Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Another Trojan Infection


  • Please log in to reply
24 replies to this topic

#1 tide_belle

tide_belle

  • Members
  • 156 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Alabama
  • Local time:06:57 PM

Posted 22 November 2012 - 12:43 PM

Hi again and Happy Thanksgiving!

Windows XP SP3
Dell Dimension

So apparently Trojans are running rampant with Windows XP even with MSE running real time protection.

I first noticed multiple tasks running such as csrss.exe and a couple of others. Updated and ran SuperAnti Spyware and it found Trojan.Agent/Gen-PWS. I quarantined the trojan and have deleted it. What are my next steps?

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,220 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:57 PM

Posted 22 November 2012 - 12:58 PM

Hello and Happy Thankgiving. Please also run these. I will be in and out today with the holiday.

Please DownloadTDSSkiller

Launch it. Click on change parameters-Select TDLFS file system

Click on "Scan".
Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results.



ADW Cleaner

Please download AdwCleaner by Xplode onto your desktop.


  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • You will be prompted to restart your computer. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

>>>>>>

ESET ONLINE


I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image
      icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.


MiniToolBox
Please download MiniToolBox, save it to your desktop and run it.Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



How is it now?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 tide_belle

tide_belle
  • Topic Starter

  • Members
  • 156 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Alabama
  • Local time:06:57 PM

