Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Search.Iminent.com browser hijacker - Cannot remove


  • Please log in to reply
5 replies to this topic

#1 creativegd

creativegd

  • Members
  • 73 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Atlanta
  • Local time:06:47 PM

Posted 12 November 2012 - 02:30 PM

I recently added some apps to google chrome brower like world clock and weather etc. I must have added about 10 or so. Ever since they were installed a new tab appears in google chrome called Iminent search. It looks ok but it has nasty pop-ups and takes up 100% of the cpu. After reading more about it I relized it is a spyware hacking virus and very hard to get rid off.

I have Avast virus security and did a boot-up scan for more than 12 hours. It found alot of stuf but did not get rid of this serach.Iminent.com virus. I also attempted to remove the files manually from reading online but could not find any of the registry files they were talking about.

My next step is to go back and restore the computer to a previous restore point but other than that I am at a loss to get rid of it.

Do you have any advice?

Operating system: window XP professional
Computer: HP Pavillion laptop

Thank you

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,221 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:47 PM

Posted 12 November 2012 - 05:07 PM

Hello and welcome. Lets run these next and see how it is.


Reboot into Safe Mode with Networking
How to enter safe mode(XP/Vista)
Using the F8 Method
Restart your computer.
When the machine first starts again it will generally list some equipment that is installed in your machine, amount of memory, hard drives installed etc. At this point you should gently tap the F8 key repeatedly until you are presented with a Windows XP Advanced Options menu.
Select the option for Safe Mode with Networking using the arrow keys.
Then press enter on your keyboard to boot into Safe Mode
.



Please download Rkill by Grinler and save it to your desktop.Link 1
Link 2
  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista, right-click on it and Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
  • If the tool does not run from any of the links provided, please let me know.
Do not reboot the computer, you will need to run the application again.



Please Download

TDSSkiller


Launch it. Click on change parameters-Select TDLFS file system

Click on "Scan".
Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results.




Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • You will be prompted to restart your computer. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.



Posted Image Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 creativegd

creativegd
  • Topic Starter

  • Members
  • 73 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Atlanta
  • Local time:06:47 PM

Posted 15 November 2012 - 07:30 PM

Thank you for the quick reply. I have done all the scans and have posted them here.

I have since found that the Iminent.com browser hijacker virus has traveled through the home network and is popping up on all the computers. Do I need to run these scans on each computer?

The main computer where the original download and installation happened has been scanned. It was not from Google apps after all but an Audio DVD extraction software from the internet onto the desktop computer.

