Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Computer is down to a crawl


  • Please log in to reply
5 replies to this topic

#1 Seriously Infected

Seriously Infected

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:12:53 AM

Posted 03 January 2013 - 09:48 PM

Let me start by saying that keeping my computer finely tuned and running well is not what i would describe as my strong suit and i am looking for some help please...

Recently my computer has slowed down significantly, i have tried a lot of "self help fixes", cleaned up the hard drive as best i can, run Norton and Malware but not really seeing good results. These days the computer takes about 10 minutes to boot up and stuff takes forever to open.

Please Help because i am out of my league right now

Cheers

Rich

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,917 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:53 AM

Posted 03 January 2013 - 10:41 PM

Hello Rich,


Let's try some scans and see what we can see.

MiniToolBox
Please download MiniToolBox, save it to your desktop and run it.Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.


Please download Rkill by Grinler and save it to your desktop.Link 1
Link 2
  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista, right-click on it and Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
  • If the tool does not run from any of the links provided, please let me know.
Do not reboot the computer, you will need to run the application again.



Please Download TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results.



ADW Cleaner

Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • You will be prompted to restart your computer. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.


Lets see what's here and what to do next.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 Seriously Infected

Seriously Infected
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:12:53 AM

Posted 04 January 2013 - 05:53 AM

Great, thanks so much for the help, here are the results:

1. MiniToolBox
MiniToolBox by Farbar Version: 25-11-2012
Ran by Kenmuir Family (administrator) on 03-01-2013 at 22:11:11
Running from "C:\Documents and Settings\Kenmuir Family\desktop"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================



127.0.0.1 localhost

========================= IP Configuration: ================================

1394 Net Adapter = 1394 Connection (Connected)
Intel® 82562V-2 10/100 Network Connection = Local Area Connection (Connected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : kenmuir-accc0d8

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Unknown

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No



Ethernet adapter Local Area Connection:



Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Intel® 82562V-2 10/100 Network Connection

Physical Address. . . . . . . . . : 00-1A-A0-9B-02-93

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.1.4

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.1.1

DHCP Server . . . . . . . . . . . : 192.168.1.1

DNS Servers . . . . . . . . . . . : 192.168.1.1

Lease Obtained. . . . . . . . . . : Thursday, January 03, 2013 6:10:23 PM

Lease Expires . . . . . . . . . . : Friday, January 04, 2013 6:10:23 PM

Server: UnKnown
Address: 192.168.1.1

Name: google.com
Addresses: 74.125.134.138, 74.125.134.102, 74.125.134.113, 74.125.134.101
74.125.134.139, 74.125.134.100



Pinging google.com [74.125.140.139] with 32 bytes of data:



Reply from 74.125.140.139: bytes=32 time=19ms TTL=48

Reply from 74.125.140.139: bytes=32 time=20ms TTL=48



Ping statistics for 74.125.140.139:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 19ms, Maximum = 20ms, Average = 19ms

Server: UnKnown
Address: 192.168.1.1

Name: yahoo.com
Addresses: 98.139.183.24, 72.30.38.140, 98.138.253.109



Pinging yahoo.com [72.30.38.140] with 32 bytes of data:



Reply from 72.30.38.140: bytes=32 time=112ms TTL=50

Reply from 72.30.38.140: bytes=32 time=101ms TTL=50



Ping statistics for 72.30.38.140:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 101ms, Maximum = 112ms, Average = 106ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=64

Reply from 127.0.0.1: bytes=32 time<1ms TTL=64



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 1a a0 9b 02 93 ...... Intel® 82562V-2 10/100 Network Connection - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.4 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
169.254.0.0 255.255.0.0 192.168.1.4 192.168.1.4 20
192.168.1.0 255.255.255.0 192.168.1.4 192.168.1.4 20
192.168.1.4 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.1.255 255.255.255.255 192.168.1.4 192.168.1.4 20
224.0.0.0 240.0.0.0 192.168.1.4 192.168.1.4 20
255.255.255.255 255.255.255.255 192.168.1.4 192.168.1.4 1
Default Gateway: 192.168.1.1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (12/24/2012 04:26:28 PM) (Source: Application Error) (User: )
Description: Faulting application itunes.exe, version 10.7.0.21, faulting module corefoundation.dll, version 1.630.17.0, fault address 0x0004bdcb.
Processing media-specific event for [itunes.exe!ws!]

