Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Pop up attempt to redirect to ib.adnxs.com


  • Please log in to reply
9 replies to this topic

#1 jeffn1

jeffn1

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:03:59 AM

Posted 19 October 2012 - 01:49 PM

Hello,

When I attempt to go to certain sites (like this one) I get a message that my AVG anti-virus caught an attempt to direct to ib.adnxs.com

It seems this is known malware acting up. So, I guess I am looking for helping making sure this cleaned up, fixing registry files, etc.

Thank you for your help.

Jeff

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:59 AM

Posted 19 October 2012 - 01:52 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 jeffn1

jeffn1
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:03:59 AM

Posted 19 October 2012 - 02:11 PM

Thanks so much for the quick response. I finished the first two. With the ESET is had a box checked off to remove found threats. Should I keep that checked?



Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply



#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:59 AM

Posted 19 October 2012 - 02:42 PM

YES

#5 jeffn1

jeffn1
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:03:59 AM

Posted 19 October 2012 - 03:01 PM

Thanks, 1st here is the TDS Killer Log:
15:01:20.0414 3072 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
15:01:20.0665 3072 ============================================================
15:01:20.0665 3072 Current date / time: 2012/10/19 15:01:20.0665
15:01:20.0665 3072 SystemInfo:
15:01:20.0665 3072
15:01:20.0665 3072 OS Version: 5.1.2600 ServicePack: 3.0
15:01:20.0665 3072 Product type: Workstation
15:01:20.0665 3072 ComputerName: JEFFREY
15:01:20.0665 3072 UserName: Jeffrey Naness
15:01:20.0665 3072 Windows directory: C:\WINDOWS
15:01:20.0665 3072 System windows directory: C:\WINDOWS
15:01:20.0665 3072 Processor architecture: Intel x86
15:01:20.0665 3072 Number of processors: 1
15:01:20.0665 3072 Page size: 0x1000
15:01:20.0665 3072 Boot type: Normal boot
15:01:20.0665 3072 ============================================================
15:01:22.0277 3072 Drive \Device\Harddisk0\DR0 - Size: 0x2540BE4000 (149.01 Gb), SectorSize: 0x200, Cylinders: 0x4BFC, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
15:01:22.0277 3072 ============================================================
15:01:22.0277 3072 \Device\Harddisk0\DR0:
15:01:22.0277 3072 MBR partitions:
15:01:22.0277 3072 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1B747, BlocksNum 0x11664D3B
15:01:22.0277 3072 ============================================================
15:01:22.0377 3072 C: <-> \Device\Harddisk0\DR0\Partition1
15:01:22.0377 3072 ============================================================
15:01:22.0377 3072 Initialize success
15:01:22.0377 3072 ============================================================
15:01:42.0536 0564 ============================================================
15:01:42.0536 0564 Scan started
15:01:42.0536 0564 Mode: Manual; TDLFS;
15:01:42.0536 0564 ============================================================
15:01:43.0538 0564 ================ Scan system memory ========================
15:01:43.0538 0564 System memory - ok
15:01:43.0538 0564 ================ Scan services =============================
15:01:43.0708 0564 Abiosdsk - ok
15:01:43.0748 0564 [ 6ABB91494FE6C59089B9336452AB2EA3 ] abp480n5 C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
15:01:43.0748 0564 abp480n5 - ok
15:01:43.0778 0564 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
15:01:43.0778 0564 ACPI - ok
15:01:43.0788 0564 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
15:01:43.0788 0564 ACPIEC - ok
15:01:43.0838 0564 [ 9A11864873DA202C996558B2106B0BBC ] adpu160m C:\WINDOWS\system32\DRIVERS\adpu160m.sys
15:01:43.0848 0564 adpu160m - ok
15:01:43.0888 0564 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
15:01:43.0888 0564 aec - ok
15:01:43.0958 0564 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
15:01:43.0968 0564 AFD - ok
15:01:44.0008 0564 [ 08FD04AA961BDC77FB983F328334E3D7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
15:01:44.0018 0564 agp440 - ok
15:01:44.0028 0564 [ 03A7E0922ACFE1B07D5DB2EEB0773063 ] agpCPQ C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
15:01:44.0028 0564 agpCPQ - ok
15:01:44.0038 0564 [ C23EA9B5F46C7F7910DB3EAB648FF013 ] Aha154x C:\WINDOWS\system32\DRIVERS\aha154x.sys
15:01:44.0038 0564 Aha154x - ok
15:01:44.0048 0564 [ 19DD0FB48B0C18892F70E2E7D61A1529 ] aic78u2 C:\WINDOWS\system32\DRIVERS\aic78u2.sys
15:01:44.0048 0564 aic78u2 - ok
15:01:44.0058 0564 [ B7FE594A7468AA0132DEB03FB8E34326 ] aic78xx C:\WINDOWS\system32\DRIVERS\aic78xx.sys
15:01:44.0058 0564 aic78xx - ok
15:01:44.0099 0564 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
15:01:44.0099 0564 Alerter - ok
15:01:44.0129 0564 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
15:01:44.0129 0564 ALG - ok
15:01:44.0159 0564 [ 1140AB9938809700B46BB88E46D72A96 ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys
15:01:44.0159 0564 AliIde - ok
15:01:44.0179 0564 [ CB08AED0DE2DD889A8A820CD8082D83C ] alim1541 C:\WINDOWS\system32\DRIVERS\alim1541.sys
15:01:44.0179 0564 alim1541 - ok
15:01:44.0189 0564 [ 95B4FB835E28AA1336CEEB07FD5B9398 ] amdagp C:\WINDOWS\system32\DRIVERS\amdagp.sys
