Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Possibly infected


  • Please log in to reply
10 replies to this topic

#1 pupster1

pupster1

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:03:48 PM

Posted 20 November 2012 - 09:01 AM

Hello,
I believe my desktop PC may be infected. It has been running real slow lately and at one point I even saw a pop-up message that my PC may be at risk. Since this has happened, I noticed that I can no longer see my external hard-drive (WD 500)anymore via Windows Explorer. In fact, the external HD doesn't even shut itself off when the computer is shut off. It always has in the past. I'm running AT&T Internet Security Suite (by McaFee) that was provided by my ISP and it shows that it is up to date with no problems. I have also run Malwarebytes and it didn't find anything. I have also run CCleaner. I do notice (upon boot-up) that it shows debugger enabled, but I'm not sure if that is relevant. I tried using Windows restore to a date a week appx a before this happened, but I still cannot see the external hard drive.

I will provide whatever info you need.

Thanks in advance.

BC AdBot (Login to Remove)

 


#2 pupster1

pupster1
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:03:48 PM

Posted 24 November 2012 - 08:12 PM

Any idea when someone will pick this up?

#3 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,220 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:48 PM

Posted 24 November 2012 - 08:31 PM

Hello,sorry you got lost.. Let's see if we can do these and find something.

Please download MiniToolBox, save it to your desktop and run it.Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.


>>>>>

Please DownloadTDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results.


>>>>>

Please download aswMBR ( 4.5MB ) to your desktop.
  • Double click the aswMBR.exe icon, and click Run.
  • When asked if you'd like to "download the latest Avast! virus definitions", click Yes.
  • Click the Scan button to start the scan.
  • On completion of the scan, click the save log button, save it to your desktop, then copy and paste it in your next reply.



ESET ONLINE


I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image
      icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

NOTE:Sometimes if ESET finds no infections it will not create a log.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#4 pupster1

pupster1
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:03:48 PM

Posted 28 November 2012 - 10:15 PM

I have supplied all these results below. Awaiting your reply. Thanks


MiniToolBox by Farbar Version: 25-11-2012
Ran by Lenny (administrator) on 28-11-2012 at 19:32:22
Running from "C:\Documents and Settings\Lenny\Desktop\Bleeping Computer"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Broadcom NetXtreme 57xx Gigabit Controller = Local Area Connection (Connected)
1394 Net Adapter = 1394 Connection (Connected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : home

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Broadcast

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No

DNS Suffix Search List. . . . . . : gateway.2wire.net



Ethernet adapter Local Area Connection:



Connection-specific DNS Suffix . : gateway.2wire.net

Description . . . . . . . . . . . : Broadcom NetXtreme 57xx Gigabit Controller

Physical Address. . . . . . . . . : 00-11-11-18-23-B0

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.1.64

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.1.254

DHCP Server . . . . . . . . . . . : 192.168.1.254

DNS Servers . . . . . . . . . . . : 192.168.1.254

Lease Obtained. . . . . . . . . . : Wednesday, November 28, 2012 7:28:27 PM

Lease Expires . . . . . . . . . . : Thursday, November 29, 2012 7:28:27 PM

Server: homeportal
Address: 192.168.1.254

Name: google.com
Addresses: 74.125.226.230, 74.125.226.231, 74.125.226.232, 74.125.226.233
74.125.226.238, 74.125.226.224, 74.125.226.225, 74.125.226.226, 74.125.226.227
74.125.226.228, 74.125.226.229



Pinging google.com [173.194.43.34] with 32 bytes of data:



Reply from 173.194.43.34: bytes=32 time=36ms TTL=56

Reply from 173.194.43.34: bytes=32 time=34ms TTL=56



Ping statistics for 173.194.43.34:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 34ms, Maximum = 36ms, Average = 35ms

Server: homeportal
Address: 192.168.1.254

Name: yahoo.com
Addresses: 98.139.183.24, 72.30.38.140, 98.138.253.109



Pinging yahoo.com [98.139.183.24] with 32 bytes of data:



Reply from 98.139.183.24: bytes=32 time=84ms TTL=50

Reply from 98.139.183.24: bytes=32 time=89ms TTL=52



Ping statistics for 98.139.183.24:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 84ms, Maximum = 89ms, Average = 86ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 11 11 18 23 b0 ...... Broadcom NetXtreme 57xx Gigabit Controller - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.64 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.1.0 255.255.255.0 192.168.1.64 192.168.1.64 20
192.168.1.64 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.1.255 255.255.255.255 192.168.1.64 192.168.1.64 20
224.0.0.0 240.0.0.0 192.168.1.64 192.168.1.64 20
255.255.255.255 255.255.255.255 192.168.1.64 192.168.1.64 1
Default Gateway: 192.168.1.254
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (11/17/2012 06:44:44 AM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown

Error: (11/16/2012 07:36:13 PM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: Microsoft Office Home and Student 2007 - Update 'Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition ' could not be installed. Error code 1603. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft.com/fwlink/?LinkId=23127

Error: (11/16/2012 07:36:13 PM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: Microsoft Office Home and Student 2007 -- Error 1719.The Windows Installer Service could not be accessed. This can occur if you are running Windows in safe mode, or if the Windows Installer is not correctly installed. Contact your support personnel for assistance.

Error: (11/16/2012 07:35:54 PM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: Microsoft Office Home and Student 2007 - Update 'Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition' could not be installed. Error code 1603. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft.com/fwlink/?LinkId=23127

Error: (11/16/2012 07:35:54 PM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: Microsoft Office Home and Student 2007 -- Error 1719.The Windows Installer Service could not be accessed. This can occur if you are running Windows in safe mode, or if the Windows Installer is not correctly installed. Contact your support personnel for assistance.

Error: (11/16/2012 07:35:27 PM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: Microsoft Office Home and Student 2007 - Update 'Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition' could not be installed. Error code 1603. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft.com/fwlink/?LinkId=23127

Error: (11/16/2012 07:35:27 PM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: Microsoft Office Home and Student 2007 -- Error 1719.The Windows Installer Service could not be accessed. This can occur if you are running Windows in safe mode, or if the Windows Installer is not correctly installed. Contact your support personnel for assistance.

Error: (11/16/2012 07:35:14 PM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: Microsoft Office Home and Student 2007 - Update 'Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition ' could not be installed. Error code 1603. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft.com/fwlink/?LinkId=23127

Error: (11/16/2012 07:35:14 PM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: Microsoft Office Home and Student 2007 -- Error 1719.The Windows Installer Service could not be accessed. This can occur if you are running Windows in safe mode, or if the Windows Installer is not correctly installed. Contact your support personnel for assistance.

Error: (11/16/2012 07:29:52 PM) (Source: HotFixInstaller) (User: )
Description: EventType visualstudio8setup, P1 microsoft .net framework 2.0-kb2729450, P2 1033, P3 1603, P4 msi, P5 f, P6 9.0.40215.0, P7 install, P8 x86, P9 visualstudio8setup0, P10 visualstudio8setup1.


System errors:
=============
Error: (11/24/2012 08:18:35 AM) (Source: W32Time) (User: )
Description: The time provider NtpClient is configured to acquire time from one or more
time sources, however none of the sources are currently accessible.
No attempt to contact a source will be made for 14 minutes.
NtpClient has no source of accurate time.