Error: (12/16/2012 06:13:39 PM) (Source: Application Error) (User: )
Description: Faulting application photop~1.exe, version 1.0.0.11, faulting module serifgdiu.dll, version 12.0.2.11, fault address 0x000ae104.
Processing media-specific event for [photop~1.exe!ws!]

Error: (12/14/2012 11:19:24 AM) (Source: Application Error) (User: )
Description: Faulting application rnupgagent.exe, version 10.0.0.102, faulting module rnupgagent.exe, version 10.0.0.102, fault address 0x00008fe0.
Processing media-specific event for [rnupgagent.exe!ws!]


System errors:
=============
Error: (01/01/2013 06:11:42 PM) (Source: Service Control Manager) (User: )
Description: The HID Input Service service terminated with the following error:
%%126

Error: (01/01/2013 06:11:42 PM) (Source: Service Control Manager) (User: )
Description: The Zune Bus Enumerator Driver service failed to start due to the following error:
%%2

Error: (01/01/2013 06:03:40 PM) (Source: Service Control Manager) (User: )
Description: The TomTomHOMEService service terminated unexpectedly. It has done this 1 time(s).

Error: (12/29/2012 08:17:24 PM) (Source: Service Control Manager) (User: )
Description: The HID Input Service service terminated with the following error:
%%126

Error: (12/29/2012 08:17:24 PM) (Source: Service Control Manager) (User: )
Description: The Zune Bus Enumerator Driver service failed to start due to the following error:
%%2

Error: (12/29/2012 08:16:02 PM) (Source: Dhcp) (User: )
Description: The IP address lease 192.168.1.5 for the Network Card with network address 001AA09B0293 has been
denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).

Error: (12/24/2012 02:34:30 PM) (Source: Print) (User: KENMUIR-ACCC0D8)
Description: The document Kenmuir.pdf owned by Kenmuir Family failed to print on printer HP Deskjet 3050 J610 series (Network). Data type: NT EMF 1.008. Size of the spool file in bytes: 1507328. Number of bytes printed: 0. Total number of pages in the document: 3. Number of pages printed: 0. Client machine: \\KENMUIR-ACCC0D8. Win32 error code returned by the print processor: Kenmuir.pdf0. Kenmuir.pdf1

Error: (12/23/2012 02:26:55 PM) (Source: Service Control Manager) (User: )
Description: The TomTomHOMEService service terminated unexpectedly. It has done this 1 time(s).

Error: (12/21/2012 05:58:00 AM) (Source: Service Control Manager) (User: )
Description: The HID Input Service service terminated with the following error:
%%126

Error: (12/21/2012 05:58:00 AM) (Source: Service Control Manager) (User: )
Description: The Zune Bus Enumerator Driver service failed to start due to the following error:
%%2


