Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Virus protection(s) show no infection


  • Please log in to reply
17 replies to this topic

#1 dadummy

dadummy

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:02:17 PM

Posted 21 October 2012 - 09:32 PM

Hello there,

I have tried Mcafee, Malawarebytes,Glary Utilities, Microsoft Windows Malicious Software Removal Tool, along with Rkill. AV software says no infections. Problem I am having is homepage was redirected to Babylon.com. Reading on the virus, it hides itself from virus protection? The computer is running slow and changing the web page adds to computer enhancement links.
I am running Windows XP,

any info on this would be appreciated

thanks

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:17 PM

Posted 21 October 2012 - 11:45 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 dadummy

dadummy
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:02:17 PM

Posted 22 October 2012 - 05:07 AM

23:04:44.0659 6688 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
23:04:46.0659 6688 ============================================================
23:04:46.0659 6688 Current date / time: 2012/10/21 23:04:46.0659
23:04:46.0659 6688 SystemInfo:
23:04:46.0659 6688
23:04:46.0659 6688 OS Version: 5.1.2600 ServicePack: 3.0
23:04:46.0659 6688 Product type: Workstation
23:04:46.0659 6688 ComputerName: USER-01F5CBE7F4
23:04:46.0659 6688 UserName: user
23:04:46.0659 6688 Windows directory: C:\WINDOWS
23:04:46.0659 6688 System windows directory: C:\WINDOWS
23:04:46.0659 6688 Processor architecture: Intel x86
23:04:46.0659 6688 Number of processors: 2
23:04:46.0659 6688 Page size: 0x1000
23:04:46.0659 6688 Boot type: Normal boot
23:04:46.0659 6688 ============================================================
23:04:49.0909 6688 Drive \Device\Harddisk0\DR0 - Size: 0x3A35294400 (232.83 Gb), SectorSize: 0x200, Cylinders: 0x76BA, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
23:04:49.0940 6688 ============================================================
23:04:49.0956 6688 \Device\Harddisk0\DR0:
23:04:49.0956 6688 MBR partitions:
23:04:49.0956 6688 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D1A4F3A
23:04:49.0956 6688 ============================================================
23:04:50.0034 6688 C: <-> \Device\Harddisk0\DR0\Partition1
23:04:50.0034 6688 ============================================================
23:04:50.0034 6688 Initialize success
23:04:50.0034 6688 ============================================================
23:05:04.0268 8268 ============================================================
23:05:04.0268 8268 Scan started
23:05:04.0268 8268 Mode: Manual; TDLFS;
23:05:04.0268 8268 ============================================================
23:05:05.0487 8268 ================ Scan system memory ========================
23:05:05.0487 8268 System memory - ok
23:05:05.0487 8268 ================ Scan services =============================
23:05:05.0565 8268 Abiosdsk - ok
23:05:05.0565 8268 abp480n5 - ok
23:05:05.0628 8268 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
23:05:05.0628 8268 ACPI - ok
23:05:05.0706 8268 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
23:05:05.0706 8268 ACPIEC - ok
23:05:05.0722 8268 adpu160m - ok
23:05:05.0784 8268 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
23:05:05.0784 8268 aec - ok
23:05:05.0862 8268 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
23:05:05.0862 8268 AFD - ok
23:05:05.0878 8268 Aha154x - ok
23:05:05.0878 8268 aic78u2 - ok
23:05:05.0893 8268 aic78xx - ok
23:05:05.0925 8268 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
23:05:05.0925 8268 Alerter - ok
23:05:05.0972 8268 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
23:05:05.0972 8268 ALG - ok
23:05:05.0972 8268 AliIde - ok
23:05:05.0987 8268 amsint - ok
23:05:06.0159 8268 [ 20F6F19FE9E753F2780DC2FA083AD597 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
23:05:06.0253 8268 Apple Mobile Device - ok
23:05:06.0315 8268 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
23:05:06.0315 8268 AppMgmt - ok
23:05:06.0409 8268 [ 3BC98A53C0ABE3FEB3B2B9B3BD9E7AA5 ] AR9271 C:\WINDOWS\system32\DRIVERS\athuw.sys
23:05:06.0456 8268 AR9271 - ok
23:05:06.0472 8268 asc - ok
23:05:06.0472 8268 asc3350p - ok
23:05:06.0487 8268 asc3550 - ok
23:05:06.0643 8268 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
23:05:06.0643 8268 aspnet_state - ok
23:05:06.0690 8268 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
23:05:06.0690 8268 AsyncMac - ok
23:05:06.0722 8268 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
23:05:06.0722 8268 atapi - ok
23:05:06.0722 8268 Atdisk - ok
23:05:06.0847 8268 [ 40F02B8460AC817EA0CEA2E0CAB4C2ED ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
23:05:06.0878 8268 Ati HotKey Poller - ok
23:05:06.0940 8268 [ D41EB535E2B2D8872463E5F59F215D4E ] ATI Smart C:\WINDOWS\system32\ati2sgag.exe
23:05:06.0956 8268 ATI Smart - ok
23:05:07.0050 8268 [ A7DD7088E2C987DBCB3F4D6D56F723BD ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
23:05:07.0097 8268 ati2mtag - ok
23:05:07.0128 8268 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
23:05:07.0128 8268 Atmarpc - ok
23:05:07.0190 8268 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
23:05:07.0206 8268 AudioSrv - ok
23:05:07.0268 8268 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
23:05:07.0268 8268 audstub - ok
23:05:07.0347 8268 [ 7CFD6D37ABA7006148ABBF4F629B2D2A ] bckd C:\WINDOWS\system32\drivers\bckd.sys
23:05:07.0347 8268 bckd - ok
23:05:07.0737 8268 [ A49F12B3157B35E221DA1C70AD36664A ] bckwfs C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe
23:05:07.0753 8268 bckwfs - ok
23:05:07.0815 8268 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
23:05:07.0815 8268 Beep - ok
23:05:07.0878 8268 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
23:05:07.0940 8268 BITS - ok
23:05:08.0018 8268 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
23:05:08.0018 8268 Browser - ok
23:05:08.0065 8268 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
23:05:08.0065 8268 cbidf2k - ok
23:05:08.0081 8268 cd20xrnt - ok
23:05:08.0206 8268 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
23:05:08.0206 8268 Cdaudio - ok
23:05:08.0222 8268 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
23:05:08.0222 8268 Cdfs - ok
23:05:08.0284 8268 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
23:05:08.0284 8268 Cdrom - ok
23:05:08.0315 8268 [ 84853B3FD012251690570E9E7E43343F ] cercsr6 C:\WINDOWS\system32\drivers\cercsr6.sys
23:05:08.0315 8268 cercsr6 - ok
23:05:08.0347 8268 [ 1C7B1E36F3CED9E4B0B13385E627FE8B ] cfwids C:\WINDOWS\system32\drivers\cfwids.sys
23:05:08.0347 8268 cfwids - ok
23:05:08.0362 8268 Changer - ok
23:05:08.0393 8268 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
23:05:08.0393 8268 CiSvc - ok
23:05:08.0425 8268 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
23:05:08.0425 8268 ClipSrv - ok
23:05:08.0456 8268 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:05:08.0472 8268 clr_optimization_v2.0.50727_32 - ok
23:05:08.0472 8268 CmdIde - ok
23:05:08.0472 8268 COMSysApp - ok
23:05:08.0503 8268 Cpqarray - ok
23:05:08.0534 8268 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
23:05:08.0534 8268 CryptSvc - ok
23:05:08.0597 8268 [ B459AE4AFCA570088ADDDBE55EABBC92 ] ctsfm2k C:\WINDOWS\system32\DRIVERS\ctsfm2k.sys
23:05:08.0597 8268 ctsfm2k - ok
23:05:08.0612 8268 dac2w2k - ok
23:05:08.0612 8268 dac960nt - ok
23:05:08.0690 8268 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
23:05:08.0706 8268 DcomLaunch - ok
23:05:08.0753 8268 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
23:05:08.0768 8268 Dhcp - ok
23:05:08.0768 8268 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
23:05:08.0768 8268 Disk - ok
23:05:08.0768 8268 dmadmin - ok
23:05:08.0925 8268 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
23:05:08.0956 8268 dmboot - ok
23:05:09.0018 8268 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
23:05:09.0034 8268 dmio - ok
23:05:09.0065 8268 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
23:05:09.0065 8268 dmload - ok
23:05:09.0097 8268 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
23:05:09.0112 8268 dmserver - ok
23:05:09.0128 8268 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
23:05:09.0143 8268 DMusic - ok
23:05:09.0190 8268 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
23:05:09.0206 8268 Dnscache - ok
23:05:09.0253 8268 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
23:05:09.0253 8268 Dot3svc - ok
23:05:09.0268 8268 [ 3E4B043F8BC6BE1D4820CC6C9C500306 ] dot4 C:\WINDOWS\system32\DRIVERS\Dot4.sys
23:05:09.0268 8268 dot4 - ok
23:05:09.0284 8268 [ 77CE63A8A34AE23D9FE4C7896D1DEBE7 ] Dot4Print C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys
23:05:09.0362 8268 Dot4Print - ok
23:05:09.0362 8268 [ 6EC3AF6BB5B30E488A0C559921F012E1 ] dot4usb C:\WINDOWS\system32\DRIVERS\dot4usb.sys
23:05:09.0362 8268 dot4usb - ok
23:05:09.0378 8268 dpti2o - ok
23:05:09.0378 8268 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
23:05:09.0378 8268 drmkaud - ok
23:05:09.0425 8268 [ F239EC59B4A30266A4A7B081A5DEE0FC ] e1express C:\WINDOWS\system32\DRIVERS\e1e5132.sys
23:05:09.0425 8268 e1express - ok
23:05:09.0487 8268 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
23:05:09.0487 8268 EapHost - ok
23:05:09.0581 8268 [ 5D1347AA5AE6E2F77D7F4F8372D95AC9 ] ehRecvr C:\WINDOWS\eHome\ehRecvr.exe
23:05:09.0597 8268 ehRecvr - ok
23:05:09.0659 8268 [ A53243709439AC2A4C216B817F8D7411 ] ehSched C:\WINDOWS\eHome\ehSched.exe
23:05:09.0659 8268 ehSched - ok
23:05:09.0722 8268 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
23:05:09.0722 8268 ERSvc - ok
23:05:09.0784 8268 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
23:05:09.0784 8268 Eventlog - ok
23:05:09.0847 8268 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
23:05:09.0847 8268 EventSystem - ok
23:05:09.0956 8268 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
23:05:09.0956 8268 Fastfat - ok
23:05:10.0034 8268 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
23:05:10.0034 8268 FastUserSwitchingCompatibility - ok
23:05:10.0050 8268 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
23:05:10.0050 8268 Fdc - ok
23:05:10.0112 8268 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
23:05:10.0112 8268 Fips - ok
23:05:10.0128 8268 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
23:05:10.0128 8268 Flpydisk - ok
23:05:10.0159 8268 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
23:05:10.0159 8268 FltMgr - ok
23:05:10.0222 8268 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
23:05:10.0222 8268 FontCache3.0.0.0 - ok
23:05:10.0253 8268 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
23:05:10.0253 8268 Fs_Rec - ok
23:05:10.0268 8268 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
23:05:10.0268 8268 Ftdisk - ok
23:05:10.0331 8268 [ 065639773D8B03F33577F6CDAEA21063 ] gameenum C:\WINDOWS\system32\DRIVERS\gameenum.sys
23:05:10.0331 8268 gameenum - ok
23:05:10.0393 8268 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
23:05:10.0393 8268 GEARAspiWDM - ok
23:05:10.0409 8268 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
23:05:10.0409 8268 Gpc - ok
23:05:10.0534 8268 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
23:05:10.0534 8268 gupdate - ok
23:05:10.0534 8268 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
23:05:10.0534 8268 gupdatem - ok
23:05:10.0612 8268 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
23:05:10.0612 8268 gusvc - ok
23:05:10.0628 8268 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
23:05:10.0628 8268 HDAudBus - ok
23:05:10.0831 8268 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
23:05:10.0831 8268 helpsvc - ok
23:05:10.0893 8268 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
23:05:10.0893 8268 HidServ - ok
23:05:10.0925 8268 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
23:05:10.0925 8268 hidusb - ok
23:05:10.0956 8268 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
23:05:10.0956 8268 hkmsvc - ok
23:05:10.0956 8268 hpn - ok
23:05:11.0003 8268 [ FE5DD0961AB14F627E34B4F70693283A ] HPSIService C:\WINDOWS\system32\HPSIsvc.exe
