Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows has closed this program Error


  • Please log in to reply
20 replies to this topic

#1 bruceyfamily

bruceyfamily

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:05:38 AM

Posted 05 November 2012 - 03:56 PM

Hi my son has just been given a pc and is trying to clean it up. He has restored it to the oldest restore point to try and rectify the following programs but still happening:

Cannot open windows explorer - automatically get an error pop up box "To help protect your computer windows has closed this program" "Windows explorer has encountered a problem and needs to close"

If we open internet explorer to try and view websites some are viewable - some you just see a blank screen then you get an error saying "Internet explorer has encountered an error and nees to close"

Have tried to download an antivirus - Avira or AVG but pages just become unresponsive and then error box forcing ie to close. Does have NORTON 360 saying its out of date.

Did run eset online scanner before he restored it to the restore point and it found and cleaned the following:
HTML/Scrinject.B.Gen Virus
JS/Exploit.pdfka.OXG.gen Trojan

Its a packard bell Intel® Pentium®CPU
Running Windows Media XP Edition 2002 Version Service Pack 3

Not sure if any more information needed?

Look forward to hearing from someone.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:38 AM

Posted 05 November 2012 - 09:04 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 bruceyfamily

bruceyfamily
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:05:38 AM

Posted 06 November 2012 - 06:07 AM

Hi - When I try and click on the link to download TDSSkiller - it opens in a new tab then I receive an error saying : Windows has cloased this program error#entry288760 and then I then get the error Internet Explorer has encountered an error and needs to close.

Then we are unable to return you to bleepingcomputer.com Internet Explorer has stopped trying to restore this website and I am forced to close. Have tried a number of times and just cant keep it open long enough to download before it forces me to close.

I am able to have this page open with this topic up just long enough to click on the link but then it closes.

Am sending this from my other pc.

Not sure what to do next.

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:38 AM

Posted 06 November 2012 - 07:38 AM

Copy the tools to infected one using a flash drive.

#5 bruceyfamily

bruceyfamily
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:05:38 AM

Posted 06 November 2012 - 01:10 PM

Hi logs as requested:

