ds, version 9.53.16.0, stamp 4a6e68e1, debug? 0, fault address 0x000192da.

Error: (08/07/2012 06:09:38 PM) (Source: .NET Runtime 2.0 Error Reporting) (User: )
Description: Faulting application aiohomecenter.exe, version 4.2.7.7, stamp 4a790ef0, faulting module kds.ds, version 9.53.16.0, stamp 4a6e68e1, debug? 0, fault address 0x000192da.

Error: (08/07/2012 06:05:37 PM) (Source: .NET Runtime 2.0 Error Reporting) (User: )
Description: Faulting application aiohomecenter.exe, version 4.2.7.7, stamp 4a790ef0, faulting module kds.ds, version 9.53.16.0, stamp 4a6e68e1, debug? 0, fault address 0x000192da.

Error: (08/07/2012 06:04:31 PM) (Source: .NET Runtime 2.0 Error Reporting) (User: )
Description: Faulting application aiohomecenter.exe, version 4.2.7.7, stamp 4a790ef0, faulting module kds.ds, version 9.53.16.0, stamp 4a6e68e1, debug? 0, fault address 0x000192da.


System errors:
=============
Error: (10/14/2012 08:59:34 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
IntelIde
Lbd

Error: (10/14/2012 08:59:30 PM) (Source: Service Control Manager) (User: )
Description: The MCSTRM service failed to start due to the following error:
%%2

Error: (10/13/2012 03:44:28 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Lbd

Error: (10/13/2012 03:44:25 PM) (Source: Service Control Manager) (User: )
Description: The MCSTRM service failed to start due to the following error:
%%2

Error: (10/12/2012 10:09:29 PM) (Source: 0) (User: )
Description: \Device\LanmanDatagramReceiverMIKENetBT_Tcpip_{2B036602-9D3F-4D4D-A679

Error: (10/11/2012 08:12:29 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Lbd

Error: (10/11/2012 08:12:25 AM) (Source: Service Control Manager) (User: )
Description: The MCSTRM service failed to start due to the following error:
%%2

Error: (10/10/2012 10:09:19 PM) (Source: 0) (User: )
Description: \Device\LanmanDatagramReceiverMIKENetBT_Tcpip_{2B036602-9D3F-4D4D-A679

Error: (10/07/2012 08:11:44 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Lbd

Error: (10/07/2012 08:11:41 AM) (Source: Service Control Manager) (User: )
Description: The MCSTRM service failed to start due to the following error:
%%2


Microsoft Office Sessions:
=========================
Error: (10/06/2012 04:03:14 PM) (Source: MPSampleSubmission)(User: )
Description: avsubmitmicrosoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094)1.1.8800.01.137.1239.01.137.1239.0backdoor_win32_qakbot.oNILNILNILNILNIL

Error: (10/06/2012 05:57:14 AM) (Source: MPSampleSubmission)(User: )
Description: mptelemetrymicrosoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094)4.1.522.0timeout1.1.8800.0fixed1 _ 10245 _ not bootNILNILNIL

Error: (09/29/2012 07:22:10 AM) (Source: MPSampleSubmission)(User: )
Description: mptelemetrymicrosoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094)4.0.1526.0timeout1.1.8800.0fixed1 _ 10245 _ not bootNILNILNIL

Error: (09/16/2012 10:43:37 AM) (Source: Microsoft Office 10)(User: )
Description: Microsoft WordWord failed to start correctly last time. Starting Word in safe mode will help you correct or isolate a startup problem in order to successfully start the program. Some functionality may be disabled in this mode.

Do you want to start Word in safe mode?

Error: (09/06/2012 09:37:14 AM) (Source: Application Hang)(User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000

Error: (08/07/2012 06:11:36 PM) (Source: .NET Runtime 2.0 Error Reporting)(User: )
Description: aiohomecenter.exe4.2.7.74a790ef0kds.ds9.53.16.04a6e68e10000192da

Error: (08/07/2012 06:10:29 PM) (Source: .NET Runtime 2.0 Error Reporting)(User: )
Description: aiohomecenter.exe4.2.7.74a790ef0kds.ds9.53.16.04a6e68e10000192da

Error: (08/07/2012 06:09:38 PM) (Source: .NET Runtime 2.0 Error Reporting)(User: )
Description: aiohomecenter.exe4.2.7.74a790ef0kds.ds9.53.16.04a6e68e10000192da

Error: (08/07/2012 06:05:37 PM) (Source: .NET Runtime 2.0 Error Reporting)(User: )
Description: aiohomecenter.exe4.2.7.74a790ef0kds.ds9.53.16.04a6e68e10000192da