1. TDSS Killer Log

18:34:06.0234 3320 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
18:34:06.0625 3320 ============================================================
18:34:06.0625 3320 Current date / time: 2012/11/15 18:34:06.0625
18:34:06.0625 3320 SystemInfo:
18:34:06.0625 3320
18:34:06.0625 3320 OS Version: 5.1.2600 ServicePack: 3.0
18:34:06.0625 3320 Product type: Workstation
18:34:06.0625 3320 ComputerName: SGGS1
18:34:06.0625 3320 UserName: Administrator
18:34:06.0625 3320 Windows directory: C:\WINDOWS
18:34:06.0625 3320 System windows directory: C:\WINDOWS
18:34:06.0625 3320 Processor architecture: Intel x86
18:34:06.0625 3320 Number of processors: 2
18:34:06.0625 3320 Page size: 0x1000
18:34:06.0625 3320 Boot type: Normal boot
18:34:06.0625 3320 ============================================================
18:34:08.0546 3320 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
18:34:08.0578 3320 Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
18:34:08.0625 3320 Drive \Device\Harddisk2\DR4 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
18:34:09.0109 3320 Drive \Device\Harddisk3\DR5 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
18:34:09.0125 3320 Drive \Device\Harddisk5\DR7 - Size: 0x1D1C0F00000 (1863.01 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
18:34:09.0406 3320 Drive \Device\Harddisk6\DR8 - Size: 0x1FFFFFEF000 (2048.00 Gb), SectorSize: 0x200, Cylinders: 0x41455, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
18:34:09.0484 3320 Drive \Device\Harddisk7\DR9 - Size: 0x1FFFFFEF000 (2048.00 Gb), SectorSize: 0x200, Cylinders: 0x41455, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
18:34:09.0750 3320 Drive \Device\Harddisk8\DR10 - Size: 0x1FFFFFEF000 (2048.00 Gb), SectorSize: 0x200, Cylinders: 0x41455, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
18:34:09.0765 3320 Drive \Device\Harddisk9\DR11 - Size: 0x1FFFFFEF000 (2048.00 Gb), SectorSize: 0x200, Cylinders: 0x41455, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
18:34:09.0765 3320 ============================================================
18:34:09.0765 3320 \Device\Harddisk0\DR0:
18:34:09.0765 3320 MBR partitions:
18:34:09.0765 3320 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x254297C1
18:34:09.0765 3320 \Device\Harddisk1\DR1:
18:34:09.0796 3320 MBR partitions:
18:34:09.0796 3320 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xE8E07482
18:34:09.0796 3320 \Device\Harddisk2\DR4:
18:34:09.0812 3320 MBR partitions:
18:34:09.0812 3320 \Device\Harddisk2\DR4\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C02
18:34:09.0812 3320 \Device\Harddisk3\DR5:
18:34:09.0812 3320 MBR partitions:
18:34:09.0812 3320 \Device\Harddisk3\DR5\Partition1: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x74705982
18:34:09.0812 3320 \Device\Harddisk5\DR7:
18:34:09.0812 3320 MBR partitions:
18:34:09.0812 3320 \Device\Harddisk5\DR7\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07000
18:34:09.0812 3320 \Device\Harddisk6\DR8:
18:34:09.0812 3320 MBR partitions:
18:34:09.0812 3320 \Device\Harddisk6\DR8\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xFFFFE9D6
18:34:09.0812 3320 \Device\Harddisk7\DR9:
18:34:09.0812 3320 MBR partitions:
18:34:09.0812 3320 \Device\Harddisk7\DR9\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xFFFFE9D6
18:34:09.0812 3320 \Device\Harddisk8\DR10:
18:34:09.0812 3320 MBR partitions:
18:34:09.0812 3320 \Device\Harddisk8\DR10\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xFFFFE9D6
18:34:09.0812 3320 \Device\Harddisk9\DR11:
18:34:09.0812 3320 MBR partitions:
18:34:09.0812 3320 \Device\Harddisk9\DR11\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xFFFFE9D6
18:34:09.0812 3320 ============================================================
18:34:09.0843 3320 C: <-> \Device\Harddisk0\DR0\Partition1
18:34:09.0890 3320 F: <-> \Device\Harddisk1\DR1\Partition1
18:34:11.0203 3320 I: <-> \Device\Harddisk5\DR7\Partition1
18:34:11.0328 3320 K: <-> \Device\Harddisk2\DR4\Partition1
18:34:12.0875 3320 L: <-> \Device\Harddisk6\DR8\Partition1
18:34:18.0140 3320 M: <-> \Device\Harddisk7\DR9\Partition1
18:34:24.0953 3320 N: <-> \Device\Harddisk8\DR10\Partition1
18:34:25.0421 3320 H: <-> \Device\Harddisk3\DR5\Partition1
18:34:25.0687 3320 O: <-> \Device\Harddisk9\DR11\Partition1
18:34:25.0687 3320 ============================================================
18:34:25.0687 3320 Initialize success
18:34:25.0687 3320 ============================================================
18:34:53.0968 3576 ============================================================
18:34:53.0968 3576 Scan started
18:34:53.0968 3576 Mode: Manual; TDLFS;
18:34:53.0968 3576 ============================================================
18:34:57.0125 3576 ================ Scan system memory ========================
18:34:57.0125 3576 System memory - ok
18:34:57.0125 3576 ================ Scan services =============================
18:34:57.0203 3576 [ 914A9709FC3BF419AD2F85547F2A4832 ] 61883 C:\WINDOWS\system32\DRIVERS\61883.sys
18:34:57.0234 3576 61883 - ok
18:34:57.0234 3576 Abiosdsk - ok
18:34:57.0234 3576 abp480n5 - ok
18:34:57.0281 3576 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
18:34:57.0281 3576 ACPI - ok
18:34:57.0328 3576 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
18:34:57.0328 3576 ACPIEC - ok
18:34:57.0359 3576 [ 73685E15EF8B0BD9C30F1AF413F13D49 ] adfs C:\WINDOWS\system32\drivers\adfs.sys
18:34:57.0359 3576 adfs - ok
18:34:57.0406 3576 [ B244557D1B89EE61D00D93212DE7DDC9 ] ADIHdAudAddService C:\WINDOWS\system32\drivers\ADIHdAud.sys
18:34:57.0406 3576 ADIHdAudAddService - ok
18:34:57.0437 3576 [ B05F2367F62552A2DE7E3C352B7B9885 ] ADM8511 C:\WINDOWS\system32\DRIVERS\ADM8511.SYS
18:34:57.0437 3576 ADM8511 - ok
18:34:57.0578 3576 [ 9444A3530C2E88B7ED96A566FF9CCC13 ] Adobe Version Cue CS4 C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
18:34:57.0578 3576 Adobe Version Cue CS4 - ok
18:34:57.0671 3576 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
18:34:57.0671 3576 AdobeFlashPlayerUpdateSvc - ok
18:34:57.0671 3576 adpu160m - ok
18:34:57.0734 3576 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
18:34:57.0734 3576 aec - ok
18:34:57.0796 3576 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
18:34:57.0796 3576 AFD - ok
18:34:57.0796 3576 Aha154x - ok
18:34:57.0812 3576 aic78u2 - ok
18:34:57.0812 3576 aic78xx - ok
18:34:57.0812 3576 ALCXWDM - ok
18:34:57.0859 3576 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
18:34:57.0859 3576 Alerter - ok
18:34:57.0875 3576 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
18:34:57.0875 3576 ALG - ok
18:34:57.0875 3576 AliIde - ok
18:34:57.0921 3576 [ 267FC636801EDC5AB28E14036349E3BE ] Ambfilt C:\WINDOWS\system32\drivers\Ambfilt.sys
18:34:57.0968 3576 Ambfilt - ok
18:34:57.0968 3576 amsint - ok
18:34:58.0000 3576 [ 116BFF96077A4A724E0AAB800525CEB5 ] AN983 C:\WINDOWS\system32\DRIVERS\AN983.sys
18:34:58.0046 3576 AN983 - ok
18:34:58.0125 3576 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:34:58.0140 3576 Apple Mobile Device - ok
18:34:58.0156 3576 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
18:34:58.0171 3576 AppMgmt - ok
18:34:58.0187 3576 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
18:34:58.0187 3576 Arp1394 - ok
18:34:58.0187 3576 asc - ok
18:34:58.0187 3576 asc3350p - ok
18:34:58.0187 3576 asc3550 - ok