TDSSkiller

15:48:46.0000 1068 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
15:48:46.0093 1068 ============================================================
15:48:46.0093 1068 Current date / time: 2012/11/06 15:48:46.0093
15:48:46.0093 1068 SystemInfo:
15:48:46.0093 1068
15:48:46.0093 1068 OS Version: 5.1.2600 ServicePack: 3.0
15:48:46.0093 1068 Product type: Workstation
15:48:46.0093 1068 ComputerName: Danny
15:48:46.0093 1068 UserName: Danny B
15:48:46.0093 1068 Windows directory: C:\WINDOWS
15:48:46.0093 1068 System windows directory: C:\WINDOWS
15:48:46.0093 1068 Processor architecture: Intel x86
15:48:46.0093 1068 Number of processors: 2
15:48:46.0093 1068 Page size: 0x1000
15:48:46.0093 1068 Boot type: Normal boot
15:48:46.0093 1068 ============================================================
15:48:46.0875 1068 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
15:48:46.0937 1068 Drive \Device\Harddisk5\DR14 - Size: 0xF480000 (0.24 Gb), SectorSize: 0x200, Cylinders: 0x1F, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:48:46.0937 1068 ============================================================
15:48:46.0937 1068 \Device\Harddisk0\DR0:
15:48:46.0937 1068 MBR partitions:
15:48:46.0937 1068 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xF9CA3B, BlocksNum 0x2C75FD6
15:48:46.0937 1068 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x3C168D2, BlocksNum 0x58F3D2E
15:48:46.0937 1068 \Device\Harddisk5\DR14:
15:48:46.0937 1068 MBR partitions:
15:48:46.0937 1068 \Device\Harddisk5\DR14\Partition1: MBR, Type 0x6, StartLBA 0x20, BlocksNum 0x7A3E0
15:48:46.0937 1068 ============================================================
15:48:46.0968 1068 C: <-> \Device\Harddisk0\DR0\Partition1
15:48:47.0000 1068 D: <-> \Device\Harddisk0\DR0\Partition2
15:48:47.0000 1068 ============================================================
15:48:47.0000 1068 Initialize success
15:48:47.0000 1068 ============================================================
15:48:51.0718 2120 ============================================================
15:48:51.0718 2120 Scan started
15:48:51.0718 2120 Mode: Manual; TDLFS;
15:48:51.0718 2120 ============================================================
15:48:52.0234 2120 ================ Scan system memory ========================
15:48:52.0234 2120 System memory - ok
15:48:52.0234 2120 ================ Scan services =============================
15:48:52.0515 2120 [ 32101BD70D437B7A26B433273B9BF7D4 ] 3xHybrid C:\WINDOWS\system32\DRIVERS\3xHybrid.sys
15:48:52.0562 2120 3xHybrid - ok
15:48:52.0578 2120 Abiosdsk - ok
15:48:52.0609 2120 [ 6ABB91494FE6C59089B9336452AB2EA3 ] abp480n5 C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
15:48:52.0609 2120 abp480n5 - ok
15:48:52.0625 2120 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
15:48:52.0640 2120 ACPI - ok
15:48:52.0656 2120 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
15:48:52.0656 2120 ACPIEC - ok
15:48:52.0671 2120 [ 9A11864873DA202C996558B2106B0BBC ] adpu160m C:\WINDOWS\system32\DRIVERS\adpu160m.sys
15:48:52.0671 2120 adpu160m - ok
15:48:52.0734 2120 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
15:48:52.0734 2120 aec - ok
15:48:52.0781 2120 [ 7618D5218F2A614672EC61A80D854A37 ] AFD C:\WINDOWS\System32\drivers\afd.sys
15:48:52.0796 2120 AFD - ok
15:48:52.0796 2120 [ 08FD04AA961BDC77FB983F328334E3D7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
15:48:52.0796 2120 agp440 - ok
15:48:52.0812 2120 [ 03A7E0922ACFE1B07D5DB2EEB0773063 ] agpCPQ C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
15:48:52.0812 2120 agpCPQ - ok
15:48:52.0828 2120 [ C23EA9B5F46C7F7910DB3EAB648FF013 ] Aha154x C:\WINDOWS\system32\DRIVERS\aha154x.sys
15:48:52.0828 2120 Aha154x - ok
15:48:52.0843 2120 [ 19DD0FB48B0C18892F70E2E7D61A1529 ] aic78u2 C:\WINDOWS\system32\DRIVERS\aic78u2.sys
15:48:52.0843 2120 aic78u2 - ok
15:48:52.0859 2120 [ B7FE594A7468AA0132DEB03FB8E34326 ] aic78xx C:\WINDOWS\system32\DRIVERS\aic78xx.sys
15:48:52.0859 2120 aic78xx - ok
15:48:52.0890 2120 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
15:48:52.0890 2120 Alerter - ok
15:48:52.0921 2120 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
15:48:52.0921 2120 ALG - ok
15:48:52.0921 2120 [ 1140AB9938809700B46BB88E46D72A96 ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys
15:48:52.0937 2120 AliIde - ok
15:48:52.0937 2120 [ CB08AED0DE2DD889A8A820CD8082D83C ] alim1541 C:\WINDOWS\system32\DRIVERS\alim1541.sys
15:48:52.0953 2120 alim1541 - ok
15:48:52.0953 2120 [ 95B4FB835E28AA1336CEEB07FD5B9398 ] amdagp C:\WINDOWS\system32\DRIVERS\amdagp.sys
15:48:52.0968 2120 amdagp - ok
15:48:52.0968 2120 [ 79F5ADD8D24BD6893F2903A3E2F3FAD6 ] amsint C:\WINDOWS\system32\DRIVERS\amsint.sys
15:48:52.0984 2120 amsint - ok
15:48:53.0093 2120 [ DC785A964E97BB6EC193E220386A63ED ] AOL ACS C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
15:48:53.0125 2120 AOL ACS - ok
15:48:53.0187 2120 [ 20F6F19FE9E753F2780DC2FA083AD597 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:48:53.0187 2120 Apple Mobile Device - ok
15:48:53.0218 2120 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
15:48:53.0218 2120 AppMgmt - ok
15:48:53.0250 2120 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
15:48:53.0250 2120 Arp1394 - ok
15:48:53.0265 2120 [ 62D318E9A0C8FC9B780008E724283707 ] asc C:\WINDOWS\system32\DRIVERS\asc.sys
15:48:53.0265 2120 asc - ok
15:48:53.0296 2120 [ 69EB0CC7714B32896CCBFD5EDCBEA447 ] asc3350p C:\WINDOWS\system32\DRIVERS\asc3350p.sys
15:48:53.0296 2120 asc3350p - ok
15:48:53.0312 2120 [ 5D8DE112AA0254B907861E9E9C31D597 ] asc3550 C:\WINDOWS\system32\DRIVERS\asc3550.sys
15:48:53.0312 2120 asc3550 - ok
15:48:53.0328 2120 [ D880831279ED91F9A4190A2DB9539EA9 ] ASCTRM C:\WINDOWS\system32\drivers\ASCTRM.sys
15:48:53.0328 2120 ASCTRM - ok
15:48:53.0421 2120 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
15:48:53.0421 2120 aspnet_state - ok
15:48:53.0453 2120 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
15:48:53.0453 2120 AsyncMac - ok
15:48:53.0468 2120 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
15:48:53.0468 2120 atapi - ok
15:48:53.0484 2120 Atdisk - ok
15:48:53.0531 2120 [ 29CE0B7E8190D7AE278F94BBC43F496E ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
15:48:53.0531 2120 Ati HotKey Poller - ok
15:48:53.0609 2120 [ BF278C2D512EF0D2748CDAC641BB9649 ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
15:48:53.0671 2120 ati2mtag - ok
15:48:53.0703 2120 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
15:48:53.0703 2120 Atmarpc - ok
15:48:53.0734 2120 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
15:48:53.0734 2120 AudioSrv - ok
15:48:53.0750 2120 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
15:48:53.0750 2120 audstub - ok
15:48:53.0765 2120 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
15:48:53.0781 2120 Beep - ok
15:48:53.0843 2120 BHDrvx86 - ok
15:48:53.0890 2120 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
15:48:53.0906 2120 BITS - ok
15:48:53.0953 2120 [ F2060A34C8A75BC24A9222EB4F8C07BD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:48:53.0968 2120 Bonjour Service - ok
15:48:54.0000 2120 [ A06CE3399D16DB864F55FAEB1F1927A9 ] Browser C:\WINDOWS\System32\browser.dll
15:48:54.0000 2120 Browser - ok
15:48:54.0015 2120 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
15:48:54.0015 2120 cbidf - ok
15:48:54.0031 2120 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
15:48:54.0031 2120 cbidf2k - ok
15:48:54.0046 2120 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
15:48:54.0062 2120 CCDECODE - ok
15:48:54.0078 2120 [ F3EC03299634490E97BBCE94CD2954C7 ] cd20xrnt C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
15:48:54.0078 2120 cd20xrnt - ok
15:48:54.0109 2120 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
15:48:54.0109 2120 Cdaudio - ok
15:48:54.0125 2120 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
15:48:54.0125 2120 Cdfs - ok
15:48:54.0140 2120 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
15:48:54.0140 2120 Cdrom - ok
15:48:54.0156 2120 Changer - ok
15:48:54.0171 2120 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
15:48:54.0171 2120 CiSvc - ok
15:48:54.0187 2120 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
15:48:54.0187 2120 ClipSrv - ok
15:48:54.0218 2120 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:48:54.0218 2120 clr_optimization_v2.0.50727_32 - ok
15:48:54.0234 2120 [ E5DCB56C533014ECBC556A8357C929D5 ] CmdIde C:\WINDOWS\system32\DRIVERS\cmdide.sys
15:48:54.0234 2120 CmdIde - ok
15:48:54.0234 2120 COMSysApp - ok
15:48:54.0265 2120 [ 3EE529119EED34CD212A215E8C40D4B6 ] Cpqarray C:\WINDOWS\system32\DRIVERS\cpqarray.sys
15:48:54.0265 2120 Cpqarray - ok
15:48:54.0281 2120 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
15:48:54.0281 2120 CryptSvc - ok
15:48:54.0296 2120 [ E550E7418984B65A78299D248F0A7F36 ] dac2w2k C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
15:48:54.0312 2120 dac2w2k - ok
15:48:54.0312 2120 [ 683789CAA3864EB46125AE86FF677D34 ] dac960nt C:\WINDOWS\system32\DRIVERS\dac960nt.sys
15:48:54.0312 2120 dac960nt - ok
15:48:54.0359 2120 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
15:48:54.0359 2120 DcomLaunch - ok
15:48:54.0406 2120 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
15:48:54.0406 2120 Dhcp - ok
15:48:54.0437 2120 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
15:48:54.0437 2120 Disk - ok
15:48:54.0437 2120 dmadmin - ok
15:48:54.0484 2120 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
15:48:54.0500 2120 dmboot - ok
15:48:54.0515 2120 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
15:48:54.0515 2120 dmio - ok
15:48:54.0546 2120 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
15:48:54.0546 2120 dmload - ok
15:48:54.0578 2120 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
15:48:54.0593 2120 dmserver - ok
15:48:54.0609 2120 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
15:48:54.0609 2120 DMusic - ok
15:48:54.0640 2120 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
15:48:54.0640 2120 Dnscache - ok
15:48:54.0671 2120 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
15:48:54.0687 2120 Dot3svc - ok
15:48:54.0687 2120 [ 40F3B93B4E5B0126F2F5C0A7A5E22660 ] dpti2o C:\WINDOWS\system32\DRIVERS\dpti2o.sys
15:48:54.0703 2120 dpti2o - ok
15:48:54.0718 2120 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
15:48:54.0718 2120 drmkaud - ok
15:48:54.0750 2120 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
15:48:54.0750 2120 EapHost - ok
15:48:54.0828 2120 [ 8F7DBC4BE48F5388A6FE1F285E7948EF ] eeCtrl C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
15:48:54.0828 2120 eeCtrl - ok
15:48:54.0890 2120 [ 5D1347AA5AE6E2F77D7F4F8372D95AC9 ] ehRecvr C:\WINDOWS\eHome\ehRecvr.exe
15:48:54.0890 2120 ehRecvr - ok
15:48:54.0921 2120 [ A53243709439AC2A4C216B817F8D7411 ] ehSched C:\WINDOWS\eHome\ehSched.exe
15:48:54.0921 2120 ehSched - ok
15:48:54.0953 2120 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
15:48:54.0968 2120 ERSvc - ok
15:48:55.0000 2120 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
15:48:55.0000 2120 Eventlog - ok
15:48:55.0046 2120 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
15:48:55.0046 2120 EventSystem - ok
15:48:55.0078 2120 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
15:48:55.0078 2120 Fastfat - ok
15:48:55.0140 2120 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
15:48:55.0140 2120 FastUserSwitchingCompatibility - ok
15:48:55.0156 2120 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
15:48:55.0156 2120 Fdc - ok
15:48:55.0187 2120 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
15:48:55.0187 2120 Fips - ok
15:48:55.0218 2120 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
15:48:55.0218 2120 Flpydisk - ok
15:48:55.0265 2120 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
15:48:55.0265 2120 FltMgr - ok
15:48:55.0312 2120 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
15:48:55.0312 2120 FontCache3.0.0.0 - ok
15:48:55.0343 2120 [ 790A4CA68F44BE35967B3DF61F3E4675 ] FsUsbExDisk C:\WINDOWS\system32\FsUsbExDisk.SYS
15:48:55.0359 2120 FsUsbExDisk - ok
15:48:55.0390 2120 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
15:48:55.0390 2120 Fs_Rec - ok
15:48:55.0421 2120 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
15:48:55.0421 2120 Ftdisk - ok
15:48:55.0453 2120 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
15:48:55.0453 2120 GEARAspiWDM - ok
15:48:55.0500 2120 [ 1DD4BB8F2110A8AEB1466A2805AE57BB ] getPlusHelper C:\Program Files\NOS\bin\getPlus_Helper.dll
15:48:55.0500 2120 getPlusHelper - ok
15:48:55.0531 2120 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
15:48:55.0531 2120 Gpc - ok
15:48:55.0625 2120 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
15:48:55.0625 2120 gupdate - ok
15:48:55.0640 2120 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
15:48:55.0640 2120 gupdatem - ok
15:48:55.0656 2120 [ 2A013E7530BEAB6E569FAA83F517E836 ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys
15:48:55.0671 2120 HdAudAddService - ok
15:48:55.0703 2120 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
15:48:55.0703 2120 HDAudBus - ok
15:48:55.0765 2120 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
15:48:55.0765 2120 helpsvc - ok
15:48:55.0812 2120 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
15:48:55.0812 2120 HidServ - ok
15:48:55.0843 2120 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