Error: (08/07/2012 06:04:31 PM) (Source: .NET Runtime 2.0 Error Reporting)(User: )
Description: aiohomecenter.exe4.2.7.74a790ef0kds.ds9.53.16.04a6e68e10000192da


=========================== Installed Programs ============================

Adobe Flash Player 10 Plugin (Version: 10.0.45.2)
Adobe Flash Player 11 ActiveX (Version: 11.4.402.287)
Adobe Reader X (10.1.4) (Version: 10.1.4)
aioprnt (Version: 5.3.1.0)
aioscnnr (Version: 6.2.3.10)
aioscnnr (Version: 7.3.4.0)
Apple Software Update (Version: 2.1.1.116)
BCM V.92 56K Modem
Bonjour (Version: 1.0.106)
Broadcom 440x 10/100 Integrated Controller (Version: 3.29)
C4USelfUpdater (Version: 1.00.0000)
center (Version: 6.2.5.0)
Clip Art Collection (Version: 1.0.0.0)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Coupon Printer for Windows (Version: 4.0)
Coupon Printer for Windows (Version: 5.0.0.0)
Critical Update for Windows Media Player 11 (KB959772)
Dell ResourceCD
ESET Online Scanner v3
essentials (Version: 6.0.14.0)
GIMP 2.8.0 (Version: 2.8.0)
Google Chrome (Version: 22.0.1229.94)
Google Gmail Notifier
Google Talk (remove only)
Google Talk Plugin (Version: 3.9.1.9832)
Google Toolbar for Internet Explorer
Google Update Helper (Version: 1.3.21.123)
GoToMeeting 5.3.0.1009 (Version: 5.3.0.1009)
InstallIQ Updater (Version: 1.4.3.0)
Intel® Extreme Graphics Driver
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 31 (Version: 6.0.310)
Kodak AIO Printer (Version: 7.5.0.0)
KODAK AiO Software (Version: 7.5.9.60)
ksDIP (Version: 3.20.0000.0000)
Logitech Audio Echo Cancellation Component (Version: 10.51.2027)
Logitech Video Enumerator (Version: 10.51.2027)
Malwarebytes Anti-Malware version 1.65.0.1400 (Version: 1.65.0.1400)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Security Client (Version: 4.1.0522.0)
Microsoft Security Essentials (Version: 4.1.522.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Word 2002 (Version: 10.0.6626.0)
Microsoft Works 2002 Setup Launcher
Microsoft Works 6.0 (Version: 06.00.0000)
Microsoft Works Suite Add-in for Microsoft Word (Version: 2.0.0.0000)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 6.0 Parser (Version: 6.10.1129.0)
MVision (Version: 10.51.2027)
ocr (Version: 6.2.3.50)
Photo Viewer 3.10 (with Outlook Sync)
PreReq (Version: 6.2.4.0)
QuickTime (Version: 7.62.14.0)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer (Version: 15.0.4)
RealUpgrade 1.1 (Version: 1.1.0)
SoundMAX
Spelling Dictionaries Support For Adobe Reader 9 (Version: 9.0.0)
Unity Web Player (Version: 2.6.1f3_31223)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Windows Internet Explorer 8 (KB973874) (Version: 1)
Update for Windows Internet Explorer 8 (KB976662) (Version: 1)
Update for Windows Internet Explorer 8 (KB976749) (Version: 1)
Update for Windows Internet Explorer 8 (KB980182) (Version: 1)
Update for Windows XP (KB2141007) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2607712) (Version: 1)
Update for Windows XP (KB2616676) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2661254-v2) (Version: 2)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB2736233) (Version: 1)
Update for Windows XP (KB2749655) (Version: 1)
Update for Windows XP (KB951072-v2) (Version: 2)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB955839) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (Version: 9.0.30729.01)
WebFldrs XP (Version: 9.50.6513)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 7 (Version: 20070813.185237)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Media Format 11 runtime
Windows XP Service Pack 3 (Version: 20080414.031525)
Works Suite OS Pack (Version: 1.0.0.0000)
Works Synchronization (Version: 1.0.0.0000)
Yahoo! BrowserPlus 2.9.8
Yahoo! Software Update

========================= Memory info: ===================================

Percentage of memory in use: 72%
Total physical RAM: 766 MB
Available physical RAM: 210.98 MB
Total Pagefile: 1876.64 MB
Available Pagefile: 1095.96 MB
Total Virtual: 2047.88 MB
Available Virtual: 1970.44 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:298.08 GB) (Free:266.65 GB) NTFS