15:01:44.0189 0564 amdagp - ok
15:01:44.0199 0564 [ 79F5ADD8D24BD6893F2903A3E2F3FAD6 ] amsint C:\WINDOWS\system32\DRIVERS\amsint.sys
15:01:44.0199 0564 amsint - ok
15:01:44.0209 0564 AppMgmt - ok
15:01:44.0239 0564 [ 62D318E9A0C8FC9B780008E724283707 ] asc C:\WINDOWS\system32\DRIVERS\asc.sys
15:01:44.0239 0564 asc - ok
15:01:44.0249 0564 [ 69EB0CC7714B32896CCBFD5EDCBEA447 ] asc3350p C:\WINDOWS\system32\DRIVERS\asc3350p.sys
15:01:44.0249 0564 asc3350p - ok
15:01:44.0259 0564 [ 5D8DE112AA0254B907861E9E9C31D597 ] asc3550 C:\WINDOWS\system32\DRIVERS\asc3550.sys
15:01:44.0259 0564 asc3550 - ok
15:01:44.0589 0564 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
15:01:44.0599 0564 aspnet_state - ok
15:01:44.0599 0564 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
15:01:44.0609 0564 AsyncMac - ok
15:01:44.0629 0564 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
15:01:44.0629 0564 atapi - ok
15:01:44.0639 0564 Atdisk - ok
15:01:44.0659 0564 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
15:01:44.0659 0564 Atmarpc - ok
15:01:44.0709 0564 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
15:01:44.0709 0564 AudioSrv - ok
15:01:44.0770 0564 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
15:01:44.0770 0564 audstub - ok
15:01:45.0060 0564 [ B41F0E54105801538D56623271A0AE49 ] AVGIDSAgent C:\Program Files\AVG\AVG2013\avgidsagent.exe
15:01:45.0200 0564 AVGIDSAgent - ok
15:01:45.0260 0564 [ 2F47851015D8837976E481F6DAA46A67 ] AVGIDSDriver C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys
15:01:45.0260 0564 AVGIDSDriver - ok
15:01:45.0310 0564 [ 303BDE0DCDC04CE597C6C1CD06C6F186 ] AVGIDSHX C:\WINDOWS\system32\DRIVERS\avgidshx.sys
15:01:45.0310 0564 AVGIDSHX - ok
15:01:45.0350 0564 [ A8DE230CC8536790CA07D37FBCD87A74 ] AVGIDSShim C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys
15:01:45.0350 0564 AVGIDSShim - ok
15:01:45.0390 0564 [ D53D35031365A0ECCB1DC1BC1B15B18E ] Avgldx86 C:\WINDOWS\system32\DRIVERS\avgldx86.sys
15:01:45.0390 0564 Avgldx86 - ok
15:01:45.0420 0564 [ 95889A9D23F3133250FA8AD13C982D58 ] Avglogx C:\WINDOWS\system32\DRIVERS\avglogx.sys
15:01:45.0430 0564 Avglogx - ok
15:01:45.0440 0564 [ 6DF7236D3A16C8417FF72F2EB2ADD244 ] Avgmfx86 C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
15:01:45.0450 0564 Avgmfx86 - ok
15:01:45.0481 0564 [ F3D57358DE0B8B3491013C615754A7C7 ] Avgrkx86 C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
15:01:45.0481 0564 Avgrkx86 - ok
15:01:45.0501 0564 [ BA73B38E9033FC6018DB736B635706AE ] Avgtdix C:\WINDOWS\system32\DRIVERS\avgtdix.sys
15:01:45.0501 0564 Avgtdix - ok
15:01:45.0561 0564 [ 6F76908F065C3C151C4BFCA7DFD86979 ] avgtp C:\WINDOWS\system32\drivers\avgtpx86.sys
15:01:45.0561 0564 avgtp - ok
15:01:45.0611 0564 [ 0D2EB149AFF89A307E5D82D0A2B78439 ] avgwd C:\Program Files\AVG\AVG2013\avgwdsvc.exe
15:01:45.0611 0564 avgwd - ok
15:01:45.0721 0564 [ 01A24B415926BB5F772DBE12459D97DE ] BBSvc C:\Program Files\Microsoft\BingBar\BBSvc.EXE
15:01:45.0721 0564 BBSvc - ok
15:01:45.0781 0564 [ 785DE7ABDA13309D6065305542829E76 ] BBUpdate C:\Program Files\Microsoft\BingBar\SeaPort.EXE
15:01:45.0791 0564 BBUpdate - ok
15:01:45.0801 0564 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
15:01:45.0801 0564 Beep - ok
15:01:45.0861 0564 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
15:01:45.0891 0564 BITS - ok
15:01:45.0961 0564 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
15:01:45.0961 0564 Browser - ok
15:01:46.0011 0564 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
15:01:46.0011 0564 cbidf - ok
15:01:46.0021 0564 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
15:01:46.0021 0564 cbidf2k - ok
15:01:46.0031 0564 [ F3EC03299634490E97BBCE94CD2954C7 ] cd20xrnt C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
15:01:46.0031 0564 cd20xrnt - ok
15:01:46.0071 0564 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
15:01:46.0071 0564 Cdaudio - ok
15:01:46.0131 0564 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
15:01:46.0131 0564 Cdfs - ok
15:01:46.0141 0564 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
15:01:46.0151 0564 Cdrom - ok
15:01:46.0151 0564 Changer - ok
15:01:46.0192 0564 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
15:01:46.0202 0564 CiSvc - ok
15:01:46.0202 0564 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
15:01:46.0212 0564 ClipSrv - ok
15:01:46.0242 0564 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:01:46.0312 0564 clr_optimization_v2.0.50727_32 - ok
15:01:46.0352 0564 [ E5DCB56C533014ECBC556A8357C929D5 ] CmdIde C:\WINDOWS\system32\DRIVERS\cmdide.sys
15:01:46.0352 0564 CmdIde - ok
15:01:46.0362 0564 COMSysApp - ok
15:01:46.0372 0564 [ 3EE529119EED34CD212A215E8C40D4B6 ] Cpqarray C:\WINDOWS\system32\DRIVERS\cpqarray.sys
15:01:46.0372 0564 Cpqarray - ok
15:01:46.0412 0564 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
15:01:46.0412 0564 CryptSvc - ok
15:01:46.0442 0564 [ E550E7418984B65A78299D248F0A7F36 ] dac2w2k C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
15:01:46.0442 0564 dac2w2k - ok
15:01:46.0452 0564 [ 683789CAA3864EB46125AE86FF677D34 ] dac960nt C:\WINDOWS\system32\DRIVERS\dac960nt.sys
15:01:46.0452 0564 dac960nt - ok
15:01:46.0502 0564 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
15:01:46.0512 0564 DcomLaunch - ok