Error: (11/24/2012 08:18:35 AM) (Source: W32Time) (User: )
Description: Time Provider NtpClient: An error occurred during DNS lookup of the manually
configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15
minutes.
The error was: A socket operation was attempted to an unreachable host. (0x80072751)

Error: (11/24/2012 08:18:35 AM) (Source: W32Time) (User: )
Description: The time provider NtpClient is configured to acquire time from one or more
time sources, however none of the sources are currently accessible.
No attempt to contact a source will be made for 14 minutes.
NtpClient has no source of accurate time.

Error: (11/24/2012 08:18:35 AM) (Source: W32Time) (User: )
Description: Time Provider NtpClient: An error occurred during DNS lookup of the manually
configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15
minutes.
The error was: A socket operation was attempted to an unreachable host. (0x80072751)

Error: (11/16/2012 07:38:47 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: The server {6DFC2D17-579D-4C1C-93B7-B05B7DCCD766} did not register with DCOM within the required timeout.

Error: (11/16/2012 07:38:04 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: The server {6DFC2D17-579D-4C1C-93B7-B05B7DCCD766} did not register with DCOM within the required timeout.

Error: (11/16/2012 07:37:33 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: The server {6DFC2D17-579D-4C1C-93B7-B05B7DCCD766} did not register with DCOM within the required timeout.

Error: (11/16/2012 07:37:02 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: The server {6DFC2D17-579D-4C1C-93B7-B05B7DCCD766} did not register with DCOM within the required timeout.

Error: (11/16/2012 07:36:30 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: The server {6DFC2D17-579D-4C1C-93B7-B05B7DCCD766} did not register with DCOM within the required timeout.

Error: (11/16/2012 07:36:18 PM) (Source: Windows Update Agent) (User: )
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft Office 2007 suites (KB2687311).


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

Adobe AIR (Version: 2.7.1.19610)
Adobe Flash Player 11 ActiveX (Version: 11.4.402.287)
Adobe Flash Player 11 Plugin (Version: 11.4.402.287)
Adobe Reader X (10.1.3) (Version: 10.1.3)
Apple Application Support (Version: 2.1.7)
Apple Mobile Device Support (Version: 5.1.1.4)
Apple Software Update (Version: 2.1.3.127)
ArcSoft PhotoImpression 6 (Version: 6)
ArcSoft Print Creations
ArcSoft Print Creations - Photo Calendar
ATI - Software Uninstall Utility (Version: 6.14.10.1014)
ATI Control Panel (Version: 6.14.10.5183)
ATI Display Driver (Version: 8.23-060209a1-030546C-Dell)
ATT-RC Self Support Tool
BlackBerry App World Browser Plugin (Version: 3.1.2.14)
BlackBerry Desktop Software 6.1 (Version: 6.1.0.36)
CCleaner (Version: 2.29)
CDBurnerXP (Version: 4.3.2.2140)
Conexant D850 56K V.9x DFVc Modem
Creative MediaSource
Debut Video Capture Software
Dell AIO Printer A960
Dell Picture Studio - Dell Image Expert (Version: 3.4.1)
Dell ResourceCD
DIRECTV2PC Playback Advisor (Version: 1.0)
DVD-CLONER V5.00 Build 958
DVD-to-AVI 3.00 Build 806
DVD-to-MPEG 3.00 Build 806
DVD-to-SVCD 3.00 Build 805
EMET (Version: 3.0.0)
EndItAll 2.0 (Version: 2.0)
EPSON Print CD (Version: 1.60.000)
EPSON Printer Software
EPSON R280 User's Guide
EPSON Web-To-Page
Express Burn Disc Burning Software
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3230.2052)
Google Update Helper (Version: 1.3.21.123)
iTunes (Version: 10.6.1.7)
Java 7 Update 7 (Version: 7.0.70)
Java Auto Updater (Version: 2.1.9.0)
Logitech Desktop Messenger (Version: 2.54.11)
Logitech QuickCam (Version: 11.70.1200)
Logitech QuickCam Driver Package
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
McAfee SecurityCenter (Version: 11.6.435)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft Software Update for Web Folders (English) 12 (Version: 12.0.6612.1000)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
MixPad
Mozilla Firefox 17.0 (x86 en-US) (Version: 17.0)
Mozilla Maintenance Service (Version: 17.0)
NetDvrPlugin 1.0 (Version: 1.0)
NetWaiting (Version: 2.5.12)
Paint Shop Pro 7 (Version: 7.05.0000)
Pazera Free MP4 to AVI Converter 1.6 (Version: 1.6)
PhotoStage Slideshow Producer
PowerDVD 5.1
Print to Fax (Version: 1.00)
Prism Video File Converter
QuickTime (Version: 7.71.80.42)
Roxio PhotoShow (Version: 6.0)
Setup Support for WeCare 1.0 (Version: 1.0)
Shared C Run-time for x86 (Version: 10.0.0)
Skype Click to Call (Version: 6.4.11328)
Skype™ 6.0 (Version: 6.0.126)
Sound Blaster Live! 24-bit
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2616676-v2) (Version: 2)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2661254-v2) (Version: 2)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB2736233) (Version: 1)
Update for Windows XP (KB2749655) (Version: 1)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
VideoPad Video Editor
WavePad Sound Editor
WebFldrs XP (Version: 9.50.6513)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3 (Version: 20080414.031525)

========================= Memory info: ===================================

Percentage of memory in use: 63%
Total physical RAM: 1022.09 MB
Available physical RAM: 376.15 MB
Total Pagefile: 2462.24 MB
Available Pagefile: 1865.29 MB
Total Virtual: 2047.88 MB
Available Virtual: 1971.03 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:149.04 GB) (Free:125.36 GB) NTFS