23:05:11.0003 8268 HPSIService - ok
23:05:11.0065 8268 [ 77E4FF0B73BC0AEAAF39BF0C8104231F ] HSFHWBS2 C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
23:05:11.0065 8268 HSFHWBS2 - ok
23:05:11.0097 8268 [ 60E1604729A15EF4A3B05F298427B3B1 ] HSF_DP C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
23:05:11.0143 8268 HSF_DP - ok
23:05:11.0206 8268 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
23:05:11.0206 8268 HTTP - ok
23:05:11.0237 8268 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
23:05:11.0237 8268 HTTPFilter - ok
23:05:11.0253 8268 i2omgmt - ok
23:05:11.0253 8268 i2omp - ok
23:05:11.0268 8268 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\drivers\i8042prt.sys
23:05:11.0268 8268 i8042prt - ok
23:05:11.0315 8268 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
23:05:11.0347 8268 idsvc - ok
23:05:11.0378 8268 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
23:05:11.0378 8268 Imapi - ok
23:05:11.0487 8268 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
23:05:11.0487 8268 ImapiService - ok
23:05:11.0487 8268 ini910u - ok
23:05:11.0503 8268 IntelIde - ok
23:05:11.0690 8268 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
23:05:11.0690 8268 intelppm - ok
23:05:11.0722 8268 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
23:05:11.0722 8268 Ip6Fw - ok
23:05:11.0753 8268 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
23:05:11.0753 8268 IpFilterDriver - ok
23:05:11.0784 8268 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
23:05:11.0784 8268 IpInIp - ok
23:05:11.0815 8268 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
23:05:11.0815 8268 IpNat - ok
23:05:11.0893 8268 [ F62C69376A95795FE7CDB1C778EDACA4 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
23:05:11.0925 8268 iPod Service - ok
23:05:11.0987 8268 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
23:05:12.0003 8268 IPSec - ok
23:05:12.0034 8268 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
23:05:12.0034 8268 IRENUM - ok
23:05:12.0065 8268 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
23:05:12.0081 8268 isapnp - ok
23:05:12.0190 8268 [ A12175F063302CD68F8FC6D572D7E5FD ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
23:05:12.0190 8268 JavaQuickStarterService - ok
23:05:12.0206 8268 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
23:05:12.0206 8268 Kbdclass - ok
23:05:12.0222 8268 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
23:05:12.0222 8268 kbdhid - ok
23:05:12.0237 8268 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
23:05:12.0237 8268 kmixer - ok
23:05:12.0284 8268 [ 566C5FD480FDBCE3BA5CF9FBCFFAEA9A ] KMWDFILTER C:\WINDOWS\system32\DRIVERS\KMWDFILTER.sys
23:05:12.0284 8268 KMWDFILTER - ok
23:05:12.0315 8268 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
23:05:12.0315 8268 KSecDD - ok
23:05:12.0362 8268 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
23:05:12.0362 8268 lanmanserver - ok
23:05:12.0425 8268 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
23:05:12.0425 8268 lanmanworkstation - ok
23:05:12.0425 8268 lbrtfdc - ok
23:05:12.0487 8268 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
23:05:12.0487 8268 LmHosts - ok
23:05:12.0612 8268 [ 7E6932EEDA54C8EAF7DC6C2225261B85 ] McAfee SiteAdvisor Service C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
23:05:12.0612 8268 McAfee SiteAdvisor Service - ok
23:05:12.0628 8268 [ 7E6932EEDA54C8EAF7DC6C2225261B85 ] McMPFSvc C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
23:05:12.0628 8268 McMPFSvc - ok
23:05:12.0628 8268 [ 7E6932EEDA54C8EAF7DC6C2225261B85 ] mcmscsvc C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
23:05:12.0628 8268 mcmscsvc - ok
23:05:12.0643 8268 [ 7E6932EEDA54C8EAF7DC6C2225261B85 ] McNaiAnn C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
23:05:12.0643 8268 McNaiAnn - ok
23:05:12.0643 8268 [ 7E6932EEDA54C8EAF7DC6C2225261B85 ] McNASvc C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
23:05:12.0643 8268 McNASvc - ok
23:05:12.0847 8268 [ B3CD9ADE1C2665124CA34125B331B0B4 ] McODS C:\Program Files\McAfee\VirusScan\mcods.exe
23:05:12.0862 8268 McODS - ok
23:05:12.0862 8268 [ 7E6932EEDA54C8EAF7DC6C2225261B85 ] McProxy C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
23:05:12.0878 8268 McProxy - ok
23:05:12.0925 8268 [ DF0A511F38F16016BF658FCA0090CB87 ] McrdSvc C:\WINDOWS\ehome\mcrdsvc.exe
23:05:12.0925 8268 McrdSvc - ok
23:05:12.0972 8268 [ 85DB8DDD2D664716BB5B2D3405F9EF92 ] McShield C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
23:05:12.0972 8268 McShield - ok
23:05:13.0018 8268 [ EEAEA6514BA7C9D273B5E87C4E1AAB30 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
23:05:13.0018 8268 mdmxsdk - ok
23:05:13.0065 8268 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
23:05:13.0065 8268 Messenger - ok
23:05:13.0112 8268 [ 43C31BDF404A6D7A7AC1BFD5EAD2A566 ] mfeapfk C:\WINDOWS\system32\drivers\mfeapfk.sys
23:05:13.0112 8268 mfeapfk - ok
23:05:13.0175 8268 [ C1DC5F42D3367F33B6451BE78B38BD46 ] mfeavfk C:\WINDOWS\system32\drivers\mfeavfk.sys
23:05:13.0175 8268 mfeavfk - ok
23:05:13.0175 8268 mfeavfk01 - ok
23:05:13.0190 8268 [ 0435C43F4C2BE01B84868AD2A906397B ] mfebopk C:\WINDOWS\system32\drivers\mfebopk.sys
23:05:13.0190 8268 mfebopk - ok
23:05:13.0206 8268 [ 183AB9DCE971E029C50223765671839C ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
23:05:13.0222 8268 mfefire - ok
23:05:13.0237 8268 [ 4EA6FF90015424517843E931448E00F1 ] mfefirek C:\WINDOWS\system32\drivers\mfefirek.sys
23:05:13.0237 8268 mfefirek - ok
23:05:13.0315 8268 [ D1E998748BA24A731106611D535C6BBF ] mfehidk C:\WINDOWS\system32\drivers\mfehidk.sys
23:05:13.0331 8268 mfehidk - ok
23:05:13.0393 8268 [ 26C76D10ED650E6492800D6F081ECFBA ] mfendisk C:\WINDOWS\system32\DRIVERS\mfendisk.sys
23:05:13.0393 8268 mfendisk - ok
23:05:13.0393 8268 [ 26C76D10ED650E6492800D6F081ECFBA ] mfendiskmp C:\WINDOWS\system32\DRIVERS\mfendisk.sys
23:05:13.0393 8268 mfendiskmp - ok
23:05:13.0425 8268 [ F454A13377F0A006D20A8C14A753C432 ] mferkdet C:\WINDOWS\system32\drivers\mferkdet.sys
23:05:13.0425 8268 mferkdet - ok
23:05:13.0472 8268 [ 070D3FAF2EAC417C59D8674A8752F7A6 ] mfetdi2k C:\WINDOWS\system32\drivers\mfetdi2k.sys
23:05:13.0487 8268 mfetdi2k - ok
23:05:13.0550 8268 [ B10C4EFD40810C08F4B44DF2EFCB54F7 ] mfevtp C:\WINDOWS\system32\mfevtps.exe
23:05:13.0550 8268 mfevtp - ok
23:05:13.0581 8268 [ B7521F69C0A9B29D356157229376FB21 ] MHN C:\WINDOWS\System32\mhn.dll
23:05:13.0597 8268 MHN - ok
23:05:13.0706 8268 [ 7F2F1D2815A6449D346FCCCBC569FBD6 ] MHNDRV C:\WINDOWS\system32\DRIVERS\mhndrv.sys
23:05:13.0706 8268 MHNDRV - ok
23:05:13.0753 8268 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
23:05:13.0753 8268 mnmdd - ok
23:05:13.0800 8268 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
23:05:13.0800 8268 mnmsrvc - ok
23:05:13.0847 8268 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
23:05:13.0847 8268 Modem - ok
23:05:13.0909 8268 [ 1992E0D143B09653AB0F9C5E04B0FD65 ] MODEMCSA C:\WINDOWS\system32\drivers\MODEMCSA.sys
23:05:13.0909 8268 MODEMCSA - ok
23:05:13.0956 8268 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
23:05:13.0956 8268 Mouclass - ok
23:05:13.0956 8268 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
23:05:13.0956 8268 mouhid - ok
23:05:13.0956 8268 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
23:05:13.0972 8268 MountMgr - ok
23:05:14.0034 8268 [ EE728AF83850DDAD9A3FCAC0AAB3AD97 ] MpFilter C:\WINDOWS\system32\DRIVERS\MpFilter.sys
23:05:14.0034 8268 MpFilter - ok
23:05:14.0253 8268 [ A69630D039C38018689190234F866D77 ] MpKsl7c265a6f c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{F35811BE-9A66-410C-8FA7-440A7894D738}\MpKsl7c265a6f.sys
23:05:14.0253 8268 MpKsl7c265a6f - ok
23:05:14.0253 8268 mraid35x - ok
23:05:14.0331 8268 [ 9BD4DCB5412921864A7AACDEDFBD1923 ] MREMP50 C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
23:05:14.0331 8268 MREMP50 - ok
23:05:14.0362 8268 [ 07C02C892E8E1A72D6BF35004F0E9C5E ] MRESP50 C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
23:05:14.0362 8268 MRESP50 - ok
23:05:14.0378 8268 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
23:05:14.0378 8268 MRxDAV - ok
23:05:14.0440 8268 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
23:05:14.0456 8268 MRxSmb - ok
23:05:14.0487 8268 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
23:05:14.0487 8268 MSDTC - ok
23:05:14.0503 8268 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
23:05:14.0503 8268 Msfs - ok
23:05:14.0565 8268 [ 082A950191DDE602BBEA8EF4E5900251 ] msgame C:\WINDOWS\system32\DRIVERS\msgame.sys
23:05:14.0581 8268 msgame - ok
23:05:14.0581 8268 MSIServer - ok
23:05:14.0597 8268 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
23:05:14.0597 8268 MSKSSRV - ok
23:05:14.0659 8268 [ E077FCA2A7E79FB9BF67D3E30B5CE593 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
23:05:14.0659 8268 MsMpSvc - ok
23:05:14.0768 8268 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
23:05:14.0784 8268 MSPCLOCK - ok
23:05:14.0784 8268 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
23:05:14.0784 8268 MSPQM - ok
23:05:14.0831 8268 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
23:05:14.0831 8268 mssmbios - ok
23:05:14.0878 8268 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
23:05:14.0878 8268 Mup - ok
23:05:14.0925 8268 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
23:05:14.0940 8268 napagent - ok
23:05:15.0081 8268 [ B498A14133BD09AD0817590ACE4470AD ] NBService C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
23:05:15.0112 8268 NBService - ok
23:05:15.0159 8268 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
23:05:15.0159 8268 NDIS - ok
23:05:15.0237 8268 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
23:05:15.0237 8268 NdisTapi - ok
23:05:15.0284 8268 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
23:05:15.0300 8268 Ndisuio - ok
23:05:15.0300 8268 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
23:05:15.0300 8268 NdisWan - ok
23:05:15.0331 8268 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
23:05:15.0331 8268 NDProxy - ok
23:05:15.0362 8268 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
23:05:15.0362 8268 NetBIOS - ok
23:05:15.0440 8268 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
23:05:15.0440 8268 NetBT - ok
23:05:15.0487 8268 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
23:05:15.0487 8268 NetDDE - ok
23:05:15.0487 8268 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
23:05:15.0487 8268 NetDDEdsdm - ok
23:05:15.0581 8268 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
23:05:15.0581 8268 Netlogon - ok
23:05:15.0706 8268 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
23:05:15.0706 8268 Netman - ok
23:05:15.0768 8268 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:05:15.0768 8268 NetTcpPortSharing - ok
23:05:15.0831 8268 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
23:05:15.0831 8268 Nla - ok
23:05:15.0987 8268 [ A328A46D87BB92CE4D8A4528E9D84787 ] NMIndexingService C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
23:05:15.0987 8268 NMIndexingService - ok
23:05:16.0003 8268 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
23:05:16.0003 8268 Npfs - ok
23:05:16.0081 8268 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
23:05:16.0097 8268 Ntfs - ok
23:05:16.0097 8268 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
23:05:16.0097 8268 NtLmSsp - ok
23:05:16.0159 8268 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
23:05:16.0190 8268 NtmsSvc - ok
23:05:16.0206 8268 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
23:05:16.0206 8268 Null - ok
23:05:16.0253 8268 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
23:05:16.0253 8268 NwlnkFlt - ok
23:05:16.0253 8268 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
23:05:16.0253 8268 NwlnkFwd - ok
23:05:16.0300 8268 [ C720C25B2D0C93DC425155F5B6A707F3 ] ossrv C:\WINDOWS\system32\DRIVERS\ctoss2k.sys
23:05:16.0300 8268 ossrv - ok
23:05:16.0409 8268 [ F051107FF80F132882E71E3A5D302EC1 ] P16X C:\WINDOWS\system32\drivers\P16X.sys
23:05:16.0456 8268 P16X - ok
23:05:16.0503 8268 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\drivers\Parport.sys