Posted 22 November 2012 - 08:40 PM

13:30:48.0765 0860 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
13:30:49.0500 0860 ============================================================
13:30:49.0500 0860 Current date / time: 2012/11/22 13:30:49.0500
13:30:49.0500 0860 SystemInfo:
13:30:49.0500 0860
13:30:49.0500 0860 OS Version: 5.1.2600 ServicePack: 3.0
13:30:49.0500 0860 Product type: Workstation
13:30:49.0515 0860 ComputerName: D7C1CCB1
13:30:49.0515 0860 UserName: Jodi
13:30:49.0515 0860 Windows directory: C:\WINDOWS
13:30:49.0515 0860 System windows directory: C:\WINDOWS
13:30:49.0515 0860 Processor architecture: Intel x86
13:30:49.0515 0860 Number of processors: 1
13:30:49.0515 0860 Page size: 0x1000
13:30:49.0515 0860 Boot type: Safe boot with network
13:30:49.0515 0860 ============================================================
13:30:56.0687 0860 Drive \Device\Harddisk0\DR0 - Size: 0x12A05F2000 (74.51 Gb), SectorSize: 0x200, Cylinders: 0x25FE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
13:30:56.0781 0860 ============================================================
13:30:56.0781 0860 \Device\Harddisk0\DR0:
13:30:56.0781 0860 MBR partitions:
13:30:56.0781 0860 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x139C5, BlocksNum 0x69682E0
13:30:56.0781 0860 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x697BCA5, BlocksNum 0x2536D3D
13:30:56.0781 0860 ============================================================
13:30:57.0078 0860 C: <-> \Device\Harddisk0\DR0\Partition1
13:30:57.0328 0860 D: <-> \Device\Harddisk0\DR0\Partition2
13:30:57.0328 0860 ============================================================
13:30:57.0328 0860 Initialize success
13:30:57.0328 0860 ============================================================
13:31:15.0109 0232 ============================================================
13:31:15.0109 0232 Scan started
13:31:15.0109 0232 Mode: Manual; TDLFS;
13:31:15.0109 0232 ============================================================
13:31:18.0859 0232 ================ Scan system memory ========================
13:31:18.0859 0232 System memory - ok
13:31:18.0875 0232 ================ Scan services =============================
13:31:19.0062 0232 [ 01E81C84AD1D0ACC61CF3CFD06632210 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
13:31:19.0093 0232 !SASCORE - ok
13:31:19.0640 0232 Abiosdsk - ok
13:31:19.0718 0232 [ 6ABB91494FE6C59089B9336452AB2EA3 ] abp480n5 C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
13:31:19.0718 0232 abp480n5 - ok
13:31:19.0859 0232 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
13:31:19.0859 0232 ACPI - ok
13:31:19.0906 0232 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
13:31:19.0906 0232 ACPIEC - ok
13:31:20.0156 0232 [ 0CB0AA071C7B86A64F361DCFDF357329 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
13:31:20.0156 0232 AdobeFlashPlayerUpdateSvc - ok
13:31:20.0250 0232 [ 9A11864873DA202C996558B2106B0BBC ] adpu160m C:\WINDOWS\system32\DRIVERS\adpu160m.sys
13:31:20.0250 0232 adpu160m - ok
13:31:20.0359 0232 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
13:31:20.0359 0232 aec - ok
13:31:20.0484 0232 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
13:31:20.0484 0232 AFD - ok
13:31:20.0578 0232 [ 08FD04AA961BDC77FB983F328334E3D7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
13:31:20.0578 0232 agp440 - ok
13:31:20.0625 0232 [ 03A7E0922ACFE1B07D5DB2EEB0773063 ] agpCPQ C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
13:31:20.0625 0232 agpCPQ - ok
13:31:20.0687 0232 [ C23EA9B5F46C7F7910DB3EAB648FF013 ] Aha154x C:\WINDOWS\system32\DRIVERS\aha154x.sys
13:31:20.0687 0232 Aha154x - ok
13:31:20.0734 0232 [ 19DD0FB48B0C18892F70E2E7D61A1529 ] aic78u2 C:\WINDOWS\system32\DRIVERS\aic78u2.sys
13:31:20.0734 0232 aic78u2 - ok
13:31:20.0781 0232 [ B7FE594A7468AA0132DEB03FB8E34326 ] aic78xx C:\WINDOWS\system32\DRIVERS\aic78xx.sys
13:31:20.0781 0232 aic78xx - ok
13:31:20.0859 0232 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
13:31:20.0859 0232 Alerter - ok
13:31:20.0921 0232 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
13:31:20.0937 0232 ALG - ok
13:31:21.0015 0232 [ 1140AB9938809700B46BB88E46D72A96 ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys
13:31:21.0015 0232 AliIde - ok
13:31:21.0062 0232 [ CB08AED0DE2DD889A8A820CD8082D83C ] alim1541 C:\WINDOWS\system32\DRIVERS\alim1541.sys
13:31:21.0062 0232 alim1541 - ok
13:31:21.0140 0232 [ 95B4FB835E28AA1336CEEB07FD5B9398 ] amdagp C:\WINDOWS\system32\DRIVERS\amdagp.sys
13:31:21.0140 0232 amdagp - ok
13:31:21.0187 0232 [ 79F5ADD8D24BD6893F2903A3E2F3FAD6 ] amsint C:\WINDOWS\system32\DRIVERS\amsint.sys
13:31:21.0187 0232 amsint - ok
13:31:21.0312 0232 [ 62D318E9A0C8FC9B780008E724283707 ] asc C:\WINDOWS\system32\DRIVERS\asc.sys
13:31:21.0312 0232 asc - ok
13:31:21.0359 0232 [ 69EB0CC7714B32896CCBFD5EDCBEA447 ] asc3350p C:\WINDOWS\system32\DRIVERS\asc3350p.sys
13:31:21.0359 0232 asc3350p - ok
13:31:21.0421 0232 [ 5D8DE112AA0254B907861E9E9C31D597 ] asc3550 C:\WINDOWS\system32\DRIVERS\asc3550.sys
13:31:21.0421 0232 asc3550 - ok
13:31:21.0703 0232 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
13:31:21.0718 0232 aspnet_state - ok
13:31:21.0796 0232 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
13:31:21.0796 0232 AsyncMac - ok
13:31:21.0875 0232 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
13:31:21.0890 0232 atapi - ok
13:31:21.0921 0232 Atdisk - ok
13:31:22.0000 0232 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
13:31:22.0015 0232 Atmarpc - ok
13:31:22.0093 0232 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
13:31:22.0093 0232 AudioSrv - ok
13:31:22.0187 0232 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
13:31:22.0187 0232 audstub - ok
13:31:22.0296 0232 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
13:31:22.0296 0232 Beep - ok
13:31:22.0500 0232 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
13:31:22.0640 0232 BITS - ok
13:31:22.0875 0232 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
13:31:23.0000 0232 Bonjour Service - ok
13:31:23.0093 0232 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
13:31:23.0109 0232 Browser - ok
13:31:23.0140 0232 bvrp_pci - ok
13:31:23.0296 0232 catchme - ok
13:31:23.0375 0232 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
13:31:23.0375 0232 cbidf - ok
13:31:23.0406 0232 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
13:31:23.0406 0232 cbidf2k - ok
13:31:23.0515 0232 [ F3EC03299634490E97BBCE94CD2954C7 ] cd20xrnt C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
13:31:23.0515 0232 cd20xrnt - ok
13:31:23.0625 0232 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
13:31:23.0625 0232 Cdaudio - ok
13:31:23.0750 0232 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
13:31:23.0750 0232 Cdfs - ok
13:31:23.0828 0232 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
13:31:23.0828 0232 Cdrom - ok
13:31:23.0859 0232 Changer - ok
13:31:23.0937 0232 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
13:31:23.0937 0232 CiSvc - ok
13:31:24.0031 0232 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
13:31:24.0046 0232 ClipSrv - ok
13:31:24.0156 0232 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:31:24.0171 0232 clr_optimization_v2.0.50727_32 - ok
13:31:24.0234 0232 [ E5DCB56C533014ECBC556A8357C929D5 ] CmdIde C:\WINDOWS\system32\DRIVERS\cmdide.sys
13:31:24.0234 0232 CmdIde - ok
13:31:24.0265 0232 COMSysApp - ok
13:31:24.0343 0232 [ 3EE529119EED34CD212A215E8C40D4B6 ] Cpqarray C:\WINDOWS\system32\DRIVERS\cpqarray.sys
13:31:24.0343 0232 Cpqarray - ok
13:31:24.0453 0232 [ D01F685F8B4598D144B0CCE9FF95D8D5 ] cpudrv C:\Program Files\SystemRequirementsLab\cpudrv.sys
13:31:24.0484 0232 cpudrv - ok
13:31:24.0546 0232 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
13:31:24.0578 0232 CryptSvc - ok
13:31:24.0687 0232 [ E550E7418984B65A78299D248F0A7F36 ] dac2w2k C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
13:31:24.0687 0232 dac2w2k - ok
13:31:24.0750 0232 [ 683789CAA3864EB46125AE86FF677D34 ] dac960nt C:\WINDOWS\system32\DRIVERS\dac960nt.sys
13:31:24.0750 0232 dac960nt - ok
13:31:24.0921 0232 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
13:31:25.0062 0232 DcomLaunch - ok
13:31:25.0171 0232 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
13:31:25.0203 0232 Dhcp - ok
13:31:25.0281 0232 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
13:31:25.0281 0232 Disk - ok
13:31:25.0406 0232 [ E2D0DE31442390C35E3163C87CB6A9EB ] DLABOIOM C:\WINDOWS\system32\DLA\DLABOIOM.SYS
13:31:25.0406 0232 DLABOIOM - ok
13:31:25.0500 0232 [ D979BEBCF7EDCC9C9EE1857D1A68C67B ] DLACDBHM C:\WINDOWS\system32\Drivers\DLACDBHM.SYS
13:31:25.0500 0232 DLACDBHM - ok
13:31:25.0578 0232 [ 83545593E297F50A8E2524B4C071A153 ] DLADResN C:\WINDOWS\system32\DLA\DLADResN.SYS
13:31:25.0578 0232 DLADResN - ok
13:31:25.0640 0232 [ 96E01D901CDC98C7817155CC057001BF ] DLAIFS_M C:\WINDOWS\system32\DLA\DLAIFS_M.SYS
13:31:25.0671 0232 DLAIFS_M - ok
13:31:25.0718 0232 [ 0A60A39CC5E767980A31CA5D7238DFA9 ] DLAOPIOM C:\WINDOWS\system32\DLA\DLAOPIOM.SYS
13:31:25.0718 0232 DLAOPIOM - ok
13:31:25.0750 0232 [ 9FE2B72558FC808357F427FD83314375 ] DLAPoolM C:\WINDOWS\system32\DLA\DLAPoolM.SYS
13:31:25.0750 0232 DLAPoolM - ok
13:31:25.0796 0232 [ 7EE0852AE8907689DF25049DCD2342E8 ] DLARTL_N C:\WINDOWS\system32\Drivers\DLARTL_N.SYS