========================= Users: ========================================

User accounts for \\DONNA-P1H6ZMSNM

Administrator Guest HelpAssistant
Owner SUPPORT_388945a0

========================= Restore Points ==================================

17-07-2012 06:35:03 Software Distribution Service 3.0
18-07-2012 12:29:55 Software Distribution Service 3.0
19-07-2012 06:32:38 Software Distribution Service 3.0
20-07-2012 06:31:59 Software Distribution Service 3.0
21-07-2012 06:32:23 Software Distribution Service 3.0
22-07-2012 06:32:49 Software Distribution Service 3.0
23-07-2012 06:32:49 Software Distribution Service 3.0
24-07-2012 06:33:19 Software Distribution Service 3.0
25-07-2012 06:31:47 Software Distribution Service 3.0
26-07-2012 06:33:12 Software Distribution Service 3.0
27-07-2012 06:32:41 Software Distribution Service 3.0
28-07-2012 06:33:08 Software Distribution Service 3.0
29-07-2012 06:41:26 Software Distribution Service 3.0
29-07-2012 21:06:20 Software Distribution Service 3.0
30-07-2012 06:41:02 Software Distribution Service 3.0
31-07-2012 07:03:26 System Checkpoint
31-07-2012 07:05:12 Software Distribution Service 3.0
31-07-2012 18:11:24 Software Distribution Service 3.0
01-08-2012 07:05:01 Software Distribution Service 3.0
01-08-2012 18:11:25 Software Distribution Service 3.0
02-08-2012 07:04:51 Software Distribution Service 3.0
02-08-2012 18:12:48 Software Distribution Service 3.0
03-08-2012 07:05:07 Software Distribution Service 3.0
04-08-2012 07:04:58 Software Distribution Service 3.0
04-08-2012 18:13:04 Software Distribution Service 3.0
05-08-2012 07:04:54 Software Distribution Service 3.0
05-08-2012 18:11:16 Software Distribution Service 3.0
06-08-2012 07:04:26 Software Distribution Service 3.0
06-08-2012 18:10:33 Software Distribution Service 3.0
07-08-2012 07:04:16 Software Distribution Service 3.0
07-08-2012 18:11:09 Software Distribution Service 3.0
08-08-2012 07:26:31 Software Distribution Service 3.0
08-08-2012 22:36:49 Software Distribution Service 3.0
09-08-2012 07:25:14 Software Distribution Service 3.0
09-08-2012 22:35:39 Software Distribution Service 3.0
10-08-2012 07:26:19 Software Distribution Service 3.0
10-08-2012 22:36:20 Software Distribution Service 3.0
11-08-2012 07:26:05 Software Distribution Service 3.0
11-08-2012 22:36:40 Software Distribution Service 3.0
12-08-2012 07:26:01 Software Distribution Service 3.0
12-08-2012 22:36:21 Software Distribution Service 3.0
13-08-2012 07:25:38 Software Distribution Service 3.0
13-08-2012 22:37:02 Software Distribution Service 3.0
14-08-2012 07:26:00 Software Distribution Service 3.0
14-08-2012 22:37:09 Software Distribution Service 3.0
15-08-2012 07:00:31 Software Distribution Service 3.0
15-08-2012 07:25:16 Software Distribution Service 3.0
16-08-2012 07:26:18 System Checkpoint
16-08-2012 07:30:19 Software Distribution Service 3.0
17-08-2012 08:26:19 System Checkpoint
18-08-2012 07:29:01 Software Distribution Service 3.0
19-08-2012 06:58:31 Software Distribution Service 3.0
20-08-2012 00:19:29 Software Distribution Service 3.0
20-08-2012 06:57:23 Software Distribution Service 3.0
21-08-2012 00:18:53 Software Distribution Service 3.0
21-08-2012 06:57:50 Software Distribution Service 3.0
22-08-2012 00:19:14 Software Distribution Service 3.0
23-08-2012 00:58:33 System Checkpoint
23-08-2012 07:19:25 Software Distribution Service 3.0
23-08-2012 12:08:16 Software Distribution Service 3.0
24-08-2012 07:18:52 Software Distribution Service 3.0
25-08-2012 07:20:33 Software Distribution Service 3.0
26-08-2012 07:20:15 Software Distribution Service 3.0
26-08-2012 12:05:21 Software Distribution Service 3.0
27-08-2012 07:20:34 Software Distribution Service 3.0
28-08-2012 07:19:34 Software Distribution Service 3.0
28-08-2012 12:07:00 Software Distribution Service 3.0
29-08-2012 07:20:27 Software Distribution Service 3.0
29-08-2012 12:06:17 Software Distribution Service 3.0
30-08-2012 07:19:52 Software Distribution Service 3.0
30-08-2012 12:06:16 Software Distribution Service 3.0
31-08-2012 07:20:33 Software Distribution Service 3.0
31-08-2012 12:06:17 Software Distribution Service 3.0
01-09-2012 07:19:29 Software Distribution Service 3.0
01-09-2012 12:06:24 Software Distribution Service 3.0
02-09-2012 12:33:43 Software Distribution Service 3.0