23:05:16.0503 8268 Parport - ok
23:05:16.0534 8268 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
23:05:16.0534 8268 PartMgr - ok
23:05:16.0597 8268 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
23:05:16.0612 8268 ParVdm - ok
23:05:16.0659 8268 [ BAE04007A679893E975A2B75E9E001E9 ] pcCMService C:\Program Files\Common Files\Motive\pcCMService.exe
23:05:16.0675 8268 pcCMService - ok
23:05:16.0675 8268 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
23:05:16.0690 8268 PCI - ok
23:05:16.0690 8268 PCIDump - ok
23:05:16.0753 8268 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
23:05:16.0753 8268 PCIIde - ok
23:05:16.0768 8268 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
23:05:16.0784 8268 Pcmcia - ok
23:05:16.0878 8268 [ A792405E6C84C3DEBC02B1CF29A928F0 ] pcServiceHost C:\Program Files\Common Files\Motive\pcServiceHost.exe
23:05:16.0893 8268 pcServiceHost - ok
23:05:16.0893 8268 PDCOMP - ok
23:05:16.0893 8268 PDFRAME - ok
23:05:16.0909 8268 PDRELI - ok
23:05:16.0909 8268 PDRFRAME - ok
23:05:16.0909 8268 perc2 - ok
23:05:16.0925 8268 perc2hib - ok
23:05:16.0972 8268 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
23:05:16.0987 8268 PlugPlay - ok
23:05:17.0003 8268 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
23:05:17.0003 8268 PolicyAgent - ok
23:05:17.0065 8268 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
23:05:17.0065 8268 PptpMiniport - ok
23:05:17.0065 8268 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
23:05:17.0065 8268 ProtectedStorage - ok
23:05:17.0081 8268 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
23:05:17.0081 8268 PSched - ok
23:05:17.0081 8268 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
23:05:17.0081 8268 Ptilink - ok
23:05:17.0112 8268 [ E42E3433DBB4CFFE8FDD91EAB29AEA8E ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
23:05:17.0112 8268 PxHelp20 - ok
23:05:17.0128 8268 ql1080 - ok
23:05:17.0128 8268 Ql10wnt - ok
23:05:17.0143 8268 ql12160 - ok
23:05:17.0143 8268 ql1240 - ok
23:05:17.0143 8268 ql1280 - ok
23:05:17.0159 8268 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
23:05:17.0159 8268 RasAcd - ok
23:05:17.0190 8268 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
23:05:17.0190 8268 RasAuto - ok
23:05:17.0222 8268 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
23:05:17.0222 8268 Rasl2tp - ok
23:05:17.0268 8268 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
23:05:17.0268 8268 RasMan - ok
23:05:17.0315 8268 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
23:05:17.0315 8268 RasPppoe - ok
23:05:17.0315 8268 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
23:05:17.0331 8268 Raspti - ok
23:05:17.0331 8268 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
23:05:17.0347 8268 Rdbss - ok
23:05:17.0347 8268 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
23:05:17.0347 8268 RDPCDD - ok
23:05:17.0362 8268 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
23:05:17.0378 8268 rdpdr - ok
23:05:17.0425 8268 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
23:05:17.0425 8268 RDPWD - ok
23:05:17.0440 8268 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
23:05:17.0456 8268 RDSessMgr - ok
23:05:17.0487 8268 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
23:05:17.0503 8268 redbook - ok
23:05:17.0550 8268 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
23:05:17.0550 8268 RemoteAccess - ok
23:05:17.0659 8268 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
23:05:17.0659 8268 RemoteRegistry - ok
23:05:17.0690 8268 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
23:05:17.0706 8268 RpcLocator - ok
23:05:17.0784 8268 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\system32\rpcss.dll
23:05:17.0800 8268 RpcSs - ok
23:05:17.0862 8268 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
23:05:17.0878 8268 RSVP - ok
23:05:17.0878 8268 RTL8192su - ok
23:05:17.0893 8268 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
23:05:17.0893 8268 SamSs - ok
23:05:17.0925 8268 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
23:05:17.0925 8268 SCardSvr - ok
23:05:17.0972 8268 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
23:05:17.0987 8268 Schedule - ok
23:05:18.0018 8268 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
23:05:18.0018 8268 Secdrv - ok
23:05:18.0050 8268 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
23:05:18.0065 8268 seclogon - ok
23:05:18.0065 8268 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
23:05:18.0065 8268 SENS - ok
23:05:18.0081 8268 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\drivers\Serial.sys
23:05:18.0081 8268 Serial - ok
23:05:18.0143 8268 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
23:05:18.0143 8268 Sfloppy - ok
23:05:18.0222 8268 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
23:05:18.0237 8268 SharedAccess - ok
23:05:18.0253 8268 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
23:05:18.0253 8268 ShellHWDetection - ok
23:05:18.0253 8268 Simbad - ok
23:05:18.0268 8268 Sparrow - ok
23:05:18.0331 8268 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
23:05:18.0331 8268 splitter - ok
23:05:18.0393 8268 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
23:05:18.0393 8268 Spooler - ok
23:05:18.0409 8268 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
23:05:18.0409 8268 sr - ok
23:05:18.0425 8268 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
23:05:18.0425 8268 srservice - ok
23:05:18.0503 8268 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
23:05:18.0503 8268 Srv - ok
23:05:18.0565 8268 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
23:05:18.0581 8268 SSDPSRV - ok
23:05:18.0659 8268 [ 2A2DC39623ADEF8AB3703AB9FAC4B440 ] STHDA C:\WINDOWS\system32\drivers\sthda.sys
23:05:18.0690 8268 STHDA - ok
23:05:18.0800 8268 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
23:05:18.0831 8268 stisvc - ok
23:05:18.0878 8268 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
23:05:18.0893 8268 swenum - ok
23:05:18.0940 8268 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
23:05:18.0956 8268 swmidi - ok
23:05:18.0956 8268 SwPrv - ok
23:05:18.0972 8268 symc810 - ok
23:05:18.0972 8268 symc8xx - ok
23:05:18.0972 8268 sym_hi - ok
23:05:18.0987 8268 sym_u3 - ok
23:05:19.0018 8268 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
23:05:19.0034 8268 sysaudio - ok
23:05:19.0065 8268 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
23:05:19.0065 8268 SysmonLog - ok
23:05:19.0097 8268 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
23:05:19.0112 8268 TapiSrv - ok
23:05:19.0175 8268 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
23:05:19.0190 8268 Tcpip - ok
23:05:19.0237 8268 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
23:05:19.0237 8268 TDPIPE - ok
23:05:19.0253 8268 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
23:05:19.0253 8268 TDTCP - ok
23:05:19.0284 8268 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
23:05:19.0284 8268 TermDD - ok
23:05:19.0347 8268 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
23:05:19.0362 8268 TermService - ok
23:05:19.0378 8268 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
23:05:19.0378 8268 Themes - ok
23:05:19.0425 8268 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
23:05:19.0425 8268 TlntSvr - ok
23:05:19.0440 8268 TosIde - ok
23:05:19.0472 8268 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
23:05:19.0472 8268 TrkWks - ok
23:05:19.0518 8268 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
23:05:19.0534 8268 Udfs - ok
23:05:19.0550 8268 ultra - ok
23:05:19.0659 8268 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
23:05:19.0659 8268 Update - ok
23:05:19.0706 8268 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
23:05:19.0706 8268 upnphost - ok
23:05:19.0722 8268 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
23:05:19.0722 8268 UPS - ok
23:05:19.0753 8268 [ 83CAFCB53201BBAC04D822F32438E244 ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
23:05:19.0753 8268 USBAAPL - ok
23:05:19.0768 8268 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
23:05:19.0768 8268 usbccgp - ok
23:05:19.0815 8268 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
23:05:19.0815 8268 usbehci - ok
23:05:19.0831 8268 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
23:05:19.0831 8268 usbhub - ok
23:05:19.0909 8268 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
23:05:19.0909 8268 USBSTOR - ok
23:05:19.0972 8268 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
23:05:19.0972 8268 usbuhci - ok
23:05:19.0972 8268 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
23:05:19.0972 8268 VgaSave - ok
23:05:19.0987 8268 ViaIde - ok
23:05:20.0003 8268 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
23:05:20.0003 8268 VolSnap - ok
23:05:20.0050 8268 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
23:05:20.0065 8268 VSS - ok
23:05:20.0097 8268 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
23:05:20.0097 8268 W32Time - ok
23:05:20.0159 8268 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
23:05:20.0175 8268 Wanarp - ok
23:05:20.0222 8268 [ D6EFAF429FD30C5DF613D220E344CCE7 ] WDC_SAM C:\WINDOWS\system32\DRIVERS\wdcsam.sys
23:05:20.0222 8268 WDC_SAM - ok
23:05:20.0237 8268 WDICA - ok
23:05:20.0253 8268 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
23:05:20.0253 8268 wdmaud - ok
23:05:20.0315 8268 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
23:05:20.0315 8268 WebClient - ok
23:05:20.0393 8268 [ F59ED5A43B988A18EF582BB07B2327A7 ] winachsf C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
23:05:20.0425 8268 winachsf - ok
23:05:20.0534 8268 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
23:05:20.0534 8268 winmgmt - ok
23:05:20.0659 8268 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
23:05:20.0659 8268 WmdmPmSN - ok
23:05:20.0706 8268 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll
23:05:20.0722 8268 Wmi - ok
23:05:20.0768 8268 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
23:05:20.0768 8268 WmiApSrv - ok
23:05:20.0878 8268 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
23:05:20.0909 8268 WMPNetworkSvc - ok
23:05:20.0956 8268 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
23:05:20.0956 8268 wscsvc - ok
23:05:20.0972 8268 WSearch - ok
23:05:20.0987 8268 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
23:05:20.0987 8268 wuauserv - ok
23:05:21.0018 8268 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
23:05:21.0034 8268 WudfPf - ok
23:05:21.0050 8268 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
23:05:21.0050 8268 WudfRd - ok
23:05:21.0065 8268 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
23:05:21.0065 8268 WudfSvc - ok
23:05:21.0112 8268 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
23:05:21.0143 8268 WZCSVC - ok
23:05:21.0175 8268 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
23:05:21.0175 8268 xmlprov - ok
23:05:21.0253 8268 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
23:05:21.0268 8268 YahooAUService - ok
23:05:21.0284 8268 ================ Scan global ===============================
23:05:21.0347 8268 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
23:05:21.0409 8268 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
23:05:21.0425 8268 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
23:05:21.0440 8268 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
23:05:21.0440 8268 [Global] - ok
23:05:21.0440 8268 ================ Scan MBR ==================================
23:05:21.0472 8268 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
23:05:21.0831 8268 \Device\Harddisk0\DR0 - ok
23:05:21.0831 8268 ================ Scan VBR ==================================
23:05:21.0831 8268 [ 48B439252C46516CDA113A374D058112 ] \Device\Harddisk0\DR0\Partition1
23:05:21.0831 8268 \Device\Harddisk0\DR0\Partition1 - ok
23:05:21.0831 8268 ============================================================
23:05:21.0831 8268 Scan finished
23:05:21.0831 8268 ============================================================
23:05:21.0847 6612 Detected object count: 0
23:05:21.0847 6612 Actual detected object count: 0
23:06:05.0081 10080 Deinitialize success