18:34:58.0343 3576 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
18:34:58.0343 3576 aspnet_state - ok
18:34:58.0375 3576 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
18:34:58.0375 3576 AsyncMac - ok
18:34:58.0406 3576 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
18:34:58.0406 3576 atapi - ok
18:34:58.0406 3576 Atdisk - ok
18:34:58.0468 3576 [ 471087B5E1E01CC82604E81EA14781D8 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
18:34:58.0484 3576 Ati HotKey Poller - ok
18:34:58.0546 3576 [ B979BA0120B6DB757196A8E2E873FE3C ] ATI Smart C:\WINDOWS\system32\ati2sgag.exe
18:34:59.0687 3576 ATI Smart - ok
18:34:59.0781 3576 [ C0B86ECB324E50F6BBD529F9D5C6B24B ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
18:35:00.0328 3576 ati2mtag - ok
18:35:00.0406 3576 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
18:35:00.0406 3576 Atmarpc - ok
18:35:00.0437 3576 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
18:35:00.0437 3576 AudioSrv - ok
18:35:00.0500 3576 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
18:35:00.0500 3576 audstub - ok
18:35:00.0531 3576 [ F8E6956A614F15A0860474C5E2A7DE6B ] Avc C:\WINDOWS\system32\DRIVERS\avc.sys
18:35:00.0562 3576 Avc - ok
18:35:00.0609 3576 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
18:35:00.0609 3576 Beep - ok
18:35:00.0656 3576 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
18:35:00.0703 3576 BITS - ok
18:35:00.0734 3576 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:35:00.0734 3576 Bonjour Service - ok
18:35:00.0796 3576 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
18:35:00.0796 3576 Browser - ok
18:35:00.0828 3576 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
18:35:00.0828 3576 cbidf2k - ok
18:35:00.0843 3576 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
18:35:00.0859 3576 CCDECODE - ok
18:35:00.0875 3576 cd20xrnt - ok
18:35:00.0890 3576 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
18:35:00.0890 3576 Cdaudio - ok
18:35:00.0937 3576 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
18:35:00.0937 3576 Cdfs - ok
18:35:00.0953 3576 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
18:35:00.0968 3576 Cdrom - ok
18:35:00.0968 3576 cerc6 - ok
18:35:00.0968 3576 Changer - ok
18:35:00.0984 3576 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
18:35:01.0000 3576 CiSvc - ok
18:35:01.0015 3576 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
18:35:01.0015 3576 ClipSrv - ok
18:35:01.0078 3576 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:35:01.0078 3576 clr_optimization_v2.0.50727_32 - ok
18:35:01.0125 3576 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:35:01.0156 3576 clr_optimization_v4.0.30319_32 - ok
18:35:01.0156 3576 CmdIde - ok
18:35:01.0187 3576 [ EF44C32B1AEF62380426B260BF2C66F1 ] COMMONFX C:\WINDOWS\system32\drivers\COMMONFX.SYS
18:35:01.0187 3576 COMMONFX - ok
18:35:01.0203 3576 COMMONFX.DLL - ok
18:35:01.0203 3576 [ EF44C32B1AEF62380426B260BF2C66F1 ] COMMONFX.SYS C:\WINDOWS\System32\drivers\COMMONFX.SYS
18:35:01.0203 3576 COMMONFX.SYS - ok
18:35:01.0203 3576 COMSysApp - ok
18:35:01.0218 3576 Cpqarray - ok
18:35:01.0312 3576 cpuz132 - ok
18:35:01.0359 3576 [ C0EAD9F8AB83D41FF07303C75589C2B8 ] Creative Audio Engine Licensing Service C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
18:35:01.0609 3576 Creative Audio Engine Licensing Service - ok
18:35:01.0656 3576 [ 3C8B6609712F4FF78E521F6DCFC4032B ] Creative Service for CDROM Access C:\WINDOWS\system32\CTsvcCDA.exe
18:35:01.0656 3576 Creative Service for CDROM Access - ok
18:35:01.0718 3576 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
18:35:01.0718 3576 CryptSvc - ok
18:35:01.0750 3576 [ 6191A973461852A09D643609E1D5F7C6 ] CT20XUT.DLL C:\WINDOWS\system32\CT20XUT.DLL
18:35:01.0765 3576 CT20XUT.DLL - ok
18:35:01.0812 3576 [ 357C534B38019B597F51C8BF7186C118 ] ctac32k C:\WINDOWS\system32\drivers\ctac32k.sys
18:35:01.0812 3576 ctac32k - ok
18:35:01.0843 3576 [ 691F8259A1F9C983356D8DB2CDE8043C ] ctaud2k C:\WINDOWS\system32\drivers\ctaud2k.sys
18:35:01.0843 3576 ctaud2k - ok
18:35:01.0875 3576 [ 7FC78AA6521EF3D9F16E51EFAB0BF13B ] CTAUDFX C:\WINDOWS\system32\drivers\CTAUDFX.SYS
18:35:01.0890 3576 CTAUDFX - ok
18:35:01.0890 3576 CTAUDFX.DLL - ok
18:35:01.0890 3576 [ 7FC78AA6521EF3D9F16E51EFAB0BF13B ] CTAUDFX.SYS C:\WINDOWS\System32\drivers\CTAUDFX.SYS
18:35:01.0906 3576 CTAUDFX.SYS - ok
18:35:01.0984 3576 [ 5CE3D0E1D1B3832EE052CFC442EEE0FA ] CTAudSvcService C:\Program Files\Creative\Shared Files\CTAudSvc.exe
18:35:02.0078 3576 CTAudSvcService - ok
18:35:02.0125 3576 [ 8545D70B0335A05498F34E7E3F8CA9A2 ] ctdvda2k C:\WINDOWS\system32\drivers\ctdvda2k.sys
18:35:02.0125 3576 ctdvda2k - ok
18:35:02.0140 3576 [ 6A57F82009563AEE8826F117E1D3C72C ] CTEAPSFX.DLL C:\WINDOWS\system32\CTEAPSFX.DLL
18:35:02.0140 3576 CTEAPSFX.DLL - ok
18:35:02.0156 3576 [ C8AC1FFAEADD655193D7B1811A572D8D ] CTEDSPFX.DLL C:\WINDOWS\system32\CTEDSPFX.DLL
18:35:02.0156 3576 CTEDSPFX.DLL - ok
18:35:02.0171 3576 [ 44495D9DAF675257D00B25B041EE6667 ] CTEDSPIO.DLL C:\WINDOWS\system32\CTEDSPIO.DLL
18:35:02.0171 3576 CTEDSPIO.DLL - ok
18:35:02.0187 3576 [ 8E90B1762CB42E2FC76DAC9210C83C66 ] CTEDSPSY.DLL C:\WINDOWS\system32\CTEDSPSY.DLL
18:35:02.0187 3576 CTEDSPSY.DLL - ok
18:35:02.0187 3576 [ 16F448354067914E7DEAEA709011BD60 ] CTERFXFX C:\WINDOWS\system32\drivers\CTERFXFX.SYS
18:35:02.0187 3576 CTERFXFX - ok
18:35:02.0187 3576 CTERFXFX.DLL - ok
18:35:02.0203 3576 [ 16F448354067914E7DEAEA709011BD60 ] CTERFXFX.SYS C:\WINDOWS\System32\drivers\CTERFXFX.SYS
18:35:02.0203 3576 CTERFXFX.SYS - ok
18:35:02.0218 3576 [ 2C48E9D8CA703964463F27AE341115B7 ] CTEXFIFX.DLL C:\WINDOWS\system32\CTEXFIFX.DLL
18:35:02.0250 3576 CTEXFIFX.DLL - ok
18:35:02.0250 3576 [ F7657C598E7C29C6683C1E4A8DD68884 ] CTHWIUT.DLL C:\WINDOWS\system32\CTHWIUT.DLL
18:35:02.0250 3576 CTHWIUT.DLL - ok
18:35:02.0296 3576 [ 4D71541283AEA28FB839007BE90B5FC7 ] ctprxy2k C:\WINDOWS\system32\drivers\ctprxy2k.sys
18:35:02.0296 3576 ctprxy2k - ok
18:35:02.0328 3576 [ 64C83684661BE137023F5186A612CF34 ] CTSBLFX C:\WINDOWS\system32\drivers\CTSBLFX.SYS
18:35:02.0328 3576 CTSBLFX - ok
18:35:02.0328 3576 CTSBLFX.DLL - ok
18:35:02.0343 3576 [ 64C83684661BE137023F5186A612CF34 ] CTSBLFX.SYS C:\WINDOWS\System32\drivers\CTSBLFX.SYS
18:35:02.0343 3576 CTSBLFX.SYS - ok
18:35:02.0359 3576 [ 632194572EBDE8D461728CF382A7E964 ] ctsfm2k C:\WINDOWS\system32\drivers\ctsfm2k.sys
18:35:02.0359 3576 ctsfm2k - ok
18:35:02.0359 3576 dac2w2k - ok
18:35:02.0359 3576 dac960nt - ok
18:35:02.0421 3576 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
18:35:02.0421 3576 DcomLaunch - ok
18:35:02.0515 3576 [ 96A52B1EAEDD8CA109847437C7403CE0 ] DDService C:\Program Files\Drobo\Drobo Dashboard\DDService.exe
18:35:02.0562 3576 DDService - ok
18:35:02.0593 3576 [ 0819D9AF77D51B1C397D1097AA5BFDDC ] DfuUsb C:\WINDOWS\system32\DRIVERS\DFUUsb.sys
18:35:02.0609 3576 DfuUsb - ok
18:35:02.0656 3576 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
18:35:02.0656 3576 Dhcp - ok
18:35:02.0718 3576 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
18:35:02.0718 3576 Disk - ok
18:35:02.0718 3576 dmadmin - ok
18:35:02.0765 3576 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
18:35:02.0765 3576 dmboot - ok
18:35:02.0781 3576 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\DRIVERS\dmio.sys
18:35:02.0781 3576 dmio - ok
18:35:02.0796 3576 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