15:48:55.0843 2120 HidUsb - ok
15:48:55.0875 2120 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
15:48:55.0875 2120 hkmsvc - ok
15:48:55.0921 2120 [ B028377DEA0546A5FCFBA928A8AEFAE0 ] hpn C:\WINDOWS\system32\DRIVERS\hpn.sys
15:48:55.0921 2120 hpn - ok
15:48:55.0953 2120 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
15:48:55.0968 2120 HTTP - ok
15:48:55.0984 2120 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
15:48:56.0000 2120 HTTPFilter - ok
15:48:56.0000 2120 [ 9368670BD426EBEA5E8B18A62416EC28 ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys
15:48:56.0000 2120 i2omgmt - ok
15:48:56.0031 2120 [ F10863BF1CCC290BABD1A09188AE49E0 ] i2omp C:\WINDOWS\system32\DRIVERS\i2omp.sys
15:48:56.0031 2120 i2omp - ok
15:48:56.0046 2120 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
15:48:56.0046 2120 i8042prt - ok
15:48:56.0109 2120 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:48:56.0125 2120 idsvc - ok
15:48:56.0125 2120 IDSxpx86 - ok
15:48:56.0156 2120 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
15:48:56.0156 2120 Imapi - ok
15:48:56.0171 2120 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
15:48:56.0187 2120 ImapiService - ok
15:48:56.0218 2120 [ 4A40E045FAEE58631FD8D91AFC620719 ] ini910u C:\WINDOWS\system32\DRIVERS\ini910u.sys
15:48:56.0218 2120 ini910u - ok
15:48:56.0359 2120 [ B12A9FC49CD2765A43829D834F518AED ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
15:48:56.0484 2120 IntcAzAudAddService - ok
15:48:56.0500 2120 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
15:48:56.0500 2120 IntelIde - ok
15:48:56.0531 2120 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
15:48:56.0531 2120 intelppm - ok
15:48:56.0546 2120 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
15:48:56.0546 2120 Ip6Fw - ok
15:48:56.0578 2120 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
15:48:56.0578 2120 IpFilterDriver - ok
15:48:56.0593 2120 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
15:48:56.0593 2120 IpInIp - ok
15:48:56.0625 2120 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
15:48:56.0625 2120 IpNat - ok
15:48:56.0671 2120 [ E51BD095B2FDF56B17EE010BB794D6ED ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
15:48:56.0671 2120 iPod Service - ok
15:48:56.0703 2120 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
15:48:56.0703 2120 IPSec - ok
15:48:56.0734 2120 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
15:48:56.0734 2120 IRENUM - ok
15:48:56.0765 2120 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
15:48:56.0765 2120 isapnp - ok
15:48:56.0843 2120 [ 39133291CB607BDD87CFC565A4A1E7A5 ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
15:48:56.0843 2120 JavaQuickStarterService - ok
15:48:56.0859 2120 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
15:48:56.0859 2120 Kbdclass - ok
15:48:56.0890 2120 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
15:48:56.0890 2120 kbdhid - ok
15:48:56.0906 2120 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
15:48:56.0906 2120 kmixer - ok
15:48:56.0953 2120 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
15:48:56.0953 2120 KSecDD - ok
15:48:56.0968 2120 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
15:48:56.0984 2120 lanmanserver - ok
15:48:57.0015 2120 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
15:48:57.0015 2120 lanmanworkstation - ok
15:48:57.0031 2120 lbrtfdc - ok
15:48:57.0062 2120 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
15:48:57.0078 2120 LmHosts - ok
15:48:57.0109 2120 [ DF0A511F38F16016BF658FCA0090CB87 ] McrdSvc C:\WINDOWS\ehome\mcrdsvc.exe
15:48:57.0109 2120 McrdSvc - ok
15:48:57.0125 2120 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
15:48:57.0125 2120 Messenger - ok
15:48:57.0156 2120 [ B7521F69C0A9B29D356157229376FB21 ] MHN C:\WINDOWS\System32\mhn.dll
15:48:57.0156 2120 MHN - ok
15:48:57.0203 2120 [ 7F2F1D2815A6449D346FCCCBC569FBD6 ] MHNDRV C:\WINDOWS\system32\DRIVERS\mhndrv.sys
15:48:57.0203 2120 MHNDRV - ok
15:48:57.0218 2120 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
15:48:57.0218 2120 mnmdd - ok
15:48:57.0250 2120 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
15:48:57.0250 2120 mnmsrvc - ok
15:48:57.0265 2120 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
15:48:57.0281 2120 Modem - ok
15:48:57.0296 2120 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
15:48:57.0296 2120 Mouclass - ok
15:48:57.0312 2120 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
15:48:57.0312 2120 mouhid - ok
15:48:57.0343 2120 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
15:48:57.0343 2120 MountMgr - ok
15:48:57.0359 2120 [ C0F8E0C2C3C0437CF37C6781896DC3EC ] MPE C:\WINDOWS\system32\DRIVERS\MPE.sys
15:48:57.0359 2120 MPE - ok
15:48:57.0375 2120 [ 3F4BB95E5A44F3BE34824E8E7CAF0737 ] mraid35x C:\WINDOWS\system32\DRIVERS\mraid35x.sys
15:48:57.0375 2120 mraid35x - ok
15:48:57.0390 2120 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
15:48:57.0390 2120 MRxDAV - ok
15:48:57.0421 2120 [ 0EA4D8ED179B75F8AFA7998BA22285CA ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
15:48:57.0437 2120 MRxSmb - ok
15:48:57.0453 2120 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
15:48:57.0453 2120 Msfs - ok
15:48:57.0468 2120 MSIServer - ok
15:48:57.0484 2120 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
15:48:57.0484 2120 MSKSSRV - ok
15:48:57.0515 2120 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
15:48:57.0515 2120 MSPCLOCK - ok
15:48:57.0546 2120 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
15:48:57.0546 2120 MSPQM - ok
15:48:57.0562 2120 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
15:48:57.0562 2120 mssmbios - ok
15:48:57.0578 2120 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
15:48:57.0578 2120 MSTEE - ok
15:48:57.0609 2120 [ 2F625D11385B1A94360BFC70AAEFDEE1 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
15:48:57.0609 2120 Mup - ok
15:48:57.0734 2120 [ E78A365CC3E0FBFC018A33DCE01909F8 ] N360 C:\Program Files\Norton 360\Engine\5.1.0.29\ccSvcHst.exe
15:48:57.0734 2120 N360 - ok
15:48:57.0765 2120 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
15:48:57.0765 2120 NABTSFEC - ok
15:48:57.0812 2120 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
15:48:57.0828 2120 napagent - ok
15:48:57.0828 2120 NAVENG - ok
15:48:57.0843 2120 NAVEX15 - ok
15:48:57.0875 2120 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
15:48:57.0875 2120 NDIS - ok
15:48:57.0890 2120 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
15:48:57.0890 2120 NdisIP - ok
15:48:57.0906 2120 [ 1AB3D00C991AB086E69DB84B6C0ED78F ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
15:48:57.0906 2120 NdisTapi - ok
15:48:57.0921 2120 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
15:48:57.0921 2120 Ndisuio - ok
15:48:57.0937 2120 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
15:48:57.0937 2120 NdisWan - ok
15:48:57.0968 2120 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
15:48:57.0968 2120 NDProxy - ok
15:48:57.0984 2120 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
15:48:57.0984 2120 NetBIOS - ok
15:48:58.0000 2120 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
15:48:58.0015 2120 NetBT - ok
15:48:58.0046 2120 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
15:48:58.0046 2120 NetDDE - ok
15:48:58.0062 2120 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
15:48:58.0062 2120 NetDDEdsdm - ok
15:48:58.0093 2120 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
15:48:58.0109 2120 Netlogon - ok
15:48:58.0125 2120 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
15:48:58.0125 2120 Netman - ok
15:48:58.0171 2120 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:48:58.0171 2120 NetTcpPortSharing - ok
15:48:58.0187 2120 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
15:48:58.0187 2120 NIC1394 - ok
15:48:58.0218 2120 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
15:48:58.0218 2120 Nla - ok
15:48:58.0234 2120 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
15:48:58.0234 2120 Npfs - ok
15:48:58.0265 2120 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
15:48:58.0265 2120 Ntfs - ok
15:48:58.0296 2120 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
15:48:58.0296 2120 NtLmSsp - ok
15:48:58.0328 2120 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
15:48:58.0328 2120 NtmsSvc - ok
15:48:58.0359 2120 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
15:48:58.0375 2120 Null - ok
15:48:58.0390 2120 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
15:48:58.0390 2120 NwlnkFlt - ok
15:48:58.0421 2120 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
15:48:58.0421 2120 NwlnkFwd - ok
15:48:58.0437 2120 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
15:48:58.0437 2120 ohci1394 - ok
15:48:58.0500 2120 [ 105F633E3C20C463E2FF422C0EEB72AF ] omniserv C:\Apps\Softex\OmniPass\Omniserv.exe
15:48:58.0500 2120 omniserv - ok
15:48:58.0546 2120 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:48:58.0546 2120 ose - ok
15:48:58.0593 2120 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\drivers\Parport.sys
15:48:58.0593 2120 Parport - ok
15:48:58.0625 2120 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
15:48:58.0625 2120 PartMgr - ok
15:48:58.0656 2120 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
15:48:58.0656 2120 ParVdm - ok
15:48:58.0656 2120 pccsmcfd - ok
15:48:58.0671 2120 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
15:48:58.0687 2120 PCI - ok
15:48:58.0687 2120 PCIDump - ok
15:48:58.0718 2120 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
15:48:58.0718 2120 PCIIde - ok
15:48:58.0734 2120 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
15:48:58.0734 2120 Pcmcia - ok
15:48:58.0750 2120 PDCOMP - ok
15:48:58.0765 2120 PDFRAME - ok
15:48:58.0781 2120 PDRELI - ok
15:48:58.0781 2120 PDRFRAME - ok
15:48:58.0796 2120 [ 6C14B9C19BA84F73D3A86DBA11133101 ] perc2 C:\WINDOWS\system32\DRIVERS\perc2.sys
15:48:58.0796 2120 perc2 - ok
15:48:58.0812 2120 [ F50F7C27F131AFE7BEBA13E14A3B9416 ] perc2hib C:\WINDOWS\system32\DRIVERS\perc2hib.sys
15:48:58.0812 2120 perc2hib - ok
15:48:58.0843 2120 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
15:48:58.0859 2120 PlugPlay - ok
15:48:58.0875 2120 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
15:48:58.0875 2120 PolicyAgent - ok
15:48:58.0890 2120 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
15:48:58.0890 2120 PptpMiniport - ok
15:48:58.0890 2120 [ A32BEBAF723557681BFC6BD93E98BD26 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
15:48:58.0906 2120 Processor - ok
15:48:58.0906 2120 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
15:48:58.0906 2120 ProtectedStorage - ok
15:48:58.0921 2120 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
15:48:58.0921 2120 PSched - ok
15:48:58.0937 2120 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
15:48:58.0937 2120 Ptilink - ok
15:48:58.0953 2120 [ 86724469CD077901706854974CD13C3E ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
15:48:58.0953 2120 PxHelp20 - ok
15:48:58.0968 2120 [ 0A63FB54039EB5662433CABA3B26DBA7 ] ql1080 C:\WINDOWS\system32\DRIVERS\ql1080.sys
15:48:58.0968 2120 ql1080 - ok
15:48:58.0984 2120 [ 6503449E1D43A0FF0201AD5CB1B8C706 ] Ql10wnt C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
15:48:58.0984 2120 Ql10wnt - ok
15:48:59.0000 2120 [ 156ED0EF20C15114CA097A34A30D8A01 ] ql12160 C:\WINDOWS\system32\DRIVERS\ql12160.sys
15:48:59.0000 2120 ql12160 - ok
15:48:59.0015 2120 [ 70F016BEBDE6D29E864C1230A07CC5E6 ] ql1240 C:\WINDOWS\system32\DRIVERS\ql1240.sys
15:48:59.0015 2120 ql1240 - ok
15:48:59.0015 2120 [ 907F0AEEA6BC451011611E732BD31FCF ] ql1280 C:\WINDOWS\system32\DRIVERS\ql1280.sys
15:48:59.0031 2120 ql1280 - ok
15:48:59.0031 2120 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
15:48:59.0031 2120 RasAcd - ok
15:48:59.0078 2120 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
15:48:59.0078 2120 RasAuto - ok
15:48:59.0093 2120 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
15:48:59.0093 2120 Rasl2tp - ok
15:48:59.0125 2120 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
15:48:59.0125 2120 RasMan - ok
15:48:59.0140 2120 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
15:48:59.0140 2120 RasPppoe - ok
15:48:59.0140 2120 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
15:48:59.0140 2120 Raspti - ok
15:48:59.0171 2120 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
15:48:59.0171 2120 Rdbss - ok
15:48:59.0187 2120 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
15:48:59.0187 2120 RDPCDD - ok
15:48:59.0203 2120 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
15:48:59.0203 2120 rdpdr - ok
15:48:59.0234 2120 [ 6728E45B66F93C08F11DE2E316FC70DD ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
15:48:59.0234 2120 RDPWD - ok
15:48:59.0265 2120 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
15:48:59.0265 2120 RDSessMgr - ok
15:48:59.0281 2120 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
15:48:59.0281 2120 redbook - ok
15:48:59.0328 2120 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
15:48:59.0328 2120 RemoteAccess - ok
15:48:59.0359 2120 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
15:48:59.0359 2120 RemoteRegistry - ok
15:48:59.0375 2120 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
15:48:59.0375 2120 RpcLocator - ok
15:48:59.0421 2120 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\system32\rpcss.dll
15:48:59.0421 2120 RpcSs - ok