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

Adobe Flash Player 11 ActiveX (Version: 11.4.402.287)
Adobe Flash Player 11 Plugin (Version: 11.4.402.287)
Adobe Reader 9.5.2 (Version: 9.5.2)
Adobe Shockwave Player 11.6 (Version: 11.6.8.638)
Advanced SystemCare 5 (Version: 5.2.0)
Advertising Center (Version: 0.0.0.1)
Apple Application Support (Version: 2.2.2)
Apple Mobile Device Support (Version: 6.0.0.59)
Apple Software Update (Version: 2.1.3.127)
Bonjour (Version: 3.0.0.10)
CCleaner (Version: 3.24)
CDBurnerXP (Version: 4.3.8.2631)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
CutePDF Writer 2.8
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Defraggler (Version: 2.08)
Dell Driver Download Manager (Version: 2.1.0.0)
Dell Driver Reset Tool (Version: 1.02.0000)
Dell Resource CD (Version: 1.00.0000)
DivX Setup (Version: 2.1.2.2)
DolbyFiles (Version: 0.1)
Glary Utilities 2.41.0.1358 (Version: 2.41.0.1358)
Google Chrome (Version: 23.0.1271.97)
Google Earth Plug-in (Version: 6.2.2.6613)
Google Update Helper (Version: 1.3.21.123)
High Definition Audio Driver Package - KB888111 (Version: 20040219.000000)
HP Deskjet 3050 J610 series Basic Device Software (Version: 22.0.334.0)
HP Deskjet 3050 J610 series Help (Version: 140.0.63.63)
HP Update (Version: 5.002.005.003)
ImagXpress (Version: 7.0.74.0)
Intel® PRO Network Connections 12.1.12.0 (Version: )
InterVideo XPack (DVD Only) (Version: 5.0-B11.997)
iTunes (Version: 10.7.0.21)
Java Auto Updater (Version: 2.0.7.2)
Java™ 6 Update 37 (Version: 6.0.370)
K-Lite Codec Pack 8.7.0 (Basic) (Version: 8.7.0)
LinkedIn Outlook Connector (Version: 1.1.10.0)
Malwarebytes Anti-Malware version 1.65.0.1400 (Version: 1.65.0.1400)
Menu Templates - Starter Kit (Version: 9.4.2.0)
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 SP1 with KB886903 Hotfix (Version: 1.1.4322)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Communicator Web Access Installer (Version: 1.0.0.0)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Outlook Social Connector Provider for Facebook 32-bit (Version: 14.0.5117.5000)
Microsoft Silverlight (Version: 5.1.10516.0)
Microsoft Software Update for Web Folders (English) 14 (Version: 14.0.6029.1000)
Microsoft User-Mode Driver Framework Feature Pack 1.9
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ Run Time Lib Setup (Version: 1.0.0)
Microsoft WinUsb 1.0
Movie Templates - Starter Kit (Version: 9.4.2.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP3 Parser (KB2721691) (Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)
Nero ControlCenter (Version: 9.0.0.1)
Nero CoverDesigner (Version: 4.4.9.100)
Nero CoverDesigner Help (Version: 4.4.9.100)
Nero DiscSpeed (Version: 5.4.11.100)
Nero DiscSpeed Help (Version: 5.4.4.100)
Nero DriveSpeed (Version: 4.4.11.100)
Nero DriveSpeed Help (Version: 4.4.4.100)
Nero Express Help (Version: 9.6.2.101)
Nero InfoTool (Version: 6.4.11.100)
Nero Installer (Version: 4.4.9.0)
Nero Online Upgrade (Version: 1.3.0.0)
Nero ShowTime (Version: 5.4.0.100)
Nero ShowTime (Version: 5.4.13.100)
Nero StartSmart (Version: 9.4.12.100)
Nero StartSmart Help (Version: 9.4.12.100)
Nero Vision (Version: 6.4.12.100)
Nero Vision Help (Version: 6.4.8.100)
NeroExpress (Version: 9.4.17.100)
Norton Security Scan (Version: 2.7.3.34)
Norton Security Suite (Version: 4.4.0.12)
NVIDIA Drivers
QuickTime (Version: 7.72.80.56)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer (Version: 15.0.6)
Realtek High Definition Audio Driver (Version: 5.10.0.5408)
RealUpgrade 1.1 (Version: 1.1.0)
Screen+ 1.0
Serif PhotoPlus SE PRO (Version: 1.0.0.011)
Skype™ 5.10 (Version: 5.10.116)
swMSM (Version: 12.0.0.1)
TI-83 Plus Flash Debugger
TI Connect 1.6 (Version: 1.6)
TomTom HOME (Version: 2.9.2)
TomTom HOME Visual Studio Merge Modules (Version: 1.0.2)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Update for Windows Internet Explorer 8 (KB2598845) (Version: 1)
Update for Windows Internet Explorer 8 (KB2632503) (Version: 1)
Update for Windows XP (KB2141007) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2492386) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2607712) (Version: 1)
Update for Windows XP (KB2616676) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2661254-v2) (Version: 2)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB2736233) (Version: 1)
Update for Windows XP (KB2749655) (Version: 1)
Update for Windows XP (KB898461) (Version: 1)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
VC80CRTRedist - 8.0.50727.4053 (Version: 1.1.0)
Web Optimizer (Version: 2.0.0.2)
WebFldrs XP (Version: 9.50.7523)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
Windows Management Framework Core
Windows Media Format 11 runtime
Windows Media Player 11
Windows Search 4.0 (Version: 04.00.6001.503)
Windows XP Service Pack 3 (Version: 20080414.031525)