18:35:02.0796 3576 dmload - ok
18:35:02.0828 3576 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
18:35:02.0828 3576 dmserver - ok
18:35:02.0875 3576 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
18:35:02.0875 3576 DMusic - ok
18:35:02.0921 3576 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
18:35:02.0937 3576 Dnscache - ok
18:35:02.0984 3576 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
18:35:02.0984 3576 Dot3svc - ok
18:35:02.0984 3576 dpti2o - ok
18:35:03.0015 3576 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
18:35:03.0015 3576 drmkaud - ok
18:35:03.0062 3576 [ D57A8FC800B501AC05B10D00F66D127A ] E100B C:\WINDOWS\system32\DRIVERS\e100b325.sys
18:35:03.0078 3576 E100B - ok
18:35:03.0140 3576 [ 8942419786970ADB32B05BB7950AEE72 ] e1express C:\WINDOWS\system32\DRIVERS\e1e5132.sys
18:35:03.0140 3576 e1express - ok
18:35:03.0171 3576 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
18:35:03.0171 3576 EapHost - ok
18:35:03.0218 3576 [ BACD9CC06D7A787E529E7EBF56B671AA ] emupia C:\WINDOWS\system32\drivers\emupia2k.sys
18:35:03.0218 3576 emupia - ok
18:35:03.0218 3576 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
18:35:03.0218 3576 ERSvc - ok
18:35:03.0281 3576 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
18:35:03.0281 3576 Eventlog - ok
18:35:03.0328 3576 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
18:35:03.0343 3576 EventSystem - ok
18:35:03.0359 3576 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
18:35:03.0359 3576 Fastfat - ok
18:35:03.0406 3576 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
18:35:03.0406 3576 FastUserSwitchingCompatibility - ok
18:35:03.0453 3576 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
18:35:03.0453 3576 Fdc - ok
18:35:03.0468 3576 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
18:35:03.0468 3576 Fips - ok
18:35:03.0515 3576 [ 1F63900E2EB00101B9ACA2B7A870704E ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
18:35:03.0531 3576 FLEXnet Licensing Service - ok
18:35:03.0562 3576 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
18:35:03.0562 3576 Flpydisk - ok
18:35:03.0578 3576 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
18:35:03.0578 3576 FltMgr - ok
18:35:03.0640 3576 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
18:35:03.0640 3576 FontCache3.0.0.0 - ok
18:35:03.0671 3576 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
18:35:03.0671 3576 Fs_Rec - ok
18:35:03.0671 3576 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
18:35:03.0671 3576 Ftdisk - ok
18:35:03.0734 3576 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
18:35:03.0734 3576 GEARAspiWDM - ok
18:35:03.0765 3576 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
18:35:03.0765 3576 Gpc - ok
18:35:03.0812 3576 [ 70606233F3ED0E53CB3EA17F846D6A4F ] ha10kx2k C:\WINDOWS\system32\drivers\ha10kx2k.sys
18:35:03.0812 3576 ha10kx2k - ok
18:35:03.0828 3576 [ A0C69AD2A61E576B0207ACDD9626E167 ] hap16v2k C:\WINDOWS\system32\drivers\hap16v2k.sys
18:35:03.0828 3576 hap16v2k - ok
18:35:03.0875 3576 [ 2EE89452C574D259ADA4FC9FC1C07243 ] hap17v2k C:\WINDOWS\system32\drivers\hap17v2k.sys
18:35:03.0875 3576 hap17v2k - ok
18:35:03.0906 3576 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
18:35:03.0906 3576 HDAudBus - ok
18:35:04.0000 3576 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
18:35:04.0000 3576 helpsvc - ok
18:35:04.0046 3576 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
18:35:04.0046 3576 HidServ - ok
18:35:04.0062 3576 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
18:35:04.0062 3576 HidUsb - ok
18:35:04.0093 3576 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
18:35:04.0093 3576 hkmsvc - ok
18:35:04.0125 3576 [ 9E3944A558AB84853EF985988E23A8A4 ] HPFXBULK C:\WINDOWS\system32\drivers\hpfxbulk.sys
18:35:04.0125 3576 HPFXBULK - ok
18:35:04.0125 3576 hpn - ok
18:35:04.0171 3576 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
18:35:04.0171 3576 HTTP - ok
18:35:04.0203 3576 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
18:35:04.0203 3576 HTTPFilter - ok
18:35:04.0218 3576 i2omgmt - ok
18:35:04.0218 3576 i2omp - ok
18:35:04.0250 3576 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
18:35:04.0250 3576 i8042prt - ok
18:35:04.0375 3576 [ 2AAE7BE67911F4AEC9AD28E9CFB9096F ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
18:35:04.0453 3576 ialm - ok
18:35:04.0531 3576 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:35:04.0546 3576 idsvc - ok
18:35:04.0546 3576 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
18:35:04.0546 3576 Imapi - ok
18:35:04.0578 3576 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
18:35:04.0578 3576 ImapiService - ok
18:35:04.0593 3576 ini910u - ok
18:35:04.0796 3576 [ 988A112C4061F309CE9C1ABFC971D001 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
18:35:04.0828 3576 IntcAzAudAddService - ok
18:35:04.0890 3576 [ FCAB28FFD3A8964581E16455EFAF81C8 ] IntelC51 C:\WINDOWS\system32\DRIVERS\IntelC51.sys
18:35:04.0921 3576 IntelC51 - ok
18:35:04.0937 3576 [ A288E7E3A6255255B9066686D860FBC5 ] IntelC52 C:\WINDOWS\system32\DRIVERS\IntelC52.sys
18:35:04.0937 3576 IntelC52 - ok
18:35:04.0968 3576 [ D5E5A1ABF6BDBA7CA49941A044F04598 ] IntelC53 C:\WINDOWS\system32\DRIVERS\IntelC53.sys
18:35:04.0968 3576 IntelC53 - ok
18:35:04.0984 3576 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
18:35:04.0984 3576 IntelIde - ok
18:35:05.0000 3576 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
18:35:05.0000 3576 intelppm - ok
18:35:05.0031 3576 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
18:35:05.0031 3576 Ip6Fw - ok
18:35:05.0062 3576 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
18:35:05.0062 3576 IpFilterDriver - ok
18:35:05.0078 3576 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
18:35:05.0078 3576 IpInIp - ok
18:35:05.0109 3576 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
18:35:05.0109 3576 IpNat - ok
18:35:05.0171 3576 [ CE004777B92DEA56FE14EC900D20BAA4 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
18:35:05.0187 3576 iPod Service - ok
18:35:05.0203 3576 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
18:35:05.0203 3576 IPSec - ok
18:35:05.0250 3576 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
18:35:05.0250 3576 IRENUM - ok
18:35:05.0296 3576 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
18:35:05.0296 3576 isapnp - ok
18:35:05.0375 3576 [ B591E761161D1EF547D76EF236EAA6A5 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
18:35:05.0375 3576 JavaQuickStarterService - ok
18:35:05.0390 3576 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
18:35:05.0390 3576 Kbdclass - ok
18:35:05.0437 3576 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
18:35:05.0453 3576 kbdhid - ok
18:35:05.0515 3576 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
18:35:05.0531 3576 kmixer - ok
18:35:05.0546 3576 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
18:35:05.0546 3576 KSecDD - ok
18:35:05.0578 3576 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
18:35:05.0593 3576 LanmanServer - ok
18:35:05.0640 3576 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
18:35:05.0640 3576 lanmanworkstation - ok
18:35:05.0656 3576 lbrtfdc - ok
18:35:05.0703 3576 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
18:35:05.0703 3576 LmHosts - ok