15:48:59.0500 2120 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
15:48:59.0500 2120 RSVP - ok
15:48:59.0593 2120 [ CF84B1F0E8B14D4120AAF9CF35CBB265 ] RTL8023xp C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys
15:48:59.0593 2120 RTL8023xp - ok
15:48:59.0625 2120 [ D507C1400284176573224903819FFDA3 ] rtl8139 C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
15:48:59.0625 2120 rtl8139 - ok
15:48:59.0656 2120 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
15:48:59.0656 2120 SamSs - ok
15:48:59.0703 2120 [ C1AE5D1F53285D79A0B73A62AF20734F ] SBRE C:\WINDOWS\system32\drivers\SBREdrv.sys
15:48:59.0703 2120 SBRE - ok
15:48:59.0750 2120 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
15:48:59.0750 2120 SCardSvr - ok
15:48:59.0781 2120 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
15:48:59.0781 2120 Schedule - ok
15:48:59.0812 2120 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
15:48:59.0812 2120 Secdrv - ok
15:48:59.0859 2120 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
15:48:59.0859 2120 seclogon - ok
15:48:59.0890 2120 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
15:48:59.0890 2120 SENS - ok
15:48:59.0906 2120 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\drivers\Serial.sys
15:48:59.0906 2120 Serial - ok
15:48:59.0953 2120 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\DRIVERS\sfloppy.sys
15:48:59.0953 2120 Sfloppy - ok
15:49:00.0000 2120 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
15:49:00.0000 2120 SharedAccess - ok
15:49:00.0062 2120 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
15:49:00.0062 2120 ShellHWDetection - ok
15:49:00.0062 2120 Simbad - ok
15:49:00.0093 2120 [ 6B33D0EBD30DB32E27D1D78FE946A754 ] sisagp C:\WINDOWS\system32\DRIVERS\sisagp.sys
15:49:00.0093 2120 sisagp - ok
15:49:00.0109 2120 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
15:49:00.0109 2120 SLIP - ok
15:49:00.0171 2120 [ C84E65253DD6913B75852C0BFA38DA07 ] smserial C:\WINDOWS\system32\DRIVERS\smserial.sys
15:49:00.0187 2120 smserial - ok
15:49:00.0203 2120 [ 83C0F71F86D3BDAF915685F3D568B20E ] Sparrow C:\WINDOWS\system32\DRIVERS\sparrow.sys
15:49:00.0203 2120 Sparrow - ok
15:49:00.0218 2120 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
15:49:00.0218 2120 splitter - ok
15:49:00.0250 2120 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
15:49:00.0250 2120 Spooler - ok
15:49:00.0312 2120 [ 0D77554B62A9090EB05ECBB96058646E ] sprtsvc_TalkTalk C:\Program Files\TalkTalk\bin\sprtsvc.exe
15:49:00.0312 2120 sprtsvc_TalkTalk - ok
15:49:00.0343 2120 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
15:49:00.0343 2120 sr - ok
15:49:00.0390 2120 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
15:49:00.0390 2120 srservice - ok
15:49:00.0453 2120 [ 83726CF02ECED69138948083E06B6EAC ] SRTSP C:\WINDOWS\System32\Drivers\N360\0501000.01D\SRTSP.SYS
15:49:00.0468 2120 SRTSP - ok
15:49:00.0500 2120 [ 4E7EAB2E5615D39CF1F1DF9C71E5E225 ] SRTSPX C:\WINDOWS\system32\drivers\N360\0501000.01D\SRTSPX.SYS
15:49:00.0500 2120 SRTSPX - ok
15:49:00.0515 2120 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
15:49:00.0531 2120 Srv - ok
15:49:00.0562 2120 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
15:49:00.0562 2120 SSDPSRV - ok
15:49:00.0578 2120 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
15:49:00.0593 2120 stisvc - ok
15:49:00.0609 2120 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
15:49:00.0609 2120 streamip - ok
15:49:00.0656 2120 [ 882FC174AC21C536E41351AFF58A7D7D ] SupportSoft RemoteAssist C:\Program Files\Common Files\Supportsoft\bin\ssrc.exe
15:49:00.0656 2120 SupportSoft RemoteAssist - ok
15:49:00.0687 2120 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
15:49:00.0687 2120 swenum - ok
15:49:00.0703 2120 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
15:49:00.0703 2120 swmidi - ok
15:49:00.0718 2120 SwPrv - ok
15:49:00.0750 2120 [ 1FF3217614018630D0A6758630FC698C ] symc810 C:\WINDOWS\system32\DRIVERS\symc810.sys
15:49:00.0750 2120 symc810 - ok
15:49:00.0765 2120 [ 070E001D95CF725186EF8B20335F933C ] symc8xx C:\WINDOWS\system32\DRIVERS\symc8xx.sys
15:49:00.0765 2120 symc8xx - ok
15:49:00.0812 2120 [ 9BBEB8C6258E72D62E7560E6667AAD39 ] SymDS C:\WINDOWS\system32\drivers\N360\0501000.01D\SYMDS.SYS
15:49:00.0812 2120 SymDS - ok
15:49:00.0859 2120 [ D5C02629C02A820A7E71BCA3D44294A3 ] SymEFA C:\WINDOWS\system32\drivers\N360\0501000.01D\SYMEFA.SYS
15:49:00.0875 2120 SymEFA - ok
15:49:00.0906 2120 [ AB33C3B196197CA467CBDDA717860DBA ] SymEvent C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
15:49:00.0906 2120 SymEvent - ok
15:49:00.0906 2120 SymIM - ok
15:49:00.0921 2120 SymIMMP - ok
15:49:00.0953 2120 [ A73399804D5D4A8B20BA60FCF70C9F1F ] SymIRON C:\WINDOWS\system32\drivers\N360\0501000.01D\Ironx86.SYS
15:49:00.0953 2120 SymIRON - ok
15:49:00.0984 2120 [ DEC35CCAF7A222DF918306CD2FDFBD39 ] SYMTDI C:\WINDOWS\System32\Drivers\N360\0501000.01D\SYMTDI.SYS
15:49:00.0984 2120 SYMTDI - ok
15:49:01.0015 2120 [ 80AC1C4ABBE2DF3B738BF15517A51F2C ] sym_hi C:\WINDOWS\system32\DRIVERS\sym_hi.sys
15:49:01.0015 2120 sym_hi - ok
15:49:01.0031 2120 [ BF4FAB949A382A8E105F46EBB4937058 ] sym_u3 C:\WINDOWS\system32\DRIVERS\sym_u3.sys
15:49:01.0031 2120 sym_u3 - ok
15:49:01.0046 2120 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
15:49:01.0046 2120 sysaudio - ok
15:49:01.0078 2120 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
15:49:01.0078 2120 SysmonLog - ok
15:49:01.0125 2120 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
15:49:01.0125 2120 TapiSrv - ok
15:49:01.0171 2120 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
15:49:01.0187 2120 Tcpip - ok
15:49:01.0203 2120 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
15:49:01.0203 2120 TDPIPE - ok
15:49:01.0218 2120 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
15:49:01.0218 2120 TDTCP - ok
15:49:01.0234 2120 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
15:49:01.0234 2120 TermDD - ok
15:49:01.0281 2120 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
15:49:01.0281 2120 TermService - ok
15:49:01.0312 2120 [ 0E8BE65DAA22027624A7289090E3841E ] tgsrvc_TalkTalk C:\Program Files\Common Files\Supportsoft\bin\tgsrvc.exe
15:49:01.0312 2120 tgsrvc_TalkTalk - ok
15:49:01.0343 2120 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
15:49:01.0343 2120 Themes - ok
15:49:01.0375 2120 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
15:49:01.0375 2120 TlntSvr - ok
15:49:01.0406 2120 [ F2790F6AF01321B172AA62F8E1E187D9 ] TosIde C:\WINDOWS\system32\DRIVERS\toside.sys
15:49:01.0406 2120 TosIde - ok
15:49:01.0437 2120 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
15:49:01.0437 2120 TrkWks - ok
15:49:01.0468 2120 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
15:49:01.0468 2120 Udfs - ok
15:49:01.0531 2120 [ CA90D2C55EB3BB90687677BEA3DB0B59 ] UleadBurningHelper C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
15:49:01.0531 2120 UleadBurningHelper - ok
15:49:01.0546 2120 [ 1B698A51CD528D8DA4FFAED66DFC51B9 ] ultra C:\WINDOWS\system32\DRIVERS\ultra.sys
15:49:01.0546 2120 ultra - ok
15:49:01.0593 2120 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
15:49:01.0593 2120 Update - ok
15:49:01.0625 2120 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
15:49:01.0640 2120 upnphost - ok
15:49:01.0656 2120 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
15:49:01.0656 2120 UPS - ok
15:49:01.0703 2120 [ D4FB6ECC60A428564BA8768B0E23C0FC ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
15:49:01.0703 2120 USBAAPL - ok
15:49:01.0718 2120 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
15:49:01.0718 2120 usbccgp - ok
15:49:01.0781 2120 [ B9FE1F943508953C0683AB7F1602E643 ] USBDeviceService C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
15:49:01.0781 2120 USBDeviceService - ok
15:49:01.0812 2120 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
15:49:01.0812 2120 usbehci - ok
15:49:01.0843 2120 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
15:49:01.0843 2120 usbhub - ok
15:49:01.0859 2120 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
15:49:01.0859 2120 usbohci - ok
15:49:01.0875 2120 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
15:49:01.0875 2120 usbprint - ok
15:49:01.0906 2120 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
15:49:01.0906 2120 usbscan - ok
15:49:01.0921 2120 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
15:49:01.0921 2120 USBSTOR - ok
15:49:01.0953 2120 [ BEE793D4A059CAEA55D6AC20E19B3A8F ] USB_RNDIS C:\WINDOWS\system32\DRIVERS\usb8023.sys
15:49:01.0953 2120 USB_RNDIS - ok
15:49:01.0953 2120 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
15:49:01.0953 2120 VgaSave - ok
15:49:01.0984 2120 [ 754292CE5848B3738281B4F3607EAEF4 ] viaagp C:\WINDOWS\system32\DRIVERS\viaagp.sys
15:49:01.0984 2120 viaagp - ok
15:49:02.0000 2120 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
15:49:02.0000 2120 ViaIde - ok
15:49:02.0000 2120 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
15:49:02.0015 2120 VolSnap - ok
15:49:02.0046 2120 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
15:49:02.0046 2120 VSS - ok
15:49:02.0078 2120 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
15:49:02.0078 2120 W32Time - ok
15:49:02.0093 2120 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
15:49:02.0093 2120 Wanarp - ok
15:49:02.0140 2120 [ 0A716C08CB13C3A8F4F51E882DBF7416 ] wanatw C:\WINDOWS\system32\DRIVERS\wanatw4.sys
15:49:02.0140 2120 wanatw - ok
15:49:02.0156 2120 WDICA - ok
15:49:02.0171 2120 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
15:49:02.0171 2120 wdmaud - ok
15:49:02.0187 2120 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
15:49:02.0187 2120 WebClient - ok
15:49:02.0265 2120 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
15:49:02.0265 2120 winmgmt - ok
15:49:02.0312 2120 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
15:49:02.0312 2120 WmdmPmSN - ok
15:49:02.0343 2120 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll
15:49:02.0359 2120 Wmi - ok
15:49:02.0390 2120 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
15:49:02.0390 2120 WmiApSrv - ok
15:49:02.0484 2120 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
15:49:02.0500 2120 WMPNetworkSvc - ok
15:49:02.0515 2120 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
15:49:02.0515 2120 WpdUsb - ok
15:49:02.0562 2120 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
15:49:02.0562 2120 wscsvc - ok
15:49:02.0578 2120 WSearch - ok
15:49:02.0609 2120 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
15:49:02.0609 2120 WSTCODEC - ok
15:49:02.0640 2120 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
15:49:02.0640 2120 wuauserv - ok
15:49:02.0656 2120 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
15:49:02.0656 2120 WudfPf - ok
15:49:02.0687 2120 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
15:49:02.0687 2120 WudfRd - ok
15:49:02.0703 2120 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
15:49:02.0703 2120 WudfSvc - ok
15:49:02.0750 2120 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
15:49:02.0765 2120 WZCSVC - ok
15:49:02.0812 2120 [ 81E8DA36CE70858898D5EB81E28A47D2 ] X10Hid C:\WINDOWS\system32\Drivers\x10hid.sys
15:49:02.0812 2120 X10Hid - ok
15:49:02.0875 2120 [ 5A0C788C5BC5F2C993CB60940ADCF95E ] x10nets C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
15:49:02.0875 2120 x10nets - ok
15:49:02.0906 2120 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
15:49:02.0906 2120 xmlprov - ok
15:49:02.0937 2120 [ 41CF36A3CC7786575247ED456918E112 ] XUIF C:\WINDOWS\system32\Drivers\x10ufx2.sys
15:49:02.0937 2120 XUIF - ok
15:49:02.0953 2120 ================ Scan global ===============================
15:49:02.0984 2120 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
15:49:03.0031 2120 [ 42B5427FAC23BF6F1F31E466B7FEB084 ] C:\WINDOWS\system32\winsrv.dll
15:49:03.0046 2120 [ 42B5427FAC23BF6F1F31E466B7FEB084 ] C:\WINDOWS\system32\winsrv.dll
15:49:03.0062 2120 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
15:49:03.0062 2120 [Global] - ok
15:49:03.0062 2120 ================ Scan MBR ==================================
15:49:03.0078 2120 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
15:49:03.0265 2120 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
15:49:03.0265 2120 \Device\Harddisk0\DR0 - detected TDSS File System (1)
15:49:03.0281 2120 [ 65E858A8A0293BE11A920B0BC99D695E ] \Device\Harddisk5\DR14
15:49:04.0125 2120 \Device\Harddisk5\DR14 - ok
15:49:04.0125 2120 ================ Scan VBR ==================================
15:49:04.0140 2120 [ B6D14AC31B53BC06E19BCE9F4B11859F ] \Device\Harddisk0\DR0\Partition1
15:49:04.0140 2120 \Device\Harddisk0\DR0\Partition1 - ok
15:49:04.0156 2120 [ DDE1970A4792139065FF7E244A7B8AD1 ] \Device\Harddisk0\DR0\Partition2
15:49:04.0156 2120 \Device\Harddisk0\DR0\Partition2 - ok
15:49:04.0171 2120 [ 10749626AB2AD0D70A4F353BE2496DBC ] \Device\Harddisk5\DR14\Partition1
15:49:04.0171 2120 \Device\Harddisk5\DR14\Partition1 - ok
15:49:04.0171 2120 ============================================================
15:49:04.0171 2120 Scan finished
15:49:04.0171 2120 ============================================================
15:49:04.0187 3152 Detected object count: 1
15:49:04.0187 3152 Actual detected object count: 1
15:49:08.0703 3152 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
15:49:08.0703 3152 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
15:49:21.0562 2840 Deinitialize success