15:01:46.0562 0564 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
15:01:46.0572 0564 Dhcp - ok
15:01:46.0642 0564 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
15:01:46.0642 0564 Disk - ok
15:01:46.0652 0564 dmadmin - ok
15:01:46.0692 0564 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
15:01:46.0702 0564 dmboot - ok
15:01:46.0732 0564 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
15:01:46.0742 0564 dmio - ok
15:01:46.0762 0564 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
15:01:46.0762 0564 dmload - ok
15:01:46.0772 0564 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
15:01:46.0772 0564 dmserver - ok
15:01:46.0812 0564 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
15:01:46.0822 0564 DMusic - ok
15:01:46.0873 0564 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
15:01:46.0873 0564 Dnscache - ok
15:01:46.0913 0564 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
15:01:46.0913 0564 Dot3svc - ok
15:01:46.0943 0564 [ 40F3B93B4E5B0126F2F5C0A7A5E22660 ] dpti2o C:\WINDOWS\system32\DRIVERS\dpti2o.sys
15:01:46.0943 0564 dpti2o - ok
15:01:46.0973 0564 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
15:01:46.0973 0564 drmkaud - ok
15:01:47.0003 0564 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
15:01:47.0003 0564 EapHost - ok
15:01:47.0033 0564 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
15:01:47.0033 0564 ERSvc - ok
15:01:47.0093 0564 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
15:01:47.0103 0564 Eventlog - ok
15:01:47.0163 0564 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
15:01:47.0163 0564 EventSystem - ok
15:01:47.0233 0564 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
15:01:47.0233 0564 Fastfat - ok
15:01:47.0263 0564 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
15:01:47.0273 0564 FastUserSwitchingCompatibility - ok
15:01:47.0313 0564 [ E97D6A8684466DF94FF3BC24FB787A07 ] Fax C:\WINDOWS\system32\fxssvc.exe
15:01:47.0313 0564 Fax - ok
15:01:47.0333 0564 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
15:01:47.0333 0564 Fdc - ok
15:01:47.0353 0564 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
15:01:47.0353 0564 Fips - ok
15:01:47.0363 0564 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
15:01:47.0363 0564 Flpydisk - ok
15:01:47.0383 0564 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
15:01:47.0383 0564 FltMgr - ok
15:01:47.0483 0564 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
15:01:47.0483 0564 FontCache3.0.0.0 - ok
15:01:47.0503 0564 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
15:01:47.0503 0564 Fs_Rec - ok
15:01:47.0533 0564 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
15:01:47.0533 0564 Ftdisk - ok
15:01:47.0614 0564 [ D3316F6E3C011435F36E3D6E49B3196C ] GoToAssist C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
15:01:47.0614 0564 GoToAssist - ok
15:01:47.0634 0564 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
15:01:47.0634 0564 Gpc - ok
15:01:47.0694 0564 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
15:01:47.0694 0564 gupdate - ok
15:01:47.0704 0564 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
15:01:47.0704 0564 gupdatem - ok
15:01:47.0724 0564 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
15:01:47.0724 0564 HDAudBus - ok
15:01:47.0824 0564 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
15:01:47.0824 0564 helpsvc - ok
15:01:47.0874 0564 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
15:01:47.0884 0564 HidServ - ok
15:01:47.0924 0564 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
15:01:47.0924 0564 hidusb - ok
15:01:47.0964 0564 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
15:01:47.0964 0564 hkmsvc - ok
15:01:47.0984 0564 [ B028377DEA0546A5FCFBA928A8AEFAE0 ] hpn C:\WINDOWS\system32\DRIVERS\hpn.sys
15:01:47.0984 0564 hpn - ok
15:01:48.0014 0564 [ 30CA91E657CEDE2F95359D6EF186F650 ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys
15:01:48.0014 0564 HPZid412 - ok
15:01:48.0044 0564 [ EFD31AFA752AA7C7BBB57BCBE2B01C78 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
15:01:48.0044 0564 HPZipr12 - ok
15:01:48.0064 0564 [ 7AC43C38CA8FD7ED0B0A4466F753E06E ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys
15:01:48.0064 0564 HPZius12 - ok
15:01:48.0104 0564 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
15:01:48.0114 0564 HTTP - ok
15:01:48.0164 0564 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
15:01:48.0164 0564 HTTPFilter - ok
15:01:48.0214 0564 [ 9368670BD426EBEA5E8B18A62416EC28 ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys
15:01:48.0214 0564 i2omgmt - ok
15:01:48.0245 0564 [ F10863BF1CCC290BABD1A09188AE49E0 ] i2omp C:\WINDOWS\system32\DRIVERS\i2omp.sys
15:01:48.0245 0564 i2omp - ok
15:01:48.0315 0564 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:01:48.0325 0564 idsvc - ok
15:01:48.0365 0564 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
15:01:48.0365 0564 Imapi - ok
15:01:48.0425 0564 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
15:01:48.0425 0564 ImapiService - ok
15:01:48.0475 0564 [ 4A40E045FAEE58631FD8D91AFC620719 ] ini910u C:\WINDOWS\system32\DRIVERS\ini910u.sys
15:01:48.0475 0564 ini910u - ok
15:01:48.0615 0564 [ DBC702FBC70DC58D9122CE56EADBD659 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
15:01:48.0655 0564 IntcAzAudAddService - ok