03-09-2012 07:29:16 Software Distribution Service 3.0
03-09-2012 23:39:48 Software Distribution Service 3.0
04-09-2012 07:29:16 Software Distribution Service 3.0
04-09-2012 23:40:24 Software Distribution Service 3.0
05-09-2012 07:29:15 Software Distribution Service 3.0
05-09-2012 23:40:16 Software Distribution Service 3.0
06-09-2012 23:40:32 Software Distribution Service 3.0
07-09-2012 07:29:10 Software Distribution Service 3.0
07-09-2012 23:40:21 Software Distribution Service 3.0
08-09-2012 07:28:43 Software Distribution Service 3.0
08-09-2012 23:39:52 Software Distribution Service 3.0
09-09-2012 07:28:49 Software Distribution Service 3.0
09-09-2012 23:40:00 Software Distribution Service 3.0
10-09-2012 07:28:29 Software Distribution Service 3.0
10-09-2012 23:40:11 Software Distribution Service 3.0
11-09-2012 07:28:09 Software Distribution Service 3.0
11-09-2012 23:40:36 Software Distribution Service 3.0
12-09-2012 23:50:03 System Checkpoint
13-09-2012 07:00:15 Software Distribution Service 3.0
13-09-2012 07:23:52 Software Distribution Service 3.0
13-09-2012 12:44:15 Software Distribution Service 3.0
14-09-2012 07:24:57 Software Distribution Service 3.0
14-09-2012 12:44:27 Software Distribution Service 3.0
15-09-2012 07:24:28 Software Distribution Service 3.0
15-09-2012 12:43:53 Software Distribution Service 3.0
16-09-2012 07:24:33 Software Distribution Service 3.0
16-09-2012 12:43:52 Software Distribution Service 3.0
17-09-2012 07:25:41 Software Distribution Service 3.0
17-09-2012 12:47:21 Software Distribution Service 3.0
18-09-2012 07:23:54 Software Distribution Service 3.0
18-09-2012 12:43:57 Software Distribution Service 3.0
19-09-2012 07:24:24 Software Distribution Service 3.0
20-09-2012 07:25:14 Software Distribution Service 3.0
20-09-2012 12:44:05 Software Distribution Service 3.0
21-09-2012 07:24:32 Software Distribution Service 3.0
21-09-2012 12:44:01 Software Distribution Service 3.0
22-09-2012 07:00:30 Software Distribution Service 3.0
22-09-2012 07:24:48 Software Distribution Service 3.0
23-09-2012 07:09:10 Software Distribution Service 3.0
24-09-2012 07:08:17 Software Distribution Service 3.0
25-09-2012 07:08:48 Software Distribution Service 3.0
26-09-2012 12:21:29 Software Distribution Service 3.0
27-09-2012 12:41:48 Software Distribution Service 3.0
28-09-2012 07:09:06 Software Distribution Service 3.0
29-09-2012 11:34:14 Software Distribution Service 3.0
30-09-2012 07:09:38 Software Distribution Service 3.0
30-09-2012 13:57:23 Software Distribution Service 3.0
01-10-2012 07:08:16 Software Distribution Service 3.0
01-10-2012 13:54:46 Software Distribution Service 3.0
02-10-2012 11:35:08 Software Distribution Service 3.0
02-10-2012 23:08:57 Software Distribution Service 3.0
03-10-2012 23:34:02 System Checkpoint
04-10-2012 07:13:42 Software Distribution Service 3.0
05-10-2012 13:22:49 Software Distribution Service 3.0
06-10-2012 14:15:09 Software Distribution Service 3.0
06-10-2012 20:18:50 Restore Operation
06-10-2012 20:30:09 Software Distribution Service 3.0
07-10-2012 11:46:45 Software Distribution Service 3.0
08-10-2012 07:08:11 Software Distribution Service 3.0
08-10-2012 12:23:03 Software Distribution Service 3.0
09-10-2012 13:02:13 System Checkpoint
09-10-2012 21:10:43 Software Distribution Service 3.0
10-10-2012 07:08:27 Software Distribution Service 3.0
10-10-2012 21:01:30 Software Distribution Service 3.0
11-10-2012 11:51:22 Software Distribution Service 3.0
12-10-2012 06:38:36 Software Distribution Service 3.0
12-10-2012 12:25:15 Software Distribution Service 3.0
13-10-2012 17:34:36 Software Distribution Service 3.0
14-10-2012 06:46:16 Software Distribution Service 3.0
14-10-2012 19:55:23 Software Distribution Service 3.0

**** End of log ****

#10 sceniccityred

sceniccityred
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:05:37 AM

Posted 14 October 2012 - 08:07 PM

Farbar Log:
Farbar Service Scanner Version: 07-10-2012
Ran by Owner (administrator) on 14-10-2012 at 21:07:13
Running from "C:\Documents and Settings\Owner\My Documents\Downloads"
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
Gpc(3) IPSec(5) NetBT(6) PSched(7) Tcpip(4)
0x080000000500000001000000020000000300000004000000080000000600000007000000
IpSec Tag value is correct.