========================= Users: ========================================

User accounts for \\HOME

Administrator ASPNET Guest
HelpAssistant Lenny SUPPORT_388945a0


**** End of log ****

========================

19:34:03.0796 3684 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
19:34:05.0843 3684 ============================================================
19:34:05.0875 3684 Current date / time: 2012/11/28 19:34:05.0843
19:34:05.0875 3684 SystemInfo:
19:34:05.0875 3684
19:34:05.0875 3684 OS Version: 5.1.2600 ServicePack: 3.0
19:34:05.0875 3684 Product type: Workstation
19:34:05.0875 3684 ComputerName: HOME
19:34:05.0906 3684 UserName: Lenny
19:34:05.0906 3684 Windows directory: C:\WINDOWS
19:34:05.0906 3684 System windows directory: C:\WINDOWS
19:34:05.0906 3684 Processor architecture: Intel x86
19:34:05.0906 3684 Number of processors: 1
19:34:05.0906 3684 Page size: 0x1000
19:34:05.0906 3684 Boot type: Normal boot
19:34:05.0906 3684 ============================================================
19:34:09.0484 3684 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:34:09.0562 3684 ============================================================
19:34:09.0562 3684 \Device\Harddisk0\DR0:
19:34:09.0656 3684 MBR partitions:
19:34:09.0656 3684 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x12A14BC1
19:34:09.0656 3684 ============================================================
19:34:09.0843 3684 C: <-> \Device\Harddisk0\DR0\Partition1
19:34:09.0843 3684 ============================================================
19:34:09.0890 3684 Initialize success
19:34:09.0890 3684 ============================================================
19:34:54.0406 1588 ============================================================
19:34:54.0406 1588 Scan started
19:34:54.0406 1588 Mode: Manual; TDLFS;
19:34:54.0406 1588 ============================================================
19:35:01.0593 1588 ================ Scan system memory ========================
19:35:01.0593 1588 System memory - ok
19:35:01.0609 1588 ================ Scan services =============================
19:35:02.0218 1588 0072941354149240mcinstcleanup - ok
19:35:02.0937 1588 Abiosdsk - ok
19:35:02.0968 1588 abp480n5 - ok
19:35:03.0171 1588 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
19:35:03.0390 1588 ACDaemon - ok
19:35:03.0453 1588 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
19:35:03.0531 1588 ACPI - ok
19:35:03.0593 1588 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
19:35:03.0625 1588 ACPIEC - ok
19:35:03.0781 1588 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
19:35:03.0859 1588 AdobeFlashPlayerUpdateSvc - ok
19:35:03.0875 1588 adpu160m - ok
19:35:03.0968 1588 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
19:35:03.0968 1588 aec - ok
19:35:04.0046 1588 [ A7B8A3A79D35215D798A300DF49ED23F ] Afc C:\WINDOWS\system32\drivers\Afc.sys
19:35:04.0234 1588 Afc - ok
19:35:04.0312 1588 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
19:35:04.0437 1588 AFD - ok
19:35:04.0453 1588 Aha154x - ok
19:35:04.0484 1588 aic78u2 - ok
19:35:04.0484 1588 aic78xx - ok
19:35:04.0531 1588 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
19:35:04.0546 1588 Alerter - ok
19:35:04.0593 1588 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
19:35:04.0625 1588 ALG - ok
19:35:04.0718 1588 AliIde - ok
19:35:04.0718 1588 amsint - ok
19:35:04.0843 1588 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:35:05.0000 1588 Apple Mobile Device - ok
19:35:05.0015 1588 AppMgmt - ok
19:35:05.0031 1588 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
19:35:05.0046 1588 Arp1394 - ok
19:35:05.0046 1588 asc - ok
19:35:05.0062 1588 asc3350p - ok
19:35:05.0062 1588 asc3550 - ok
19:35:05.0343 1588 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
19:35:05.0453 1588 aspnet_state - ok
19:35:05.0515 1588 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
19:35:05.0546 1588 AsyncMac - ok
19:35:05.0593 1588 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
19:35:05.0625 1588 atapi - ok
19:35:05.0625 1588 Atdisk - ok
19:35:05.0671 1588 [ 40F02B8460AC817EA0CEA2E0CAB4C2ED ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
19:35:05.0812 1588 Ati HotKey Poller - ok
19:35:05.0859 1588 [ D41EB535E2B2D8872463E5F59F215D4E ] ATI Smart C:\WINDOWS\system32\ati2sgag.exe
19:35:06.0062 1588 ATI Smart - ok
19:35:06.0500 1588 [ A7DD7088E2C987DBCB3F4D6D56F723BD ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
19:35:07.0046 1588 ati2mtag - ok
19:35:07.0093 1588 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
19:35:07.0109 1588 Atmarpc - ok
19:35:07.0171 1588 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
19:35:07.0171 1588 AudioSrv - ok
19:35:07.0234 1588 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
19:35:07.0250 1588 audstub - ok
19:35:07.0375 1588 [ 4826FCF97C47B361A2E2F68CD487A19E ] b57w2k C:\WINDOWS\system32\DRIVERS\b57xp32.sys
19:35:07.0500 1588 b57w2k - ok
19:35:07.0546 1588 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
19:35:07.0578 1588 Beep - ok
19:35:07.0718 1588 [ FC6D0C2F327A5F716FDFDC24A305ACEB ] BENDER C:\WINDOWS\system32\drivers\bender.sys
19:35:07.0906 1588 BENDER - ok
19:35:07.0968 1588 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
19:35:08.0171 1588 BITS - ok
19:35:08.0218 1588 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
19:35:08.0218 1588 Browser - ok
19:35:08.0250 1588 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
19:35:08.0281 1588 cbidf2k - ok
19:35:08.0343 1588 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
19:35:08.0359 1588 CCDECODE - ok
19:35:08.0359 1588 cd20xrnt - ok
19:35:08.0375 1588 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
19:35:08.0406 1588 Cdaudio - ok
19:35:08.0437 1588 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
19:35:08.0437 1588 Cdfs - ok
19:35:08.0468 1588 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
19:35:08.0484 1588 Cdrom - ok
19:35:08.0531 1588 [ B1055457196E7EC9A9B65D4FAE5A4A53 ] cfwids C:\WINDOWS\system32\drivers\cfwids.sys
19:35:08.0609 1588 cfwids - ok
19:35:08.0625 1588 Changer - ok
19:35:08.0656 1588 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
19:35:08.0671 1588 CiSvc - ok
19:35:08.0859 1588 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
19:35:08.0859 1588 ClipSrv - ok
19:35:09.0265 1588 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:35:09.0421 1588 clr_optimization_v2.0.50727_32 - ok
19:35:09.0468 1588 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:35:10.0312 1588 clr_optimization_v4.0.30319_32 - ok
19:35:10.0312 1588 CmdIde - ok
19:35:10.0328 1588 COMSysApp - ok
19:35:10.0343 1588 Cpqarray - ok
19:35:10.0390 1588 [ 3C8B6609712F4FF78E521F6DCFC4032B ] Creative Service for CDROM Access C:\WINDOWS\system32\CTsvcCDA.EXE
19:35:10.0390 1588 Creative Service for CDROM Access - ok
19:35:10.0437 1588 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
19:35:10.0453 1588 CryptSvc - ok
19:35:10.0593 1588 [ B459AE4AFCA570088ADDDBE55EABBC92 ] ctsfm2k C:\WINDOWS\system32\DRIVERS\ctsfm2k.sys
19:35:10.0781 1588 ctsfm2k - ok
19:35:10.0781 1588 dac2w2k - ok
19:35:10.0796 1588 dac960nt - ok
19:35:11.0062 1588 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
19:35:11.0187 1588 DcomLaunch - ok
19:35:11.0281 1588 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
19:35:11.0484 1588 Dhcp - ok