18:35:05.0703 3576 [ FB097BBC1A18F044BD17BD2FCCF97865 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
18:35:05.0703 3576 MBAMProtector - ok
18:35:05.0734 3576 [ BA400ED640BCA1EAE5C727AE17C10207 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
18:35:05.0750 3576 MBAMService - ok
18:35:05.0796 3576 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
18:35:05.0796 3576 Messenger - ok
18:35:05.0859 3576 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
18:35:05.0859 3576 mnmdd - ok
18:35:05.0906 3576 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
18:35:05.0906 3576 mnmsrvc - ok
18:35:05.0937 3576 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
18:35:05.0937 3576 Modem - ok
18:35:05.0968 3576 [ 1992E0D143B09653AB0F9C5E04B0FD65 ] MODEMCSA C:\WINDOWS\system32\drivers\MODEMCSA.sys
18:35:05.0968 3576 MODEMCSA - ok
18:35:06.0000 3576 [ C6A08C4F34B3048A73BBB2951150F98D ] mohfilt C:\WINDOWS\system32\DRIVERS\mohfilt.sys
18:35:06.0000 3576 mohfilt - ok
18:35:06.0031 3576 [ C7D9F9717916B34C1B00DD4834AF485C ] Monfilt C:\WINDOWS\system32\drivers\Monfilt.sys
18:35:06.0062 3576 Monfilt - ok
18:35:06.0125 3576 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
18:35:06.0125 3576 Mouclass - ok
18:35:06.0171 3576 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
18:35:06.0171 3576 mouhid - ok
18:35:06.0218 3576 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
18:35:06.0218 3576 MountMgr - ok
18:35:06.0250 3576 [ EE728AF83850DDAD9A3FCAC0AAB3AD97 ] MpFilter C:\WINDOWS\system32\DRIVERS\MpFilter.sys
18:35:06.0250 3576 MpFilter - ok
18:35:06.0250 3576 mraid35x - ok
18:35:06.0265 3576 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
18:35:06.0265 3576 MRxDAV - ok
18:35:06.0312 3576 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
18:35:06.0312 3576 MRxSmb - ok
18:35:06.0359 3576 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
18:35:06.0359 3576 MSDTC - ok
18:35:06.0390 3576 [ 1477849772712BAC69C144DCF2C9CE81 ] MSDV C:\WINDOWS\system32\DRIVERS\msdv.sys
18:35:06.0421 3576 MSDV - ok
18:35:06.0468 3576 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
18:35:06.0468 3576 Msfs - ok
18:35:06.0468 3576 MSIServer - ok
18:35:06.0531 3576 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
18:35:06.0531 3576 MSKSSRV - ok
18:35:06.0593 3576 [ E077FCA2A7E79FB9BF67D3E30B5CE593 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
18:35:06.0593 3576 MsMpSvc - ok
18:35:06.0609 3576 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
18:35:06.0609 3576 MSPCLOCK - ok
18:35:06.0625 3576 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
18:35:06.0625 3576 MSPQM - ok
18:35:06.0656 3576 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
18:35:06.0656 3576 mssmbios - ok
18:35:06.0781 3576 MSSQL$SONY_MEDIAMGR - ok
18:35:06.0843 3576 [ CB7524C21727404BD3140DCA32DEB7DE ] MSSQLServerADHelper C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe
18:35:06.0843 3576 MSSQLServerADHelper - ok
18:35:06.0875 3576 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
18:35:06.0890 3576 MSTEE - ok
18:35:06.0937 3576 [ D48659BB24C48345D926ECB45C1EBDF5 ] MTsensor C:\WINDOWS\system32\DRIVERS\ASACPI.sys
18:35:06.0953 3576 MTsensor - ok
18:35:07.0000 3576 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
18:35:07.0000 3576 Mup - ok
18:35:07.0015 3576 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
18:35:07.0046 3576 NABTSFEC - ok
18:35:07.0109 3576 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
18:35:07.0109 3576 napagent - ok
18:35:07.0156 3576 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
18:35:07.0156 3576 NDIS - ok
18:35:07.0187 3576 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
18:35:07.0218 3576 NdisIP - ok
18:35:07.0250 3576 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
18:35:07.0250 3576 NdisTapi - ok
18:35:07.0250 3576 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
18:35:07.0250 3576 Ndisuio - ok
18:35:07.0265 3576 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
18:35:07.0265 3576 NdisWan - ok
18:35:07.0296 3576 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
18:35:07.0296 3576 NDProxy - ok
18:35:07.0328 3576 [ 90EB97C8DBF11BB0016C51946AC5ECD6 ] Net Driver HPZ12 C:\WINDOWS\system32\HPZinw12.dll
18:35:07.0343 3576 Net Driver HPZ12 - ok
18:35:07.0359 3576 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
18:35:07.0359 3576 NetBIOS - ok
18:35:07.0390 3576 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
18:35:07.0390 3576 NetBT - ok
18:35:07.0421 3576 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
18:35:07.0421 3576 NetDDE - ok
18:35:07.0421 3576 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
18:35:07.0437 3576 NetDDEdsdm - ok
18:35:07.0500 3576 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
18:35:07.0500 3576 Netlogon - ok
18:35:07.0515 3576 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
18:35:07.0515 3576 Netman - ok
18:35:07.0562 3576 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:35:07.0562 3576 NetTcpPortSharing - ok
18:35:07.0578 3576 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
18:35:07.0578 3576 NIC1394 - ok
18:35:07.0625 3576 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
18:35:07.0640 3576 Nla - ok
18:35:07.0640 3576 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
18:35:07.0640 3576 Npfs - ok
18:35:07.0656 3576 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
18:35:07.0671 3576 Ntfs - ok
18:35:07.0671 3576 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
18:35:07.0671 3576 NtLmSsp - ok
18:35:07.0703 3576 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
18:35:07.0703 3576 NtmsSvc - ok
18:35:07.0734 3576 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
18:35:07.0734 3576 Null - ok
18:35:07.0781 3576 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
18:35:07.0781 3576 NwlnkFlt - ok
18:35:07.0796 3576 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
18:35:07.0796 3576 NwlnkFwd - ok
18:35:07.0937 3576 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
18:35:07.0953 3576 odserv - ok
18:35:07.0968 3576 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
18:35:07.0984 3576 ohci1394 - ok
18:35:08.0046 3576 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:35:08.0046 3576 ose - ok
18:35:08.0078 3576 [ AE896073E1BBF98FEFC2EC52F62C0FBA ] ossrv C:\WINDOWS\system32\drivers\ctoss2k.sys
18:35:08.0078 3576 ossrv - ok
18:35:08.0093 3576 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
18:35:08.0093 3576 Parport - ok
18:35:08.0125 3576 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
18:35:08.0125 3576 PartMgr - ok
18:35:08.0171 3576 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
18:35:08.0171 3576 ParVdm - ok
18:35:08.0203 3576 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
18:35:08.0203 3576 PCI - ok
18:35:08.0218 3576 PCIDump - ok
18:35:08.0218 3576 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
18:35:08.0250 3576 PCIIde - ok
18:35:08.0265 3576 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
18:35:08.0281 3576 Pcmcia - ok
18:35:08.0281 3576 PDCOMP - ok
18:35:08.0281 3576 PDFRAME - ok
18:35:08.0281 3576 PDRELI - ok
18:35:08.0281 3576 PDRFRAME - ok
18:35:08.0296 3576 perc2 - ok
18:35:08.0296 3576 perc2hib - ok
18:35:08.0328 3576 [ F2B3785D7282BAC66D4B644FC88749F0 ] pfc C:\WINDOWS\system32\drivers\pfc.sys
18:35:08.0343 3576 pfc - ok
18:35:08.0375 3576 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