13:31:25.0796 0232 DLARTL_N - ok
13:31:25.0859 0232 [ F08E1DAFAC457893399E03430A6A1397 ] DLAUDFAM C:\WINDOWS\system32\DLA\DLAUDFAM.SYS
13:31:25.0906 0232 DLAUDFAM - ok
13:31:25.0968 0232 [ E7D105ED1E694449D444A9933DF8E060 ] DLAUDF_M C:\WINDOWS\system32\DLA\DLAUDF_M.SYS
13:31:26.0000 0232 DLAUDF_M - ok
13:31:26.0015 0232 dmadmin - ok
13:31:26.0343 0232 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
13:31:26.0359 0232 dmboot - ok
13:31:26.0468 0232 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
13:31:26.0468 0232 dmio - ok
13:31:26.0546 0232 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
13:31:26.0546 0232 dmload - ok
13:31:26.0625 0232 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
13:31:26.0640 0232 dmserver - ok
13:31:26.0718 0232 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
13:31:26.0718 0232 DMusic - ok
13:31:26.0796 0232 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
13:31:26.0812 0232 Dnscache - ok
13:31:26.0906 0232 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
13:31:26.0953 0232 Dot3svc - ok
13:31:27.0000 0232 [ 40F3B93B4E5B0126F2F5C0A7A5E22660 ] dpti2o C:\WINDOWS\system32\DRIVERS\dpti2o.sys
13:31:27.0000 0232 dpti2o - ok
13:31:27.0078 0232 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
13:31:27.0078 0232 drmkaud - ok
13:31:27.0140 0232 [ FD0F95981FEF9073659D8EC58E40AA3C ] DRVMCDB C:\WINDOWS\system32\Drivers\DRVMCDB.SYS
13:31:27.0140 0232 DRVMCDB - ok
13:31:27.0250 0232 [ B4869D320428CDC5EC4D7F5E808E99B5 ] DRVNDDM C:\WINDOWS\system32\Drivers\DRVNDDM.SYS
13:31:27.0250 0232 DRVNDDM - ok
13:31:27.0406 0232 [ FE80901578E7E3DA70299A5AEB2B7FBD ] DSBrokerService C:\Program Files\DellSupport\brkrsvc.exe
13:31:27.0500 0232 DSBrokerService - ok
13:31:27.0625 0232 [ 413F2D5F9D802688242C23B38F767ECB ] DSproct C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
13:31:27.0703 0232 DSproct - ok
13:31:27.0781 0232 [ DFEABB7CFFFADEA4A912AB95BDC3177A ] dsunidrv C:\WINDOWS\system32\DRIVERS\dsunidrv.sys
13:31:27.0781 0232 dsunidrv - ok
13:31:27.0890 0232 [ 7D91DC6342248369F94D6EBA0CF42E99 ] E100B C:\WINDOWS\system32\DRIVERS\e100b325.sys
13:31:27.0890 0232 E100B - ok
13:31:27.0984 0232 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
13:31:27.0984 0232 EapHost - ok
13:31:28.0062 0232 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
13:31:28.0078 0232 ERSvc - ok
13:31:28.0187 0232 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
13:31:28.0218 0232 Eventlog - ok
13:31:28.0359 0232 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
13:31:28.0437 0232 EventSystem - ok
13:31:28.0546 0232 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
13:31:28.0562 0232 Fastfat - ok
13:31:28.0687 0232 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
13:31:28.0750 0232 FastUserSwitchingCompatibility - ok
13:31:28.0921 0232 [ E97D6A8684466DF94FF3BC24FB787A07 ] Fax C:\WINDOWS\system32\fxssvc.exe
13:31:29.0000 0232 Fax - ok
13:31:29.0093 0232 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
13:31:29.0093 0232 Fdc - ok
13:31:29.0156 0232 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
13:31:29.0156 0232 Fips - ok
13:31:29.0234 0232 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
13:31:29.0234 0232 Flpydisk - ok
13:31:29.0343 0232 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
13:31:29.0343 0232 FltMgr - ok
13:31:29.0468 0232 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
13:31:29.0500 0232 FontCache3.0.0.0 - ok
13:31:29.0546 0232 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
13:31:29.0546 0232 Fs_Rec - ok
13:31:29.0671 0232 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
13:31:29.0671 0232 Ftdisk - ok
13:31:29.0734 0232 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
13:31:29.0750 0232 GEARAspiWDM - ok
13:31:29.0812 0232 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
13:31:29.0812 0232 Gpc - ok
13:31:29.0968 0232 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
13:31:30.0015 0232 gupdate - ok
13:31:30.0093 0232 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
13:31:30.0093 0232 gupdatem - ok
13:31:30.0250 0232 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
13:31:30.0250 0232 helpsvc - ok
13:31:30.0265 0232 HidServ - ok
13:31:30.0328 0232 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
13:31:30.0328 0232 HidUsb - ok
13:31:30.0437 0232 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
13:31:30.0453 0232 hkmsvc - ok
13:31:30.0500 0232 [ B028377DEA0546A5FCFBA928A8AEFAE0 ] hpn C:\WINDOWS\system32\DRIVERS\hpn.sys
13:31:30.0500 0232 hpn - ok
13:31:30.0640 0232 [ 77E4FF0B73BC0AEAAF39BF0C8104231F ] HSFHWBS2 C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
13:31:30.0640 0232 HSFHWBS2 - ok
13:31:31.0031 0232 [ 60E1604729A15EF4A3B05F298427B3B1 ] HSF_DP C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
13:31:31.0031 0232 HSF_DP - ok
13:31:31.0171 0232 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
13:31:31.0187 0232 HTTP - ok
13:31:31.0250 0232 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
13:31:31.0250 0232 HTTPFilter - ok
13:31:31.0328 0232 [ 9368670BD426EBEA5E8B18A62416EC28 ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys
13:31:31.0328 0232 i2omgmt - ok
13:31:31.0390 0232 [ F10863BF1CCC290BABD1A09188AE49E0 ] i2omp C:\WINDOWS\system32\DRIVERS\i2omp.sys
13:31:31.0390 0232 i2omp - ok
13:31:31.0468 0232 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
13:31:31.0468 0232 i8042prt - ok
13:31:31.0937 0232 [ 9A883C3C4D91292C0D09DE7C728E781C ] ialm C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
13:31:31.0953 0232 ialm - ok
13:31:32.0312 0232 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
13:31:32.0640 0232 idsvc - ok
13:31:32.0718 0232 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
13:31:32.0718 0232 Imapi - ok
13:31:32.0828 0232 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
13:31:32.0875 0232 ImapiService - ok
13:31:32.0968 0232 [ 4A40E045FAEE58631FD8D91AFC620719 ] ini910u C:\WINDOWS\system32\DRIVERS\ini910u.sys
13:31:32.0968 0232 ini910u - ok
13:31:33.0062 0232 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
13:31:33.0062 0232 IntelIde - ok
13:31:33.0140 0232 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
13:31:33.0140 0232 intelppm - ok
13:31:33.0218 0232 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
13:31:33.0218 0232 Ip6Fw - ok
13:31:33.0296 0232 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
13:31:33.0296 0232 IpFilterDriver - ok
13:31:33.0359 0232 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
13:31:33.0359 0232 IpInIp - ok
13:31:33.0468 0232 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
13:31:33.0468 0232 IpNat - ok
13:31:33.0812 0232 [ BC0EA61246F8D940FBC5F652D337D6BD ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
13:31:34.0140 0232 iPod Service - ok
13:31:34.0218 0232 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
13:31:34.0218 0232 IPSec - ok
13:31:34.0296 0232 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
13:31:34.0296 0232 IRENUM - ok
13:31:34.0390 0232 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
13:31:34.0390 0232 isapnp - ok
13:31:34.0687 0232 [ B591E761161D1EF547D76EF236EAA6A5 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
13:31:34.0765 0232 JavaQuickStarterService - ok
13:31:34.0843 0232 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
13:31:34.0843 0232 Kbdclass - ok
13:31:34.0875 0232 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
13:31:34.0875 0232 kbdhid - ok
13:31:35.0000 0232 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
13:31:35.0000 0232 kmixer - ok
13:31:35.0093 0232 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
13:31:35.0093 0232 KSecDD - ok
13:31:35.0171 0232 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
13:31:35.0218 0232 lanmanserver - ok
13:31:35.0328 0232 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
13:31:35.0375 0232 lanmanworkstation - ok
13:31:35.0437 0232 Lavasoft Kernexplorer - ok
13:31:35.0468 0232 Lbd - ok
13:31:35.0515 0232 lbrtfdc - ok
13:31:38.0000 0232 [ 4CCC8AABE7880C56BA10043B8FBCA3EB ] LeapFrog Connect Device Service C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
13:31:40.0546 0232 LeapFrog Connect Device Service - ok
13:31:40.0640 0232 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
13:31:40.0640 0232 LmHosts - ok
13:31:40.0812 0232 [ AB694FA24E02246F9DDCDD729D6B9278 ] lxdnCATSCustConnectService C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdnserv.exe
13:31:40.0812 0232 lxdnCATSCustConnectService - ok
13:31:40.0843 0232 lxdn_device - ok
13:31:40.0890 0232 [ EEAEA6514BA7C9D273B5E87C4E1AAB30 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
13:31:40.0890 0232 mdmxsdk - ok
13:31:40.0953 0232 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
13:31:40.0953 0232 Messenger - ok
13:31:41.0031 0232 mferkdk - ok
13:31:41.0093 0232 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
13:31:41.0093 0232 mnmdd - ok
13:31:41.0171 0232 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
13:31:41.0171 0232 mnmsrvc - ok
13:31:41.0250 0232 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
13:31:41.0250 0232 Modem - ok
13:31:41.0296 0232 [ 1992E0D143B09653AB0F9C5E04B0FD65 ] MODEMCSA C:\WINDOWS\system32\drivers\MODEMCSA.sys
13:31:41.0296 0232 MODEMCSA - ok