19:35:11.0531 1588 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
19:35:11.0546 1588 Disk - ok
19:35:11.0656 1588 dmadmin - ok
19:35:11.0890 1588 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
19:35:12.0171 1588 dmboot - ok
19:35:12.0421 1588 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
19:35:12.0500 1588 dmio - ok
19:35:12.0578 1588 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
19:35:12.0718 1588 dmload - ok
19:35:12.0828 1588 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
19:35:12.0859 1588 dmserver - ok
19:35:12.0906 1588 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
19:35:12.0921 1588 DMusic - ok
19:35:12.0953 1588 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
19:35:13.0031 1588 Dnscache - ok
19:35:13.0062 1588 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
19:35:13.0078 1588 Dot3svc - ok
19:35:13.0093 1588 dpti2o - ok
19:35:13.0109 1588 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
19:35:13.0109 1588 drmkaud - ok
19:35:13.0125 1588 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
19:35:13.0156 1588 EapHost - ok
19:35:13.0187 1588 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
19:35:13.0203 1588 ERSvc - ok
19:35:13.0406 1588 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
19:35:13.0421 1588 Eventlog - ok
19:35:13.0562 1588 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\System32\es.dll
19:35:13.0593 1588 EventSystem - ok
19:35:13.0734 1588 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
19:35:13.0890 1588 Fastfat - ok
19:35:13.0937 1588 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
19:35:13.0953 1588 FastUserSwitchingCompatibility - ok
19:35:13.0968 1588 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
19:35:13.0984 1588 Fdc - ok
19:35:14.0031 1588 [ A75DDC492D2D1D6558AD8003A4ADB73A ] FilterService C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys
19:35:14.0218 1588 FilterService - ok
19:35:14.0250 1588 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
19:35:14.0250 1588 Fips - ok
19:35:14.0265 1588 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
19:35:14.0296 1588 Flpydisk - ok
19:35:14.0343 1588 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
19:35:14.0390 1588 FltMgr - ok
19:35:14.0546 1588 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
19:35:14.0640 1588 FontCache3.0.0.0 - ok
19:35:14.0671 1588 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:35:14.0687 1588 Fs_Rec - ok
19:35:14.0718 1588 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
19:35:14.0812 1588 Ftdisk - ok
19:35:14.0890 1588 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
19:35:15.0000 1588 GEARAspiWDM - ok
19:35:15.0078 1588 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
19:35:15.0109 1588 Gpc - ok
19:35:15.0359 1588 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
19:35:15.0484 1588 gupdate - ok
19:35:15.0500 1588 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
19:35:15.0500 1588 gupdatem - ok
19:35:15.0562 1588 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
19:35:15.0578 1588 gusvc - ok
19:35:15.0671 1588 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
19:35:15.0671 1588 helpsvc - ok
19:35:15.0671 1588 HidServ - ok
19:35:15.0859 1588 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
19:35:15.0921 1588 hidusb - ok
19:35:15.0953 1588 [ D61E53E3FEC0C92BC8DD3969FAD63F87 ] HipShieldK C:\WINDOWS\system32\drivers\HipShieldK.sys
19:35:16.0046 1588 HipShieldK - ok
19:35:16.0109 1588 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
19:35:16.0156 1588 hkmsvc - ok
19:35:16.0156 1588 hpn - ok
19:35:16.0265 1588 [ 77E4FF0B73BC0AEAAF39BF0C8104231F ] HSFHWBS2 C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
19:35:16.0515 1588 HSFHWBS2 - ok
19:35:16.0765 1588 [ 60E1604729A15EF4A3B05F298427B3B1 ] HSF_DP C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
19:35:17.0250 1588 HSF_DP - ok
19:35:17.0328 1588 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
19:35:17.0343 1588 HTTP - ok
19:35:17.0375 1588 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
19:35:17.0406 1588 HTTPFilter - ok
19:35:17.0406 1588 i2omgmt - ok
19:35:17.0421 1588 i2omp - ok
19:35:17.0531 1588 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
19:35:17.0578 1588 i8042prt - ok
19:35:17.0765 1588 [ F26BFD48B1C314E0F23BF77ACFA75940 ] iaStor C:\WINDOWS\system32\DRIVERS\iaStor.sys
19:35:17.0765 1588 iaStor - ok
19:35:18.0015 1588 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:35:18.0437 1588 idsvc - ok
19:35:18.0468 1588 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
19:35:18.0484 1588 Imapi - ok
19:35:18.0671 1588 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
19:35:18.0796 1588 ImapiService - ok
19:35:18.0843 1588 ini910u - ok
19:35:18.0859 1588 IntelIde - ok
19:35:18.0906 1588 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
19:35:18.0906 1588 intelppm - ok
19:35:18.0984 1588 [ 3BB22519A194418D5FEC05D800A19AD0 ] ip6fw C:\WINDOWS\system32\drivers\ip6fw.sys
19:35:19.0015 1588 ip6fw - ok
19:35:19.0093 1588 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:35:19.0171 1588 IpFilterDriver - ok
19:35:19.0234 1588 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
19:35:19.0359 1588 IpInIp - ok
19:35:19.0453 1588 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
19:35:19.0781 1588 IpNat - ok
19:35:20.0015 1588 [ 57EDB35EA2FECA88F8B17C0C095C9A56 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
19:35:20.0437 1588 iPod Service - ok
19:35:20.0468 1588 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
19:35:20.0484 1588 IPSec - ok
19:35:20.0593 1588 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
19:35:20.0609 1588 IRENUM - ok
19:35:20.0640 1588 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
19:35:20.0640 1588 isapnp - ok
19:35:20.0765 1588 [ A12175F063302CD68F8FC6D572D7E5FD ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
19:35:20.0921 1588 JavaQuickStarterService - ok
19:35:20.0953 1588 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
19:35:20.0984 1588 Kbdclass - ok
19:35:21.0171 1588 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
19:35:21.0187 1588 kmixer - ok
19:35:21.0328 1588 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
19:35:21.0375 1588 KSecDD - ok
19:35:21.0437 1588 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
19:35:21.0765 1588 lanmanserver - ok
19:35:21.0781 1588 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
19:35:21.0781 1588 lanmanworkstation - ok
19:35:21.0796 1588 lbrtfdc - ok
19:35:21.0906 1588 [ BFADBB0B68E566F6F46B856557A68EC1 ] LexBceS C:\WINDOWS\system32\LEXBCES.EXE
19:35:22.0359 1588 LexBceS - ok
19:35:22.0406 1588 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
19:35:22.0406 1588 LmHosts - ok
19:35:22.0625 1588 [ 9CE361764C5DD5FA5506510FE5D2297B ] LVcKap C:\WINDOWS\system32\DRIVERS\LVcKap.sys
19:35:22.0875 1588 LVcKap - ok
19:35:22.0968 1588 [ 1D28B53C50CC57062692862B8E083020 ] LVCOMSer C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
19:35:23.0171 1588 LVCOMSer - ok
19:35:23.0234 1588 [ 94D03B31F36BB362FA5713470FCF1C79 ] LVPr2Mon C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys
19:35:23.0234 1588 LVPr2Mon - ok
19:35:23.0265 1588 [ 5A9679D184A408982D5F0BD79874B44F ] LVPrcSrv C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
19:35:23.0359 1588 LVPrcSrv - ok
19:35:23.0531 1588 [ A198CD8A1C813D9CEBA29A29D45FC94C ] LVRS C:\WINDOWS\system32\DRIVERS\lvrs.sys