#4 dadummy

dadummy
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:02:17 PM

Posted 22 October 2012 - 05:12 AM

was messing around last night from other threads, ran the ESET before the aswMBR wich is running now,
hope that's ok and thanks for your help


ESET results
C:\Documents and Settings\All Users\Application Data\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll a variant of Win32/Adware.Yontoo.B application cleaned by deleting - quarantined
C:\Documents and Settings\All Users\Application Data\Tarma Installer\{C049526F-B3EB-4151-9B11-B11F00F53A96}\_Setupx.dll a variant of Win32/Adware.Yontoo.B application cleaned by deleting - quarantined
C:\Program Files\Yontoo\YontooIEClient.dll a variant of Win32/Adware.Yontoo.A application cleaned by deleting - quarantined

#5 dadummy

dadummy
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:02:17 PM

Posted 22 October 2012 - 05:20 PM

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-10-22 05:55:15
-----------------------------
05:55:15.972 OS Version: Windows 5.1.2600 Service Pack 3
05:55:15.972 Number of processors: 2 586 0x407
05:55:15.972 ComputerName: USER-01F5CBE7F4 UserName: user
05:55:17.018 Initialize success
06:03:57.940 AVAST engine defs: 12102200
06:04:50.362 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
06:04:50.362 Disk 0 Vendor: WDC_WD2500JS-75NCB3 10.02E04 Size: 238418MB BusType: 3
06:04:50.393 Disk 0 MBR read successfully
06:04:50.393 Disk 0 MBR scan
06:04:50.472 Disk 0 Windows XP default MBR code
06:04:50.472 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 238409 MB offset 63
06:04:50.472 Disk 0 scanning sectors +488263545
06:04:50.565 Disk 0 scanning C:\WINDOWS\system32\drivers
06:05:04.190 Service scanning
06:05:28.909 Modules scanning
06:05:37.378 Disk 0 trace - called modules:
06:05:37.393 ntkrnlpa.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll pciide.sys PCIIDEX.SYS
06:05:37.393 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8aa94ab8]
06:05:37.393 3 CLASSPNP.SYS[ba0e8fd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x8aac2d98]
06:05:38.940 AVAST engine scan C:\WINDOWS
06:05:56.690 AVAST engine scan C:\WINDOWS\system32
06:10:01.690 AVAST engine scan C:\WINDOWS\system32\drivers
06:10:26.737 AVAST engine scan C:\Documents and Settings\user
06:21:58.987 AVAST engine scan C:\Documents and Settings\All Users
06:23:27.800 Scan finished successfully
18:22:00.968 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\user\Desktop\MBR.dat"
18:22:01.000 The log file has been saved successfully to "C:\Documents and Settings\user\Desktop\asw.txt"

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:17 PM

Posted 22 October 2012 - 06:52 PM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

#7 dadummy

dadummy
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:02:17 PM

Posted 22 October 2012 - 10:35 PM

Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2012.10.20.01

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
user :: USER-01F5CBE7F4 [administrator]

10/22/2012 10:10:06 PM
mbam-log-2012-10-22 (22-10-06).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 299536
Time elapsed: 1 hour(s), 22 minute(s), 55 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#8 dadummy

dadummy
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:02:17 PM

Posted 22 October 2012 - 10:45 PM

MiniToolBox by Farbar Version: 23-07-2012
Ran by user (administrator) on 22-10-2012 at 23:35:55
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================


127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com

There are 14997 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

NETGEAR WNA1100 N150 Wireless USB Adapter = Wireless Network Connection 2 (Connected)
Intel® PRO/1000 PL Network Connection = Local Area Connection (Media disconnected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Wireless Network Connection 2"

set address name="Wireless Network Connection 2" source=dhcp
set dns name="Wireless Network Connection 2" source=dhcp register=PRIMARY
set wins name="Wireless Network Connection 2" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : user-01f5cbe7f4

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Unknown

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No

DNS Suffix Search List. . . . . . : gateway.2wire.net



Ethernet adapter Wireless Network Connection 2:



Connection-specific DNS Suffix . : gateway.2wire.net

Description . . . . . . . . . . . : NETGEAR WNA1100 N150 Wireless USB Adapter

Physical Address. . . . . . . . . : 4C-60-DE-72-09-53

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.1.65

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.1.254

DHCP Server . . . . . . . . . . . : 192.168.1.254

DNS Servers . . . . . . . . . . . : 192.168.1.254

Lease Obtained. . . . . . . . . . : Monday, October 22, 2012 10:03:24 PM

Lease Expires . . . . . . . . . . : Tuesday, October 23, 2012 10:03:24 PM

Server: homeportal
Address: 192.168.1.254

Name: google.com
Addresses: 173.194.37.2, 173.194.37.3, 173.194.37.4, 173.194.37.5
173.194.37.6, 173.194.37.7, 173.194.37.8, 173.194.37.9, 173.194.37.14
173.194.37.0, 173.194.37.1



Pinging google.com [173.194.37.3] with 32 bytes of data:



Reply from 173.194.37.3: bytes=32 time=37ms TTL=49

Reply from 173.194.37.3: bytes=32 time=36ms TTL=49



Ping statistics for 173.194.37.3:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 36ms, Maximum = 37ms, Average = 36ms

Server: homeportal
Address: 192.168.1.254

Name: yahoo.com
Addresses: 72.30.38.140, 98.138.253.109, 98.139.183.24



Pinging yahoo.com [98.138.253.109] with 32 bytes of data:



Reply from 98.138.253.109: bytes=32 time=126ms TTL=41

Reply from 98.138.253.109: bytes=32 time=104ms TTL=41



Ping statistics for 98.138.253.109:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 104ms, Maximum = 126ms, Average = 115ms

Server: homeportal
Address: 192.168.1.254

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:



Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x10003 ...4c 60 de 72 09 53 ...... NETGEAR WNA1100 N150 Wireless USB Adapter
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.65 25
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.1.0 255.255.255.0 192.168.1.65 192.168.1.65 25
192.168.1.65 255.255.255.255 127.0.0.1 127.0.0.1 25
192.168.1.255 255.255.255.255 192.168.1.65 192.168.1.65 25
224.0.0.0 240.0.0.0 192.168.1.65 192.168.1.65 25
255.255.255.255 255.255.255.255 192.168.1.65 192.168.1.65 1
Default Gateway: 192.168.1.254
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/22/2012 11:36:25 PM) (Source: Application Hang) (User: )
Description: Hanging application mbam.exe, version 1.62.0.140, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (10/21/2012 10:14:10 PM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (10/21/2012 10:14:09 PM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (10/21/2012 09:45:19 PM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (10/21/2012 09:29:25 PM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (10/21/2012 08:29:06 PM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (10/21/2012 08:25:46 PM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (10/21/2012 02:27:26 PM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (10/21/2012 02:25:34 PM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (10/21/2012 11:35:09 AM) (Source: Microsoft Security Client) (User: )
Description: mssecurityclientmsseces.exe4.1.522.00x80508018scheduledscancmainwindow__onautoscancomplete0security essentialsNILNILNIL


System errors:
=============
Error: (10/22/2012 10:03:39 PM) (Source: W32Time) (User: )
Description: The time provider NtpClient is configured to acquire time from one or more
time sources, however none of the sources are currently accessible.
No attempt to contact a source will be made for 14 minutes.
NtpClient has no source of accurate time.

Error: (10/22/2012 10:03:39 PM) (Source: W32Time) (User: )
Description: Time Provider NtpClient: An error occurred during DNS lookup of the manually
configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15
minutes.
The error was: A socket operation was attempted to an unreachable host. (0x80072751)

Error: (10/14/2012 08:29:14 PM) (Source: W32Time) (User: )
Description: The time provider NtpClient is configured to acquire time from one or more
time sources, however none of the sources are currently accessible.
No attempt to contact a source will be made for 13 minutes.
NtpClient has no source of accurate time.

Error: (10/14/2012 08:29:14 PM) (Source: W32Time) (User: )
Description: Time Provider NtpClient: An error occurred during DNS lookup of the manually
configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15
minutes.
The error was: A socket operation was attempted to an unreachable host. (0x80072751)

Error: (10/14/2012 08:28:11 PM) (Source: W32Time) (User: )
Description: The time provider NtpClient is configured to acquire time from one or more
time sources, however none of the sources are currently accessible.
No attempt to contact a source will be made for 14 minutes.
NtpClient has no source of accurate time.