13:31:41.0359 0232 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
13:31:41.0359 0232 Mouclass - ok
13:31:41.0453 0232 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
13:31:41.0453 0232 mouhid - ok
13:31:41.0546 0232 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
13:31:41.0546 0232 MountMgr - ok
13:31:41.0656 0232 [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
13:31:41.0718 0232 MozillaMaintenance - ok
13:31:41.0843 0232 [ EE728AF83850DDAD9A3FCAC0AAB3AD97 ] MpFilter C:\WINDOWS\system32\DRIVERS\MpFilter.sys
13:31:41.0859 0232 MpFilter - ok
13:31:41.0906 0232 [ 3F4BB95E5A44F3BE34824E8E7CAF0737 ] mraid35x C:\WINDOWS\system32\DRIVERS\mraid35x.sys
13:31:41.0906 0232 mraid35x - ok
13:31:42.0031 0232 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
13:31:42.0031 0232 MRxDAV - ok
13:31:42.0203 0232 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
13:31:42.0218 0232 MRxSmb - ok
13:31:42.0296 0232 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
13:31:42.0296 0232 MSDTC - ok
13:31:42.0375 0232 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
13:31:42.0375 0232 Msfs - ok
13:31:42.0421 0232 MSIServer - ok
13:31:42.0484 0232 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
13:31:42.0484 0232 MSKSSRV - ok
13:31:42.0578 0232 [ E077FCA2A7E79FB9BF67D3E30B5CE593 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
13:31:42.0593 0232 MsMpSvc - ok
13:31:42.0656 0232 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
13:31:42.0656 0232 MSPCLOCK - ok
13:31:42.0718 0232 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
13:31:42.0718 0232 MSPQM - ok
13:31:42.0781 0232 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
13:31:42.0781 0232 mssmbios - ok
13:31:42.0875 0232 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
13:31:42.0875 0232 Mup - ok
13:31:43.0046 0232 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
13:31:43.0156 0232 napagent - ok
13:31:43.0281 0232 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
13:31:43.0281 0232 NDIS - ok
13:31:43.0359 0232 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
13:31:43.0359 0232 NdisTapi - ok
13:31:43.0421 0232 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
13:31:43.0421 0232 Ndisuio - ok
13:31:43.0500 0232 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
13:31:43.0500 0232 NdisWan - ok
13:31:43.0578 0232 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
13:31:43.0578 0232 NDProxy - ok
13:31:43.0625 0232 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
13:31:43.0625 0232 NetBIOS - ok
13:31:43.0781 0232 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
13:31:43.0781 0232 NetBT - ok
13:31:43.0875 0232 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
13:31:43.0921 0232 NetDDE - ok
13:31:43.0984 0232 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
13:31:43.0984 0232 NetDDEdsdm - ok
13:31:44.0062 0232 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
13:31:44.0062 0232 Netlogon - ok
13:31:44.0187 0232 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
13:31:44.0250 0232 Netman - ok
13:31:44.0437 0232 [ 02D0798F376FCBD0210EDA58476D0B1B ] NetSvc C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
13:31:44.0593 0232 NetSvc - ok
13:31:44.0703 0232 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:31:44.0750 0232 NetTcpPortSharing - ok
13:31:44.0875 0232 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
13:31:44.0953 0232 Nla - ok
13:31:45.0015 0232 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
13:31:45.0015 0232 Npfs - ok
13:31:45.0250 0232 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
13:31:45.0250 0232 Ntfs - ok
13:31:45.0281 0232 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
13:31:45.0281 0232 NtLmSsp - ok
13:31:45.0500 0232 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
13:31:45.0656 0232 NtmsSvc - ok
13:31:45.0703 0232 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
13:31:45.0703 0232 Null - ok
13:31:46.0343 0232 [ 2B298519EDBFCF451D43E0F1E8F1006D ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
13:31:46.0359 0232 nv - ok
13:31:46.0468 0232 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
13:31:46.0468 0232 NwlnkFlt - ok
13:31:46.0546 0232 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
13:31:46.0546 0232 NwlnkFwd - ok
13:31:46.0718 0232 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:31:46.0796 0232 ose - ok
13:31:46.0906 0232 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
13:31:46.0906 0232 Parport - ok
13:31:46.0984 0232 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
13:31:46.0984 0232 PartMgr - ok
13:31:47.0078 0232 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
13:31:47.0078 0232 ParVdm - ok
13:31:47.0203 0232 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
13:31:47.0203 0232 PCI - ok
13:31:47.0234 0232 PCIDump - ok
13:31:47.0312 0232 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
13:31:47.0312 0232 PCIIde - ok
13:31:47.0406 0232 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
13:31:47.0421 0232 Pcmcia - ok
13:31:47.0437 0232 PDCOMP - ok
13:31:47.0484 0232 PDFRAME - ok
13:31:47.0515 0232 PDRELI - ok
13:31:47.0546 0232 PDRFRAME - ok
13:31:47.0609 0232 [ 6C14B9C19BA84F73D3A86DBA11133101 ] perc2 C:\WINDOWS\system32\DRIVERS\perc2.sys
13:31:47.0609 0232 perc2 - ok
13:31:47.0656 0232 [ F50F7C27F131AFE7BEBA13E14A3B9416 ] perc2hib C:\WINDOWS\system32\DRIVERS\perc2hib.sys
13:31:47.0656 0232 perc2hib - ok
13:31:47.0796 0232 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
13:31:47.0796 0232 PlugPlay - ok
13:31:47.0843 0232 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
13:31:47.0843 0232 PolicyAgent - ok
13:31:47.0937 0232 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
13:31:47.0937 0232 PptpMiniport - ok
13:31:47.0984 0232 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
13:31:47.0984 0232 ProtectedStorage - ok
13:31:48.0062 0232 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
13:31:48.0062 0232 PSched - ok
13:31:48.0140 0232 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
13:31:48.0140 0232 Ptilink - ok
13:31:48.0234 0232 [ 86724469CD077901706854974CD13C3E ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
13:31:48.0234 0232 PxHelp20 - ok
13:31:48.0328 0232 [ 0A63FB54039EB5662433CABA3B26DBA7 ] ql1080 C:\WINDOWS\system32\DRIVERS\ql1080.sys
13:31:48.0328 0232 ql1080 - ok
13:31:48.0390 0232 [ 6503449E1D43A0FF0201AD5CB1B8C706 ] Ql10wnt C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
13:31:48.0390 0232 Ql10wnt - ok
13:31:48.0437 0232 [ 156ED0EF20C15114CA097A34A30D8A01 ] ql12160 C:\WINDOWS\system32\DRIVERS\ql12160.sys
13:31:48.0437 0232 ql12160 - ok
13:31:48.0500 0232 [ 70F016BEBDE6D29E864C1230A07CC5E6 ] ql1240 C:\WINDOWS\system32\DRIVERS\ql1240.sys
13:31:48.0500 0232 ql1240 - ok
13:31:48.0562 0232 [ 907F0AEEA6BC451011611E732BD31FCF ] ql1280 C:\WINDOWS\system32\DRIVERS\ql1280.sys
13:31:48.0562 0232 ql1280 - ok
13:31:48.0640 0232 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
13:31:48.0640 0232 RasAcd - ok
13:31:48.0734 0232 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
13:31:48.0796 0232 RasAuto - ok
13:31:48.0875 0232 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
13:31:48.0875 0232 Rasl2tp - ok
13:31:49.0000 0232 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
13:31:49.0062 0232 RasMan - ok
13:31:49.0109 0232 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
13:31:49.0109 0232 RasPppoe - ok
13:31:49.0156 0232 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
13:31:49.0156 0232 Raspti - ok
13:31:49.0234 0232 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
13:31:49.0234 0232 Rdbss - ok
13:31:49.0265 0232 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
13:31:49.0265 0232 RDPCDD - ok
13:31:49.0406 0232 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
13:31:49.0406 0232 rdpdr - ok
13:31:49.0531 0232 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
13:31:49.0531 0232 RDPWD - ok
13:31:49.0640 0232 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
13:31:49.0687 0232 RDSessMgr - ok
13:31:49.0765 0232 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
13:31:49.0765 0232 redbook - ok
13:31:49.0843 0232 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
13:31:49.0859 0232 RemoteAccess - ok
13:31:49.0953 0232 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
13:31:49.0984 0232 RpcLocator - ok
13:31:50.0171 0232 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\System32\rpcss.dll
13:31:50.0187 0232 RpcSs - ok
13:31:50.0296 0232 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
13:31:50.0359 0232 RSVP - ok
13:31:50.0421 0232 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
13:31:50.0421 0232 SamSs - ok
13:31:50.0546 0232 [ 39763504067962108505BFF25F024345 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
13:31:50.0593 0232 SASDIFSV - ok
13:31:50.0640 0232 [ 7CE61C25C159F50F9EAF6D77FC83FA35 ] SASENUM C:\Program Files\SUPERAntiSpyware\SASENUM.SYS
13:31:50.0640 0232 SASENUM - ok
13:31:50.0718 0232 [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys
13:31:50.0765 0232 SASKUTIL - ok
13:31:50.0796 0232 SBRE - ok
13:31:50.0906 0232 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
13:31:50.0937 0232 SCardSvr - ok
13:31:51.0062 0232 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