19:35:23.0921 1588 LVRS - ok
19:35:23.0984 1588 [ A87BAA316538E526760353FF52742756 ] LVSrvLauncher C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
19:35:24.0062 1588 LVSrvLauncher - ok
19:35:24.0125 1588 [ 8B79A50360FC31DF6B7B979B686B4AA2 ] LVUSBSta C:\WINDOWS\system32\drivers\LVUSBSta.sys
19:35:24.0281 1588 LVUSBSta - ok
19:35:24.0984 1588 [ 5C20C4BE679842CBEE729B0CFF5928BD ] LVUVC C:\WINDOWS\system32\DRIVERS\lvuvc.sys
19:35:25.0390 1588 LVUVC - ok
19:35:25.0468 1588 [ ECAB006AC6136F1307E140B633CDB8C2 ] McAfee SiteAdvisor Service C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
19:35:25.0578 1588 McAfee SiteAdvisor Service - ok
19:35:25.0625 1588 [ E6CB119EF2E148EAA1A247343550756E ] McciCMService C:\Program Files\Common Files\Motive\McciCMService.exe
19:35:25.0828 1588 McciCMService - ok
19:35:25.0875 1588 [ ECAB006AC6136F1307E140B633CDB8C2 ] McMPFSvc C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
19:35:25.0875 1588 McMPFSvc - ok
19:35:25.0937 1588 [ ECAB006AC6136F1307E140B633CDB8C2 ] mcmscsvc C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
19:35:25.0937 1588 mcmscsvc - ok
19:35:25.0937 1588 [ ECAB006AC6136F1307E140B633CDB8C2 ] McNaiAnn C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
19:35:25.0953 1588 McNaiAnn - ok
19:35:25.0953 1588 [ ECAB006AC6136F1307E140B633CDB8C2 ] McNASvc C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
19:35:25.0953 1588 McNASvc - ok
19:35:26.0140 1588 [ E63BF12007702D6AC5037AF1E0C6B1C9 ] McODS C:\Program Files\McAfee\VirusScan\mcods.exe
19:35:26.0140 1588 McODS - ok
19:35:26.0156 1588 [ ECAB006AC6136F1307E140B633CDB8C2 ] McProxy C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
19:35:26.0156 1588 McProxy - ok
19:35:26.0359 1588 [ 381D3CEA75F8BAA8DAAB39BE1487C339 ] McShield C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
19:35:26.0671 1588 McShield - ok
19:35:26.0718 1588 [ EEAEA6514BA7C9D273B5E87C4E1AAB30 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
19:35:26.0968 1588 mdmxsdk - ok
19:35:27.0015 1588 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
19:35:27.0046 1588 Messenger - ok
19:35:27.0078 1588 [ EBD0E304B8FA3B4CAE564DE4F3E2938C ] mfeapfk C:\WINDOWS\system32\drivers\mfeapfk.sys
19:35:27.0250 1588 mfeapfk - ok
19:35:27.0312 1588 [ 1C02357D120C86F6FCDE1310AEA0F859 ] mfeavfk C:\WINDOWS\system32\drivers\mfeavfk.sys
19:35:27.0406 1588 mfeavfk - ok
19:35:27.0421 1588 mfeavfk01 - ok
19:35:27.0437 1588 [ FAAFF1D9A5624F2EEB7FA74919CCE947 ] mfebopk C:\WINDOWS\system32\drivers\mfebopk.sys
19:35:27.0562 1588 mfebopk - ok
19:35:27.0578 1588 [ 90E6BF80BA485BD3A4D66EE2EF9CCD87 ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
19:35:27.0593 1588 mfefire - ok
19:35:27.0609 1588 [ 0D71E107B63FE8923D4694117882B2A3 ] mfefirek C:\WINDOWS\system32\drivers\mfefirek.sys
19:35:27.0781 1588 mfefirek - ok
19:35:27.0890 1588 [ 2BDEE93EA2DE3D643219B76153A6FAC3 ] mfehidk C:\WINDOWS\system32\drivers\mfehidk.sys
19:35:28.0015 1588 mfehidk - ok
19:35:28.0031 1588 [ FC293834A4F45F90EC41DC843AEFA9F9 ] mferkdet C:\WINDOWS\system32\drivers\mferkdet.sys
19:35:28.0125 1588 mferkdet - ok
19:35:28.0156 1588 [ B0124A3DF04FC3BDE11EF812436A907D ] mfetdi2k C:\WINDOWS\system32\drivers\mfetdi2k.sys
19:35:28.0250 1588 mfetdi2k - ok
19:35:28.0265 1588 [ 00E9EFFF461D979BAF3A92F12C0820CE ] mfevtp C:\WINDOWS\system32\mfevtps.exe
19:35:28.0437 1588 mfevtp - ok
19:35:28.0500 1588 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
19:35:28.0515 1588 mnmdd - ok
19:35:28.0656 1588 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\System32\mnmsrvc.exe
19:35:28.0671 1588 mnmsrvc - ok
19:35:28.0734 1588 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
19:35:28.0750 1588 Modem - ok
19:35:28.0781 1588 [ 1992E0D143B09653AB0F9C5E04B0FD65 ] MODEMCSA C:\WINDOWS\system32\drivers\MODEMCSA.sys
19:35:28.0921 1588 MODEMCSA - ok
19:35:28.0937 1588 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
19:35:28.0953 1588 Mouclass - ok
19:35:28.0984 1588 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
19:35:29.0000 1588 mouhid - ok
19:35:29.0031 1588 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
19:35:29.0046 1588 MountMgr - ok
19:35:29.0125 1588 [ 313265CF4F5F02ED927774DA1DB3FE00 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
19:35:29.0234 1588 MozillaMaintenance - ok
19:35:29.0234 1588 mraid35x - ok
19:35:29.0281 1588 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
19:35:29.0312 1588 MRxDAV - ok
19:35:29.0437 1588 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:35:29.0609 1588 MRxSmb - ok
19:35:29.0671 1588 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\System32\msdtc.exe
19:35:29.0687 1588 MSDTC - ok
19:35:29.0718 1588 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
19:35:29.0734 1588 Msfs - ok
19:35:29.0750 1588 MSIServer - ok
19:35:29.0812 1588 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
19:35:29.0828 1588 MSKSSRV - ok
19:35:29.0843 1588 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
19:35:29.0859 1588 MSPCLOCK - ok
19:35:29.0906 1588 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
19:35:29.0968 1588 MSPQM - ok
19:35:29.0984 1588 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
19:35:30.0000 1588 mssmbios - ok
19:35:30.0031 1588 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
19:35:30.0062 1588 MSTEE - ok
19:35:30.0125 1588 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
19:35:30.0140 1588 Mup - ok
19:35:30.0187 1588 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
19:35:30.0218 1588 NABTSFEC - ok
19:35:30.0328 1588 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
19:35:30.0468 1588 napagent - ok
19:35:30.0546 1588 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
19:35:30.0625 1588 NDIS - ok
19:35:30.0656 1588 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
19:35:30.0671 1588 NdisIP - ok
19:35:30.0718 1588 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:35:30.0750 1588 NdisTapi - ok
19:35:30.0796 1588 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
19:35:30.0828 1588 Ndisuio - ok
19:35:30.0875 1588 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:35:30.0921 1588 NdisWan - ok
19:35:30.0984 1588 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
19:35:31.0000 1588 NDProxy - ok
19:35:31.0031 1588 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
19:35:31.0062 1588 NetBIOS - ok
19:35:31.0156 1588 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
19:35:31.0328 1588 NetBT - ok
19:35:31.0500 1588 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
19:35:31.0578 1588 NetDDE - ok
19:35:31.0593 1588 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
19:35:31.0593 1588 NetDDEdsdm - ok
19:35:31.0656 1588 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
19:35:31.0703 1588 Netlogon - ok
19:35:31.0875 1588 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
19:35:31.0921 1588 Netman - ok
19:35:31.0984 1588 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:35:32.0093 1588 NetTcpPortSharing - ok
19:35:32.0171 1588 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
19:35:32.0281 1588 NIC1394 - ok
19:35:32.0328 1588 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
19:35:32.0359 1588 Nla - ok
19:35:32.0453 1588 [ 7AEA4DF1CA68FD45DD4BBE1F0243CE7F ] NMSAccess C:\Program Files\CDBurnerXP\NMSAccessU.exe
19:35:32.0703 1588 NMSAccess - ok