18:35:08.0375 3576 PlugPlay - ok
18:35:08.0421 3576 [ F0EFAF6000E9FCBD77F769D527CE5F9D ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.dll
18:35:08.0421 3576 Pml Driver HPZ12 - ok
18:35:08.0453 3576 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
18:35:08.0453 3576 PolicyAgent - ok
18:35:08.0453 3576 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
18:35:08.0453 3576 PptpMiniport - ok
18:35:08.0453 3576 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
18:35:08.0453 3576 ProtectedStorage - ok
18:35:08.0468 3576 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
18:35:08.0468 3576 PSched - ok
18:35:08.0468 3576 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
18:35:08.0468 3576 Ptilink - ok
18:35:08.0500 3576 [ D970470F8F39470BDAE94D313A1CCDCE ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
18:35:08.0500 3576 PxHelp20 - ok
18:35:08.0500 3576 ql1080 - ok
18:35:08.0500 3576 Ql10wnt - ok
18:35:08.0500 3576 ql12160 - ok
18:35:08.0515 3576 ql1240 - ok
18:35:08.0515 3576 ql1280 - ok
18:35:08.0531 3576 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
18:35:08.0531 3576 RasAcd - ok
18:35:08.0562 3576 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
18:35:08.0562 3576 RasAuto - ok
18:35:08.0578 3576 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
18:35:08.0578 3576 Rasl2tp - ok
18:35:08.0593 3576 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
18:35:08.0593 3576 RasMan - ok
18:35:08.0609 3576 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
18:35:08.0609 3576 RasPppoe - ok
18:35:08.0609 3576 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
18:35:08.0609 3576 Raspti - ok
18:35:08.0625 3576 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
18:35:08.0625 3576 Rdbss - ok
18:35:08.0625 3576 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
18:35:08.0625 3576 RDPCDD - ok
18:35:08.0640 3576 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
18:35:08.0640 3576 rdpdr - ok
18:35:08.0687 3576 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
18:35:08.0687 3576 RDPWD - ok
18:35:08.0718 3576 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
18:35:08.0718 3576 RDSessMgr - ok
18:35:08.0718 3576 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
18:35:08.0718 3576 redbook - ok
18:35:08.0765 3576 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
18:35:08.0765 3576 RemoteAccess - ok
18:35:08.0781 3576 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
18:35:08.0796 3576 RemoteRegistry - ok
18:35:08.0812 3576 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
18:35:08.0828 3576 RpcLocator - ok
18:35:08.0859 3576 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\system32\rpcss.dll
18:35:08.0859 3576 RpcSs - ok
18:35:08.0890 3576 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
18:35:08.0890 3576 RSVP - ok
18:35:08.0953 3576 [ C6D34A1874CD2B212DC3E788091C64B4 ] RTLE8023xp C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
18:35:08.0953 3576 RTLE8023xp - ok
18:35:08.0968 3576 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
18:35:08.0968 3576 SamSs - ok
18:35:09.0015 3576 [ B244960E5A1DB8E9D5D17086DE37C1E4 ] sbp2port C:\WINDOWS\system32\DRIVERS\sbp2port.sys
18:35:09.0046 3576 sbp2port - ok
18:35:09.0078 3576 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
18:35:09.0078 3576 SCardSvr - ok
18:35:09.0109 3576 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
18:35:09.0125 3576 Schedule - ok
18:35:09.0140 3576 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
18:35:09.0156 3576 Secdrv - ok
18:35:09.0171 3576 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
18:35:09.0187 3576 seclogon - ok
18:35:09.0218 3576 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
18:35:09.0218 3576 SENS - ok
18:35:09.0234 3576 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
18:35:09.0234 3576 serenum - ok
18:35:09.0234 3576 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
18:35:09.0234 3576 Serial - ok
18:35:09.0296 3576 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
18:35:09.0296 3576 Sfloppy - ok
18:35:09.0343 3576 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
18:35:09.0343 3576 SharedAccess - ok
18:35:09.0375 3576 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
18:35:09.0390 3576 ShellHWDetection - ok
18:35:09.0390 3576 Simbad - ok
18:35:09.0421 3576 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
18:35:09.0437 3576 SLIP - ok
18:35:09.0437 3576 Sparrow - ok
18:35:09.0531 3576 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
18:35:09.0531 3576 splitter - ok
18:35:09.0578 3576 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
18:35:09.0578 3576 Spooler - ok
18:35:09.0578 3576 SQLAgent$SONY_MEDIAMGR - ok
18:35:09.0625 3576 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
18:35:09.0625 3576 sr - ok
18:35:09.0640 3576 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
18:35:09.0640 3576 srservice - ok
18:35:09.0687 3576 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
18:35:09.0687 3576 Srv - ok
18:35:09.0718 3576 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
18:35:09.0718 3576 SSDPSRV - ok
18:35:09.0781 3576 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
18:35:09.0781 3576 stisvc - ok
18:35:09.0796 3576 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
18:35:09.0828 3576 streamip - ok
18:35:09.0843 3576 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
18:35:09.0843 3576 swenum - ok
18:35:09.0921 3576 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
18:35:09.0921 3576 swmidi - ok
18:35:09.0921 3576 SwPrv - ok
18:35:09.0921 3576 symc810 - ok
18:35:09.0921 3576 symc8xx - ok
18:35:09.0937 3576 sym_hi - ok
18:35:09.0937 3576 sym_u3 - ok
18:35:09.0968 3576 [ 418BD80A7FEFAA3FCBD3DCFC021CB294 ] SynasUSB C:\WINDOWS\system32\drivers\SynasUSB.sys
18:35:09.0984 3576 SynasUSB - ok
18:35:10.0015 3576 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
18:35:10.0015 3576 sysaudio - ok
18:35:10.0046 3576 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
18:35:10.0046 3576 SysmonLog - ok
18:35:10.0062 3576 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
18:35:10.0062 3576 TapiSrv - ok
18:35:10.0093 3576 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
18:35:10.0093 3576 Tcpip - ok
18:35:10.0125 3576 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
18:35:10.0125 3576 TDPIPE - ok
18:35:10.0156 3576 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
18:35:10.0156 3576 TDTCP - ok
18:35:10.0171 3576 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
18:35:10.0171 3576 TermDD - ok
18:35:10.0187 3576 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
18:35:10.0187 3576 TermService - ok
18:35:10.0203 3576 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
18:35:10.0203 3576 Themes - ok
18:35:10.0234 3576 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
18:35:10.0234 3576 TlntSvr - ok
18:35:10.0234 3576 TosIde - ok
18:35:10.0281 3576 [ A147180FC61769BF4EB6FF94D499970C ] TPM C:\WINDOWS\system32\DRIVERS\tpm.sys
18:35:10.0281 3576 TPM - ok
18:35:10.0312 3576 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
18:35:10.0312 3576 TrkWks - ok
18:35:10.0359 3576 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
18:35:10.0375 3576 Udfs - ok
18:35:10.0375 3576 ultra - ok
18:35:10.0375 3576 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