15:01:48.0675 0564 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
15:01:48.0685 0564 IntelIde - ok
15:01:48.0695 0564 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
15:01:48.0705 0564 intelppm - ok
15:01:48.0715 0564 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
15:01:48.0715 0564 Ip6Fw - ok
15:01:48.0745 0564 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
15:01:48.0745 0564 IpFilterDriver - ok
15:01:48.0755 0564 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
15:01:48.0755 0564 IpInIp - ok
15:01:48.0785 0564 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
15:01:48.0795 0564 IpNat - ok
15:01:48.0805 0564 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
15:01:48.0815 0564 IPSec - ok
15:01:48.0825 0564 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
15:01:48.0825 0564 IRENUM - ok
15:01:48.0885 0564 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
15:01:48.0885 0564 isapnp - ok
15:01:48.0946 0564 [ 0E410EDC8D0527801B899CF29E60597C ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
15:01:48.0956 0564 JavaQuickStarterService - ok
15:01:48.0996 0564 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
15:01:48.0996 0564 Kbdclass - ok
15:01:49.0036 0564 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
15:01:49.0036 0564 kbdhid - ok
15:01:49.0086 0564 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
15:01:49.0086 0564 kmixer - ok
15:01:49.0126 0564 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
15:01:49.0136 0564 KSecDD - ok
15:01:49.0176 0564 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
15:01:49.0176 0564 LanmanServer - ok
15:01:49.0236 0564 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
15:01:49.0256 0564 lanmanworkstation - ok
15:01:49.0266 0564 lbrtfdc - ok
15:01:49.0316 0564 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
15:01:49.0316 0564 LmHosts - ok
15:01:49.0356 0564 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
15:01:49.0356 0564 Messenger - ok
15:01:49.0396 0564 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
15:01:49.0396 0564 mnmdd - ok
15:01:49.0426 0564 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
15:01:49.0426 0564 mnmsrvc - ok
15:01:49.0466 0564 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
15:01:49.0466 0564 Modem - ok
15:01:49.0516 0564 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
15:01:49.0516 0564 Mouclass - ok
15:01:49.0536 0564 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
15:01:49.0536 0564 mouhid - ok
15:01:49.0546 0564 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
15:01:49.0546 0564 MountMgr - ok
15:01:49.0586 0564 [ 3F4BB95E5A44F3BE34824E8E7CAF0737 ] mraid35x C:\WINDOWS\system32\DRIVERS\mraid35x.sys
15:01:49.0626 0564 mraid35x - ok
15:01:49.0787 0564 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
15:01:49.0787 0564 MRxDAV - ok
15:01:49.0837 0564 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
15:01:49.0857 0564 MRxSmb - ok
15:01:49.0897 0564 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
15:01:49.0897 0564 MSDTC - ok
15:01:49.0927 0564 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
15:01:49.0937 0564 Msfs - ok
15:01:49.0937 0564 MSIServer - ok
15:01:49.0967 0564 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
15:01:49.0967 0564 MSKSSRV - ok
15:01:49.0987 0564 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
15:01:49.0987 0564 MSPCLOCK - ok
15:01:50.0007 0564 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
15:01:50.0007 0564 MSPQM - ok
15:01:50.0047 0564 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
15:01:50.0047 0564 mssmbios - ok
15:01:50.0077 0564 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
15:01:50.0087 0564 Mup - ok
15:01:50.0117 0564 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
15:01:50.0117 0564 napagent - ok
15:01:50.0157 0564 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
15:01:50.0167 0564 NDIS - ok
15:01:50.0207 0564 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
15:01:50.0207 0564 NdisTapi - ok
15:01:50.0257 0564 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
15:01:50.0257 0564 Ndisuio - ok
15:01:50.0277 0564 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
15:01:50.0277 0564 NdisWan - ok
15:01:50.0327 0564 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
15:01:50.0327 0564 NDProxy - ok
15:01:50.0348 0564 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
15:01:50.0348 0564 NetBIOS - ok
15:01:50.0368 0564 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
15:01:50.0368 0564 NetBT - ok
15:01:50.0418 0564 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
15:01:50.0418 0564 NetDDE - ok
15:01:50.0428 0564 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
15:01:50.0428 0564 NetDDEdsdm - ok
15:01:50.0478 0564 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
15:01:50.0478 0564 Netlogon - ok
15:01:50.0518 0564 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
15:01:50.0528 0564 Netman - ok
15:01:50.0558 0564 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:01:50.0568 0564 NetTcpPortSharing - ok
15:01:50.0608 0564 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
15:01:50.0618 0564 Nla - ok
15:01:50.0668 0564 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
15:01:50.0668 0564 Npfs - ok
15:01:50.0738 0564 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