13:31:51.0125 0232 Schedule - ok
13:31:51.0234 0232 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
13:31:51.0234 0232 Secdrv - ok
13:31:51.0296 0232 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
13:31:51.0296 0232 seclogon - ok
13:31:51.0593 0232 [ B9C7617C1E8AB6FDFF75D3C8DAFCB4C8 ] senfilt C:\WINDOWS\system32\drivers\senfilt.sys
13:31:51.0593 0232 senfilt - ok
13:31:51.0687 0232 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
13:31:51.0703 0232 SENS - ok
13:31:51.0765 0232 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
13:31:51.0765 0232 serenum - ok
13:31:51.0812 0232 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
13:31:51.0812 0232 Serial - ok
13:31:51.0875 0232 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
13:31:51.0875 0232 Sfloppy - ok
13:31:52.0062 0232 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
13:31:52.0171 0232 SharedAccess - ok
13:31:52.0250 0232 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
13:31:52.0250 0232 ShellHWDetection - ok
13:31:52.0296 0232 Simbad - ok
13:31:52.0359 0232 [ 6B33D0EBD30DB32E27D1D78FE946A754 ] sisagp C:\WINDOWS\system32\DRIVERS\sisagp.sys
13:31:52.0359 0232 sisagp - ok
13:31:52.0546 0232 [ 0066FF77AEB4AE70066F7E94D5A6D866 ] smwdm C:\WINDOWS\system32\drivers\smwdm.sys
13:31:52.0546 0232 smwdm - ok
13:31:52.0640 0232 [ 83C0F71F86D3BDAF915685F3D568B20E ] Sparrow C:\WINDOWS\system32\DRIVERS\sparrow.sys
13:31:52.0640 0232 Sparrow - ok
13:31:52.0703 0232 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
13:31:52.0703 0232 splitter - ok
13:31:52.0796 0232 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
13:31:52.0812 0232 Spooler - ok
13:31:52.0875 0232 sprtsvc_dellsupportcenter - ok
13:31:52.0937 0232 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
13:31:52.0937 0232 sr - ok
13:31:53.0046 0232 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
13:31:53.0109 0232 srservice - ok
13:31:53.0281 0232 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
13:31:53.0281 0232 Srv - ok
13:31:53.0359 0232 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
13:31:53.0390 0232 SSDPSRV - ok
13:31:53.0562 0232 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
13:31:53.0718 0232 stisvc - ok
13:31:53.0812 0232 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
13:31:53.0812 0232 swenum - ok
13:31:53.0906 0232 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
13:31:53.0906 0232 swmidi - ok
13:31:53.0921 0232 SwPrv - ok
13:31:54.0000 0232 [ 1FF3217614018630D0A6758630FC698C ] symc810 C:\WINDOWS\system32\DRIVERS\symc810.sys
13:31:54.0000 0232 symc810 - ok
13:31:54.0046 0232 [ 070E001D95CF725186EF8B20335F933C ] symc8xx C:\WINDOWS\system32\DRIVERS\symc8xx.sys
13:31:54.0046 0232 symc8xx - ok
13:31:54.0109 0232 [ 80AC1C4ABBE2DF3B738BF15517A51F2C ] sym_hi C:\WINDOWS\system32\DRIVERS\sym_hi.sys
13:31:54.0109 0232 sym_hi - ok
13:31:54.0156 0232 [ BF4FAB949A382A8E105F46EBB4937058 ] sym_u3 C:\WINDOWS\system32\DRIVERS\sym_u3.sys
13:31:54.0156 0232 sym_u3 - ok
13:31:54.0234 0232 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
13:31:54.0234 0232 sysaudio - ok
13:31:54.0343 0232 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
13:31:54.0390 0232 SysmonLog - ok
13:31:54.0531 0232 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
13:31:54.0609 0232 TapiSrv - ok
13:31:54.0796 0232 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
13:31:54.0796 0232 Tcpip - ok
13:31:54.0875 0232 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
13:31:54.0875 0232 TDPIPE - ok
13:31:54.0921 0232 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
13:31:54.0921 0232 TDTCP - ok
13:31:54.0984 0232 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
13:31:54.0984 0232 TermDD - ok
13:31:55.0125 0232 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
13:31:55.0125 0232 TermService - ok
13:31:55.0218 0232 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
13:31:55.0218 0232 Themes - ok
13:31:55.0281 0232 [ F2790F6AF01321B172AA62F8E1E187D9 ] TosIde C:\WINDOWS\system32\DRIVERS\toside.sys
13:31:55.0281 0232 TosIde - ok
13:31:55.0375 0232 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
13:31:55.0406 0232 TrkWks - ok
13:31:55.0500 0232 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
13:31:55.0515 0232 Udfs - ok
13:31:55.0578 0232 [ 1B698A51CD528D8DA4FFAED66DFC51B9 ] ultra C:\WINDOWS\system32\DRIVERS\ultra.sys
13:31:55.0578 0232 ultra - ok
13:31:55.0765 0232 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
13:31:55.0765 0232 Update - ok
13:31:55.0890 0232 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
13:31:55.0953 0232 upnphost - ok
13:31:56.0015 0232 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
13:31:56.0015 0232 UPS - ok
13:31:56.0078 0232 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
13:31:56.0078 0232 usbccgp - ok
13:31:56.0156 0232 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
13:31:56.0156 0232 usbehci - ok
13:31:56.0218 0232 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
13:31:56.0218 0232 usbhub - ok
13:31:56.0281 0232 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
13:31:56.0296 0232 usbprint - ok
13:31:56.0375 0232 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
13:31:56.0375 0232 usbscan - ok
13:31:56.0453 0232 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
13:31:56.0453 0232 USBSTOR - ok
13:31:56.0515 0232 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
13:31:56.0515 0232 usbuhci - ok
13:31:56.0609 0232 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
13:31:56.0609 0232 VgaSave - ok
13:31:56.0687 0232 [ 754292CE5848B3738281B4F3607EAEF4 ] viaagp C:\WINDOWS\system32\DRIVERS\viaagp.sys
13:31:56.0703 0232 viaagp - ok
13:31:56.0734 0232 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
13:31:56.0734 0232 ViaIde - ok
13:31:56.0828 0232 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
13:31:56.0828 0232 VolSnap - ok
13:31:56.0984 0232 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
13:31:57.0093 0232 VSS - ok
13:31:57.0218 0232 [ 54AF4B1D5459500EF0937F6D33B1914F ] w32time C:\WINDOWS\system32\w32time.dll
13:31:57.0281 0232 w32time - ok
13:31:57.0343 0232 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
13:31:57.0343 0232 Wanarp - ok
13:31:57.0375 0232 wanatw - ok
13:31:57.0406 0232 WDICA - ok
13:31:57.0515 0232 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
13:31:57.0515 0232 wdmaud - ok
13:31:57.0578 0232 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
13:31:57.0609 0232 WebClient - ok
13:31:57.0859 0232 [ F59ED5A43B988A18EF582BB07B2327A7 ] winachsf C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
13:31:57.0875 0232 winachsf - ok
13:31:58.0031 0232 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
13:31:58.0046 0232 winmgmt - ok
13:31:58.0171 0232 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
13:31:58.0171 0232 WmdmPmSN - ok
13:31:58.0296 0232 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
13:31:58.0312 0232 WmiApSrv - ok
13:31:58.0687 0232 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
13:31:59.0015 0232 WMPNetworkSvc - ok
13:31:59.0109 0232 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
13:31:59.0109 0232 WpdUsb - ok
13:31:59.0171 0232 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
13:31:59.0171 0232 WS2IFSL - ok
13:31:59.0250 0232 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
13:31:59.0281 0232 wscsvc - ok
13:31:59.0343 0232 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
13:31:59.0343 0232 wuauserv - ok
13:31:59.0437 0232 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
13:31:59.0437 0232 WudfPf - ok
13:31:59.0531 0232 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
13:31:59.0531 0232 WudfRd - ok
13:31:59.0609 0232 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
13:31:59.0625 0232 WudfSvc - ok
13:31:59.0843 0232 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
13:32:00.0015 0232 WZCSVC - ok
13:32:00.0109 0232 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
13:32:00.0125 0232 xmlprov - ok
13:32:00.0140 0232 ================ Scan global ===============================
13:32:00.0234 0232 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
13:32:00.0375 0232 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
13:32:00.0593 0232 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
13:32:00.0671 0232 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
13:32:00.0671 0232 [Global] - ok
13:32:00.0687 0232 ================ Scan MBR ==================================
13:32:00.0750 0232 [ 5CB90281D1A59B251F6603134774EEC3 ] \Device\Harddisk0\DR0
13:32:01.0421 0232 \Device\Harddisk0\DR0 - ok
13:32:01.0437 0232 ================ Scan VBR ==================================
13:32:01.0515 0232 [ AA9A0B9AAE416C1037D3D9C104C9A81C ] \Device\Harddisk0\DR0\Partition1
13:32:01.0531 0232 \Device\Harddisk0\DR0\Partition1 - ok
13:32:01.0593 0232 [ 0DFE86AC683595BC71C5549997C79252 ] \Device\Harddisk0\DR0\Partition2
13:32:01.0593 0232 \Device\Harddisk0\DR0\Partition2 - ok
13:32:01.0609 0232 ============================================================
13:32:01.0609 0232 Scan finished
13:32:01.0609 0232 ============================================================
13:32:01.0656 1660 Detected object count: 0
13:32:01.0656 1660 Actual detected object count: 0
14:27:22.0140 1652 Deinitialize success