Error: (10/14/2012 08:28:11 PM) (Source: W32Time) (User: )
Description: Time Provider NtpClient: An error occurred during DNS lookup of the manually
configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15
minutes.
The error was: A socket operation was attempted to an unreachable host. (0x80072751)

Error: (10/14/2012 02:21:05 PM) (Source: W32Time) (User: )
Description: The time provider NtpClient is configured to acquire time from one or more
time sources, however none of the sources are currently accessible.
No attempt to contact a source will be made for 14 minutes.
NtpClient has no source of accurate time.

Error: (10/14/2012 02:21:05 PM) (Source: W32Time) (User: )
Description: Time Provider NtpClient: An error occurred during DNS lookup of the manually
configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15
minutes.
The error was: A socket operation was attempted to an unreachable host. (0x80072751)

Error: (10/06/2012 05:52:36 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: The server {3A185DDE-E020-4985-A8F2-E27CDC4A0F3A} did not register with DCOM within the required timeout.

Error: (10/06/2012 05:50:21 PM) (Source: W32Time) (User: )
Description: The time provider NtpClient is configured to acquire time from one or more
time sources, however none of the sources are currently accessible.
No attempt to contact a source will be made for 14 minutes.
NtpClient has no source of accurate time.


Microsoft Office Sessions:
=========================
Error: (10/22/2012 11:36:25 PM) (Source: Application Hang)(User: )
Description: mbam.exe1.62.0.140hungapp0.0.0.000000000

Error: (10/21/2012 10:14:10 PM) (Source: Application Hang)(User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000

Error: (10/21/2012 10:14:09 PM) (Source: Application Hang)(User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000

Error: (10/21/2012 09:45:19 PM) (Source: Application Hang)(User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000

Error: (10/21/2012 09:29:25 PM) (Source: Application Hang)(User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000

Error: (10/21/2012 08:29:06 PM) (Source: Application Hang)(User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000

Error: (10/21/2012 08:25:46 PM) (Source: Application Hang)(User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000

Error: (10/21/2012 02:27:26 PM) (Source: Application Hang)(User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000

Error: (10/21/2012 02:25:34 PM) (Source: Application Hang)(User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000

Error: (10/21/2012 11:35:09 AM) (Source: Microsoft Security Client)(User: )
Description: mssecurityclientmsseces.exe4.1.522.00x80508018scheduledscancmainwindow__onautoscancomplete0security essentialsNILNILNIL


=========================== Installed Programs ============================

Acrobat.com (Version: 0.0.0)
Acrobat.com (Version: 1.1.377)
AddLyrics
Adobe AIR (Version: 1.0.4990)
Adobe AIR (Version: 1.0.8.4990)
Adobe Flash Player 11 ActiveX (Version: 11.1.102.55)
Adobe Reader 9.5.2 (Version: 9.5.2)
Adobe Shockwave Player 11.6 (Version: 11.6.5.635)
Apple Application Support (Version: 2.0.1)
Apple Mobile Device Support (Version: 3.4.1.2)
Apple Software Update (Version: 2.1.3.127)
AT&T Portal
ATI - Software Uninstall Utility (Version: 6.14.10.1014)
ATI Control Panel (Version: 6.14.10.5183)
ATI Display Driver (Version: 8.23-060209a1-030546C-Dell)
att.net Toolbar
Blue Coat K9 Web Protection 4.2.123 (Version: 4.2.123)
Combined Community Codec Pack 2008-09-21 16:18 (Version: 2008.09.21.0)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Conexant D850 56K V.9x DFVc Modem
Dell Driver Download Manager (Version: 2.1.0.0)
Doxillion Document Converter
ESET Online Scanner v3
Glary Utilities 2.39.0.1310 (Version: 2.39.0.1310)
Google Chrome (Version: 22.0.1229.94)
Google Earth (Version: 6.2.2.6613)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3230.2052)
Google Update Helper (Version: 1.3.21.123)
Grandmaster Challenge (Version: 1)
High Definition Audio Driver Package - KB835221 (Version: 20040219.000000)
HP LaserJet Professional P1100-P1560-P1600 Series
Intel® PRO Network Connections Drivers
InterVideo WinDVD 4
iTunes (Version: 10.4.1.10)
Java 7 Update 7 (Version: 7.0.70)
Java Auto Updater (Version: 2.1.9.0)
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
McAfee SecurityCenter (Version: 11.0.678)
Microsoft .NET Framework 1.0 Hotfix (KB2572066)
Microsoft .NET Framework 1.0 Hotfix (KB2604042)
Microsoft .NET Framework 1.0 Hotfix (KB2656378)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Office 97, Professional Edition
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Works (Version: 08.05.0818)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 6.0 Parser (KB933579) (Version: 6.10.1200.0)
Nero 7 Premium (Version: 7.02.9753)
neroxml (Version: 1.0.0)
Otto
QuickTime (Version: 7.70.80.34)
SigmaTel Audio (Version: 5.10.4600.0)
Sonic Encoders (Version: 1.00)
Sonic RecordNow! (Version: 6.5.0)
Sonic Update Manager (Version: 2.80)
Spelling Dictionaries Support For Adobe Reader 9 (Version: 9.0.0)
Star Wars Battlefront II (Version: 1.0)
Star Wars Republic Commando (Version: 1.0)
Switch Sound File Converter
swMSM (Version: 12.0.0.1)
Tony Hawks Pro Skater 4 Demo (Version: 1.00.0000)
Trader's Little Helper 2.7.0 (Version: 2.7.0)
Unity Web Player (Version: )
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Windows Internet Explorer 8 (KB2598845) (Version: 1)
Update for Windows Media Player 10 (KB913800)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2607712) (Version: 1)
Update for Windows XP (KB2616676) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2661254-v2) (Version: 2)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB2736233) (Version: 1)
Update for Windows XP (KB2749655) (Version: 1)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
Update Rollup 2 for Windows XP Media Center Edition 2005
WebFldrs XP (Version: 9.50.7523)
Winamp (Version: 5.622 )
Winamp Detector Plug-in (Version: 1.0.0.1)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Imaging Component (Version: 3.0.0.0)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Media Format 11 runtime
Windows Media Player 11
Windows PowerShell™ 1.0 (Version: 2)
Windows Search 4.0 (Version: 04.00.6001.503)
Windows XP Media Center Edition 2005 KB2502898
Windows XP Media Center Edition 2005 KB2619340
Windows XP Media Center Edition 2005 KB2628259
Windows XP Media Center Edition 2005 KB925766
Windows XP Media Center Edition 2005 KB973768
Windows XP Service Pack 3 (Version: 20080414.031525)
WinRAR archiver
Yahoo! Software Update
Yontoo 1.10.02 (Version: 1.10.02)

========================= Memory info: ===================================

Percentage of memory in use: 30%
Total physical RAM: 2046.09 MB
Available physical RAM: 1429.11 MB
Total Pagefile: 5984.57 MB
Available Pagefile: 5284.45 MB
Total Virtual: 2047.88 MB
Available Virtual: 1973.74 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:232.82 GB) (Free:201.02 GB) NTFS
2 Drive d: (061022_2151) (CDROM) (Total:0.57 GB) (Free:0 GB) CDFS

========================= Users: ========================================

User accounts for \\USER-01F5CBE7F4

Administrator ASPNET Guest
HelpAssistant SUPPORT_388945a0 user

========================= Restore Points ==================================

24-07-2012 15:30:45 System Checkpoint
25-07-2012 20:44:46 System Checkpoint
26-07-2012 21:29:50 System Checkpoint
27-07-2012 22:15:07 System Checkpoint
28-07-2012 23:29:53 System Checkpoint
29-07-2012 23:37:32 System Checkpoint
30-07-2012 23:57:01 System Checkpoint
01-08-2012 00:51:52 System Checkpoint
02-08-2012 01:49:49 System Checkpoint
03-08-2012 02:31:21 System Checkpoint
04-08-2012 03:38:43 System Checkpoint
05-08-2012 04:16:04 System Checkpoint
06-08-2012 04:58:03 System Checkpoint
07-08-2012 05:54:32 System Checkpoint
08-08-2012 06:28:51 System Checkpoint
09-08-2012 07:25:58 System Checkpoint
10-08-2012 07:58:47 System Checkpoint
11-08-2012 08:52:50 System Checkpoint
11-08-2012 17:35:38 Installed NETGEAR WNA1100 wireless USB 2.0 driver
11-08-2012 20:18:16 Installed Windows Internet Explorer 8.
11-08-2012 20:19:36 Software Distribution Service 3.0
12-08-2012 07:00:19 Software Distribution Service 3.0
13-08-2012 07:54:11 System Checkpoint
14-08-2012 09:26:21 System Checkpoint
15-08-2012 09:45:50 System Checkpoint
16-08-2012 07:00:19 Software Distribution Service 3.0
17-08-2012 07:24:07 System Checkpoint
18-08-2012 10:36:26 System Checkpoint
19-08-2012 12:53:24 System Checkpoint
20-08-2012 00:04:21 Printer Driver HP LaserJet Professional P1102w Installed
20-08-2012 00:04:31 Printer Driver HP LaserJet Professional P1102w Installed
21-08-2012 00:06:05 System Checkpoint
22-08-2012 01:01:43 System Checkpoint
23-08-2012 02:11:29 System Checkpoint
24-08-2012 02:50:35 System Checkpoint
25-08-2012 03:26:51 System Checkpoint
26-08-2012 04:21:24 System Checkpoint
27-08-2012 15:47:35 System Checkpoint
28-08-2012 16:14:55 System Checkpoint
29-08-2012 17:10:15 System Checkpoint
30-08-2012 17:55:01 System Checkpoint
31-08-2012 18:48:44 System Checkpoint
01-09-2012 19:44:22 System Checkpoint
02-09-2012 20:40:24 System Checkpoint
03-09-2012 21:37:09 System Checkpoint
04-09-2012 22:32:44 System Checkpoint
05-09-2012 22:43:02 System Checkpoint
06-09-2012 23:28:34 System Checkpoint
07-09-2012 23:33:04 System Checkpoint
09-09-2012 00:27:49 System Checkpoint
10-09-2012 01:13:46 System Checkpoint
11-09-2012 02:18:50 System Checkpoint
12-09-2012 03:04:17 System Checkpoint
12-09-2012 07:00:16 Software Distribution Service 3.0
13-09-2012 02:15:18 Removed Java™ 6 Update 33
13-09-2012 02:18:08 Installed Java 7 Update 7
14-09-2012 03:23:17 System Checkpoint
15-09-2012 03:34:54 System Checkpoint
16-09-2012 04:30:03 System Checkpoint
17-09-2012 05:26:48 System Checkpoint
17-09-2012 07:00:14 Software Distribution Service 3.0
18-09-2012 07:24:31 System Checkpoint
19-09-2012 08:20:43 System Checkpoint
20-09-2012 09:18:28 System Checkpoint
21-09-2012 10:15:12 System Checkpoint
22-09-2012 07:00:15 Software Distribution Service 3.0
23-09-2012 07:08:58 System Checkpoint
24-09-2012 08:07:26 System Checkpoint
25-09-2012 09:03:13 System Checkpoint
26-09-2012 09:17:36 System Checkpoint
27-09-2012 10:11:58 System Checkpoint
28-09-2012 10:46:19 System Checkpoint
29-09-2012 11:49:44 System Checkpoint
30-09-2012 12:40:01 System Checkpoint
01-10-2012 13:29:43 System Checkpoint
02-10-2012 14:24:31 System Checkpoint
03-10-2012 14:38:13 System Checkpoint
04-10-2012 15:33:11 System Checkpoint
05-10-2012 16:32:37 System Checkpoint
06-10-2012 18:01:04 System Checkpoint
07-10-2012 18:57:04 System Checkpoint
08-10-2012 19:51:26 System Checkpoint
09-10-2012 20:47:02 System Checkpoint
10-10-2012 07:00:16 Software Distribution Service 3.0
11-10-2012 07:10:43 System Checkpoint
12-10-2012 08:06:23 System Checkpoint
13-10-2012 09:02:47 System Checkpoint
14-10-2012 09:59:16 System Checkpoint
15-10-2012 10:31:28 System Checkpoint
16-10-2012 11:25:07 System Checkpoint
17-10-2012 12:21:02 System Checkpoint
18-10-2012 13:16:41 System Checkpoint
19-10-2012 13:48:12 System Checkpoint
20-10-2012 02:07:38 Software Distribution Service 3.0
20-10-2012 07:00:22 Software Distribution Service 3.0
21-10-2012 06:28:34 Software Distribution Service 3.0
21-10-2012 07:00:21 Software Distribution Service 3.0
21-10-2012 11:48:27 Software Distribution Service 3.0
21-10-2012 15:36:40 Software Distribution Service 3.0
21-10-2012 20:08:17 Installed Microsoft Fix it 50199
22-10-2012 22:53:13 System Checkpoint