18:35:10.0390 3576 Update - ok
18:35:10.0406 3576 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
18:35:10.0421 3576 upnphost - ok
18:35:10.0437 3576 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
18:35:10.0437 3576 UPS - ok
18:35:10.0484 3576 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
18:35:10.0484 3576 usbaudio - ok
18:35:10.0484 3576 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
18:35:10.0484 3576 usbccgp - ok
18:35:10.0546 3576 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
18:35:10.0546 3576 usbehci - ok
18:35:10.0593 3576 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
18:35:10.0593 3576 usbhub - ok
18:35:10.0625 3576 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
18:35:10.0640 3576 usbohci - ok
18:35:10.0671 3576 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
18:35:10.0671 3576 usbprint - ok
18:35:10.0687 3576 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
18:35:10.0687 3576 USBSTOR - ok
18:35:10.0734 3576 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
18:35:10.0734 3576 usbuhci - ok
18:35:10.0750 3576 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
18:35:10.0750 3576 VgaSave - ok
18:35:10.0750 3576 ViaIde - ok
18:35:10.0765 3576 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
18:35:10.0765 3576 VolSnap - ok
18:35:10.0796 3576 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
18:35:10.0796 3576 VSS - ok
18:35:10.0843 3576 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
18:35:10.0843 3576 W32Time - ok
18:35:10.0859 3576 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
18:35:10.0859 3576 Wanarp - ok
18:35:10.0906 3576 [ D6EFAF429FD30C5DF613D220E344CCE7 ] WDC_SAM C:\WINDOWS\system32\DRIVERS\wdcsam.sys
18:35:10.0921 3576 WDC_SAM - ok
18:35:10.0968 3576 [ BBCFEAB7E871CDDAC2D397EE7FA91FDC ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
18:35:10.0968 3576 Wdf01000 - ok
18:35:10.0968 3576 WDICA - ok
18:35:11.0000 3576 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
18:35:11.0000 3576 wdmaud - ok
18:35:11.0000 3576 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
18:35:11.0015 3576 WebClient - ok
18:35:11.0093 3576 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
18:35:11.0093 3576 winmgmt - ok
18:35:11.0156 3576 [ 18F347402DA544A780949B8FDF83351B ] WinRM C:\WINDOWS\system32\WsmSvc.dll
18:35:11.0171 3576 WinRM - ok
18:35:11.0203 3576 [ FD600B032E741EB6AAB509FC630F7C42 ] WinUSB C:\WINDOWS\system32\DRIVERS\WinUSB.sys
18:35:11.0218 3576 WinUSB - ok
18:35:11.0265 3576 [ 581176F60885AEF8F78C6E38DCC3CDF9 ] WMDM PMSP Service C:\WINDOWS\system32\MsPMSPSv.exe
18:35:11.0265 3576 WMDM PMSP Service - ok
18:35:11.0296 3576 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
18:35:11.0296 3576 WmdmPmSN - ok
18:35:11.0359 3576 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll
18:35:11.0359 3576 Wmi - ok
18:35:11.0406 3576 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
18:35:11.0406 3576 WmiApSrv - ok
18:35:11.0484 3576 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
18:35:11.0484 3576 WMPNetworkSvc - ok
18:35:11.0578 3576 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
18:35:11.0578 3576 WPFFontCache_v0400 - ok
18:35:11.0625 3576 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
18:35:11.0625 3576 wscsvc - ok
18:35:11.0625 3576 WSearch - ok
18:35:11.0640 3576 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
18:35:11.0671 3576 WSTCODEC - ok
18:35:11.0687 3576 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
18:35:11.0687 3576 wuauserv - ok
18:35:11.0734 3576 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
18:35:11.0734 3576 WudfPf - ok
18:35:11.0750 3576 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
18:35:11.0750 3576 WudfRd - ok
18:35:11.0781 3576 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
18:35:11.0781 3576 WudfSvc - ok
18:35:11.0812 3576 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
18:35:11.0828 3576 WZCSVC - ok
18:35:11.0859 3576 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
18:35:11.0859 3576 xmlprov - ok
18:35:11.0875 3576 ================ Scan global ===============================
18:35:11.0906 3576 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
18:35:11.0968 3576 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
18:35:11.0984 3576 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
18:35:12.0000 3576 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
18:35:12.0000 3576 [Global] - ok
18:35:12.0000 3576 ================ Scan MBR ==================================
18:35:12.0031 3576 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
18:35:12.0343 3576 \Device\Harddisk0\DR0 - ok
18:35:12.0343 3576 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
18:35:12.0453 3576 \Device\Harddisk1\DR1 - ok
18:35:12.0468 3576 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk2\DR4
18:35:12.0671 3576 \Device\Harddisk2\DR4 - ok
18:35:13.0125 3576 [ 671B81004FDD1588FA9ED1331C9CECA9 ] \Device\Harddisk3\DR5
18:35:13.0296 3576 \Device\Harddisk3\DR5 - ok
18:35:13.0296 3576 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk5\DR7
18:35:13.0500 3576 \Device\Harddisk5\DR7 - ok
18:35:13.0515 3576 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk6\DR8
18:35:13.0796 3576 \Device\Harddisk6\DR8 - ok
18:35:13.0828 3576 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk7\DR9
18:35:14.0125 3576 \Device\Harddisk7\DR9 - ok
18:35:14.0156 3576 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk8\DR10
18:35:14.0437 3576 \Device\Harddisk8\DR10 - ok
18:35:14.0453 3576 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk9\DR11
18:35:14.0750 3576 \Device\Harddisk9\DR11 - ok
18:35:14.0750 3576 ================ Scan VBR ==================================
18:35:14.0765 3576 [ 5B180AF26B85D08F078B314B3E5F411A ] \Device\Harddisk0\DR0\Partition1
18:35:14.0765 3576 \Device\Harddisk0\DR0\Partition1 - ok
18:35:14.0781 3576 [ E91D322F1C28F6C251A02F184BE00B02 ] \Device\Harddisk1\DR1\Partition1
18:35:14.0781 3576 \Device\Harddisk1\DR1\Partition1 - ok
18:35:14.0796 3576 [ 0F1311FFA7684BCB1EBC3FD3487BC12E ] \Device\Harddisk2\DR4\Partition1
18:35:14.0796 3576 \Device\Harddisk2\DR4\Partition1 - ok
18:35:14.0796 3576 [ C90667277D1E7B0CBC24B954C07CDBBC ] \Device\Harddisk3\DR5\Partition1
18:35:14.0812 3576 \Device\Harddisk3\DR5\Partition1 - ok
18:35:14.0812 3576 [ FAB2C106923264AB5E39E1A602AFD4DC ] \Device\Harddisk5\DR7\Partition1
18:35:14.0828 3576 \Device\Harddisk5\DR7\Partition1 - ok
18:35:14.0828 3576 [ 576CD72D123101BE05C5F9BC9B36AAF3 ] \Device\Harddisk6\DR8\Partition1
18:35:14.0875 3576 \Device\Harddisk6\DR8\Partition1 - ok
18:35:14.0921 3576 [ 2660CA222733FA79672EFA901B1249D8 ] \Device\Harddisk7\DR9\Partition1
18:35:14.0937 3576 \Device\Harddisk7\DR9\Partition1 - ok
18:35:14.0984 3576 [ 1A649CDD3CC7D4309AF7FAF021A71418 ] \Device\Harddisk8\DR10\Partition1
18:35:15.0031 3576 \Device\Harddisk8\DR10\Partition1 - ok
18:35:15.0062 3576 [ 5A0AEFDD064EE69B77ABF3373AF2C8F2 ] \Device\Harddisk9\DR11\Partition1
18:35:15.0109 3576 \Device\Harddisk9\DR11\Partition1 - ok
18:35:15.0109 3576 ============================================================
18:35:15.0109 3576 Scan finished
18:35:15.0109 3576 ============================================================
18:35:15.0125 3568 Detected object count: 0
18:35:15.0125 3568 Actual detected object count: 0
18:36:17.0421 3312 Deinitialize success