# AdwCleaner v2.008 - Logfile created 11/22/2012 at 15:03:07
# Updated 17/11/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Jodi - D7C1CCB1
# Boot Mode : Safe mode with networking
# Running from : C:\Documents and Settings\Jodi\Desktop\AdwCleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****

Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Found : HKU\S-1-5-21-2530500631-1501206697-2641868570-1006\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

-\\ Mozilla Firefox v16.0.2 (en-GB)

Profile name : default
File : C:\Documents and Settings\Jodi\Application Data\Mozilla\Firefox\Profiles\0dgnvtoz.default\prefs.js

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [1110 octets] - [22/11/2012 15:03:07]

########## EOF - C:\AdwCleaner[R1].txt - [1170 octets] ##########


****ESET found nothing


MiniToolBox by Farbar Version: 10-11-2012 02
Ran by Jodi (administrator) on 22-11-2012 at 19:00:36
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Network
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Intel® PRO/100 VE Network Connection = Local Area Connection (Connected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : D7C1CCB1

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Hybrid

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No



Ethernet adapter Local Area Connection:



Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Intel® PRO/100 VE Network Connection

Physical Address. . . . . . . . . : 00-16-76-97-B8-75

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.0.100

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.0.1

DHCP Server . . . . . . . . . . . : 192.168.0.1

DNS Servers . . . . . . . . . . . : 192.168.0.1

Lease Obtained. . . . . . . . . . : Thursday, November 22, 2012 6:05:14 PM

Lease Expires . . . . . . . . . . : Thursday, November 22, 2012 9:05:14 PM

Server: UnKnown
Address: 192.168.0.1

Name: google.com
Addresses: 74.125.228.0, 74.125.228.1, 74.125.228.2, 74.125.228.3
74.125.228.4, 74.125.228.5, 74.125.228.6, 74.125.228.7, 74.125.228.8
74.125.228.9, 74.125.228.14



Pinging google.com [74.125.228.3] with 32 bytes of data:



Reply from 74.125.228.3: bytes=32 time=42ms TTL=55

Reply from 74.125.228.3: bytes=32 time=42ms TTL=55



Ping statistics for 74.125.228.3:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 42ms, Maximum = 42ms, Average = 42ms

Server: UnKnown
Address: 192.168.0.1

Name: yahoo.com
Addresses: 98.139.183.24, 98.138.253.109, 72.30.38.140



Pinging yahoo.com [98.139.183.24] with 32 bytes of data:



Reply from 98.139.183.24: bytes=32 time=150ms TTL=49

Reply from 98.139.183.24: bytes=32 time=73ms TTL=50



Ping statistics for 98.139.183.24:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 73ms, Maximum = 150ms, Average = 111ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 16 76 97 b8 75 ...... Intel® PRO/100 VE Network Connection - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.100 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.0.0 255.255.255.0 192.168.0.100 192.168.0.100 20
192.168.0.100 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.0.255 255.255.255.255 192.168.0.100 192.168.0.100 20
224.0.0.0 240.0.0.0 192.168.0.100 192.168.0.100 20
255.255.255.255 255.255.255.255 192.168.0.100 192.168.0.100 1
Default Gateway: 192.168.0.1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (11/22/2012 03:10:18 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This operation returned because the timeout period expired.

Error: (11/22/2012 01:27:57 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This operation returned because the timeout period expired.

Error: (11/22/2012 09:21:02 AM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This operation returned because the timeout period expired.

Error: (11/22/2012 09:08:23 AM) (Source: NativeWrapper) (User: )
Description: visualstudio7x80updatemsiexec.exe1.0.1713.5056kb26980231033643finstallx865.1.2600.2.3.0.7680

Error: (11/22/2012 09:08:19 AM) (Source: MsiInstaller) (User: D7C1CCB1)
Description: Product: Microsoft .NET Framework 1.1 - Update '{8F736E10-8E5C-4399-A532-D0C00A406227}' could not be installed. Error code 1603. Additional information is available in the log file C:\DOCUME~1\Jodi\LOCALS~1\Temp\NDP1.1sp1-KB2698023-X86\NDP1.1sp1-KB2698023-X86-msi.0.log.

Error: (11/22/2012 09:08:15 AM) (Source: MsiInstaller) (User: D7C1CCB1)
Description: Product: Microsoft .NET Framework 1.1 -- Error 1706.No valid source could be found for product Microsoft .NET Framework 1.1. The Windows installer cannot continue.

Error: (11/22/2012 08:01:57 AM) (Source: NativeWrapper) (User: )
Description: visualstudio7x80updatemsiexec.exe1.0.1713.5056kb26980231033643finstallx865.1.2600.2.3.0.7680

Error: (11/22/2012 08:01:54 AM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: Microsoft .NET Framework 1.1 - Update '{8F736E10-8E5C-4399-A532-D0C00A406227}' could not be installed. Error code 1603. Additional information is available in the log file C:\WINDOWS\TEMP\NDP1.1sp1-KB2698023-X86\NDP1.1sp1-KB2698023-X86-msi.0.log.