========================= Memory info: ===================================

Percentage of memory in use: 26%
Total physical RAM: 3070.1 MB
Available physical RAM: 2271.11 MB
Total Pagefile: 5979.03 MB
Available Pagefile: 4928.81 MB
Total Virtual: 2047.88 MB
Available Virtual: 1979.2 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:232.82 GB) (Free:175.29 GB) NTFS
4 Drive g: (OneTouch4 Plus) (Fixed) (Total:931.51 GB) (Free:374.83 GB) NTFS

========================= Users: ========================================

User accounts for \\KENMUIR-ACCC0D8

Administrator ASPNET Guest
HelpAssistant Kenmuir Family SUPPORT_388945a0


**** End of log ****


2. Rkill by Grinler

Rkill 2.4.5 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 01/03/2013 10:13:41 PM in x86 mode.
Windows Version: Microsoft Windows XP Service Pack 3

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Firewall Disabled

[HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = dword:00000000

Checking Windows Service Integrity:

* Security Center (wscsvc) is not Running.
Startup Type set to: Disabled

* HidServ => %SystemRoot%\System32\hidserv.dll [Incorrect ServiceDLL]

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost

Program finished at: 01/03/2013 10:14:36 PM
Execution time: 0 hours(s), 0 minute(s), and 54 seconds(s)