___________________________________________________________________________________________

2. Adw Cleaner Log

# AdwCleaner v2.007 - Logfile created 11/15/2012 at 18:52:02
# Updated 06/11/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Administrator - SGGS1
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Administrator\Desktop\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\v76kigox.default\searchplugins\Askcom.xml
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
File Deleted : C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
Folder Deleted : C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\AskSearch
Folder Deleted : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\v76kigox.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}
Folder Deleted : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\v76kigox.default\extensions\toolbar@ask.com
Folder Deleted : C:\Documents and Settings\Administrator\Desktop\Software
Folder Deleted : C:\Documents and Settings\Administrator\Local Settings\Application Data\AskToolbar
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Babylon
Folder Deleted : C:\Program Files\Ask.com
Folder Deleted : C:\WINDOWS\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\AskToolbarInfo
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\AskToolbar
Key Deleted : HKCU\Software\Cr_Installer
Key Deleted : HKCU\Software\Crossrider
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D425283-D487-4337-BAB6-AB8354A81457}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\Zugo
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D425283-D487-4337-BAB6-AB8354A81457}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{9D425283-D487-4337-BAB6-AB8354A81457}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{9D425283-D487-4337-BAB6-AB8354A81457}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [webbooster@iminent.com]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://search.babylon.com/?affID=110189&tt=4512_6&babsrc=NT_ss&mntrId=247895c50000000000005404a6cd78b3 --> hxxp://www.google.com

-\\ Mozilla Firefox v3.6.10 (en-US)

Profile name : default
File : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\v76kigox.default\prefs.js

C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\v76kigox.default\user.js ... Deleted !

Deleted : user_pref("browser.search.defaultengine", "Ask.com");
Deleted : user_pref("browser.search.selectedEngine", "Search the web (Babylon)");
Deleted : user_pref("browser.startup.homepage", "hxxp://search.babylon.com/?affID=110189&tt=4512_6&babsrc=HP_s[...]
Deleted : user_pref("extensions.asktb.cbid", "F3");
Deleted : user_pref("extensions.asktb.crumb", "2010.10.31+11.25.34-toolbar001iad-US-QXRsYW50YSxHQSxVbml0ZWQgU3[...]
Deleted : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://www.ask.com/web?q={query}&o={o}&l={l}[...]
Deleted : user_pref("extensions.asktb.dtid", "YYYYYYYYUS");
Deleted : user_pref("extensions.asktb.fresh-install", false);
Deleted : user_pref("extensions.asktb.l", "dis");
Deleted : user_pref("extensions.asktb.last-config-req", "1316544441348");
Deleted : user_pref("extensions.asktb.locale", "en_US");
Deleted : user_pref("extensions.asktb.o", "101703");
Deleted : user_pref("extensions.asktb.overlay-reloaded-using-restart", true);
Deleted : user_pref("extensions.asktb.qsrc", "2871");
Deleted : user_pref("extensions.asktb.r", "7");
Deleted : user_pref("extensions.asktb.search-plugin-suggestions-url", "hxxp://ss.websearch.ask.com/query?qsrc=[...]
Deleted : user_pref("extensions.asktb.search-suggestions-enabled", true);
Deleted : user_pref("extensions.asktb.v", "3.9.1.100006");
Deleted : user_pref("browser.startup.homepage", "hxxp://search.iminent.com/?appId=701732DB-3439-4242-91F9-2ECA[...]
Deleted : user_pref("browser.search.selectedEngine", "SearchTheWeb");

-\\ Google Chrome v23.0.1271.64

File : C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

Deleted [l.19] : urls_to_restore_on_startup = [ "hxxps://www.google.com/", "hxxp://search.iminent.com/?appId=701732DB-3439-4242-91F9-2ECAE3CD65CC" ]
Deleted [l.2647] : urls_to_restore_on_startup = [ "hxxps://www.google.com/", "hxxp://search.iminent.com/?appId=701732DB-3439-4242-91F9-2ECAE3CD65CC" ]

*************************

AdwCleaner[S1].txt - [12167 octets] - [15/11/2012 18:52:02]

########## EOF - C:\AdwCleaner[S1].txt - [12228 octets] ##########

___________________________________________________________________________________________________

3. JRT Log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 3.1.1 (11.15.2012)
OS: Microsoft Windows XP x86
Ran by Administrator on Thu 11/15/2012 at 19:03:56.64
Blog: http://thisisudax.blogspot.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\0e12f736682067fde4d1158d5940a82e"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\261f213d1f55267499b1f87d0cc3bcf7"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\2b0d56c4f4c46d844a57ffed6f0d2852"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\49d4375fe41653242aea4c969e4e65e0"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\6f7467af8f29c134cbbab394eccfde96"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\741b4adf27276464790022c965ab6da8"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\7de196b10195f5647a2b21b761f3de01"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\9d4f5849367142e4685ed8c25e44c5ed"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\a5875b04372c19545beb90d4d606c472"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\a876d9e80b896ec44a8620248cc79296"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\b66ffab725b92594c986de826a867888"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\bcda179d619b91648538e3394cac94cc"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\d677b1a9671d4d4004f6f2a4469e86ea"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\dd1402a9dd4215a43abde169a41afa0e"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\e36e114a0ead2ad46b381d23ad69cddf"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\ef8e618db3aedfbb384561b5c548f65e"



~~~ Files



~~~ Folders



~~~ FireFox

Successfully deleted: [Folder] C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 11/15/2012 at 19:09:02.50
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Thank you

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,221 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:47 PM

Posted 15 November 2012 - 09:23 PM

Do I need to run these scans on each computer?


Yes that is needed.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 creativegd

creativegd
  • Topic Starter

  • Members
  • 73 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Atlanta
  • Local time:06:47 PM

Posted 29 November 2012 - 03:50 PM

Hi, I repeated the procedure on the other computers and everything looked clean. But just yesterday I found the Iminent.com browser hijacker had returned on the laptop and most likely on the desktop as well. I went through the procedure again but it has returned right away (after restart). Is there anything else I can do to remove it?
Thank you

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,221 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:47 PM

Posted 29 November 2012 - 08:14 PM

Hello, I suspect this isbeing protected,perhaps by a driver or service. We are going to need a deeper look.
Please make a new topic as instructed in this guide so we can get it out.

Please follow this Preparation Guide and post in a new topic.

Let me know if all went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users