aswMBR

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-11-06 16:12:44
-----------------------------
16:12:44.000 OS Version: Windows 5.1.2600 Service Pack 3
16:12:44.000 Number of processors: 2 586 0x409
16:12:44.000 ComputerName: Danny UserName:
16:12:45.375 Initialize success
16:15:45.781 AVAST engine defs: 12110601
16:16:44.437 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-7
16:16:45.453 Disk 0 Vendor: ST3808110AS 3.AAE Size: 76319MB BusType: 3
16:16:45.640 Disk 0 MBR read successfully
16:16:45.640 Disk 0 MBR scan
16:16:57.015 Disk 0 Windows XP default MBR code
16:16:57.031 Disk 0 Partition 1 00 1C Hidd FAT32 LBA MSWIN4.1 7993 MB offset 63
16:17:02.468 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 22763 MB offset 16370235
16:17:06.296 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 45543 MB offset 63006930
16:17:06.671 Disk 0 scanning sectors +156280320
16:17:08.875 Disk 0 scanning C:\WINDOWS\system32\drivers
16:19:09.625 Service scanning
16:20:54.703 Modules scanning
16:21:28.296 Disk 0 trace - called modules:
16:21:28.343 ntkrnlpa.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll pciide.sys
16:21:28.343 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8353da98]
16:21:28.343 3 CLASSPNP.SYS[f767cfd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-7[0x83563ae0]
16:21:33.671 AVAST engine scan C:\WINDOWS
16:21:45.781 AVAST engine scan C:\WINDOWS\system32
16:32:16.265 AVAST engine scan C:\WINDOWS\system32\drivers
16:33:28.359 AVAST engine scan D:\Documents and Settings\Danny B.Danny
16:35:21.890 AVAST engine scan D:\Documents and Settings\All Users
16:37:55.468 Scan finished successfully
16:43:35.390 Disk 0 MBR has been saved successfully to "J:\MBR.dat"
16:43:35.843 The log file has been saved successfully to "J:\aswMBR.txt"