15:01:50.0768 0564 Ntfs - ok
15:01:50.0778 0564 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
15:01:50.0788 0564 NtLmSsp - ok
15:01:50.0818 0564 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
15:01:50.0828 0564 NtmsSvc - ok
15:01:50.0848 0564 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
15:01:50.0858 0564 Null - ok
15:01:51.0049 0564 [ CCE4877E45F5300FFFBB4A6BC5E7FDA7 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
15:01:51.0219 0564 nv - ok
15:01:51.0279 0564 [ 1492C7738F68625805F5F53C8BAD24C6 ] NVENETFD C:\WINDOWS\system32\drivers\NVENETFD.sys
15:01:51.0279 0564 NVENETFD - ok
15:01:51.0329 0564 [ AE73E61F07DDC84255BECE6B02F18390 ] nvnetbus C:\WINDOWS\system32\drivers\nvnetbus.sys
15:01:51.0329 0564 nvnetbus - ok
15:01:51.0349 0564 [ 4E281506A2ECD3B341D06598DBA97005 ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
15:01:51.0349 0564 NVSvc - ok
15:01:51.0379 0564 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
15:01:51.0379 0564 NwlnkFlt - ok
15:01:51.0399 0564 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
15:01:51.0399 0564 NwlnkFwd - ok
15:01:51.0439 0564 [ 8B8B1BE2DBA4025DA6786C645F77F123 ] NwlnkIpx C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys
15:01:51.0439 0564 NwlnkIpx - ok
15:01:51.0449 0564 [ 56D34A67C05E94E16377C60609741FF8 ] NwlnkNb C:\WINDOWS\system32\DRIVERS\nwlnknb.sys
15:01:51.0459 0564 NwlnkNb - ok
15:01:51.0469 0564 [ C0BB7D1615E1ACBDC99757F6CEAF8CF0 ] NwlnkSpx C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys
15:01:51.0469 0564 NwlnkSpx - ok
15:01:51.0569 0564 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
15:01:51.0569 0564 odserv - ok
15:01:51.0609 0564 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:01:51.0609 0564 ose - ok
15:01:51.0629 0564 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\drivers\Parport.sys
15:01:51.0639 0564 Parport - ok
15:01:51.0669 0564 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
15:01:51.0669 0564 PartMgr - ok
15:01:51.0699 0564 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
15:01:51.0699 0564 ParVdm - ok
15:01:51.0719 0564 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
15:01:51.0719 0564 PCI - ok
15:01:51.0730 0564 PCIDump - ok
15:01:51.0750 0564 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
15:01:51.0750 0564 PCIIde - ok
15:01:51.0770 0564 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
15:01:51.0770 0564 Pcmcia - ok
15:01:51.0780 0564 PDCOMP - ok
15:01:51.0790 0564 PDFRAME - ok
15:01:51.0800 0564 PDRELI - ok
15:01:51.0810 0564 PDRFRAME - ok
15:01:51.0830 0564 [ 6C14B9C19BA84F73D3A86DBA11133101 ] perc2 C:\WINDOWS\system32\DRIVERS\perc2.sys
15:01:51.0830 0564 perc2 - ok
15:01:51.0850 0564 [ F50F7C27F131AFE7BEBA13E14A3B9416 ] perc2hib C:\WINDOWS\system32\DRIVERS\perc2hib.sys
15:01:51.0850 0564 perc2hib - ok
15:01:51.0900 0564 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
15:01:51.0900 0564 PlugPlay - ok
15:01:51.0970 0564 [ 2D091A99624FB9E7EEF0A86D872EC0C3 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.exe
15:01:51.0980 0564 Pml Driver HPZ12 - ok
15:01:52.0020 0564 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
15:01:52.0020 0564 PolicyAgent - ok
15:01:52.0090 0564 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
15:01:52.0090 0564 PptpMiniport - ok
15:01:52.0100 0564 [ A32BEBAF723557681BFC6BD93E98BD26 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
15:01:52.0100 0564 Processor - ok
15:01:52.0110 0564 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
15:01:52.0110 0564 ProtectedStorage - ok
15:01:52.0130 0564 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
15:01:52.0130 0564 PSched - ok
15:01:52.0140 0564 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
15:01:52.0140 0564 Ptilink - ok
15:01:52.0190 0564 [ 03E0FE281823BA64B3782F5B38950E73 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
15:01:52.0190 0564 PxHelp20 - ok
15:01:52.0220 0564 [ 0A63FB54039EB5662433CABA3B26DBA7 ] ql1080 C:\WINDOWS\system32\DRIVERS\ql1080.sys
15:01:52.0220 0564 ql1080 - ok
15:01:52.0230 0564 [ 6503449E1D43A0FF0201AD5CB1B8C706 ] Ql10wnt C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
15:01:52.0240 0564 Ql10wnt - ok
15:01:52.0260 0564 [ 156ED0EF20C15114CA097A34A30D8A01 ] ql12160 C:\WINDOWS\system32\DRIVERS\ql12160.sys
15:01:52.0260 0564 ql12160 - ok
15:01:52.0270 0564 [ 70F016BEBDE6D29E864C1230A07CC5E6 ] ql1240 C:\WINDOWS\system32\DRIVERS\ql1240.sys
15:01:52.0280 0564 ql1240 - ok
15:01:52.0290 0564 [ 907F0AEEA6BC451011611E732BD31FCF ] ql1280 C:\WINDOWS\system32\DRIVERS\ql1280.sys
15:01:52.0290 0564 ql1280 - ok
15:01:52.0320 0564 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
15:01:52.0320 0564 RasAcd - ok
15:01:52.0350 0564 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
15:01:52.0360 0564 RasAuto - ok
15:01:52.0390 0564 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
15:01:52.0390 0564 Rasl2tp - ok
15:01:52.0421 0564 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
15:01:52.0421 0564 RasMan - ok
15:01:52.0431 0564 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
15:01:52.0431 0564 RasPppoe - ok
15:01:52.0451 0564 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
15:01:52.0451 0564 Raspti - ok
15:01:52.0511 0564 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