**** End of log ****

#11 sceniccityred

sceniccityred
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:05:37 AM

Posted 14 October 2012 - 08:13 PM

Adware Cleaner Log:
# AdwCleaner v2.005 - Logfile created 10/14/2012 at 21:08:53
# Updated 14/10/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Owner - DONNA-P1H6ZMSNM
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Owner\My Documents\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Documents and Settings\All Users\Application Data\Trymedia
Folder Deleted : C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\databases\chrome-extension_mpfapcdfbbledbojijcbcclmlieaoogk_0

***** [Registry] *****

Key Deleted : HKCU\Software\Cr_Installer
Key Deleted : HKCU\Software\I Want This
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660066226658}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{77777777-7777-7777-7777-770077227758}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\mpfapcdfbbledbojijcbcclmlieaoogk
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\I Want This
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

-\\ Google Chrome v [Unable to get version]

File : C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [1923 octets] - [14/10/2012 21:08:53]

########## EOF - C:\AdwCleaner[S1].txt - [1983 octets] ##########

#12 sceniccityred

sceniccityred
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:05:37 AM

Posted 14 October 2012 - 08:30 PM

Junkware Removal Tool (JRT) by Thisisu
Version: 1.6.0 (10.14.2012)
OS: Microsoft Windows XP x86
Ran by Owner on Sun 10/14/2012 at 21:14:21.50
Blog: http://thisisudax.blogspot.com
**************************************************************




*** Services: 0 Detections



*** Registry Values: 0 Detections



*** Registry Keys: 0 Detections



*** Files:

Successfully deleted: [FILE] C:\Program Files\coupons\Coupons.ico
Successfully deleted: [FILE] C:\Program Files\coupons\CouponsDotCom.url
Successfully deleted: [FILE] C:\Program Files\coupons\uninstall.exe



*** Folders:

Successfully deleted: [FOLDER] "C:\Program Files\coupons"



*** Event Viewer Logs - NOT cleared





**************************************************************
Scan was completed on Sun 10/14/2012 at 21:26:01.31
End of Report

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:37 AM

Posted 15 October 2012 - 12:25 AM

Remove infections detected by malwarebytes,run a scan again and post the clean log

Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#14 sceniccityred

sceniccityred
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:05:37 AM

Posted 15 October 2012 - 12:43 AM

Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 10/15/2012 01:40:44 AM in x86 mode.
Windows Version: Microsoft Windows XP Service Pack 3

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\WINDOWS\system32\LEXBCES.EXE (PID: 1456) [WD-HEUR]
* C:\WINDOWS\system32\LEXPPS.EXE (PID: 1488) [WD-HEUR]

2 proccesses terminated!

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost

Program finished at: 10/15/2012 01:41:40 AM
Execution time: 0 hours(s), 0 minute(s), and 56 seconds(s)

#15 sceniccityred

sceniccityred
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:05:37 AM

Posted 15 October 2012 - 12:49 AM

Autoruns log:

"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files\common files\adobe\arm\1.0\adobearm.exe"
+ "BCMSMMSG" "Modem Messaging Applet" "Broadcom Corporation" "c:\windows\bcmsmmsg.exe"
+ "EKIJ5000StatusMonitor" "Status Monitor for KODAK AiO Printer (32-Bit Intel® Pentium™ 4 Optimized Build)" "Eastman Kodak Company" "c:\windows\system32\spool\drivers\w32x86\3\ekij5000mui.exe"
+ "googletalk" "Google Talk" "Google" "c:\program files\google\google talk\googletalk.exe"
+ "HotKeysCmds" "hkcmd Module" "Intel Corporation" "c:\windows\system32\hkcmd.exe"
+ "IgfxTray" "igfxTray Module" "Intel Corporation" "c:\windows\system32\igfxtray.exe"
+ "Microsoft Works Portfolio" "Microsoft® Works PortFolio" "Microsoft® Corporation" "c:\program files\microsoft works\wkssb.exe"
+ "Microsoft Works Update Detection" "Microsoft® Works Update Detection" "Microsoft® Corporation" "c:\program files\common files\microsoft shared\works shared\wkufind.exe"
+ "MSC" "Microsoft Security Client User Interface" "Microsoft Corporation" "c:\program files\microsoft security client\msseces.exe"
+ "QuickTime Task" "QuickTime Task" "Apple Inc." "c:\program files\quicktime\qttask.exe"
+ "TkBellExe" "RealNetworks Scheduler" "RealNetworks, Inc." "c:\program files\real\realplayer\update\realsched.exe"
+ "WorksFUD" "Microsoft® Works Marketing Feature" "Microsoft® Corporation" "c:\program files\microsoft works\wkfud.exe"
+ "{0228e555-4f9c-4e35-a3ec-b109a192b4c2}" "Gmail Notifier" "Google Inc." "c:\program files\google\gmail notifier\gnotify.exe"
"C:\Documents and Settings\All Users\Start Menu\Programs\Startup" "" "" ""
+ "Microsoft Office.lnk" "Microsoft Office XP component" "Microsoft Corporation" "c:\program files\microsoft office\office10\osa.exe"
+ "Microsoft Works Calendar Reminders.lnk" "Microsoft® Works Calendar Reminder Service" "Microsoft® Corporation" "c:\program files\common files\microsoft shared\works shared\wkcalrem.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Address Book 6" "Outlook Express Setup Library" "Microsoft Corporation" "c:\program files\outlook express\setup50.exe"
+ "Microsoft Outlook Express 6" "Outlook Express Setup Library" "Microsoft Corporation" "c:\program files\outlook express\setup50.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Google Update" "Google Installer" "Google Inc." "c:\documents and settings\owner\local settings\application data\google\update\googleupdate.exe"
+ "InstallIQUpdater" "InstallIQ Updater" "W3i, LLC" "c:\program files\w3i\installiqupdater\installiqupdater.exe"
+ "MSMSGS" "Windows Messenger" "Microsoft Corporation" "c:\program files\messenger\msmsgs.exe"
"HKCU\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components" "" "" ""
+ "0" "" "" "File not found: About:Home"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Google Toolbar Helper" "Google IE Client Toolbar" "Google Inc." "c:\program files\google\googletoolbar1.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\ssv.dll"
+ "JQSIEStartDetectorImpl Class" "Java™ Quick Starter binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll"
+ "RealPlayer Download and Record Plugin for Internet Explorer" "RealPlayer Download and Record Plugin" "RealPlayer" "c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "&Google" "Google IE Client Toolbar" "Google Inc." "c:\program files\google\googletoolbar1.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "Windows Messenger" "Windows Messenger" "Microsoft Corporation" "c:\program files\messenger\msmsgs.exe"
"Task Scheduler" "" "" ""
+ "Ad-Aware Update (Weekly).job" "" "" "File not found: C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe update all silent"
+ "Adobe Flash Player Updater.job" "Adobe® Flash® Player Update Service 11.4 r402" "Adobe Systems Incorporated" "c:\windows\system32\macromed\flash\flashplayerupdateservice.exe"
+ "EasyShare Registration Task.job" "" "" "File not found: C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kodak\EasyShareSetup\$REGIS~1\Registration_7.8.50.2.sxt"
+ "GoogleUpdateTaskMachineCore.job" "Google Installer" "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "GoogleUpdateTaskMachineUA.job" "Google Installer" "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "GoogleUpdateTaskUserS-1-5-21-1844237615-1229272821-725345543-1003Core.job" "Google Installer" "Google Inc." "c:\documents and settings\owner\local settings\application data\google\update\googleupdate.exe"
+ "GoogleUpdateTaskUserS-1-5-21-1844237615-1229272821-725345543-1003UA.job" "Google Installer" "Google Inc." "c:\documents and settings\owner\local settings\application data\google\update\googleupdate.exe"
+ "Microsoft Antimalware Scheduled Scan.job" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\microsoft security client\mpcmdrun.exe"