ESET

C:\TDSSKiller_Quarantine\06.11.2012_10.52.15\mbr0000\tdlfs0000\tsk0003.dta Win32/Olmarik.ADZ trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\06.11.2012_10.52.15\mbr0000\tdlfs0000\tsk0005.dta Win32/Olmarik.AFK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\06.11.2012_10.52.15\mbr0000\tdlfs0000\tsk0006.dta Win64/Olmarik.R trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\06.11.2012_10.52.15\mbr0000\tdlfs0000\tsk0007.dta Win64/Olmarik.R trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\06.11.2012_10.52.15\mbr0000\tdlfs0000\tsk0008.dta Win64/Olmarik.A trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\06.11.2012_10.52.15\mbr0000\tdlfs0000\tsk0009.dta Win32/Olmarik.ACQ trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\06.11.2012_10.52.15\mbr0000\tdlfs0000\tsk0010.dta probably a variant of Win32/TrojanProxy.Agent.GPWMTAZ trojan cleaned by deleting - quarantined

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:38 AM

Posted 06 November 2012 - 01:58 PM

Launch TDSSkiller and select DELETE

15:49:08.0703 3152 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

#7 bruceyfamily

bruceyfamily
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:05:38 AM

Posted 06 November 2012 - 04:23 PM

Hi logs as requested

Malwarebytes

Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2012.11.06.09

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Danny B :: Danny [administrator]

06/11/2012 20:01:10
mbam-log-2012-11-06 (20-01-10).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 371517
Time elapsed: 41 minute(s), 11 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 1
HKLM\SOFTWARE\Microsoft\WORT (Trojan.Vilsel) -> Quarantined and deleted successfully.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 3
C:\TDSSKiller_Quarantine\06.11.2012_19.45.57\tdlfs0000\tsk0003.dta (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\TDSSKiller_Quarantine\06.11.2012_19.45.57\tdlfs0000\tsk0007.dta (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\TDSSKiller_Quarantine\06.11.2012_19.45.57\tdlfs0000\tsk0008.dta (Trojan.Banker) -> Quarantined and deleted successfully.

(end)

mini toolbox

MiniToolBox by Farbar Version: 07-11-2012
Ran by Danny B (administrator) on 06-11-2012 at 20:54:23
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Could not flush the DNS Resolver Cache: Function failed during execution.




========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
Hosts file not detected in the default directory
========================= IP Configuration: ================================

Realtek RTL8139/810x Family Fast Ethernet NIC = Local Area Connection (Connected)
1394 Net Adapter = 1394 Connection (Connected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : Danny

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Unknown

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No



Ethernet adapter Local Area Connection:



Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Realtek RTL8139/810x Family Fast Ethernet NIC

Physical Address. . . . . . . . . : 00-16-E6-13-AF-42

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.0.8

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.0.1

DHCP Server . . . . . . . . . . . : 192.168.0.1

DNS Servers . . . . . . . . . . . : 192.168.0.1

Lease Obtained. . . . . . . . . . : 06 November 2012 20:48:52

Lease Expires . . . . . . . . . . : 09 November 2012 20:48:52

Server: UnKnown
Address: 192.168.0.1

Name: google.com
Addresses: 173.194.34.131, 173.194.34.132, 173.194.34.133, 173.194.34.134
173.194.34.135, 173.194.34.136, 173.194.34.137, 173.194.34.142, 173.194.34.128
173.194.34.129, 173.194.34.130



Pinging google.com [173.194.41.133] with 32 bytes of data:



Reply from 173.194.41.133: bytes=32 time=38ms TTL=57

Reply from 173.194.41.133: bytes=32 time=38ms TTL=57



Ping statistics for 173.194.41.133:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 38ms, Maximum = 38ms, Average = 38ms

Server: UnKnown
Address: 192.168.0.1

Name: yahoo.com
Addresses: 72.30.38.140, 98.138.253.109, 98.139.183.24



Pinging yahoo.com [98.139.183.24] with 32 bytes of data:



Reply from 98.139.183.24: bytes=32 time=728ms TTL=49

Reply from 98.139.183.24: bytes=32 time=782ms TTL=49



Ping statistics for 98.139.183.24:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 728ms, Maximum = 782ms, Average = 755ms

Server: UnKnown
Address: 192.168.0.1

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:



Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 16 e6 13 af 42 ...... Realtek RTL8139/810x Family Fast Ethernet NIC - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.8 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
169.254.0.0 255.255.0.0 192.168.0.8 192.168.0.8 20
192.168.0.0 255.255.255.0 192.168.0.8 192.168.0.8 20
192.168.0.8 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.0.255 255.255.255.255 192.168.0.8 192.168.0.8 20
224.0.0.0 240.0.0.0 192.168.0.8 192.168.0.8 20
255.255.255.255 255.255.255.255 192.168.0.8 192.168.0.8 1
Default Gateway: 192.168.0.1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 D:\Windows\System32\mswsock.dll [File Not found] ()
Catalog5 02 D:\Windows\System32\winrnr.dll [File Not found] ()
Catalog5 03 D:\Windows\System32\mswsock.dll [File Not found] ()
Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [152864] (Apple Inc.)
Catalog9 01 D:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 02 D:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 03 D:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 04 D:\Windows\system32\rsvpsp.dll [File Not found] ()
Catalog9 05 D:\Windows\system32\rsvpsp.dll [File Not found] ()
Catalog9 06 D:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 07 D:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 08 D:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 09 D:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 10 D:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 11 D:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 12 D:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 13 D:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 14 D:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 15 D:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 16 D:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 17 D:\Windows\system32\mswsock.dll [File Not found] ()

========================= Event log errors: ===============================

Application errors:
==================
Error: (11/06/2012 11:08:06 AM) (Source: Application Error) (User: )
Description: Faulting application , version 0.0.0.0, faulting module unknown, version 0.0.0.0, fault address 0x00000000.
Processing media-specific event for [!ws!]

Error: (11/06/2012 11:05:13 AM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module unknown, version 0.0.0.0, fault address 0x00264eab.
Processing media-specific event for [iexplore.exe!ws!]

Error: (11/06/2012 11:02:40 AM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module unknown, version 0.0.0.0, fault address 0x00264eab.
Processing media-specific event for [iexplore.exe!ws!]

Error: (11/06/2012 11:00:35 AM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module unknown, version 0.0.0.0, fault address 0x00264eab.
Processing media-specific event for [iexplore.exe!ws!]

Error: (11/06/2012 10:57:54 AM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module unknown, version 0.0.0.0, fault address 0x00264eab.
Processing media-specific event for [iexplore.exe!ws!]

Error: (11/06/2012 10:55:15 AM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module unknown, version 0.0.0.0, fault address 0x00264eab.
Processing media-specific event for [iexplore.exe!ws!]

Error: (11/06/2012 10:53:31 AM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module unknown, version 0.0.0.0, fault address 0x00264eab.
Processing media-specific event for [iexplore.exe!ws!]

Error: (11/06/2012 10:52:58 AM) (Source: Application Error) (User: )
Description: Faulting application drwtsn32.exe, version 5.1.2600.0, faulting module dbghelp.dll, version 5.1.2600.5512, fault address 0x0001295d.
Processing media-specific event for [drwtsn32.exe!ws!]

Error: (11/06/2012 10:52:07 AM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: The connection with the server was terminated abnormally

Error: (11/06/2012 10:51:48 AM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module unknown, version 0.0.0.0, fault address 0x00264eab.
Processing media-specific event for [iexplore.exe!ws!]


System errors:
=============
Error: (11/06/2012 08:49:18 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
abp480n5
adpu160m
agp440
agpCPQ
Aha154x
aic78u2
aic78xx
AliIde
alim1541
amdagp
amsint
asc
asc3350p
asc3550
BHDrvx86
cbidf
cd20xrnt
CmdIde
Cpqarray
dac2w2k
dac960nt
dpti2o
hpn
i2omp
ini910u
IntelIde
mraid35x
perc2
perc2hib
ql1080
Ql10wnt
ql12160
ql1240
ql1280
sisagp
Sparrow
symc810
symc8xx
SymIRON
sym_hi
sym_u3
TosIde
ultra
viaagp
ViaIde

Error: (11/06/2012 03:37:36 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
BHDrvx86
SymIRON

Error: (11/06/2012 03:34:44 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
abp480n5
adpu160m
agp440
agpCPQ
Aha154x
aic78u2
aic78xx
AliIde
alim1541
amdagp
amsint
asc
asc3350p
asc3550
BHDrvx86
cbidf
cd20xrnt
CmdIde
Cpqarray
dac2w2k
dac960nt
dpti2o
hpn
i2omp
ini910u
IntelIde
mraid35x
perc2
perc2hib
ql1080
Ql10wnt
ql12160
ql1240
ql1280
sisagp
Sparrow
symc810
symc8xx
SymIRON
sym_hi
sym_u3
TosIde
ultra
viaagp
ViaIde

Error: (11/06/2012 03:34:10 PM) (Source: 0) (User: )
Description: 0xC000024383788083.sysHarddiskVolume2

Error: (11/06/2012 10:40:04 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
BHDrvx86
SymIRON

Error: (11/05/2012 08:53:49 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
BHDrvx86
SymIRON

Error: (11/05/2012 08:37:52 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
BHDrvx86
SymIRON

Error: (11/05/2012 07:24:47 PM) (Source: Windows Update Agent) (User: )
Description: Unable to Connect: Windows is unable to connect to the automatic updates service and therefore cannot download and install updates according to the set schedule. Windows will continue to try to establish a connection.

Error: (11/05/2012 07:23:56 PM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for a transaction response from the WSearch service.

Error: (11/05/2012 07:22:50 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated with service-specific error 2147749155 (0x80040D23).