3. TDSSkiller

22:15:44.0715 3700 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
22:15:45.0668 3700 ============================================================
22:15:45.0668 3700 Current date / time: 2013/01/03 22:15:45.0668
22:15:45.0668 3700 SystemInfo:
22:15:45.0668 3700
22:15:45.0668 3700 OS Version: 5.1.2600 ServicePack: 3.0
22:15:45.0668 3700 Product type: Workstation
22:15:45.0668 3700 ComputerName: KENMUIR-ACCC0D8
22:15:45.0668 3700 UserName: Kenmuir Family
22:15:45.0668 3700 Windows directory: C:\WINDOWS
22:15:45.0668 3700 System windows directory: C:\WINDOWS
22:15:45.0668 3700 Processor architecture: Intel x86
22:15:45.0668 3700 Number of processors: 2
22:15:45.0668 3700 Page size: 0x1000
22:15:45.0668 3700 Boot type: Normal boot
22:15:45.0668 3700 ============================================================
22:15:47.0605 3700 Drive \Device\Harddisk0\DR0 - Size: 0x3A35294400 (232.83 Gb), SectorSize: 0x200, Cylinders: 0x76BA, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
22:15:47.0605 3700 Drive \Device\Harddisk1\DR2 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
22:15:47.0605 3700 ============================================================
22:15:47.0605 3700 \Device\Harddisk0\DR0:
22:15:47.0605 3700 MBR partitions:
22:15:47.0605 3700 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D1A4F3A
22:15:47.0605 3700 \Device\Harddisk1\DR2:
22:15:47.0605 3700 MBR partitions:
22:15:47.0605 3700 \Device\Harddisk1\DR2\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74705982
22:15:47.0605 3700 ============================================================
22:15:47.0652 3700 C: <-> \Device\Harddisk0\DR0\Partition1
22:15:47.0699 3700 G: <-> \Device\Harddisk1\DR2\Partition1
22:15:47.0699 3700 ============================================================
22:15:47.0699 3700 Initialize success
22:15:47.0699 3700 ============================================================
22:15:50.0637 4348 ============================================================
22:15:50.0637 4348 Scan started
22:15:50.0637 4348 Mode: Manual;
22:15:50.0637 4348 ============================================================
22:15:51.0855 4348 ================ Scan system memory ========================
22:15:54.0762 4348 System memory - ok
22:15:54.0762 4348 ================ Scan services =============================
22:15:54.0871 4348 [ 914A9709FC3BF419AD2F85547F2A4832 ] 61883 C:\WINDOWS\system32\DRIVERS\61883.sys
22:15:54.0871 4348 61883 - ok
22:15:54.0871 4348 Abiosdsk - ok
22:15:54.0887 4348 abp480n5 - ok
22:15:54.0918 4348 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
22:15:54.0918 4348 ACPI - ok
22:15:54.0949 4348 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
22:15:54.0949 4348 ACPIEC - ok
22:15:55.0043 4348 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
22:15:55.0043 4348 AdobeFlashPlayerUpdateSvc - ok
22:15:55.0043 4348 adpu160m - ok
22:15:55.0262 4348 [ B11C71B29FA69E4586F9B65560E6604D ] AdvancedSystemCareService5 C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
22:15:55.0308 4348 AdvancedSystemCareService5 - ok
22:15:55.0355 4348 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
22:15:55.0355 4348 aec - ok
22:15:55.0418 4348 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
22:15:55.0418 4348 AFD - ok
22:15:55.0418 4348 Aha154x - ok
22:15:55.0433 4348 aic78u2 - ok
22:15:55.0433 4348 aic78xx - ok
22:15:55.0480 4348 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
22:15:55.0480 4348 Alerter - ok
22:15:55.0512 4348 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
22:15:55.0512 4348 ALG - ok
22:15:55.0512 4348 AliIde - ok
22:15:55.0512 4348 amsint - ok
22:15:55.0637 4348 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:15:55.0637 4348 Apple Mobile Device - ok
22:15:55.0637 4348 AppMgmt - ok
22:15:55.0699 4348 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
22:15:55.0699 4348 Arp1394 - ok
22:15:55.0699 4348 asc - ok
22:15:55.0699 4348 asc3350p - ok
22:15:55.0699 4348 asc3550 - ok
22:15:55.0808 4348 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
22:15:55.0824 4348 aspnet_state - ok
22:15:55.0840 4348 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
22:15:55.0840 4348 AsyncMac - ok
22:15:55.0840 4348 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
22:15:55.0840 4348 atapi - ok
22:15:55.0855 4348 Atdisk - ok
22:15:55.0871 4348 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
22:15:55.0871 4348 Atmarpc - ok
22:15:55.0902 4348 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
22:15:55.0902 4348 AudioSrv - ok
22:15:55.0949 4348 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
22:15:55.0949 4348 audstub - ok
22:15:55.0980 4348 [ F8E6956A614F15A0860474C5E2A7DE6B ] Avc C:\WINDOWS\system32\DRIVERS\avc.sys