**** End of log ****

#9 dadummy

dadummy
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:02:17 PM

Posted 22 October 2012 - 10:47 PM

Farbar Service Scanner Version: 19-10-2012
Ran by user (administrator) on 22-10-2012 at 23:46:38
Running from "C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\5D3PD9L9"
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
bckd(10) Gpc(3) IPSec(5) mfetdi2k(8) NetBT(6) PSched(7) Tcpip(4)
0x0A0000000500000001000000020000000300000004000000080000000A000000070000000900000006000000
IpSec Tag value is correct.

**** End of log ****

#10 dadummy

dadummy
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:02:17 PM

Posted 22 October 2012 - 10:58 PM

# AdwCleaner v2.005 - Logfile created 10/22/2012 at 23:49:01
# Updated 14/10/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : user - USER-01F5CBE7F4
# Boot Mode : Normal
# Running from : C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\LFSV9EG6\adwcleaner[1].exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\WINDOWS\system32\conduitEngine.tmp
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Babylon
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Tarma Installer
Folder Deleted : C:\Documents and Settings\user\Application Data\Babylon
Folder Deleted : C:\Documents and Settings\user\Local Settings\Application Data\Babylon
Folder Deleted : C:\Documents and Settings\user\Local Settings\Application Data\Conduit
Folder Deleted : C:\Program Files\Yontoo

***** [Registry] *****

Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\BabylonToolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Deleted : HKLM\SOFTWARE\Classes\IMsiDe1egate.Application.1
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{16FE2505-F2A0-4782-B035-AF0E5188C02C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{56965DCF-718F-4148-BECF-5A2B466F4556}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8867AC9B-4426-44A2-A693-C95850D3405C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKLM\Software\Tarma Installer
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://search.babylon.com/?affID=17425&babsrc=NT_def --> hxxp://www.google.com

-\\ Google Chrome v [Unable to get version]

File : C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\user Data\Default\Preferences

Deleted [l.14] : homepage = "hxxp://search.babylon.com/home?affID=17425",

*************************

AdwCleaner[S1].txt - [5105 octets] - [22/10/2012 23:49:01]

########## EOF - C:\AdwCleaner[S1].txt - [5165 octets] ##########

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:17 PM

Posted 22 October 2012 - 11:27 PM

Junkware log?

Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#12 dadummy

dadummy
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:02:17 PM

Posted 23 October 2012 - 05:02 AM

heres the last of the run from last night, thanks for your help


Junkware Removal Tool (JRT) by Thisisu
Version: 1.2.0 (10.22.2012)
OS: Microsoft Windows XP x86
Ran by user on Mon 10/22/2012 at 23:59:11.31
Blog: http://thisisudax.blogspot.com
**************************************************************




*** Services: 0 Detections



*** Registry Values: 0 Detections



*** Registry Keys: 0 Detections



*** Files: 0 Detections



*** Folders: 0 Detections



*** Event Viewer Logs - NOT cleared





**************************************************************
Scan was completed on Tue 10/23/2012 at 0:21:06.20
End of Report

#13 dadummy

dadummy
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:02:17 PM

Posted 23 October 2012 - 05:07 AM

Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 10/23/2012 06:06:28 AM in x86 mode.
Windows Version: Microsoft Windows XP Service Pack 3

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\5R67L9AD\JRT[1].exe (PID: 3632) [UP-HEUR]

1 proccess terminated!

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Firewall Disabled

[HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = dword:00000000

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* C:\WINDOWS\System32\drivers\mqac.sys [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB971032\SP2QFE\mqac.sys : 91,776 : 06/22/2009 00:30 AM : 9229e191fe206628be17d1e67a5faed9 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB971032$\mqac.sys : 72,960 : 08/10/2004 00:00 AM : db07b0088cdfd20c2a22e675120ede34 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\mqac.sys : 92,544 : 04/14/2008 00:09 AM : 70c14f5cca5cf73f8a645c73a01d8726 [Pos Repl]
+-> C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\mqac.sys : 92,544 : 04/13/2008 02:39 PM : 70c14f5cca5cf73f8a645c73a01d8726 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\mqac.sys : 91,776 : 06/22/2009 00:48 AM : eee50bf24caeedb515a8f3b22756d3bb [Pos Repl]

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com

20 out of 15017 HOSTS entries shown.
Please review HOSTS file for further entries.

Program finished at: 10/23/2012 06:08:00 AM
Execution time: 0 hours(s), 1 minute(s), and 32 seconds(s)