Error: (11/22/2012 08:01:50 AM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: Microsoft .NET Framework 1.1 -- Error 1706.No valid source could be found for product Microsoft .NET Framework 1.1. The Windows installer cannot continue.

Error: (11/21/2012 08:01:53 AM) (Source: NativeWrapper) (User: )
Description: visualstudio7x80updatemsiexec.exe1.0.1713.5056kb26980231033643finstallx865.1.2600.2.3.0.7680


System errors:
=============
Error: (11/22/2012 03:06:29 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Fips
intelppm
Lbd
MpFilter
SASDIFSV
SASKUTIL
SBRE

Error: (11/22/2012 03:06:22 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (11/22/2012 03:03:57 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (11/22/2012 01:29:18 PM) (Source: DCOM) (User: D7C1CCB1)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (11/22/2012 01:29:17 PM) (Source: DCOM) (User: D7C1CCB1)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (11/22/2012 11:23:26 AM) (Source: DCOM) (User: D7C1CCB1)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (11/22/2012 11:23:02 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Fips
intelppm
Lbd
MpFilter
SASDIFSV
SASKUTIL
SBRE

Error: (11/22/2012 11:22:50 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (11/22/2012 11:20:27 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (11/22/2012 11:18:56 AM) (Source: DCOM) (User: D7C1CCB1)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}


Microsoft Office Sessions:
=========================
Error: (11/22/2012 03:10:18 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThis operation returned because the timeout period expired.

Error: (11/22/2012 01:27:57 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThis operation returned because the timeout period expired.

Error: (11/22/2012 09:21:02 AM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThis operation returned because the timeout period expired.

Error: (11/22/2012 09:08:23 AM) (Source: NativeWrapper)(User: )
Description: visualstudio7x80updatemsiexec.exe1.0.1713.5056kb26980231033643finstallx865.1.2600.2.3.0.7680

Error: (11/22/2012 09:08:19 AM) (Source: MsiInstaller)(User: D7C1CCB1)
Description: Microsoft .NET Framework 1.1{8F736E10-8E5C-4399-A532-D0C00A406227}1603C:\DOCUME~1\Jodi\LOCALS~1\Temp\NDP1.1sp1-KB2698023-X86\NDP1.1sp1-KB2698023-X86-msi.0.log

Error: (11/22/2012 09:08:15 AM) (Source: MsiInstaller)(User: D7C1CCB1)
Description: Product: Microsoft .NET Framework 1.1 -- Error 1706.No valid source could be found for product Microsoft .NET Framework 1.1. The Windows installer cannot continue.(NULL)(NULL)(NULL)

Error: (11/22/2012 08:01:57 AM) (Source: NativeWrapper)(User: )
Description: visualstudio7x80updatemsiexec.exe1.0.1713.5056kb26980231033643finstallx865.1.2600.2.3.0.7680

Error: (11/22/2012 08:01:54 AM) (Source: MsiInstaller)(User: NT AUTHORITY)
Description: Microsoft .NET Framework 1.1{8F736E10-8E5C-4399-A532-D0C00A406227}1603C:\WINDOWS\TEMP\NDP1.1sp1-KB2698023-X86\NDP1.1sp1-KB2698023-X86-msi.0.log

Error: (11/22/2012 08:01:50 AM) (Source: MsiInstaller)(User: NT AUTHORITY)
Description: Product: Microsoft .NET Framework 1.1 -- Error 1706.No valid source could be found for product Microsoft .NET Framework 1.1. The Windows installer cannot continue.(NULL)(NULL)(NULL)

Error: (11/21/2012 08:01:53 AM) (Source: NativeWrapper)(User: )
Description: visualstudio7x80updatemsiexec.exe1.0.1713.5056kb26980231033643finstallx865.1.2600.2.3.0.7680


=========================== Installed Programs ============================

924PLC32 (Version: 1.0.0)
ABBYY FineReader 6.0 Sprint (Version: 6.00.1395.41612)
Ad-Aware Browsing Protection (Version: 0.9.0.2)
Adobe AIR (Version: 2.0.4.13090)
Adobe Flash Player 11 ActiveX (Version: 11.4.402.287)
Adobe Flash Player 11 Plugin (Version: 11.5.502.110)
Adobe Reader X (10.1.4) (Version: 10.1.4)
Adobe Shockwave Player 11.6 (Version: 11.6.7.637)
Adobe® Photoshop® Album Starter Edition 3.0 (Version: 3.00.000)
Angry Birds Rio (Version: 1.4.4)
AOLIcon (Version: 1.00.0000)
Apple Application Support (Version: 2.3)
Apple Software Update (Version: 2.1.3.127)
Awakening: Moonfell Wood
Big Fish Games: Game Manager (Version: 3.0.1.60)
Bonjour (Version: 3.0.0.10)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Conexant D850 56K V.9x DFVc Modem
Critical Update for Windows Media Player 11 (KB959772)
Data Lifeguard Diagnostic for Windows 1.24
Dell Digital Jukebox Driver
Dell Driver Download Manager - 1 (Version: 3.0.0.0)
Dell Driver Download Manager (Version: 2.1.0.0)
Dell Driver Reset Tool (Version: 1.02.0000)
Dell Support Center (Support Software) (Version: 2.2.09085)
Dell System Restore (Version: 2.00.0000)
DellSupport (Version: 6.0.3062)
Digital Content Portal (Version: 1.00.0000)
Digital Line Detect (Version: 1.10)
Documentation & Support Launcher (Version: 1.00.0000)
Dream Chronicles
Dream Chronicles ™ 2: The Eternal Maze
Dream Chronicles: The Book of Air
Dream Chronicles: The Book of Water
Dream Chronicles: The Chosen Child
ELIcon (Version: 1.00.0000)
ESET Online Scanner v3
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Update Helper (Version: 1.3.21.123)
Hodgepodge Hollow
Intel® Extreme Graphics 2 Driver (Version: 6.14.10.4396)
Intel® PRO Network Adapters and Drivers
Intel® PROSet for Wired Connections (Version: 8.00.5000)
iTunes (Version: 10.7.0.21)
Java 7 Update 9 (Version: 7.0.90)
Java Auto Updater (Version: 2.1.9.0)
LeapFrog Connect (Version: 4.0.33.15045)
LeapFrog Didj Plugin (Version: 4.0.33.15045)
Learn2 Player (Uninstall Only)
Lexmark 2600 Series
LiveUpdate 2.6 (Symantec Corporation) (Version: 2.6.14.0)
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
MCU (Version: 1.00.0000)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Professional Edition 2003 (Version: 11.0.8173.0)
Microsoft Plus! Digital Media Edition Installer (Version: 1.1.0.3514)
Microsoft Plus! Photo Story 2 LE (Version: 1.1.0.3463)
Microsoft Security Client (Version: 4.1.0522.0)
Microsoft Security Essentials (Version: 4.1.522.0)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Modem Helper (Version: 2.40)
Mozilla Firefox 16.0.2 (x86 en-GB) (Version: 16.0.2)
Mozilla Maintenance Service (Version: 16.0.2)
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
NetWaiting (Version: 2.5.12)
Philips Songbird (Version: 2.5.6 Build: 5.6.2119)
QuickTime (Version: 7.73.80.64)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealUpgrade 1.1 (Version: 1.1.0)
Revo Uninstaller 1.94 (Version: 1.94)
Richard Scarry's Best Reading Program
Roxio DLA (Version: 5.2.0)
Roxio RecordNow Audio (Version: 2.0.4)
Roxio RecordNow Copy (Version: 2.0.4)
Roxio RecordNow Data (Version: 2.0.4)
Search Assist (Version: 1.00.0000)
Sonic Activation Module (Version: 1.0)
Sonic Update Manager (Version: 3.0.0)
SoundMAX (Version: 5.12.01.7000)
Spybot - Search & Destroy (Version: 1.6.2)
SpywareBlaster 4.6 (Version: 4.6.0)
SUPERAntiSpyware Free Edition (Version: 3.9.0.1008)
swMSM (Version: 12.0.0.1)
System Requirements Lab for Intel (Version: 4.5.3.0)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Windows Internet Explorer 7 (KB976749) (Version: 1)
Update for Windows Internet Explorer 7 (KB980182) (Version: 1)
Update for Windows Internet Explorer 8 (KB2447568) (Version: 1)
Update for Windows Internet Explorer 8 (KB976662) (Version: 1)
Update for Windows XP (KB2141007) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2607712) (Version: 1)
Update for Windows XP (KB2616676) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2661254-v2) (Version: 2)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB2736233) (Version: 1)
Update for Windows XP (KB2749655) (Version: 1)
Update for Windows XP (KB951072-v2) (Version: 2)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB955839) (Version: 1)
Update for Windows XP (KB961503) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
URL Assistant
Use the entry named LeapFrog Connect to uninstall (LeapFrog Didj Plugin)
Virtools 3D Life Player (Version: 4.0.0.x)
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (Version: 9.0.30729.01)
Wandering Willows
WebFldrs XP (Version: 9.50.7523)
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012) (Version: 09/10/2009 02.03.05.012)
Windows Genuine Advantage Notifications (KB905474) (Version: 1.7.0018.5)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7 (Version: 20070813.185237)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Live Sign-in Assistant (Version: 5.000.818.6)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Media Format 11 runtime
Windows Media Player 10 (Version: 9.00.3636)
Windows XP Service Pack 3 (Version: 20080414.031525)
WinPatrol (Version: 19.3.2010.5)
Xiph QuickTime Components