+ "RealUpgradeLogonTaskS-1-5-21-1844237615-1229272821-725345543-1003.job" "RealUpgrade Launcher" "RealNetworks, Inc." "c:\program files\real\realupgrade\realupgrade.exe"
+ "RealUpgradeScheduledTaskS-1-5-21-1844237615-1229272821-725345543-1003.job" "RealUpgrade Launcher" "RealNetworks, Inc." "c:\program files\real\realupgrade\realupgrade.exe"
+ "ReclaimerUpdateFiles_Owner.job" "RealNetworks Installer" "RealNetworks, Inc." "c:\documents and settings\owner\application data\real\update\upgradehelper\realplayer\10.20\agent\rnupgagent.exe"
+ "ReclaimerUpdateXML_Owner.job" "RealNetworks Installer" "RealNetworks, Inc." "c:\documents and settings\owner\application data\real\update\upgradehelper\realplayer\10.20\agent\rnupgagent.exe"
+ "RNUpgradeHelperLogonPrompt_Owner.job" "RealNetworks Installer" "RealNetworks, Inc." "c:\documents and settings\owner\application data\real\update\upgradehelper\realplayer\10.20\agent\rnupgagent.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\system32\macromed\flash\flashplayerupdateservice.exe"
+ "Bonjour Service" "Bonjour allows applications like iTunes and Safari to advertise and discover services on the local network. Having Bonjour running enables you to connect to hardware devices like Apple TV and software services like iTunes sharing and AirTunes. If you disable Bonjour, any network service that explicitly depends on it will fail to start." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"
+ "gupdate1cabbc8d86f3320" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "Kodak AiO Network Discovery Service" "Kodak mDNS Network Discovery Service" "Eastman Kodak Company" "c:\program files\kodak\aio\center\ekaiohostservice.exe"
+ "Kodak AiO Status Monitor Service" "Kodak Status Monitor SDK Service" "Eastman Kodak Company" "c:\program files\kodak\aio\statusmonitor\ekprintersdk.exe"
+ "LexBceS" "LexBce Service" "Lexmark International, Inc." "c:\windows\system32\lexbces.exe"
+ "LVSrvLauncher" "Launcher for Logitech Video Components." "Logitech Inc." "c:\program files\common files\logishrd\srvlnch\srvlnch.exe"
+ "MsMpSvc" "Helps protect users from malware and other potentially unwanted software" "Microsoft Corporation" "c:\program files\microsoft security client\msmpeng.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "aeaudio" "Andrea Audio Stub Driver" "Andrea Electronics Corporation" "c:\windows\system32\drivers\aeaudio.sys"
+ "Aspi32" "ASPI for WIN32 Kernel Driver" "Adaptec" "c:\windows\system32\drivers\aspi32.sys"
+ "bcm4sbxp" "Broadcom Corporation NDIS 5.1 ethernet driver" "Broadcom Corporation" "c:\windows\system32\drivers\bcm4sbxp.sys"
+ "BCMModem" "Modem Device Driver" "Broadcom Corporation" "c:\windows\system32\drivers\bcmsm.sys"
+ "Changer" "" "" "File not found: C:\WINDOWS\System32\Drivers\Changer.sys"
+ "i2omgmt" "" "" "File not found: C:\WINDOWS\System32\Drivers\i2omgmt.sys"
+ "ialm" "Controller Hub for Intel Graphics Driver" "Intel Corporation" "c:\windows\system32\drivers\ialmnt5.sys"
+ "Lbd" "Ad-Aware mini-filter driver" "" "File not found: system32\DRIVERS\Lbd.sys"
+ "lbrtfdc" "" "" "File not found: C:\WINDOWS\System32\Drivers\lbrtfdc.sys"
+ "LVcKap" "Logitech Kernel Audio Processing Filter Driver" "Logitech Inc." "c:\windows\system32\drivers\lvckap.sys"
+ "LVMVDrv" "Logitech Machine Vision Engine Loader" "Logitech Inc." "c:\windows\system32\drivers\lvmvdrv.sys"
+ "LVUSBSta" "" "" "File not found: system32\drivers\LVUSBSta.sys"
+ "MCSTRM" "" "" "File not found: C:\WINDOWS\System32\Drivers\MCSTRM.sys"
+ "OMCI" "OMCI Device Driver" "Dell Computer Corporation" "c:\windows\system32\drivers\omci.sys"
+ "PCIDump" "" "" "File not found: C:\WINDOWS\System32\Drivers\PCIDump.sys"
+ "PDCOMP" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDCOMP.sys"
+ "PDFRAME" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDFRAME.sys"
+ "PDRELI" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDRELI.sys"
+ "PDRFRAME" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDRFRAME.sys"
+ "pepifilter" "" "" "File not found: system32\DRIVERS\lv302af.sys"
+ "PID_PEPI" "" "" "File not found: system32\DRIVERS\LV302V32.SYS"
+ "Ptilink" "Direct Parallel Link Driver" "Parallel Technologies, Inc." "c:\windows\system32\drivers\ptilink.sys"
+ "Secdrv" "SafeDisc driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "smwdm" "SoundMAX Integrated Digital Audio " "Analog Devices, Inc." "c:\windows\system32\drivers\smwdm.sys"
+ "SONYPVU1" "Sony USB Lower Filter driver" "Sony Corporation" "c:\windows\system32\drivers\sonypvu1.sys"
+ "WDICA" "" "" "File not found: C:\WINDOWS\System32\Drivers\WDICA.sys"
+ "{6080A529-897E-4629-A488-ABA0C29B635E}" "Intel Graphics Platform (SoftBIOS) Driver for Windows 2000® & Windows XP™" "Intel Corporation" "c:\windows\system32\drivers\ialmsbw.sys"