22:15:55.0980 4348 Avc - ok
22:15:55.0996 4348 [ E625773D7B950842D582F713656859C0 ] AVCSTRM C:\WINDOWS\system32\DRIVERS\avcstrm.sys
22:15:55.0996 4348 AVCSTRM - ok
22:15:56.0043 4348 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
22:15:56.0043 4348 Beep - ok
22:15:56.0293 4348 [ 9DFFCB249663AA3C2ECB67202280054E ] BHDrvx86 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20121130.005\BHDrvx86.sys
22:15:56.0308 4348 BHDrvx86 - ok
22:15:56.0371 4348 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
22:15:56.0433 4348 BITS - ok
22:15:56.0527 4348 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
22:15:56.0543 4348 Bonjour Service - ok
22:15:56.0590 4348 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
22:15:56.0590 4348 Browser - ok
22:15:56.0605 4348 [ 248DFA5762DDE38DFDDBBD44149E9D7A ] BVRPMPR5 C:\WINDOWS\system32\drivers\BVRPMPR5.SYS
22:15:56.0605 4348 BVRPMPR5 - ok
22:15:56.0637 4348 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
22:15:56.0637 4348 cbidf2k - ok
22:15:56.0652 4348 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
22:15:56.0652 4348 CCDECODE - ok
22:15:56.0762 4348 [ 1FA1C0E73ECA849BED29A47C508F7F17 ] ccHP C:\WINDOWS\system32\drivers\N360\0404000.00C\ccHPx86.sys
22:15:56.0777 4348 ccHP - ok
22:15:56.0793 4348 cd20xrnt - ok
22:15:56.0824 4348 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
22:15:56.0824 4348 Cdaudio - ok
22:15:56.0840 4348 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
22:15:56.0840 4348 Cdfs - ok
22:15:56.0902 4348 [ 4B0A100EAF5C49EF3CCA8C641431EACC ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
22:15:56.0902 4348 Cdrom - ok
22:15:56.0949 4348 [ 84853B3FD012251690570E9E7E43343F ] cercsr6 C:\WINDOWS\system32\drivers\cercsr6.sys
22:15:56.0949 4348 cercsr6 - ok
22:15:56.0949 4348 Changer - ok
22:15:56.0980 4348 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
22:15:56.0980 4348 CiSvc - ok
22:15:56.0980 4348 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
22:15:56.0980 4348 ClipSrv - ok
22:15:57.0012 4348 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:15:57.0152 4348 clr_optimization_v2.0.50727_32 - ok
22:15:57.0152 4348 CmdIde - ok
22:15:57.0152 4348 COMSysApp - ok
22:15:57.0168 4348 Cpqarray - ok
22:15:57.0168 4348 Crypkey License - ok
22:15:57.0199 4348 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
22:15:57.0199 4348 CryptSvc - ok
22:15:57.0199 4348 dac2w2k - ok
22:15:57.0215 4348 dac960nt - ok
22:15:57.0262 4348 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
22:15:57.0277 4348 DcomLaunch - ok
22:15:57.0324 4348 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
22:15:57.0340 4348 Dhcp - ok
22:15:57.0371 4348 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
22:15:57.0371 4348 Disk - ok
22:15:57.0371 4348 dmadmin - ok
22:15:57.0433 4348 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
22:15:57.0449 4348 dmboot - ok
22:15:57.0480 4348 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
22:15:57.0480 4348 dmio - ok
22:15:57.0543 4348 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
22:15:57.0543 4348 dmload - ok
22:15:57.0558 4348 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
22:15:57.0558 4348 dmserver - ok
22:15:57.0590 4348 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
22:15:57.0590 4348 DMusic - ok
22:15:57.0652 4348 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
22:15:57.0652 4348 Dnscache - ok
22:15:57.0683 4348 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
22:15:57.0683 4348 Dot3svc - ok
22:15:57.0699 4348 dpti2o - ok
22:15:57.0730 4348 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
22:15:57.0730 4348 drmkaud - ok
22:15:57.0730 4348 dwshd - ok
22:15:57.0793 4348 [ 34AAA3B298A852B3663E6E0D94D12945 ] e1express C:\WINDOWS\system32\DRIVERS\e1e5132.sys
22:15:57.0793 4348 e1express - ok
22:15:57.0840 4348 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
22:15:57.0840 4348 EapHost - ok
22:15:57.0887 4348 [ 85B8B4032A895A746D46A288A9B30DED ] eeCtrl C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
22:15:57.0949 4348 eeCtrl - ok
22:15:57.0980 4348 [ B5A8A04A6E5B4E86B95B1553AA918F5F ] EraserUtilDrv11220 C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11220.sys
22:15:57.0980 4348 EraserUtilDrv11220 - ok
22:15:58.0012 4348 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
22:15:58.0027 4348 ERSvc - ok
22:15:58.0074 4348 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
22:15:58.0074 4348 Eventlog - ok
22:15:58.0121 4348 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
22:15:58.0121 4348 EventSystem - ok
22:15:58.0137 4348 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
22:15:58.0137 4348 Fastfat - ok
22:15:58.0199 4348 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