15:01:52.0511 0564 Rdbss - ok
15:01:52.0531 0564 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
15:01:52.0531 0564 RDPCDD - ok
15:01:52.0581 0564 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
15:01:52.0581 0564 rdpdr - ok
15:01:52.0631 0564 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
15:01:52.0641 0564 RDPWD - ok
15:01:52.0681 0564 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
15:01:52.0681 0564 RDSessMgr - ok
15:01:52.0721 0564 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
15:01:52.0721 0564 redbook - ok
15:01:52.0771 0564 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
15:01:52.0771 0564 RemoteAccess - ok
15:01:52.0781 0564 RimUsb - ok
15:01:52.0821 0564 [ 2C4FB2E9F039287767C384E46EE91030 ] RimVSerPort C:\WINDOWS\system32\DRIVERS\RimSerial.sys
15:01:52.0821 0564 RimVSerPort - ok
15:01:52.0831 0564 [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7 ] ROOTMODEM C:\WINDOWS\system32\Drivers\RootMdm.sys
15:01:52.0831 0564 ROOTMODEM - ok
15:01:52.0861 0564 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
15:01:52.0861 0564 RpcLocator - ok
15:01:52.0911 0564 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\system32\rpcss.dll
15:01:52.0911 0564 RpcSs - ok
15:01:52.0951 0564 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
15:01:52.0961 0564 RSVP - ok
15:01:52.0991 0564 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
15:01:52.0991 0564 SamSs - ok
15:01:53.0021 0564 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
15:01:53.0031 0564 SCardSvr - ok
15:01:53.0061 0564 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
15:01:53.0071 0564 Schedule - ok
15:01:53.0112 0564 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
15:01:53.0112 0564 Secdrv - ok
15:01:53.0142 0564 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
15:01:53.0142 0564 seclogon - ok
15:01:53.0162 0564 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
15:01:53.0162 0564 SENS - ok
15:01:53.0182 0564 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\drivers\Serial.sys
15:01:53.0182 0564 Serial - ok
15:01:53.0212 0564 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
15:01:53.0212 0564 Sfloppy - ok
15:01:53.0272 0564 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
15:01:53.0282 0564 SharedAccess - ok
15:01:53.0302 0564 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
15:01:53.0302 0564 ShellHWDetection - ok
15:01:53.0312 0564 Simbad - ok
15:01:53.0322 0564 [ 6B33D0EBD30DB32E27D1D78FE946A754 ] sisagp C:\WINDOWS\system32\DRIVERS\sisagp.sys
15:01:53.0322 0564 sisagp - ok
15:01:53.0362 0564 [ 83C0F71F86D3BDAF915685F3D568B20E ] Sparrow C:\WINDOWS\system32\DRIVERS\sparrow.sys
15:01:53.0362 0564 Sparrow - ok
15:01:53.0412 0564 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
15:01:53.0412 0564 splitter - ok
15:01:53.0462 0564 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
15:01:53.0472 0564 Spooler - ok
15:01:53.0532 0564 [ 777115C9CC675BD98127660712D2F784 ] sprtsvc_DellSupportCenter C:\Program Files\Dell Support Center\bin\sprtsvc.exe
15:01:53.0532 0564 sprtsvc_DellSupportCenter - ok
15:01:53.0592 0564 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
15:01:53.0592 0564 sr - ok
15:01:53.0652 0564 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
15:01:53.0652 0564 srservice - ok
15:01:53.0712 0564 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
15:01:53.0722 0564 Srv - ok
15:01:53.0762 0564 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
15:01:53.0762 0564 SSDPSRV - ok
15:01:53.0823 0564 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
15:01:53.0833 0564 stisvc - ok
15:01:53.0883 0564 [ 1D0063597C3666404FCF97698ABEB019 ] stllssvr C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
15:01:53.0883 0564 stllssvr - ok
15:01:53.0943 0564 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
15:01:53.0943 0564 swenum - ok
15:01:53.0993 0564 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
15:01:53.0993 0564 swmidi - ok
15:01:54.0003 0564 SwPrv - ok
15:01:54.0033 0564 [ 1FF3217614018630D0A6758630FC698C ] symc810 C:\WINDOWS\system32\DRIVERS\symc810.sys
15:01:54.0033 0564 symc810 - ok
15:01:54.0063 0564 [ 070E001D95CF725186EF8B20335F933C ] symc8xx C:\WINDOWS\system32\DRIVERS\symc8xx.sys
15:01:54.0063 0564 symc8xx - ok
15:01:54.0073 0564 [ 80AC1C4ABBE2DF3B738BF15517A51F2C ] sym_hi C:\WINDOWS\system32\DRIVERS\sym_hi.sys
15:01:54.0073 0564 sym_hi - ok
15:01:54.0083 0564 [ BF4FAB949A382A8E105F46EBB4937058 ] sym_u3 C:\WINDOWS\system32\DRIVERS\sym_u3.sys
15:01:54.0083 0564 sym_u3 - ok
15:01:54.0123 0564 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
15:01:54.0123 0564 sysaudio - ok
15:01:54.0173 0564 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
15:01:54.0173 0564 SysmonLog - ok
15:01:54.0203 0564 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
15:01:54.0213 0564 TapiSrv - ok
15:01:54.0233 0564 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
15:01:54.0243 0564 Tcpip - ok
15:01:54.0273 0564 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
15:01:54.0283 0564 TDPIPE - ok
15:01:54.0283 0564 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
15:01:54.0293 0564 TDTCP - ok
15:01:54.0323 0564 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
15:01:54.0323 0564 TermDD - ok
15:01:54.0353 0564 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