========================= Memory info: ===================================

Percentage of memory in use: 35%
Total physical RAM: 1021.98 MB
Available physical RAM: 658.62 MB
Total Pagefile: 1311.62 MB
Available Pagefile: 1157.86 MB
Total Virtual: 2047.88 MB
Available Virtual: 1973.05 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:52.7 GB) (Free:35.18 GB) NTFS
2 Drive d: (Backup) (Fixed) (Total:18.61 GB) (Free:18.54 GB) NTFS
3 Drive e: (Pics) (CDROM) (Total:0.05 GB) (Free:0 GB) CDFS

========================= Users: ========================================

User accounts for \\D7C1CCB1

Administrator Guest HelpAssistant
Jodi SUPPORT_388945a0


**** End of log ****

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,220 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:57 PM

Posted 22 November 2012 - 10:25 PM

OK, no trojans there.. Lets do 2 more.. Tell me if MSE is still barking.

img]http://imageshack.us/a/img841/7292/thisisujrt.gif[/img] Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.


Please download Malwarebytes Anti-Malware Posted Image and save it to your desktop.
  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.
Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you cannot update Malwarebytes or use the Internet to download any files to the infected computer, manually update the database by following the instructions in FAQ Section A: 4. Issues.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When the scan is complete, click OK, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.
Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

-- Some types of malware will target Malwarebytes and other security tools to keep them from running properly. If that's the case, use Malwarebytes Chameleon and follow the onscreen instructions. The Chameleon folder can be accessed by opening the program folder for Malwarebytes Anti-Malware (normally C:\Program Files\Malwarebytes' Anti-Malware or C:\Program Files (x86)\Malwarebytes' Anti-Malware).
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 tide_belle

tide_belle
  • Topic Starter

  • Members
  • 156 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Alabama
  • Local time:06:57 PM

Posted 23 November 2012 - 10:42 AM

boopme,
The warning came from SuperAnti Spyware and it found a trojan in JRT.exe. I'm guessing that is the Junkware Removal Tool? Should I continue with the download of JRT?

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,220 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:57 PM

Posted 23 November 2012 - 11:23 AM

Yes,it is our tool. We made it here at BC. SAS did it's job and reported it,that's good. I need to notify them so they can pass on it in the future.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 tide_belle

tide_belle
  • Topic Starter

  • Members
  • 156 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Alabama
  • Local time:06:57 PM

Posted 23 November 2012 - 12:18 PM

Here is JRT
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 3.4.8 (11.22.2012)
OS: Microsoft Windows XP x86
Ran by Jodi on Fri 11/23/2012 at 11:00:10.32
Blog: http://thisisudax.blogspot.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Successfully deleted: [Folder] C:\Documents and Settings\Jodi\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 11/23/2012 at 11:06:00.43
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


MBAM ran with nothing found.

What is it that JRT deleted?

#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,220 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:57 PM

Posted 23 November 2012 - 12:50 PM

Hi this is an AddOn in FireFox,, Removed as it cantained a tracking script,probably to Facebook.

No trojans,, How is it running now as it appears clean.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 tide_belle

tide_belle
  • Topic Starter

  • Members
  • 156 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Alabama
  • Local time:06:57 PM

Posted 23 November 2012 - 01:53 PM

I restarted computer in normal mode and two things happened that normally do not happen.
Spybot SD started scanning my computer and then AdwCleaner pulled up the log from yesterday in notepad.
Microsoft Automatic updates notification came up and with me not trusting anything I went directly to the site to try and download the update, but installation failed.

So far no doubles of any tasks running. :thumbup2:

So far so good, if I can get my updates to install!

Edited by tide_belle, 23 November 2012 - 01:55 PM.


#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,220 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:57 PM

Posted 23 November 2012 - 02:04 PM

These may be a result of SpyBot's Teatimer app if running\,it monitors registry activity. Sometimes it will stop changes. Do you run It?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 tide_belle

tide_belle
  • Topic Starter

  • Members
  • 156 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Alabama
  • Local time:06:57 PM

Posted 23 November 2012 - 02:17 PM

Actually, yes I do, but apparently it doesn't do it's job as it hasn't stopped changes in the past. I turned off TeaTimer and the updates still will not load, I'm very suspicious of it now.

Edited by tide_belle, 23 November 2012 - 02:33 PM.


#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,220 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:57 PM

Posted 23 November 2012 - 02:36 PM

Lets disable it and try Updating ...
We need to disable Spybot S&D's "TeaTimer"
TeaTimer works by preventing ANY changes to the system. It will attempt to undo any fixes we run, because it blocks these fixes from running.

In order to safeguard your system from problems that can be brought on by a half finished fix, we need to disable TeaTimer. We can reenable it when we're done if you like.
  • Open SpyBot Search and Destroy by going to Start -> All Programs -> Spybot Search and Destroy -> Spybot Search and Destroy.
  • If prompted with a legal dialog, accept the warning.
  • Click Mode > Advanced Mode.
    Posted Image
  • You may be presented with a warning dialog. If so, click Yes
  • Click on Tools and then Resident
    Posted Image
  • Uncheck this checkbox: "Resident TeaTimer {protection of over-all system settings) active"
  • Close/Exit Spybot Search and Destroy

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#13 tide_belle

tide_belle
  • Topic Starter

  • Members
  • 156 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Alabama
  • Local time:06:57 PM

Posted 23 November 2012 - 02:47 PM

Okay, it's disabled.

#14 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,220 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:57 PM

Posted 23 November 2012 - 03:11 PM

Can windows do that Update?
\
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#15 tide_belle

tide_belle
  • Topic Starter

  • Members
  • 156 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Alabama
  • Local time:06:57 PM

Posted 23 November 2012 - 04:49 PM

Error Code: 0x643 is the error I am receiving even from the microsoft website.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users