#14 dadummy

dadummy
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:02:17 PM

Posted 23 October 2012 - 05:17 AM

"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "addlyrics@addlyrics.net" "Updater Module" "" "c:\program files\addlyrics\ytlupdater.exe"
+ "mcui_exe" "McAfee Security Center" "McAfee, Inc." "c:\program files\mcafee.com\agent\mcagent.exe"
+ "QuickTime Task" "QuickTime Task" "Apple Inc." "c:\program files\quicktime\qttask.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Address Book 6" "Outlook Express Setup Library" "Microsoft Corporation" "c:\program files\outlook express\setup50.exe"
+ "Microsoft Outlook Express 6" "Outlook Express Setup Library" "Microsoft Corporation" "c:\program files\outlook express\setup50.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "swg" "GoogleToolbarNotifier" "Google Inc." "c:\program files\google\googletoolbarnotifier\googletoolbarnotifier.exe"
"HKLM\SOFTWARE\Microsoft\Windows CE Services\AutoStartOnConnect" "" "" ""
+ "NeroMobileAd" "Nero Mobile Advertisment" "Nero AG" "c:\program files\nero\nero 7\nero mobile\neromobilead.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "application/x-mfe-ipt" "McAfee MSC IE plugin DLL" "McAfee, Inc." "c:\program files\mcafee\msc\mcsniepl.dll"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "dssrequest" "SiteAdvisor" "McAfee, Inc." "c:\program files\mcafee\siteadvisor\mcieplg.dll"
+ "ms-itss" "Microsoft® InfoTech Storage System Library" "Microsoft Corporation" "c:\program files\common files\microsoft shared\information retrieval\msitss.dll"
+ "sacore" "SiteAdvisor" "McAfee, Inc." "c:\program files\mcafee\siteadvisor\mcieplg.dll"
"HKCU\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components" "" "" ""
+ "0" "" "" "File not found: About:Home"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" "" "" ""
+ "Windows Desktop Search Namespace Manager" "Windows Search Namespace Manager" "Microsoft Corporation" "c:\program files\windows desktop search\msnlnamespacemgr.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "Glary Utilities" "Context Menu Handler" "Glarysoft Ltd" "c:\program files\glary utilities\contexthandler.dll"
+ "McCtxMenuFrmWrk" "McAfee ContextMenu Framework" "McAfee, Inc." "c:\program files\mcafee\msc\mcctxmenufrmwrk.dll"
+ "NBShellHook Class" "Nero BackItUp" "Nero AG" "c:\program files\nero\nero 7\nero backitup\nbshell.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "Glary Utilities" "Context Menu Handler" "Glarysoft Ltd" "c:\program files\glary utilities\contexthandler.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
+ "McCtxMenuFrmWrk" "McAfee ContextMenu Framework" "McAfee, Inc." "c:\program files\mcafee\msc\mcctxmenufrmwrk.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "NBShellHook" "Nero BackItUp" "Nero AG" "c:\program files\nero\nero 7\nero backitup\nbshell.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "&Yahoo! Toolbar Helper" "Yahoo! Toolbar" "Yahoo! Inc." "c:\program files\yahoo!\companion\installs\cpn\yt.dll"
+ "AddLyrics" "AddLyrics" "RVZR" "c:\program files\addlyrics\addlyrics.dll"
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Google Toolbar Helper" "Google Toolbar" "Google Inc." "c:\program files\google\google toolbar\googletoolbar_32.dll"
+ "Google Toolbar Notifier BHO" "GoogleToolbarNotifier" "Google Inc." "c:\program files\google\googletoolbarnotifier\5.7.7529.1424\swg.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files\java\jre7\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files\java\jre7\bin\ssv.dll"
+ "McAfee SiteAdvisor BHO" "SiteAdvisor" "McAfee, Inc." "c:\program files\mcafee\siteadvisor\mcieplg.dll"
+ "scriptproxy" "VSCore Script Scanner" "McAfee, Inc." "c:\program files\common files\mcafee\systemcore\scriptsn.20120811165820.dll"
+ "SingleInstance Class" "Yahoo! Single Instance for Mail" "Yahoo! Inc" "c:\program files\yahoo!\companion\installs\cpn\ytsingleinstance.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "att.net Toolbar" "Yahoo! Toolbar" "Yahoo! Inc." "c:\program files\yahoo!\companion\installs\cpn\yt.dll"
+ "Google Toolbar" "Google Toolbar" "Google Inc." "c:\program files\google\google toolbar\googletoolbar_32.dll"
+ "McAfee SiteAdvisor" "SiteAdvisor" "McAfee, Inc." "c:\program files\mcafee\siteadvisor\mcieplg.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "Windows Messenger" "Windows Messenger" "Microsoft Corporation" "c:\program files\messenger\msmsgs.exe"
"Task Scheduler" "" "" ""
+ "DoxillionReminder.job" "Doxillion Document Converter" "NCH Software" "c:\program files\nch software\doxillion\doxillion.exe"
+ "GlaryInitialize.job" "Glary Utilities Initialize" "Glarysoft Ltd" "c:\program files\glary utilities\initialize.exe"
+ "GoogleUpdateTaskMachineCore.job" "Google Installer" "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "GoogleUpdateTaskMachineUA.job" "Google Installer" "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "SwitchDowngrade.job" "Switch Sound File Converter" "NCH Software" "c:\program files\nch software\switch\switch.exe"
+ "SwitchReminder.job" "Switch Sound File Converter" "NCH Software" "c:\program files\nch software\switch\switch.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "Ati HotKey Poller" "ATI External Event Utility EXE Module" "ATI Technologies Inc." "c:\windows\system32\ati2evxx.exe"
+ "ATI Smart" "ATI Smart" "" "c:\windows\system32\ati2sgag.exe"
+ "bckwfs" "Provides Internet filtering services for your PC" "Blue Coat Systems, Inc." "c:\program files\blue coat k9 web protection\k9filter.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "gusvc" "Google Updater keeps your Google software up to date. If Google Updater Service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work." "Google" "c:\program files\google\common\google updater\googleupdaterservice.exe"
+ "HPSIService" "HP Smart-Install Service" "HP" "c:\windows\system32\hpsisvc.exe"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "JavaQuickStarterService" "Prefetches JRE files for faster startup of Java applets and applications" "Oracle Corporation" "c:\program files\java\jre7\bin\jqs.exe"
+ "McAfee SiteAdvisor Service" "McAfee SiteAdvisor Service" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McMPFSvc" "Helps protect your computer from intrusion and let's you manage your computer's trusted programs." "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "mcmscsvc" "McAfee Services" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McNaiAnn" "McAfee VirusScan Announcer" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McNASvc" "Allows McAfee applications to communicate securely on the local network." "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McODS" "McAfee Scanner" "McAfee, Inc." "c:\program files\mcafee\virusscan\mcods.exe"
+ "McProxy" "McAfee Proxy Service" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McShield" "McAfee OnAccess Scanner" "McAfee, Inc." "c:\program files\common files\mcafee\systemcore\mcshield.exe"
+ "mfefire" "Provides firewall services to McAfee products" "McAfee, Inc." "c:\program files\common files\mcafee\systemcore\mfefire.exe"
+ "mfevtp" "Provides validation trust protection services" "McAfee, Inc." "c:\windows\system32\mfevtps.exe"
+ "NBService" "Nero BackItUp Service is responsible to control all jobs created using Nero BackItUp. These jobs can create backups of selected files/folders/partitions or complete hard disk to hard disk, network drive, disc or FTP." "Nero AG" "c:\program files\nero\nero 7\nero backitup\nbservice.exe"
+ "NMIndexingService" "Nero Home" "Nero AG" "c:\program files\common files\ahead\lib\nmindexingservice.exe"
+ "pcCMService" "mcci+McciCMService" "Alcatel-Lucent" "c:\program files\common files\motive\pccmservice.exe"
+ "pcServiceHost" "mcci+McciServiceHost" "Alcatel-Lucent" "c:\program files\common files\motive\pcservicehost.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
+ "YahooAUService" "Keeps your favorite Yahoo! software up-to-date with the latest features, tools, and enhancements." "Yahoo! Inc." "c:\program files\yahoo!\softwareupdate\yahooauservice.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AR9271" "Driver for Atheros Wireless Network Adapter" "Atheros Communications, Inc." "c:\windows\system32\drivers\athuw.sys"
+ "ati2mtag" "ATI Radeon WindowsNT Miniport Driver" "ATI Technologies Inc." "c:\windows\system32\drivers\ati2mtag.sys"
+ "bckd" "K9 Web Protection Driver" "Blue Coat Systems, Inc." "c:\windows\system32\drivers\bckd.sys"
+ "cercsr6" "DELL CERC SATA1.5/6ch Miniport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\cercsr6.sys"
+ "cfwids" "McAfee Personal Firewall IDS Plugin" "McAfee, Inc." "c:\windows\system32\drivers\cfwids.sys"
+ "Changer" "" "" "File not found: C:\WINDOWS\System32\Drivers\Changer.sys"
+ "ctsfm2k" "SoundFont® Manager (WDM)" "Creative Technology Ltd" "c:\windows\system32\drivers\ctsfm2k.sys"
+ "e1express" "Intel® PRO/1000 Adapter NDIS 5.1 deserialized driver" "Intel Corporation" "c:\windows\system32\drivers\e1e5132.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "HDAudBus" "High Definition Audio Bus Driver v1.0a" "Windows ® Server 2003 DDK provider" "c:\windows\system32\drivers\hdaudbus.sys"
+ "HSF_DP" "HSF_DP driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\hsf_dp.sys"
+ "HSFHWBS2" "HSF_HWB2 WDM driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\hsfhwbs2.sys"
+ "i2omgmt" "" "" "File not found: C:\WINDOWS\System32\Drivers\i2omgmt.sys"
+ "KMWDFILTER" "KMWDFilter Driver from UASSOFT.COM" "Windows ® Codename Longhorn DDK provider" "c:\windows\system32\drivers\kmwdfilter.sys"
+ "lbrtfdc" "" "" "File not found: C:\WINDOWS\System32\Drivers\lbrtfdc.sys"
+ "mdmxsdk" "Diagnostic Interface DRIVER" "Conexant" "c:\windows\system32\drivers\mdmxsdk.sys"
+ "mfeapfk" "Access Protection Filter Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfeapfk.sys"
+ "mfeavfk" "Anti-Virus File System Filter Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfeavfk.sys"
+ "mfeavfk01" "" "" "File not found: C:\WINDOWS\System32\Drivers\mfeavfk01.sys"
+ "mfebopk" "Buffer Overflow Protection Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfebopk.sys"
+ "mfefirek" "McAfee Core Firewall Engine Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfefirek.sys"
+ "mfehidk" "McAfee Link Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfehidk.sys"
+ "mfendisk" "McAfee NDIS Intermediate Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfendisk.sys"
+ "mfendiskmp" "McAfee NDIS Intermediate Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfendisk.sys"
+ "mferkdet" "McAfee Code Analysis Driver" "McAfee, Inc." "c:\windows\system32\drivers\mferkdet.sys"
+ "mfetdi2k" "Anti-Virus Mini-Firewall Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfetdi2k.sys"
+ "MREMP50" "PCAUSA NDIS 5.0 MPR Protocol Driver" "Printing Communications Assoc., Inc. (PCAUSA)" "c:\program files\common files\motive\mremp50.sys"
+ "MRESP50" "PCAUSA NDIS 5.0 SPR Protocol Driver" "Printing Communications Assoc., Inc. (PCAUSA)" "c:\program files\common files\motive\mresp50.sys"
+ "ossrv" "Creative OS Services Driver (WDM)" "Creative Technology Ltd." "c:\windows\system32\drivers\ctoss2k.sys"
+ "P16X" "WDM Audio Miniport" "Creative Technology Ltd." "c:\windows\system32\drivers\p16x.sys"
+ "PCIDump" "" "" "File not found: C:\WINDOWS\System32\Drivers\PCIDump.sys"
+ "PDCOMP" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDCOMP.sys"
+ "PDFRAME" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDFRAME.sys"
+ "PDRELI" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDRELI.sys"
+ "PDRFRAME" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDRFRAME.sys"
+ "Ptilink" "Direct Parallel Link Driver" "Parallel Technologies, Inc." "c:\windows\system32\drivers\ptilink.sys"
+ "PxHelp20" "Px Engine Device Driver for Windows 2000/XP" "Sonic Solutions" "c:\windows\system32\drivers\pxhelp20.sys"
+ "RTL8192su" "" "" "File not found: system32\DRIVERS\RTL8192su.sys"
+ "Secdrv" "SafeDisc driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "STHDA" "NDRC" "SigmaTel, Inc." "c:\windows\system32\drivers\sthda.sys"
+ "USBAAPL" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl.sys"
+ "WDC_SAM" "Manages WD external storage products." "Western Digital Technologies" "c:\windows\system32\drivers\wdcsam.sys"
+ "WDICA" "" "" "File not found: C:\WINDOWS\System32\Drivers\WDICA.sys"
+ "winachsf" "HSF_CNXT driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\hsf_cnxt.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.iac2" "Indeo® audio software" "Intel Corporation" "c:\windows\system32\iac25_32.ax"
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
+ "msacm.sl_anet" "Audio codec for MS ACM" "Sipro Lab Telecom Inc." "c:\windows\system32\sl_anet.acm"
+ "msacm.trspch" "DSP Group TrueSpeech™ Audio Codec for MSACM V3.50" "DSP GROUP, INC." "c:\windows\system32\tssoft32.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\system32\iccvid.dll"
+ "vidc.ffds" "" "" "c:\program files\combined community codec pack\filters\ffdshow\ff_vfw.dll"
+ "vidc.iv31" "" "" "c:\windows\system32\ir32_32.dll"
+ "vidc.iv32" "" "" "c:\windows\system32\ir32_32.dll"
+ "vidc.iv41" "" "" "c:\windows\system32\ir41_32.ax"
+ "vidc.iv50" "" "" "c:\windows\system32\ir50_32.dll"
"HKLM\Software\Classes\Filter" "" "" ""
+ "Indeo® video 4.4 Compression Filter" "" "" "c:\windows\system32\ir41_32.ax"
+ "Indeo® video 4.4 Compression Filter" "" "" "c:\windows\system32\ir41_32.ax"
+ "Indeo® video 4.4 Decompression Filter" "" "" "c:\windows\system32\ir41_32.ax"