19:35:32.0765 1588 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
19:35:32.0796 1588 Npfs - ok
19:35:33.0015 1588 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
19:35:33.0296 1588 Ntfs - ok
19:35:33.0359 1588 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\System32\lsass.exe
19:35:33.0359 1588 NtLmSsp - ok
19:35:33.0531 1588 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
19:35:33.0781 1588 NtmsSvc - ok
19:35:33.0921 1588 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
19:35:33.0953 1588 Null - ok
19:35:34.0031 1588 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
19:35:34.0093 1588 NwlnkFlt - ok
19:35:34.0140 1588 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
19:35:34.0296 1588 NwlnkFwd - ok
19:35:34.0578 1588 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:35:35.0031 1588 odserv - ok
19:35:35.0109 1588 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
19:35:35.0156 1588 ohci1394 - ok
19:35:35.0218 1588 [ CEC7E2C6C1FA00C7AB2F5434F848AE51 ] OMCI C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS
19:35:35.0703 1588 OMCI - ok
19:35:35.0781 1588 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:35:35.0953 1588 ose - ok
19:35:36.0046 1588 [ C720C25B2D0C93DC425155F5B6A707F3 ] ossrv C:\WINDOWS\system32\DRIVERS\ctoss2k.sys
19:35:36.0312 1588 ossrv - ok
19:35:36.0437 1588 [ 3A7290F2C423B80BA95BECAE015B9B1B ] P17 C:\WINDOWS\system32\drivers\P17.sys
19:35:36.0750 1588 P17 - ok
19:35:36.0796 1588 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
19:35:36.0812 1588 Parport - ok
19:35:36.0859 1588 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
19:35:36.0875 1588 PartMgr - ok
19:35:37.0093 1588 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
19:35:37.0109 1588 ParVdm - ok
19:35:37.0156 1588 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
19:35:37.0171 1588 PCI - ok
19:35:37.0187 1588 PCIDump - ok
19:35:37.0218 1588 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
19:35:37.0218 1588 PCIIde - ok
19:35:37.0250 1588 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
19:35:37.0281 1588 Pcmcia - ok
19:35:37.0281 1588 PDCOMP - ok
19:35:37.0296 1588 PDFRAME - ok
19:35:37.0296 1588 PDRELI - ok
19:35:37.0312 1588 PDRFRAME - ok
19:35:37.0312 1588 perc2 - ok
19:35:37.0328 1588 perc2hib - ok
19:35:37.0375 1588 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
19:35:37.0390 1588 PlugPlay - ok
19:35:37.0390 1588 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
19:35:37.0390 1588 PolicyAgent - ok
19:35:37.0468 1588 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
19:35:37.0500 1588 PptpMiniport - ok
19:35:37.0515 1588 [ A32BEBAF723557681BFC6BD93E98BD26 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
19:35:37.0531 1588 Processor - ok
19:35:37.0546 1588 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
19:35:37.0546 1588 ProtectedStorage - ok
19:35:37.0578 1588 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
19:35:37.0593 1588 PSched - ok
19:35:37.0671 1588 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
19:35:37.0687 1588 Ptilink - ok
19:35:37.0687 1588 ql1080 - ok
19:35:37.0703 1588 Ql10wnt - ok
19:35:37.0703 1588 ql12160 - ok
19:35:37.0718 1588 ql1240 - ok
19:35:37.0718 1588 ql1280 - ok
19:35:37.0750 1588 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:35:37.0781 1588 RasAcd - ok
19:35:37.0812 1588 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
19:35:37.0843 1588 RasAuto - ok
19:35:37.0859 1588 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
19:35:37.0890 1588 Rasl2tp - ok
19:35:37.0953 1588 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
19:35:37.0984 1588 RasMan - ok
19:35:38.0015 1588 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
19:35:38.0031 1588 RasPppoe - ok
19:35:38.0046 1588 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
19:35:38.0046 1588 Raspti - ok
19:35:38.0109 1588 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:35:38.0125 1588 Rdbss - ok
19:35:38.0187 1588 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
19:35:38.0203 1588 RDPCDD - ok
19:35:38.0296 1588 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
19:35:38.0359 1588 RDPWD - ok
19:35:38.0421 1588 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
19:35:38.0484 1588 RDSessMgr - ok
19:35:38.0515 1588 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
19:35:38.0515 1588 redbook - ok
19:35:38.0562 1588 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
19:35:38.0593 1588 RemoteAccess - ok
19:35:38.0609 1588 [ 4F4A4C09CC5BE58A76CAC1C337E004E6 ] RimUsb C:\WINDOWS\system32\Drivers\RimUsb.sys
19:35:38.0718 1588 RimUsb - ok
19:35:38.0765 1588 [ 3A5633AD615E2B15291BD0B1B97CCD8A ] RimVSerPort C:\WINDOWS\system32\DRIVERS\RimSerial.sys
19:35:38.0875 1588 RimVSerPort - ok
19:35:38.0921 1588 [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7 ] ROOTMODEM C:\WINDOWS\system32\Drivers\RootMdm.sys
19:35:38.0953 1588 ROOTMODEM - ok
19:35:39.0078 1588 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\System32\locator.exe
19:35:39.0125 1588 RpcLocator - ok
19:35:39.0203 1588 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\System32\rpcss.dll
19:35:39.0328 1588 RpcSs - ok
19:35:39.0421 1588 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\System32\rsvp.exe
19:35:39.0500 1588 RSVP - ok
19:35:39.0562 1588 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
19:35:39.0578 1588 SamSs - ok
19:35:39.0609 1588 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
19:35:39.0640 1588 SCardSvr - ok
19:35:39.0718 1588 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
19:35:39.0812 1588 Schedule - ok
19:35:39.0890 1588 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
19:35:39.0937 1588 Secdrv - ok
19:35:39.0984 1588 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
19:35:40.0031 1588 seclogon - ok
19:35:40.0078 1588 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
19:35:40.0093 1588 SENS - ok
19:35:40.0171 1588 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
19:35:40.0203 1588 serenum - ok
19:35:40.0265 1588 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
19:35:40.0296 1588 Serial - ok
19:35:40.0343 1588 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
19:35:40.0359 1588 Sfloppy - ok
19:35:40.0500 1588 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
19:35:40.0656 1588 SharedAccess - ok
19:35:40.0687 1588 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
19:35:40.0734 1588 ShellHWDetection - ok
19:35:40.0750 1588 Simbad - ok
19:35:42.0406 1588 [ 3740B83AEC21D981065D7E819BD7E878 ] Skype C2C Service C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
19:35:44.0781 1588 Skype C2C Service - ok
19:35:44.0921 1588 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
19:35:44.0937 1588 SkypeUpdate - ok
19:35:44.0968 1588 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
19:35:45.0015 1588 SLIP - ok
19:35:45.0031 1588 Sparrow - ok
19:35:45.0078 1588 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
19:35:45.0218 1588 splitter - ok
19:35:45.0250 1588 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
19:35:45.0296 1588 Spooler - ok
19:35:45.0453 1588 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
19:35:45.0453 1588 sr - ok
19:35:45.0531 1588 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
19:35:45.0609 1588 srservice - ok
19:35:45.0812 1588 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