+ "{D31A0762-0CEB-444e-ACFF-B049A1F6FE91}" "Intel Graphics Chipset (KCH) Driver for Windows 2000® & Windows XP™" "Intel Corporation" "c:\windows\system32\drivers\ialmkchw.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.iac2" "Indeo® audio software" "Intel Corporation" "c:\windows\system32\iac25_32.ax"
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
+ "msacm.sl_anet" "Audio codec for MS ACM" "Sipro Lab Telecom Inc." "c:\windows\system32\sl_anet.acm"
+ "msacm.trspch" "DSP Group TrueSpeech™ Audio Codec for MSACM V3.50" "DSP GROUP, INC." "c:\windows\system32\tssoft32.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\system32\iccvid.dll"
+ "VIDC.I420" "" "" "File not found: lvcodec2.dll"
+ "vidc.iv31" "" "" "c:\windows\system32\ir32_32.dll"
+ "vidc.iv32" "" "" "c:\windows\system32\ir32_32.dll"
+ "vidc.iv41" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "vidc.iv50" "Intel Indeo® video 5.10" "Intel Corporation" "c:\windows\system32\ir50_32.dll"
"HKLM\Software\Classes\Filter" "" "" ""
+ "Indeo® video 4.4 Compression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "Indeo® video 4.4 Compression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "Indeo® video 4.4 Decompression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "Indeo® video 4.4 Decompression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "9x8Resize" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "ACELP.net Audio Decoder" "ACELP.net Audio Decoder" "Sipro Lab Telecom Inc." "c:\windows\system32\acelpdec.ax"
+ "Allocator Fix" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Bitmap" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Frame Eater" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Indeo Video ® 5.1 Progressive Download Source" "Intel Indeo® video IVF Source Filter 5.10" "Intel Corporation" "c:\windows\system32\ivfsrc.ax"
+ "Indeo® audio software" "Indeo® audio software" "Intel Corporation" "c:\windows\system32\iac25_32.ax"
+ "Indeo® video 5.10 Compression Filter" "Intel Indeo® video 5.10" "Intel Corporation" "c:\windows\system32\ir50_32.dll"
+ "Indeo® video 5.10 Decompression Filter" "Intel Indeo® video 5.10" "Intel Corporation" "c:\windows\system32\ir50_32.dll"
+ "MPEG Layer-3 Decoder" "MPEG Layer-3 Audio Decoder" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codecx.ax"
+ "RealPlayer Audio Filter" "Audio Filter Plugin" "RealNetworks, Inc." "c:\program files\real\realplayer\rdsf3260.dll"
+ "RealPlayer Transcode Filter" "Audio Filter Plugin" "RealNetworks, Inc." "c:\program files\real\realplayer\rdsf3260.dll"
+ "RealPlayer Video Filter" "Audio Filter Plugin" "RealNetworks, Inc." "c:\program files\real\realplayer\rdsf3260.dll"
+ "Record Queue" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "ShotBoundaryDet" "Windows Movie Maker" "Microsoft Corporation" "c:\program files\movie maker\wmmfilt.dll"
+ "ShotDetect" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Stetch" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WIA Stream Snapshot Filter" "WIA Stream Snapshot Filter" "MyCompanyName" "c:\windows\system32\wiasf.ax"
+ "Windows Media Pad VU Data Grabber" "Windows Movie Maker" "Microsoft Corporation" "c:\program files\movie maker\wmmfilt.dll"
+ "WM VIH2 Fix" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Audio Analyzer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Black Frame Generator" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DirectX Transform Wrapper" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DV Extract Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT FormatConversion" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Import Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Interlacer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Log Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT MuxDeMux Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Sample Info Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Screen capture Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Switch Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Renderer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Source" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Volume" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "igfxcui" "igfxsrvc Module" "Intel Corporation" "c:\windows\system32\igfxsrvc.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "Dell Network Port" "LEXLMPM DLL" "Lexmark International, Inc." "c:\windows\system32\lexlmpm.dll"
+ "KODAK EASYSHARE All-in-One Printer" "Language Monitor for KODAK AiO Printer (32-Bit Intel® Pentium™ 4 Optimized Build)" "Eastman Kodak Company" "c:\windows\system32\ekij5000mon.dll"




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users