15:01:54.0353 0564 TermService - ok
15:01:54.0373 0564 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
15:01:54.0383 0564 Themes - ok
15:01:54.0413 0564 [ F2790F6AF01321B172AA62F8E1E187D9 ] TosIde C:\WINDOWS\system32\DRIVERS\toside.sys
15:01:54.0413 0564 TosIde - ok
15:01:54.0453 0564 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
15:01:54.0453 0564 TrkWks - ok
15:01:54.0493 0564 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
15:01:54.0493 0564 Udfs - ok
15:01:54.0524 0564 [ 1B698A51CD528D8DA4FFAED66DFC51B9 ] ultra C:\WINDOWS\system32\DRIVERS\ultra.sys
15:01:54.0524 0564 ultra - ok
15:01:54.0564 0564 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
15:01:54.0574 0564 Update - ok
15:01:54.0604 0564 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
15:01:54.0614 0564 upnphost - ok
15:01:54.0634 0564 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
15:01:54.0644 0564 UPS - ok
15:01:54.0674 0564 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
15:01:54.0674 0564 usbccgp - ok
15:01:54.0714 0564 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
15:01:54.0714 0564 usbehci - ok
15:01:54.0724 0564 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
15:01:54.0724 0564 usbhub - ok
15:01:54.0784 0564 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
15:01:54.0784 0564 usbohci - ok
15:01:54.0844 0564 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
15:01:54.0844 0564 usbprint - ok
15:01:55.0134 0564 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
15:01:55.0134 0564 usbscan - ok
15:01:55.0184 0564 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
15:01:55.0184 0564 USBSTOR - ok
15:01:55.0215 0564 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
15:01:55.0215 0564 usbuhci - ok
15:01:55.0235 0564 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
15:01:55.0235 0564 VgaSave - ok
15:01:55.0275 0564 [ 754292CE5848B3738281B4F3607EAEF4 ] viaagp C:\WINDOWS\system32\DRIVERS\viaagp.sys
15:01:55.0275 0564 viaagp - ok
15:01:55.0285 0564 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
15:01:55.0285 0564 ViaIde - ok
15:01:55.0325 0564 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
15:01:55.0325 0564 VolSnap - ok
15:01:55.0365 0564 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
15:01:55.0375 0564 VSS - ok
15:01:55.0475 0564 [ CBA3F6EF1E70167DB376B4013F71A62B ] vToolbarUpdater12.2.6 C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe
15:01:55.0485 0564 vToolbarUpdater12.2.6 - ok
15:01:55.0525 0564 [ 54AF4B1D5459500EF0937F6D33B1914F ] w32time C:\WINDOWS\system32\w32time.dll
15:01:55.0525 0564 w32time - ok
15:01:55.0575 0564 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
15:01:55.0575 0564 Wanarp - ok
15:01:55.0575 0564 WDICA - ok
15:01:55.0595 0564 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
15:01:55.0595 0564 wdmaud - ok
15:01:55.0615 0564 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
15:01:55.0615 0564 WebClient - ok
15:01:55.0725 0564 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
15:01:55.0725 0564 winmgmt - ok
15:01:55.0775 0564 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
15:01:55.0775 0564 WmdmPmSN - ok
15:01:55.0795 0564 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
15:01:55.0805 0564 WmiApSrv - ok
15:01:55.0875 0564 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
15:01:55.0896 0564 WMPNetworkSvc - ok
15:01:55.0946 0564 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
15:01:55.0946 0564 wscsvc - ok
15:01:55.0956 0564 WSearch - ok
15:01:55.0996 0564 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
15:01:55.0996 0564 wuauserv - ok
15:01:56.0036 0564 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
15:01:56.0036 0564 WudfPf - ok
15:01:56.0066 0564 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
15:01:56.0066 0564 WudfRd - ok
15:01:56.0086 0564 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
15:01:56.0096 0564 WudfSvc - ok
15:01:56.0136 0564 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
15:01:56.0166 0564 WZCSVC - ok
15:01:56.0206 0564 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
15:01:56.0206 0564 xmlprov - ok
15:01:56.0226 0564 ================ Scan global ===============================
15:01:56.0276 0564 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
15:01:56.0326 0564 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
15:01:56.0346 0564 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
15:01:56.0376 0564 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
15:01:56.0376 0564 [Global] - ok
15:01:56.0386 0564 ================ Scan MBR ==================================
15:01:56.0406 0564 [ 27A9FC7708F39487D61506A5245BF3D8 ] \Device\Harddisk0\DR0
15:01:56.0697 0564 \Device\Harddisk0\DR0 - ok
15:01:56.0707 0564 ================ Scan VBR ==================================
15:01:56.0707 0564 [ 39B098BA6697B529190DF2D4E482AAFA ] \Device\Harddisk0\DR0\Partition1
15:01:56.0707 0564 \Device\Harddisk0\DR0\Partition1 - ok
15:01:56.0707 0564 ============================================================
15:01:56.0707 0564 Scan finished
15:01:56.0707 0564 ============================================================
15:01:56.0727 3068 Detected object count: 0
15:01:56.0727 3068 Actual detected object count: 0
15:03:53.0384 2824 Deinitialize success