+ "Indeo® video 4.4 Decompression Filter" "" "" "c:\windows\system32\ir41_32.ax"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "9x8Resize" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "ACELP.net Audio Decoder" "ACELP.net Audio Decoder" "Sipro Lab Telecom Inc." "c:\windows\system32\acelpdec.ax"
+ "Allocator Fix" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Audio Destination" "WAVDest Filter (Sample)" "Microsoft Corporation" "c:\program files\google\google earth\client\wavdest.ax"
+ "Bitmap" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "DirectVobSub" "VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth" "Gabest" "c:\program files\combined community codec pack\filters\vsfilter.dll"
+ "DirectVobSub (auto-loading version)" "VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth" "Gabest" "c:\program files\combined community codec pack\filters\vsfilter.dll"
+ "DV Scenes" "DV-Timecode based Scenechange Detection" "Nero AG" "c:\program files\nero\nero 7\nero vision\nvdv.dll"
+ "DV Source Filter" "DV-Timecode based Scenechange Detection" "Nero AG" "c:\program files\nero\nero 7\nero vision\nvdv.dll"
+ "ffdshow Audio Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\combined community codec pack\filters\ffdshow\ffdshow.ax"
+ "ffdshow Audio Processor" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\combined community codec pack\filters\ffdshow\ffdshow.ax"
+ "ffdshow raw video filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\combined community codec pack\filters\ffdshow\ffdshow.ax"
+ "ffdshow subtitles filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\combined community codec pack\filters\ffdshow\ffdshow.ax"
+ "ffdshow Video Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\combined community codec pack\filters\ffdshow\ffdshow.ax"
+ "Frame Eater" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Haali Matroska Muxer" "Haali Media Splitter" "" "c:\program files\combined community codec pack\filters\haali\splitter.ax"
+ "Haali Media Splitter" "Haali Media Splitter" "" "c:\program files\combined community codec pack\filters\haali\splitter.ax"
+ "Haali Media Splitter (AR)" "Haali Media Splitter" "" "c:\program files\combined community codec pack\filters\haali\splitter.ax"
+ "Haali Simple Media Splitter" "Haali Media Splitter" "" "c:\program files\combined community codec pack\filters\haali\splitter.ax"
+ "Haali Video Renderer" "" "" "c:\program files\combined community codec pack\filters\haali\dxr.dll"
+ "Haali Video Sink" "Haali Media Splitter" "" "c:\program files\combined community codec pack\filters\haali\splitter.ax"
+ "HighMAT and MPV Navigator Filter" "MPV Playback Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\hmnavigator.ax"
+ "HighMAT/MPV Navigation Client Filter" "MPV Playback Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\hmnavigator.ax"
+ "Indeo® audio software" "Indeo® audio software" "Intel Corporation" "c:\windows\system32\iac25_32.ax"
+ "Indeo® video 5.10 Compression Filter" "" "" "c:\windows\system32\ir50_32.dll"
+ "Indeo® video 5.10 Decompression Filter" "" "" "c:\windows\system32\ir50_32.dll"
+ "InterVideo Audio Decoder" "IVIAUDIO" "InterVideo Inc." "c:\program files\intervideo\common\bin\iviaudio.ax"
+ "InterVideo Audio Processor" "" "" "c:\program files\intervideo\common\bin\iviaudioprocess.ax"
+ "InterVideo Navigator" "IVINAV" "InterVideo Inc." "c:\program files\intervideo\common\bin\ivinav.ax"
+ "InterVideo Video Decoder" "IVIVIDEO" " InterVideo Inc." "c:\program files\intervideo\common\bin\ivivideo.ax"
+ "MPC - FLV Source (Gabest)" "FLV Splitter" "Gabest" "c:\program files\combined community codec pack\filters\flvsplitter.ax"
+ "MPC - FLV Splitter (Gabest)" "FLV Splitter" "Gabest" "c:\program files\combined community codec pack\filters\flvsplitter.ax"
+ "MPC - MPEG-2 Video Decoder (Gabest)" "MPEG-2 Decoder Filter for DirectShow" "Gabest" "c:\program files\combined community codec pack\filters\mpeg2decfilter.ax"
+ "MPEG Layer-3 Decoder" "MPEG Layer-3 Audio Decoder" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codecx.ax"
+ "MPEG-2 PSI Reader Filter" "Mpeg2PsiReader" "Nero AG" "c:\program files\common files\ahead\dsfilter\mpeg2psireader.ax"
+ "MPEG-2 Stream Reader Filter" "Mpeg2StreamReader" "Nero AG" "c:\program files\common files\ahead\dsfilter\mpeg2streamreader.ax"
+ "NeAudio2" "Nero Audio Decoder 2" "Nero AG" "c:\program files\common files\ahead\dsfilter\neaudio2.ax"
+ "Nero Audible Decoder" "Nero Audible Decoder" "Nero AG" "c:\program files\common files\ahead\dsfilter\neaudible.ax"
+ "Nero Audio CD Filter" "Nero Audio CD Source Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\neaudcd.ax"
+ "Nero Audio CD Navigator" "Nero Audio CD Source Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\neaudcd.ax"
+ "Nero Audio Source" "Nero Library" "Nero AG" "c:\program files\common files\ahead\dsfilter\nerender.ax"
+ "Nero Audio Stream Renderer" "Nero Library" "Nero AG" "c:\program files\common files\ahead\dsfilter\nerender.ax"
+ "Nero Audio Stream Renderer" "Nero Library" "Nero AG" "c:\program files\common files\ahead\dsfilter\nerender.ax"
+ "Nero AV Synchronizer" "Audio/Video Synchronizer" "Nero AG" "c:\program files\common files\ahead\dsfilter\neavsync.ax"
+ "Nero Deinterlace" "Deinterlacing Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nedeinterlace.ax"
+ "Nero Digital AVC Audio Encoder" "AAC LC/HE Audio Encoder" "Nero AG" "c:\program files\common files\ahead\dsfilter\nendaud.ax"
+ "Nero Digital AVC File Writer" "NeroDigital File Format Muxer" "Nero AG" "c:\program files\common files\ahead\dsfilter\nendmux.ax"
+ "Nero Digital AVC Muxer" "NeroDigital File Format Muxer" "Nero AG" "c:\program files\common files\ahead\dsfilter\nendmux.ax"
+ "Nero Digital AVC Null Renderer" "NeroDigital File Format Muxer" "Nero AG" "c:\program files\common files\ahead\dsfilter\nendmux.ax"
+ "Nero Digital AVC Subpicture Enc" "NeroDigital File Format Muxer" "Nero AG" "c:\program files\common files\ahead\dsfilter\nendmux.ax"
+ "Nero Digital AVC Video Enc" "MPEG4 and H.264 (AVC) Video Encoder" "Nero AG" "c:\program files\common files\ahead\dsfilter\nendvid.ax"
+ "Nero Digital Parser" "NeroDigital / mp4 / avi / mov parser" "Nero AG" "c:\program files\common files\ahead\dsfilter\ndparser.ax"
+ "Nero DV Splitter" "DV Splitter Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nedvsplitter.ax"
+ "Nero DVD Decoder" "MPEG-1/2/4 & AVC video decoder w/ DxVA" "Nero AG" "c:\program files\common files\ahead\dsfilter\nevideo.ax"
+ "Nero DVD Navigator" "DVD Navigator Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nedvd.ax"
+ "Nero ES Video Reader" "NeroDigital / mp4 / avi / mov parser" "Nero AG" "c:\program files\common files\ahead\dsfilter\ndparser.ax"
+ "Nero File Source" "Nero SVCD source filter" "Nero AG " "c:\program files\common files\ahead\dsfilter\nefilesrc.ax"
+ "Nero File Source (Async.)" "Nero Home" "Nero AG" "c:\program files\common files\ahead\dsfilter\nefilesourceasync.ax"
+ "Nero File Source / Splitter" "Push Mode VOB Source Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nefsource.ax"
+ "Nero FLV Splitter" "Nero FLV Splitter Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\neflvsplitter.ax"
+ "Nero Format Converter" "Frame rate / Color space converter" "Nero AG" "c:\program files\common files\ahead\dsfilter\neroformatconv.ax"
+ "Nero Frame Capture" "Direct Show frame grabber filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\necapture.ax"
+ "Nero FTC" "Frame Time Corrector Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\neftc.ax"
+ "Nero InteractiveGraphics Decoder" "Graphics Decoder Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nebdgraphic.ax"
+ "Nero MP3 Encoder" "MP3 Encoding Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nemp3encoder.ax"
+ "Nero MP4 Splitter" "MP4 Splitter Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nemp4splitter.ax"
+ "Nero Mpeg2 Encoder" "MPEG 1/2 encoder filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nevcr.ax"
+ "Nero Ogg Splitter" "Ogg Splitter Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\neoggsplitter.ax"
+ "Nero Overlay Mixer" "Overlay Mixer Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\neoverlaymixer.ax"
+ "Nero Photo Source" "Nero Home" "Nero AG" "c:\program files\common files\ahead\dsfilter\nephotosource.ax"
+ "Nero PresentationGraphics Decoder" "Graphics Decoder Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nebdgraphic.ax"
+ "Nero PS Muxer" "" "" "c:\program files\common files\ahead\dsfilter\nepsmuxer.ax"
+ "Nero QuickTime™ Audio Decoder" "QuickTime™ Decoder Wrapper" "Nero AG" "c:\program files\common files\ahead\dsfilter\neqtdec.ax"
+ "Nero QuickTime™ Video Decoder" "QuickTime™ Decoder Wrapper" "Nero AG" "c:\program files\common files\ahead\dsfilter\neqtdec.ax"
+ "Nero Resize" "Resizing Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\neresize.ax"
+ "Nero Sample Queue" "Sample Queue Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nesamplequeue.ax"
+ "Nero Scene Change Detector" "Scene Change Detector" "Nero AG" "c:\program files\common files\ahead\dsfilter\nescenedetector.ax"
+ "Nero Scene Change Detector" "Scene Change Detector" "Nero AG" "c:\program files\common files\ahead\dsfilter\nescenedetector.ax"
+ "Nero Smart3D Text Effect Filter" "Nero 3D DirectShow Filter" "Nero AG" "c:\program files\common files\ahead\lib\nsg_dxfilter.dll"
+ "Nero Smart3D Transition Effect Filter" "Nero 3D DirectShow Filter" "Nero AG" "c:\program files\common files\ahead\lib\nsg_dxfilter.dll"
+ "Nero Smart3D Video Effect Filter" "Nero 3D DirectShow Filter" "Nero AG" "c:\program files\common files\ahead\lib\nsg_dxfilter.dll"
+ "Nero Sound Processor" "Nero Sound Processor" "Nero AG" "c:\program files\common files\ahead\dsfilter\nesoundproc.ax"
+ "Nero Splitter" "Splitter Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nesplitter.ax"
+ "Nero Stream Buffer Sink" "Nero Stream Buffer Engine" "Nero AG" "c:\program files\common files\ahead\dsfilter\nesbe.ax"
+ "Nero Stream Buffer Source" "Nero Stream Buffer Engine" "Nero AG" "c:\program files\common files\ahead\dsfilter\nesbe.ax"
+ "Nero Stream Control" "Transport Stream Controller Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nestreamcontrol.ax"
+ "Nero Subpicture Decoder" "Nero Subpicture Decoder" "Nero AG" "c:\program files\common files\ahead\dsfilter\nesubpicture.ax"
+ "Nero Subtitle" "Subtitle Mixer" "Nero AG" "c:\program files\common files\ahead\dsfilter\nesubtitle.ax"
+ "Nero Thumbnail Decoder" "Thumbnail Decoder Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nebdthumbnail.ax"
+ "Nero Vcd Navigator" "Nero Vcd Navigator Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nevcd.ax"
+ "Nero Video Analyzer" "Nero Video Analyzer" "Nero AG" "c:\program files\common files\ahead\dsfilter\nevideoanalyzer.ax"
+ "Nero Video Decoder" "MPEG-1/2/4 & AVC video decoder w/ DxVA" "Nero AG" "c:\program files\common files\ahead\dsfilter\nevideo.ax"
+ "Nero Video Decoder HD" "Nero HD Video Decoder" "Nero AG" "c:\program files\common files\ahead\dsfilter\nevideohd.ax"
+ "Nero Video Processor" "Resize / Deinterlace / Color Correction / Film Effect / Frame Capture Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nerovideoproc.ax"
+ "Nero Video Renderer" "Nero Video Renderer" "Nero AG" "c:\program files\common files\ahead\dsfilter\nevideorenderer.ax"
+ "Nero Video Source" "Nero Library" "Nero AG" "c:\program files\common files\ahead\dsfilter\nerender.ax"
+ "NeSoundSwitch" "Nero Sound Switcher" "Nero AG" "c:\program files\common files\ahead\dsfilter\nesoundswitch.ax"
+ "Record Queue" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "ShotDetect" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Stetch" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WavPack Audio Decoder" "WavPack Audio DirectShow Decoder" "-" "c:\program files\combined community codec pack\filters\wavpackdsdecoder.ax"
+ "WavPack Audio Splitter" "WavPack Audio DirectShow Splitter" "-" "c:\program files\combined community codec pack\filters\wavpackdssplitter.ax"
+ "WIA Stream Snapshot Filter" "WIA Stream Snapshot Filter" "MyCompanyName" "c:\windows\system32\wiasf.ax"
+ "WM VIH2 Fix" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Audio Analyzer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Black Frame Generator" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DirectX Transform Wrapper" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DV Extract Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT FormatConversion" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Import Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Interlacer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Log Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT MuxDeMux Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Sample Info Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Screen capture Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Switch Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Renderer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Source" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Volume" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "Advanced TCP/IP Port Monitor" "Advanced TCP/IP Port Monitor DLL" "Marvell Semiconductor, Inc." "c:\windows\system32\mvtcpmon.dll"
+ "HP1100LM" "Marvell Printer Language Monitor" "" "c:\windows\system32\hp1100lm.dll"

#15 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:17 PM

Posted 23 October 2012 - 05:19 AM

Any current issues?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users