19:35:45.0937 1588 Srv - ok
19:35:45.0968 1588 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
19:35:46.0062 1588 SSDPSRV - ok
19:35:46.0093 1588 [ F92254B0BCFCD10CAAC7BCCC7CB7F467 ] StarOpen C:\WINDOWS\system32\drivers\StarOpen.sys
19:35:46.0265 1588 StarOpen - ok
19:35:46.0484 1588 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
19:35:47.0000 1588 stisvc - ok
19:35:47.0078 1588 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
19:35:47.0093 1588 streamip - ok
19:35:47.0109 1588 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
19:35:47.0109 1588 swenum - ok
19:35:47.0156 1588 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
19:35:47.0171 1588 swmidi - ok
19:35:47.0171 1588 SwPrv - ok
19:35:47.0187 1588 symc810 - ok
19:35:47.0203 1588 symc8xx - ok
19:35:47.0203 1588 sym_hi - ok
19:35:47.0218 1588 sym_u3 - ok
19:35:47.0234 1588 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
19:35:47.0234 1588 sysaudio - ok
19:35:47.0296 1588 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
19:35:47.0312 1588 SysmonLog - ok
19:35:47.0390 1588 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
19:35:47.0484 1588 TapiSrv - ok
19:35:47.0593 1588 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
19:35:47.0609 1588 Tcpip - ok
19:35:47.0640 1588 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
19:35:47.0656 1588 TDPIPE - ok
19:35:47.0687 1588 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
19:35:47.0703 1588 TDTCP - ok
19:35:47.0718 1588 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
19:35:47.0734 1588 TermDD - ok
19:35:47.0843 1588 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
19:35:47.0859 1588 TermService - ok
19:35:47.0875 1588 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
19:35:47.0890 1588 Themes - ok
19:35:47.0921 1588 TosIde - ok
19:35:47.0953 1588 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
19:35:47.0968 1588 TrkWks - ok
19:35:48.0015 1588 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
19:35:48.0046 1588 Udfs - ok
19:35:48.0062 1588 ultra - ok
19:35:48.0171 1588 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
19:35:48.0375 1588 Update - ok
19:35:48.0484 1588 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
19:35:48.0562 1588 upnphost - ok
19:35:48.0593 1588 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
19:35:48.0609 1588 UPS - ok
19:35:48.0640 1588 [ 83CAFCB53201BBAC04D822F32438E244 ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
19:35:49.0000 1588 USBAAPL - ok
19:35:49.0031 1588 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
19:35:49.0093 1588 usbaudio - ok
19:35:49.0140 1588 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
19:35:49.0140 1588 usbccgp - ok
19:35:49.0218 1588 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
19:35:49.0234 1588 usbehci - ok
19:35:49.0281 1588 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
19:35:49.0296 1588 usbhub - ok
19:35:49.0343 1588 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
19:35:49.0359 1588 usbprint - ok
19:35:49.0421 1588 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
19:35:49.0437 1588 usbscan - ok
19:35:49.0484 1588 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
19:35:49.0500 1588 USBSTOR - ok
19:35:49.0546 1588 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
19:35:49.0578 1588 usbuhci - ok
19:35:49.0609 1588 [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
19:35:49.0640 1588 usbvideo - ok
19:35:49.0671 1588 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
19:35:49.0687 1588 VgaSave - ok
19:35:49.0703 1588 ViaIde - ok
19:35:49.0734 1588 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
19:35:49.0734 1588 VolSnap - ok
19:35:49.0875 1588 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
19:35:50.0031 1588 VSS - ok
19:35:50.0187 1588 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
19:35:50.0234 1588 W32Time - ok
19:35:50.0250 1588 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:35:50.0281 1588 Wanarp - ok
19:35:50.0484 1588 [ BBCFEAB7E871CDDAC2D397EE7FA91FDC ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
19:35:51.0468 1588 Wdf01000 - ok
19:35:51.0484 1588 WDICA - ok
19:35:51.0562 1588 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
19:35:51.0593 1588 wdmaud - ok
19:35:51.0625 1588 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
19:35:51.0640 1588 WebClient - ok
19:35:51.0812 1588 [ F59ED5A43B988A18EF582BB07B2327A7 ] winachsf C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
19:35:51.0984 1588 winachsf - ok
19:35:52.0265 1588 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
19:35:52.0296 1588 winmgmt - ok
19:35:52.0406 1588 [ 581176F60885AEF8F78C6E38DCC3CDF9 ] WMDM PMSP Service C:\WINDOWS\system32\MsPMSPSv.exe
19:35:52.0453 1588 WMDM PMSP Service - ok
19:35:52.0546 1588 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
19:35:52.0578 1588 WmdmPmSN - ok
19:35:52.0656 1588 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\System32\wbem\wmiapsrv.exe
19:35:52.0750 1588 WmiApSrv - ok
19:35:53.0093 1588 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
19:35:53.0390 1588 WMPNetworkSvc - ok
19:35:53.0890 1588 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
19:35:54.0281 1588 WPFFontCache_v0400 - ok
19:35:54.0343 1588 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
19:35:54.0359 1588 WS2IFSL - ok
19:35:54.0406 1588 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
19:35:54.0515 1588 wscsvc - ok
19:35:54.0562 1588 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
19:35:54.0578 1588 WSTCODEC - ok
19:35:54.0625 1588 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
19:35:54.0640 1588 wuauserv - ok
19:35:54.0796 1588 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
19:35:54.0828 1588 WudfPf - ok
19:35:54.0890 1588 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
19:35:54.0968 1588 WudfRd - ok
19:35:55.0015 1588 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
19:35:55.0031 1588 WudfSvc - ok
19:35:55.0093 1588 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
19:35:55.0187 1588 WZCSVC - ok
19:35:55.0218 1588 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
19:35:55.0265 1588 xmlprov - ok
19:35:55.0484 1588 ================ Scan global ===============================
19:35:55.0500 1588 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
19:35:55.0625 1588 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
19:35:55.0781 1588 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
19:35:55.0812 1588 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
19:35:55.0812 1588 [Global] - ok
19:35:55.0812 1588 ================ Scan MBR ==================================
19:35:55.0843 1588 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
19:36:02.0812 1588 \Device\Harddisk0\DR0 - ok
19:36:03.0000 1588 ================ Scan VBR ==================================
19:36:03.0015 1588 [ BC5A2BF0251444D551FA4783F421664D ] \Device\Harddisk0\DR0\Partition1
19:36:03.0109 1588 \Device\Harddisk0\DR0\Partition1 - ok
19:36:03.0109 1588 ============================================================
19:36:03.0109 1588 Scan finished
19:36:03.0109 1588 ============================================================
19:36:03.0203 2964 Detected object count: 0
19:36:03.0203 2964 Actual detected object count: 0
19:37:02.0421 1264 Deinitialize success