Here is the aswBBR log:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-10-19 15:04:18
-----------------------------
15:04:18.160 OS Version: Windows 5.1.2600 Service Pack 3
15:04:18.160 Number of processors: 1 586 0x7F02
15:04:18.160 ComputerName: JEFFREY UserName:
15:04:18.831 Initialize success
15:08:17.474 AVAST engine defs: 12101900
15:08:56.530 The log file has been saved successfully to "C:\aswMBR.txt"

Here is the ESET list of found threats:

C:\Program Files\registrybooster\cbbleepingregistrybooster.exe Win32/RegistryBooster application

#6 jeffn1

jeffn1
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:03:59 AM

Posted 19 October 2012 - 03:56 PM

Quick update for you.

I ran ESET and had it remove threats (after I got you confirmation). (By the way, I did not have it do the archive scan-- was not sure whether to do it).

I was hoping the pop-ups would stop, but no such luck yet. It seems site dependent (even though the website are definitely legit, like Cakewalk's website (they make Digital Audio Software)

Thanks again for the help.

Jeff

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:59 AM

Posted 19 October 2012 - 04:47 PM

ASWMBR log is incomplete

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

#8 bill_1001

bill_1001

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:03:59 AM

Posted 19 October 2012 - 06:09 PM

I've had the same problem since this morning (Oct 19, 2012). I was about to ask for help on the same issue but found this:

http://forums.avg.com/us-en/avg-forums?sec=thread&act=show&id=218830&page=4&type=0

I just updated my AVG database, and so far, AVG's warnings have stopped.

#9 thisisu

thisisu

  • Malware Response Team
  • 2,525 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:03:59 AM

Posted 19 October 2012 - 06:13 PM

^ Nice one :thumbup2:

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:59 AM

Posted 19 October 2012 - 06:33 PM

Thanks for sharing :thumbsup:




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users