Microsoft Office Sessions:
=========================
Error: (11/06/2012 11:08:06 AM) (Source: Application Error)(User: )
Description: 0.0.0.0unknown0.0.0.000000000

Error: (11/06/2012 11:05:13 AM) (Source: Application Error)(User: )
Description: iexplore.exe8.0.6001.18702unknown0.0.0.000264eab

Error: (11/06/2012 11:02:40 AM) (Source: Application Error)(User: )
Description: iexplore.exe8.0.6001.18702unknown0.0.0.000264eab

Error: (11/06/2012 11:00:35 AM) (Source: Application Error)(User: )
Description: iexplore.exe8.0.6001.18702unknown0.0.0.000264eab

Error: (11/06/2012 10:57:54 AM) (Source: Application Error)(User: )
Description: iexplore.exe8.0.6001.18702unknown0.0.0.000264eab

Error: (11/06/2012 10:55:15 AM) (Source: Application Error)(User: )
Description: iexplore.exe8.0.6001.18702unknown0.0.0.000264eab

Error: (11/06/2012 10:53:31 AM) (Source: Application Error)(User: )
Description: iexplore.exe8.0.6001.18702unknown0.0.0.000264eab

Error: (11/06/2012 10:52:58 AM) (Source: Application Error)(User: )
Description: drwtsn32.exe5.1.2600.0dbghelp.dll5.1.2600.55120001295d

Error: (11/06/2012 10:52:07 AM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThe connection with the server was terminated abnormally

Error: (11/06/2012 10:51:48 AM) (Source: Application Error)(User: )
Description: iexplore.exe8.0.6001.18702unknown0.0.0.000264eab


=========================== Installed Programs ============================

Adobe Download Manager (Version: 1.6.2.49)
Adobe Flash Player 10 ActiveX (Version: 10.2.152.26)
Adobe Reader 7.0 (Version: 7.0.0)
Apple Application Support (Version: 1.5.1)
Apple Mobile Device Support (Version: 3.4.0.25)
Apple Software Update (Version: 2.1.2.120)
ATI Catalyst Control Center (Version: 1.2.2153.2409)
Bonjour (Version: 2.0.5.0)
BT Yahoo! Applications
CCleaner (Version: 3.06)
Compatibility Pack for the 2007 Office system (Version: 12.0.6514.5001)
Conduit Engine (Version: 6.2.7.3)
Cyberchase Carnival Chaos
Edmark - Zap
Edmark Mighty Math Number Heroes
ESET Online Scanner v3
FUJIFILM MyFinePix Studio 1.0
Google Update Helper (Version: 1.3.21.123)
HP Deskjet 1050 J410 series Basic Device Software (Version: 20.0.771.0)
HP Deskjet 1050 J410 series Help (Version: 140.0.56.56)
HP Deskjet 1050 J410 series Product Improvement Study (Version: 20.0.771.0)
iTunes (Version: 10.2.2.14)
J2SE Runtime Environment 5.0 Update 4 (Version: 1.5.0.40)
Java™ 6 Update 17 (Version: 6.0.170)
Letts English (Version: 1.0.0)
LG USB Modem driver (Version: 4.8.2)
Macromedia Flash Player 8 (Version: 8.0.24.0)
Macromedia Shockwave Player (Version: 10.1.0.011)
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
MCE Software Encoder 1.0
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Word Viewer 2003 (Version: 11.0.8173.0)
Microsoft Silverlight (Version: 4.0.60310.0)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Works (Version: 08.04.0623)
MobileMe Control Panel (Version: 3.1.5.0)
Motorola SM56 Data Fax Modem
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 6 Service Pack 2 (KB954459) (Version: 6.20.1099.0)
Norton 360 (Version: 5.1.0.29)
PowerDVD
QuickTime (Version: 7.69.80.9)
REALTEK GbE & FE Ethernet PCI NIC Driver (Version: 1.02.0000)
Realtek High Definition Audio Driver (Version: 2.02)
Sonic Encoders (Version: 1.00)
Sonic Express Labeler (Version: 2.1.0)
Sonic MyDVD LE (Version: 6.2.0)
Sonic RecordNow Audio (Version: 2.0.0)
Sonic RecordNow Copy (Version: 2.0.0)
Sonic RecordNow Data (Version: 2.0.0)
TalkTalk Assist & Go (Version: 4.0.28)
Ulead PhotoImpact 10 SE (Version: 10.0)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Windows Internet Explorer 8 (KB971930) (Version: 1)
Update for Windows Internet Explorer 8 (KB976662) (Version: 1)
Update for Windows Internet Explorer 8 (KB976749) (Version: 1)
Update for Windows Internet Explorer 8 (KB980182) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
WebFldrs XP (Version: 9.50.7523)
Windows Driver Package - MobileTop (sshpmdm) Modem (02/23/2007 2.5.0.0) (Version: 02/23/2007 2.5.0.0)
Windows Driver Package - MobileTop (sshpusb) USB (02/23/2007 2.5.0.0) (Version: 02/23/2007 2.5.0.0)
Windows Imaging Component (Version: 3.0.0.0)
Windows Internet Explorer 7 (Version: 20070813.185237)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Media Encoder 9 Series (Version: 9.00.2980)
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Media Center Edition 2005 KB2502898
Windows XP Service Pack 3 (Version: 20080414.031525)
X10 Hardware™

========================= Memory info: ===================================

Percentage of memory in use: 56%
Total physical RAM: 382.48 MB
Available physical RAM: 164.47 MB
Total Pagefile: 915.04 MB
Available Pagefile: 485.21 MB
Total Virtual: 2047.88 MB
Available Virtual: 1968.26 MB

========================= Partitions: =====================================

1 Drive c: (HDD) (Fixed) (Total:22.23 GB) (Free:12.2 GB) NTFS
2 Drive d: (DATA) (Fixed) (Total:44.48 GB) (Free:31.79 GB) NTFS

========================= Users: ========================================

User accounts for \\Danny

Administrator ASPNET Danny B
Guest HelpAssistant SUPPORT_388945a0

========================= Restore Points ==================================

10-10-2012 14:03:30 System Checkpoint
05-11-2012 17:19:16 Removed HP Deskjet 1050 J410 series Basic Device Software
05-11-2012 17:22:40 Removed HP Deskjet 1050 J410 series Help
05-11-2012 17:22:58 Removed HP Deskjet 1050 J410 series Product Improvement Study
05-11-2012 17:23:39 Removed TalkTalk Assist & Go
05-11-2012 17:25:52 Removed Safari
05-11-2012 17:30:31 Removed LG USB Modem driver
05-11-2012 19:17:47 Restore Operation
05-11-2012 19:32:36 Removed SamsungConnectivityCableDriver
05-11-2012 19:33:21 Removed Samsung New PC Studio USB Driver Installer
05-11-2012 19:33:52 Removed Safari
05-11-2012 19:34:16 Removed PC Connectivity Solution
06-11-2012 20:28:54 System Checkpoint

**** End of log ****

Farbar service scanner

Farbar Service Scanner Version: 07-11-2012
Ran by Danny B (administrator) on 06-11-2012 at 20:57:48
Running from "D:\Documents and Settings\Danny B.Danny\Local Settings\Temporary Internet Files\Content.IE5\LZJL3YPE"
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============
Dnscache Service is not running. Checking service configuration:
The start type of Dnscache service is set to Disabled. The default start type is Auto.
The ImagePath of Dnscache service is OK.
The ServiceDll of Dnscache service is OK.


Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys
[2004-09-10 13:56] - [2008-10-16 14:43] - 0138496 ___AC (Microsoft Corporation) 7618D5218F2A614672EC61A80D854A37

C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
Gpc(3) IPSec(5) NetBT(6) PSched(7) SYMTDI(9) Tcpip(4)
0x0A00000005000000010000000200000003000000040000000900000056000000080000000600000007000000
IpSec Tag value is correct.

**** End of log ****

adware cleaner

# AdwCleaner v2.007 - Logfile created 11/06/2012 at 20:59:18
# Updated 06/11/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Danny B - Danny
# Boot Mode : Normal
# Running from : D:\Documents and Settings\Danny B.Danny\Local Settings\Temporary Internet Files\Content.IE5\40DDDYV1\adwcleaner[1].exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Program Files\ConduitEngine
Folder Deleted : C:\Program Files\Viewpoint
Folder Deleted : D:\Documents and Settings\All Users\Application Data\Viewpoint

***** [Registry] *****

Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\conduitEngine
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2786678
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2890656
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\conduitEngine
Key Deleted : HKLM\Software\MetaStream
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6E145F5C-B5EF-40AD-9686-05CD489D0A02}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\zap
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Key Deleted : HKLM\Software\Viewpoint
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

*************************

AdwCleaner[S1].txt - [3043 octets] - [06/11/2012 20:59:18]

########## EOF - D:\AdwCleaner[S1].txt - [3103 octets] ##########

Junkware removal tool

Junkware Removal Tool (JRT) by Thisisu
Version: 2.7.5 (11.06.2012)
OS: Microsoft Windows XP x86
Ran by Danny B on 06/11/2012 at 21:10:02.93
Blog: http://thisisudax.blogspot.com
**************************************************************




*** Services: 0 Detections



*** Registry Values:

Successfully deleted: [VALUE] hkey_local_machine\software\microsoft\internet explorer\toolbar\\{ef99bd32-c1fb-11d2-892f-0090271d4f88}



*** Registry Keys:

Successfully deleted: [KEY] hkey_classes_root\clsid\{ef99bd32-c1fb-11d2-892f-0090271d4f88}



*** Files: 0 Detections



*** Folders: 0 Detections



*** Chrome detected and repaired



*** Event Viewer Logs - NOT cleared





**************************************************************
Scan was completed on 06/11/2012 at 21:17:45.82
End of Report

Hope thats everything that was asked for!

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:38 AM

Posted 06 November 2012 - 11:25 PM

Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#9 bruceyfamily

bruceyfamily
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:05:38 AM

Posted 07 November 2012 - 05:17 AM

Hi

rkill

Rkill 2.4.4 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 11/07/2012 10:04:30 AM in x86 mode.
Windows Version: Microsoft Windows XP Service Pack 3

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Firewall Disabled

[HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = dword:00000000

Checking Windows Service Integrity:

* DNS Client (Dnscache) is not Running.
Startup Type set to: Disabled

* MSDTC [Missing Service]

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 11/07/2012 10:05:14 AM
Execution time: 0 hours(s), 0 minute(s), and 44 seconds(s)