=====================

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2012-11-28 19:37:22
-----------------------------
19:37:22.437 OS Version: Windows 5.1.2600 Service Pack 3
19:37:22.437 Number of processors: 1 586 0x304
19:37:22.437 ComputerName: HOME UserName:
19:37:29.625 Initialize success
19:42:13.750 AVAST engine defs: 12112801
19:42:21.921 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
19:42:21.921 Disk 0 Vendor: ST316002 8.05 Size: 152627MB BusType: 3
19:42:21.937 Disk 0 MBR read successfully
19:42:21.937 Disk 0 MBR scan
19:42:22.000 Disk 0 Windows XP default MBR code
19:42:22.000 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 152617 MB offset 63
19:42:22.000 Disk 0 scanning sectors +312560640
19:42:22.093 Disk 0 scanning C:\WINDOWS\system32\drivers
19:42:59.625 Service scanning
19:43:16.968 Modules scanning
19:43:22.500 Disk 0 trace - called modules:
19:43:22.515 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
19:43:22.515 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86f9dab8]
19:43:23.031 3 CLASSPNP.SYS[f7684fd7] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x86f6f030]
19:43:27.343 AVAST engine scan C:\WINDOWS
19:43:32.734 AVAST engine scan C:\WINDOWS\system32
19:49:51.078 AVAST engine scan C:\WINDOWS\system32\drivers
19:50:06.750 AVAST engine scan C:\Documents and Settings\Lenny
19:58:19.750 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Lenny\Desktop\Bleeping Computer\MBR.dat"
19:58:19.765 The log file has been saved successfully to "C:\Documents and Settings\Lenny\Desktop\Bleeping Computer\aswMBR.txt"

==========================

C:\RECYCLER\S-1-5-21-515967899-1425521274-725345543-1004\Dc45.exe Win32/InstallMonetizer.AF application cleaned by deleting - quarantined
C:\System Volume Information\_restore{E777FBBB-7BCA-40ED-AF05-EED79F2B9371}\RP17\A0006358.exe Win32/InstallMonetizer.AF application cleaned by deleting - quarantined

#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,220 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:48 PM

Posted 28 November 2012 - 10:26 PM

You're welcome,we need to ook further. Tell me how it is after these.


JRT
Posted Image Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

>>>>

ADW Cleaner

Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • You will be prompted to restart your computer. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

>>>>>>

ESET ONLINE


I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image
      icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

NOTE:Sometimes if ESET finds no infections it will not create a log.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 pupster1

pupster1
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:03:48 PM

Posted 29 November 2012 - 09:40 PM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 3.6.6 (11.29.2012:5)
OS: Microsoft Windows XP x86
Ran by Lenny on Thu 11/29/2012 at 20:18:32.82
Blog: http://thisisudax.blogspot.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_classes_root\clsid\{3c471948-f874-49f5-b338-4f214a2ee0b1}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Documents and Settings\Lenny\Local Settings\Application Data\blekkotb_031"



~~~ FireFox

Successfully deleted the following from C:\Documents and Settings\Lenny\Application Data\mozilla\firefox\profiles\bbdgw382.default\prefs.js

user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_referrer", "http://us.yhs4.search.yahoo.com/yhs/search?fr=altavista&itag=ody&q=http://www.wetpaint.com/the-bachelorette/articles/erica-rose-dishes-on-her-bachelor-pad-3-castmates-chris-bukowski-was-heartbroken-over-emily-maynard-exclusive/|||8641347332076683");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_temp_referer", "http://us.yhs4.search.yahoo.com/yhs/search?fr=altavista&itag=ody&q=http://www.wetpaint.com/the-bachelorette/articles/erica-rose-dishes-on-her-bachelor-pad-3-castmates-chris-bukowski-was-heartbroken-over-emily-maynard-exclusive/|#|old_value|||8641347332076682");





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 11/29/2012 at 20:24:54.04
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

=======================================================================

# AdwCleaner v2.010 - Logfile created 11/29/2012 at 20:27:19
# Updated 29/11/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Lenny - HOME
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Lenny\My Documents\Downloads\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Documents and Settings\Lenny\Application Data\Mozilla\Firefox\Profiles\bbdgw382.default\searchplugins\askcomsearch.xml

***** [Registry] *****

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6E4C89CF-3061-4EE4-B22A-B7A8AAEA5CB3}
Key Deleted : HKLM\Software\TENCENT

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

-\\ Mozilla Firefox v17.0 (en-US)

Profile name : default
File : C:\Documents and Settings\Lenny\Application Data\Mozilla\Firefox\Profiles\bbdgw382.default\prefs.js

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [4319 octets] - [12/09/2012 18:35:26]
AdwCleaner[S2].txt - [1057 octets] - [29/11/2012 20:27:19]

########## EOF - C:\AdwCleaner[S2].txt - [1117 octets] ##########

===========================================================================


ESET FOUND NO THREATS - NO LOG CREATED

#7 pupster1

pupster1
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:03:48 PM

Posted 29 November 2012 - 09:48 PM

I still cannot get to my external hard-drive even after a reboot. It also still doesn't shut off when the computer is shut off like it used to do.
I dont't know if this is related to the malware issue we have been pursuing or not, but I wanted to mention it. I should also mention that upon bootup I still see some message about a debugger being enabled (at the boot menu that flashes on the screen).

#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,220 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:48 PM

Posted 01 December 2012 - 10:24 PM

Lets clean the Temp files and then you need to start a new topic in XP as you are clean.

Please download TFC (Temp File Cleaner) by Old Timer and save it to your desktop.
alternate download link
  • Save any unsaved work. TFC will close ALL open programs including your browser!
  • Double-click on TFC.exe to run it. If you are using Vista, right-click on the file and choose Run As Administrator.
  • Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
  • TFC will clear out all temp folders for all user accounts (temp, IE temp, Java, FF, Opera, Chrome, Safari), including Administrator, All Users, LocalService, NetworkService, and any other accounts in the user folder.
  • Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway to ensure a complete clean.
Note: It is normal for the computer to be slow to boot after running TFC cleaner the first time.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 pupster1

pupster1
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:03:48 PM

Posted 02 December 2012 - 02:26 PM

ok, i have cleaned the temp files/folders with the utility you mentioned. So, are you saying that I should open a new case in XP for the in-ability to see my external drive or for some other reason?

#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,220 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:48 PM

Posted 02 December 2012 - 06:12 PM

Yes it would appears that it may be a system issue.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 pupster1

pupster1
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:03:48 PM

Posted 02 December 2012 - 07:06 PM

ok, thanks for all your help.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users