autoruns



"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "RTHDCPL" "Realtek HD Audio Control Panel" "Realtek Semiconductor Corp." "c:\windows\rthdcpl.exe"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce" "" "" ""
+ "AvgUninstallURL" "" "" "File not found: start"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Address Book 6" "Outlook Express Setup Library" "Microsoft Corporation" "c:\program files\outlook express\setup50.exe"
+ "Microsoft Outlook Express 6" "Outlook Express Setup Library" "Microsoft Corporation" "c:\program files\outlook express\setup50.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "MSMSGS" "Windows Messenger" "Microsoft Corporation" "c:\program files\messenger\msmsgs.exe"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "ms-itss" "Microsoft® InfoTech Storage System Library" "Microsoft Corporation" "c:\program files\common files\microsoft shared\information retrieval\msitss.dll"
"HKCU\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components" "" "" ""
+ "0" "" "" "File not found: About:Home"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" "" "" ""
+ "Windows Desktop Search Namespace Manager" "Windows Search Namespace Manager" "Microsoft Corporation" "c:\program files\windows desktop search\msnlnamespacemgr.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "BUContextMenu" "Backup Shell" "Symantec Corporation" "c:\program files\norton 360\engine\5.1.0.29\bushell.dll"
+ "OPShellExt" "OpFolderExt" "Softex Inc." "c:\apps\softex\omnipass\opfolderext.dll"
+ "Symantec.Norton.Antivirus.IEContextMenu" "Symantec Shared Component Shell Extension Module" "Symantec Corporation" "c:\program files\norton 360\engine\5.1.0.29\navshext.dll"
"HKLM\Software\Classes\*\ShellEx\PropertySheetHandlers" "" "" ""
+ "BuPropertySheet" "Backup Shell" "Symantec Corporation" "c:\program files\norton 360\engine\5.1.0.29\bushell.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "OPShellExt" "OpFolderExt" "Softex Inc." "c:\apps\softex\omnipass\opfolderext.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "ACE" "ACE Context Menu" "" "c:\program files\ati technologies\ati.ace\atiacmxx.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files\adobe\acrobat 7.0\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "BUContextMenu" "Backup Shell" "Symantec Corporation" "c:\program files\norton 360\engine\5.1.0.29\bushell.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
+ "Symantec.Norton.Antivirus.IEContextMenu" "Symantec Shared Component Shell Extension Module" "Symantec Corporation" "c:\program files\norton 360\engine\5.1.0.29\navshext.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "OverlayExcluded" "Backup Shell" "Symantec Corporation" "c:\program files\norton 360\engine\5.1.0.29\bushell.dll"
+ "OverlayPending" "Backup Shell" "Symantec Corporation" "c:\program files\norton 360\engine\5.1.0.29\bushell.dll"
+ "OverlayProtected" "Backup Shell" "Symantec Corporation" "c:\program files\norton 360\engine\5.1.0.29\bushell.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "&Yahoo! Toolbar Helper" "Yahoo! Toolbar" "Yahoo! Inc." "c:\program files\yahoo!\companion\installs\cpn\yt.dll"
+ "AcroIEHlprObj Class" "Adobe Acrobat IE Helper Version 7.0 for ActiveX" "Adobe Systems Incorporated" "c:\program files\adobe\acrobat 7.0\activex\acroiehelper.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\jp2ssv.dll"
+ "JQSIEStartDetectorImpl Class" "Java™ Quick Starter binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll"
+ "SingleInstance Class" "Yahoo! Single Instance for Mail" "Yahoo! Inc" "c:\program files\yahoo!\companion\installs\cpn\ytsingleinstance.dll"
+ "Symantec Intrusion Prevention" "IPS Browser Helper DLL" "Symantec Corporation" "c:\program files\norton 360\engine\5.1.0.29\ips\ipsbho.dll"
+ "Symantec NCO BHO" "coIEPlugIn" "Symantec Corporation" "c:\program files\norton 360\engine\5.1.0.29\coieplg.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Norton Toolbar" "coIEPlugIn" "Symantec Corporation" "c:\program files\norton 360\engine\5.1.0.29\coieplg.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "Windows Messenger" "Windows Messenger" "Microsoft Corporation" "c:\program files\messenger\msmsgs.exe"
"Task Scheduler" "" "" ""
+ "AppleSoftwareUpdate.job" "Apple Software Update" "Apple Inc." "c:\program files\apple software update\softwareupdate.exe"
+ "GoogleUpdateTaskMachineCore.job" "Google Installer" "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "GoogleUpdateTaskMachineUA.job" "Google Installer" "Google Inc." "c:\program files\google\update\googleupdate.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AOL ACS" "AOL Connectivity Service" "America Online, Inc." "c:\program files\common files\aol\acs\aolacsd.exe"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "Ati HotKey Poller" "ATI External Event Utility EXE Module" "ATI Technologies Inc." "c:\windows\system32\ati2evxx.exe"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"
+ "getPlusHelper" "getPlus® Helper" "NOS Microsystems Ltd." "c:\program files\nos\bin\getplus_helper.dll"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "JavaQuickStarterService" "Prefetches JRE files for faster startup of Java applets and applications" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\jqs.exe"
+ "N360" "Norton 360" "Symantec Corporation" "c:\program files\norton 360\engine\5.1.0.29\ccsvchst.exe"
+ "omniserv" "Softex OmniPass Service" "Softex Inc." "c:\apps\softex\omnipass\omniserv.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files\common files\microsoft shared\source engine\ose.exe"
+ "sprtsvc_TalkTalk" "SupportSoft Sprocket Service" "SupportSoft, Inc." "c:\program files\talktalk\bin\sprtsvc.exe"
+ "SupportSoft RemoteAssist" "ssrc Module" "SupportSoft, Inc." "c:\program files\common files\supportsoft\bin\ssrc.exe"
+ "tgsrvc_TalkTalk" "SupportSoft Repair Service" "SupportSoft, Inc." "c:\program files\common files\supportsoft\bin\tgsrvc.exe"
+ "UleadBurningHelper" "ULCDRSvr" "Ulead Systems, Inc." "c:\program files\common files\ulead systems\dvd\ulcdrsvr.exe"
+ "USBDeviceService" "USBDeviceService Module" "" "c:\program files\sonic\digitalmedia le v7\mydvd le\usbdeviceservice.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
+ "x10nets" "X10 Module" "X10" "c:\program files\common files\x10\common\x10nets.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "3xHybrid" "The Europa capture driver" "Philips Semiconductors GmbH" "c:\windows\system32\drivers\3xhybrid.sys"
+ "AliIde" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdagp" "AMD Win2000 AGP Filter" "Advanced Micro Devices, Inc." "c:\windows\system32\drivers\amdagp.sys"
+ "asc" "AdvanSys SCSI Controller Driver" "Advanced System Products, Inc." "c:\windows\system32\drivers\asc.sys"
+ "asc3550" "AdvanSys Ultra-Wide PCI SCSI Driver" "Advanced System Products, Inc." "c:\windows\system32\drivers\asc3550.sys"
+ "ASCTRM" "TR Manager" "Windows ® 2000 DDK provider" "c:\windows\system32\drivers\asctrm.sys"
+ "ati2mtag" "ATI Radeon WindowsNT Miniport Driver" "ATI Technologies Inc." "c:\windows\system32\drivers\ati2mtag.sys"
+ "BHDrvx86" "SONAR Engine Driver" "" "File not found: D:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20110929.001\BHDrvx86.sys"
+ "Changer" "" "" "File not found: C:\WINDOWS\System32\Drivers\Changer.sys"
+ "CmdIde" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "dac2w2k" "Mylex Disk Array Controller Driver" "Mylex Corporation" "c:\windows\system32\drivers\dac2w2k.sys"
+ "eeCtrl" "Symantec Eraser Control Driver" "Symantec Corporation" "c:\program files\common files\symantec shared\eengine\eectrl.sys"
+ "FsUsbExDisk" "" "" "c:\windows\system32\fsusbexdisk.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "HdAudAddService" "High Definition Audio Function Driver v1.0a" "Windows ® Server 2003 DDK provider" "c:\windows\system32\drivers\hdaudio.sys"
+ "HDAudBus" "High Definition Audio Bus Driver v1.0a" "Windows ® Server 2003 DDK provider" "c:\windows\system32\drivers\hdaudbus.sys"
+ "IDSxpx86" "Symantec Intrusion Prevention Driver" "" "File not found: D:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20111012.034\IDSxpx86.sys"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkhdaud.sys"
+ "lbrtfdc" "" "" "File not found: C:\WINDOWS\System32\Drivers\lbrtfdc.sys"
+ "MBAMSwissArmy" "Malwarebytes' Anti-Malware" "Malwarebytes Corporation" "c:\windows\system32\drivers\mbamswissarmy.sys"
+ "mraid35x" "MegaRAID RAID Controller Driver for Windows Whistler 32" "American Megatrends Inc." "c:\windows\system32\drivers\mraid35x.sys"
+ "NAVENG" "" "" "File not found: D:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20110920.002\NAVENG.SYS"
+ "NAVEX15" "" "" "File not found: D:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20110920.002\NAVEX15.SYS"
+ "pccsmcfd" "" "" "File not found: system32\DRIVERS\pccsmcfd.sys"
+ "PCIDump" "" "" "File not found: C:\WINDOWS\System32\Drivers\PCIDump.sys"
+ "PDCOMP" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDCOMP.sys"
+ "PDFRAME" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDFRAME.sys"
+ "PDRELI" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDRELI.sys"
+ "PDRFRAME" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDRFRAME.sys"
+ "Ptilink" "Direct Parallel Link Driver" "Parallel Technologies, Inc." "c:\windows\system32\drivers\ptilink.sys"
+ "PxHelp20" "Px Engine Device Driver for Windows 2000/XP" "Sonic Solutions" "c:\windows\system32\drivers\pxhelp20.sys"
+ "ql1080" "Miniport Driver for QLogic ISP PCI Adapters" "QLogic Corporation" "c:\windows\system32\drivers\ql1080.sys"
+ "ql12160" "Miniport Driver for QLogic ISP PCI Adapters" "QLogic Corporation" "c:\windows\system32\drivers\ql12160.sys"
+ "ql1280" "Miniport Driver for QLogic ISP PCI Adapters" "QLogic Corporation" "c:\windows\system32\drivers\ql1280.sys"
+ "RTL8023xp" "Realtek 10/100/1000 NDIS 5.1 Driver " "Realtek Semiconductor Corporation " "c:\windows\system32\drivers\rtnicxp.sys"
+ "rtl8139" "Realtek RTL8139 NDIS 5.0 Driver" "Realtek Semiconductor Corporation" "c:\windows\system32\drivers\rtl8139.sys"
+ "SBRE" "Anti-Rootkit Engine" "Sunbelt Software" "c:\windows\system32\drivers\sbredrv.sys"
+ "Secdrv" "SafeDisc driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "sisagp" "SiS NT AGP Filter" "Silicon Integrated Systems Corporation" "c:\windows\system32\drivers\sisagp.sys"
+ "smserial" "Motorola SM56 Modem WDM Driver" "Motorola Inc." "c:\windows\system32\drivers\smserial.sys"
+ "Sparrow" "Adaptec AIC-6x60 series SCSI miniport" "Adaptec, Inc." "c:\windows\system32\drivers\sparrow.sys"
+ "SRTSP" "Symantec AutoProtect" "Symantec Corporation" "c:\windows\system32\drivers\n360\0501000.01d\srtsp.sys"
+ "SRTSPX" "Symantec AutoProtect" "Symantec Corporation" "c:\windows\system32\drivers\n360\0501000.01d\srtspx.sys"
+ "sym_hi" "Symbios Hi-Perf SCSI Miniport Driver" "LSI Logic" "c:\windows\system32\drivers\sym_hi.sys"
+ "sym_u3" "Symbios Ultra3 SCSI Miniport Driver" "LSI Logic" "c:\windows\system32\drivers\sym_u3.sys"
+ "symc810" "Symbios Logic Inc. SCSI Miniport Driver" "Symbios Logic Inc." "c:\windows\system32\drivers\symc810.sys"
+ "symc8xx" "Symbios 8XX SCSI Miniport Driver" "LSI Logic" "c:\windows\system32\drivers\symc8xx.sys"
+ "SymDS" "Symantec Data Store" "Symantec Corporation" "c:\windows\system32\drivers\n360\0501000.01d\symds.sys"
+ "SymEFA" "Symantec Extended File Attributes" "Symantec Corporation" "c:\windows\system32\drivers\n360\0501000.01d\symefa.sys"
+ "SymEvent" "Symantec Event Library" "Symantec Corporation" "c:\windows\system32\drivers\symevent.sys"
+ "SymIM" "" "" "File not found: system32\DRIVERS\SymIM.sys"
+ "SymIMMP" "" "" "File not found: system32\DRIVERS\SymIM.sys"
+ "SymIRON" "Iron Driver" "Symantec Corporation" "c:\windows\system32\drivers\n360\0501000.01d\ironx86.sys"
+ "SYMTDI" "Network Dispatch Driver" "Symantec Corporation" "c:\windows\system32\drivers\n360\0501000.01d\symtdi.sys"
+ "ultra" "Promise Ultra66 Miniport Driver" "Promise Technology, Inc." "c:\windows\system32\drivers\ultra.sys"
+ "USBAAPL" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl.sys"
+ "wanatw" "Wan Miniport (ATW)" "America Online, Inc." "c:\windows\system32\drivers\wanatw4.sys"
+ "WDICA" "" "" "File not found: C:\WINDOWS\System32\Drivers\WDICA.sys"
+ "X10Hid" "X10 HID Control Interface" "X10 Wireless Technology, Inc." "c:\windows\system32\drivers\x10hid.sys"
+ "XUIF" "X10 USB Control Interface" "X10 Wireless Technology, Inc." "c:\windows\system32\drivers\x10ufx2.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.dvacm" "Ulead DV Audio ACM Driver" "Ulead Systems, Inc." "c:\program files\common files\ulead systems\vio\dvacm.acm"
+ "msacm.iac2" "Indeo® audio software" "Intel Corporation" "c:\windows\system32\iac25_32.ax"
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
+ "msacm.mpegacm " "Ulead MPEG1 Layer2 Audio ACM Driver" "Ulead Systems, Inc." "c:\program files\common files\ulead systems\mpeg\mpegacm.acm"
+ "msacm.sl_anet" "Audio codec for MS ACM" "Sipro Lab Telecom Inc." "c:\windows\system32\sl_anet.acm"
+ "msacm.trspch" "DSP Group TrueSpeech™ Audio Codec for MSACM V3.50" "DSP GROUP, INC." "c:\windows\system32\tssoft32.acm"
+ "msacm.ulmp3acm" "Ulead MP3 codec engine" "Ulead systems" "c:\program files\common files\ulead systems\mpeg\ulmp3acm.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\system32\iccvid.dll"
+ "vidc.iv31" "" "" "c:\windows\system32\ir32_32.dll"
+ "vidc.iv32" "" "" "c:\windows\system32\ir32_32.dll"
+ "vidc.iv41" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "vidc.iv50" "Intel Indeo® video 5.10" "Intel Corporation" "c:\windows\system32\ir50_32.dll"
"HKLM\Software\Classes\Filter" "" "" ""
+ "Indeo® video 4.4 Compression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "Indeo® video 4.4 Compression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "Indeo® video 4.4 Decompression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "Indeo® video 4.4 Decompression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "Ulead MP3 Encoder" "uleamp3" "Ulead System Co." "c:\program files\common files\ulead systems\mpeg\uleamp3.ax"
+ "Ulead MP3 Encoder" "uleamp3" "Ulead System Co." "c:\program files\common files\ulead systems\mpeg\uleamp3.ax"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "9x8Resize" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "ACELP.net Audio Decoder" "ACELP.net Audio Decoder" "Sipro Lab Telecom Inc." "c:\windows\system32\acelpdec.ax"
+ "Allocator Fix" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Audio Source" "Windows Media Preview Object" "Microsoft Corporation" "c:\program files\windows media components\encoder\wmprevu.dll"
+ "Bitmap" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "CyberLink Audio Decoder" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files\cyberlink\shared files\audiofilter\claud.ax"
+ "CyberLink Audio Effect" "CyberLink Audio Effect Filter" "CyberLink Corporation" "c:\program files\cyberlink\shared files\audiofilter\claudfx.ax"
+ "CyberLink AudioCD Filter" "CyberLink AudioCD Filter" "CyberLink Corp." "c:\program files\cyberlink\shared files\audiofilter\claudiocd.ax"
+ "CyberLink DVD Navigator" "CyberLink DVD Navigation Filter" "CyberLink Corp." "c:\program files\cyberlink\shared files\navfilter\clnavx.ax"
+ "CyberLink Line21 Decoder Filter" "CyberLink Line21 Decoder Filter" "CyberLink Corp." "c:\program files\cyberlink\shared files\videofilter\clline21.ax"
+ "CyberLink MPEG Video Encoder" "CyberLink MPEG Video Encoder " "CyberLink Corp. " "c:\apps\softenco\clvidencmce.ax"
+ "CyberLink TimeStretch Filter" "CLAuTS.ax" "CyberLink Corp." "c:\program files\cyberlink\shared files\audiofilter\clauts.ax"
+ "CyberLink Video/SP Decoder" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files\cyberlink\shared files\videofilter\clvsd.ax"
+ "Dib Output" "" "Ulead Systems, Inc." "c:\program files\common files\ulead systems\filters\diboutput.ax"
+ "Dib Receive" "" "Ulead Systems, Inc." "c:\program files\common files\ulead systems\filters\dibreceive.ax"
+ "DV ACM V/A Source Filter" "" "Ulead Systems, Inc." "c:\program files\common files\ulead systems\filters\dvsf.ax"
+ "DV V/A Source Filter" "" "Ulead Systems, Inc." "c:\program files\common files\ulead systems\filters\dvsf.ax"
+ "DV Video Source Filter" "" "Ulead Systems, Inc." "c:\program files\common files\ulead systems\filters\dvsf.ax"
+ "DVD Audio Decoder" "Audio Decoder" "Ulead Systems, Inc." "c:\program files\common files\ulead systems\mpeg\ulac32.ax"
+ "FinePix Color Filter" "FinePix Color Filter" "FUJI PHOTO FILM CO.,LTD." "c:\program files\fujifilm\myfinepix studio\plugins\fbuploader\mvfilters\fxcolorft.ax"
+ "FinePix Rotate Filter" "FinePix Rotate Filter" "FUJI PHOTO FILM CO.,LTD." "c:\program files\fujifilm\myfinepix studio\plugins\fbuploader\mvfilters\fxrotateft.ax"
+ "Frame Eater" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Fujifilm Setup Filter" "FujifilmSetupFilter" "FUJI PHOTO FILM CO., LTD. " "c:\program files\fujifilm\myfinepix studio\plugins\fbuploader\mvfilters\fujifilmsetupfilter.ax"
+ "Indeo® audio software" "Indeo® audio software" "Intel Corporation" "c:\windows\system32\iac25_32.ax"
+ "Indeo® video 5.10 Compression Filter" "Intel Indeo® video 5.10" "Intel Corporation" "c:\windows\system32\ir50_32.dll"
+ "Indeo® video 5.10 Decompression Filter" "Intel Indeo® video 5.10" "Intel Corporation" "c:\windows\system32\ir50_32.dll"
+ "MPEG Layer-3 Decoder" "MPEG Layer-3 Audio Decoder" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codecx.ax"
+ "Record Queue" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Record Queue" "WME Record Queue" "Microsoft Corporation" "c:\program files\windows media components\encoder\wmedque.dll"
+ "ShotDetect" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Stetch" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Tivo DirectShow Source Filter" "TiVo DirectShow Filter" "TiVo Inc." "c:\program files\common files\tivo shared\directshow\tivodirectshowfilter.dll"
+ "Ulead AMR Audio Decoder" "MP4 AMR Audio Decoder Filter" "Ulead Systems, Inc." "c:\program files\common files\ulead systems\mpeg\uladamr.ax"
+ "ULead Infinite Pin Tee" "Ulead Infinite Tee Filter" "Ulead Systems, Inc." "c:\program files\common files\ulead systems\mpeg\uinftee.ax"
+ "ULead LPCM Audio Encoder" "LPCM Audio Encoder" "ULead Systems" "c:\program files\common files\ulead systems\mpeg\ulpcmpeg.ax"
+ "Ulead MP3 Encoder" "uleamp3" "Ulead System Co." "c:\program files\common files\ulead systems\mpeg\uleamp3.ax"
+ "Ulead MPEG Audio Decoder" "MPEG Video and Audio Decoder" "ULead Systems" "c:\program files\common files\ulead systems\mpeg\uldsmpeg.ax"
+ "Ulead MPEG Encoder" "MPEG Encoder and Muxer" "ULead Systems" "c:\program files\common files\ulead systems\mpeg\ulesmpeg.ax"
+ "Ulead MPEG Muxer" "MPEG Muxer" "ULead Systems" "c:\program files\common files\ulead systems\mpeg\ulmxmpeg.ax"
+ "Ulead MPEG Splitter" "ULead Mpeg I/II Splitter" "ULead Systems" "c:\program files\common files\ulead systems\mpeg\ulspmpeg.ax"
+ "Ulead MPEG Video Decoder" "MPEG Video and Audio Decoder" "ULead Systems" "c:\program files\common files\ulead systems\mpeg\uldsmpeg.ax"
+ "Ulead MPEG-4 Audio Decoder" "MP4 AAC Audio Decoder Filter" "Ulead Systems, Inc." "c:\program files\common files\ulead systems\mpeg\uladmp4.ax"
+ "Ulead MPEG-4 Audio Encoder" "MP4 AAC Audio Encoder Filter" "Ulead Systems, Inc." "c:\program files\common files\ulead systems\mpeg\ulaemp4.ax"
+ "Ulead MPEG-4 Multiplexer" "MP4 Multiplexer Filter" "Ulead Systems, Inc." "c:\program files\common files\ulead systems\mpeg\ulmxmp4.ax"
+ "Ulead MPEG-4 Splitter" "MP4 Splitter Filter" "Ulead Systems, Inc." "c:\program files\common files\ulead systems\mpeg\ulspmp4.ax"
+ "Ulead MPEG-4 Video Decoder" "MP4 Video Decoder Filter" "Ulead Systems, Inc." "c:\program files\common files\ulead systems\mpeg\ulvdmp4.ax"
+ "Ulead MPEG-4 Video Encoder" "MP4 Video Encoder Filter" "Ulead Systems, Inc." "c:\program files\common files\ulead systems\mpeg\ulvemp4.ax"
+ "Ulead Video Deinterlace Filter" "" "Ulead Systems, Inc." "c:\program files\common files\ulead systems\filters\deinterlace.ax"
+ "Video Source" "Windows Media Preview Object" "Microsoft Corporation" "c:\program files\windows media components\encoder\wmprevu.dll"
+ "WIA Stream Snapshot Filter" "WIA Stream Snapshot Filter" "MyCompanyName" "c:\windows\system32\wiasf.ax"
+ "WM VIH2 Fix" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMEnc Screen Capture Filter" "WMESrcWp Module" "Microsoft Corporation" "c:\program files\windows media components\encoder\wmesrcwp.dll"
+ "WMT Audio Analyzer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Black Frame Generator" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DirectX Transform Wrapper" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DV Extract Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT FormatConversion" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Import Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Interlacer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Log Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT MuxDeMux Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Sample Info Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Screen capture Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Switch Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Renderer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Source" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Volume" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "AtiExtEvent" "ATI External Event Utility DLL Module" "ATI Technologies Inc." "c:\windows\system32\ati2evxx.dll"
+ "OPXPGina" "" "" "c:\apps\softex\omnipass\opxpgina.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "EPSON Stylus D92 Series 32MonitorBE" "EPSON Bi-directional Monitor" "SEIKO EPSON CORPORATION" "c:\windows\system32\e_flbbze.dll"
+ "HP 8911 Status Monitor" "Print Status Language Monitor" "Hewlett-Packard Co." "c:\windows\system32\hpinksts8911lm.dll"


Many thanks

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:38 AM

Posted 07 November 2012 - 06:10 AM

Current issues?

#11 bruceyfamily

bruceyfamily
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:05:38 AM

Posted 07 November 2012 - 06:13 AM

will test everything and let you know.
Many thanks.

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:38 AM

Posted 07 November 2012 - 06:14 AM

If you have no further issues make sure to finish the final tasks

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)

#13 bruceyfamily

bruceyfamily
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:05:38 AM

Posted 07 November 2012 - 06:26 AM

superb - many thanks for your help - so quick and so easy to understand - I will have one happy teenager when hes home from school today!! :)

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:38 AM

Posted 07 November 2012 - 06:28 AM

You're most welcome :)

#15 bruceyfamily

bruceyfamily
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:05:38 AM

Posted 07 November 2012 - 10:54 AM

Hi all seems to be ok - the only thing now is the montitor now has a blue tint? Plugged it into another pc and its fine so it must be this pc. Have downloaded latest graphics driver but still the same? Any ideas?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users