22:15:58.0199 4348 FastUserSwitchingCompatibility - ok
22:15:58.0246 4348 [ E97D6A8684466DF94FF3BC24FB787A07 ] Fax C:\WINDOWS\system32\fxssvc.exe
22:15:58.0293 4348 Fax - ok
22:15:58.0324 4348 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
22:15:58.0324 4348 Fdc - ok
22:15:58.0340 4348 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
22:15:58.0340 4348 Fips - ok
22:15:58.0355 4348 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
22:15:58.0355 4348 Flpydisk - ok
22:15:58.0418 4348 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
22:15:58.0418 4348 FltMgr - ok
22:15:58.0480 4348 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
22:15:58.0480 4348 FontCache3.0.0.0 - ok
22:15:58.0496 4348 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
22:15:58.0496 4348 Fs_Rec - ok
22:15:58.0512 4348 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
22:15:58.0512 4348 Ftdisk - ok
22:15:58.0574 4348 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
22:15:58.0574 4348 GEARAspiWDM - ok
22:15:58.0637 4348 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
22:15:58.0637 4348 Gpc - ok
22:15:58.0746 4348 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
22:15:58.0746 4348 gupdate - ok
22:15:58.0746 4348 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
22:15:58.0746 4348 gupdatem - ok
22:15:58.0793 4348 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
22:15:58.0793 4348 HDAudBus - ok
22:15:58.0902 4348 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
22:15:58.0902 4348 helpsvc - ok
22:15:58.0933 4348 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
22:15:58.0980 4348 HidServ - ok
22:15:59.0012 4348 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
22:15:59.0012 4348 hidusb - ok
22:15:59.0043 4348 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
22:15:59.0043 4348 hkmsvc - ok
22:15:59.0058 4348 hpn - ok
22:15:59.0105 4348 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
22:15:59.0105 4348 HTTP - ok
22:15:59.0137 4348 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
22:15:59.0152 4348 HTTPFilter - ok
22:15:59.0152 4348 i2omgmt - ok
22:15:59.0152 4348 i2omp - ok
22:15:59.0183 4348 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\drivers\i8042prt.sys
22:15:59.0183 4348 i8042prt - ok
22:15:59.0246 4348 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:15:59.0293 4348 idsvc - ok
22:15:59.0449 4348 [ C19BF2A07BE972A110220DF6B1E89D14 ] IDSxpx86 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20130102.001\IDSxpx86.sys
22:15:59.0465 4348 IDSxpx86 - ok
22:15:59.0465 4348 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
22:15:59.0465 4348 Imapi - ok
22:15:59.0496 4348 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
22:15:59.0512 4348 ImapiService - ok
22:15:59.0512 4348 ini910u - ok
22:15:59.0652 4348 [ 17BBBABB21F86B650B2626045A9D016C ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
22:15:59.0777 4348 IntcAzAudAddService - ok
22:15:59.0777 4348 IntelIde - ok
22:15:59.0840 4348 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
22:15:59.0840 4348 intelppm - ok
22:15:59.0871 4348 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
22:15:59.0871 4348 Ip6Fw - ok
22:15:59.0902 4348 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
22:15:59.0902 4348 IpFilterDriver - ok
22:15:59.0949 4348 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
22:15:59.0949 4348 IpInIp - ok
22:15:59.0980 4348 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
22:15:59.0980 4348 IpNat - ok
22:16:00.0043 4348 [ BC0EA61246F8D940FBC5F652D337D6BD ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
22:16:00.0090 4348 iPod Service - ok
22:16:00.0137 4348 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
22:16:00.0137 4348 IPSec - ok
22:16:00.0168 4348 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
22:16:00.0168 4348 IRENUM - ok
22:16:00.0199 4348 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
22:16:00.0199 4348 isapnp - ok
22:16:00.0308 4348 [ 691B9B7C0CC1653732717D292D6B305D ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
22:16:00.0308 4348 JavaQuickStarterService - ok
22:16:00.0371 4348 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
22:16:00.0371 4348 Kbdclass - ok
22:16:00.0371 4348 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
22:16:00.0387 4348 kbdhid - ok
22:16:00.0402 4348 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
22:16:00.0402 4348 kmixer - ok
22:16:00.0433 4348 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
22:16:00.0433 4348 KSecDD - ok
22:16:00.0465 4348 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
22:16:00.0465 4348 lanmanserver - ok
22:16:00.0527 4348 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
22:16:00.0527 4348 lanmanworkstation - ok
22:16:00.0527 4348 lbrtfdc - ok
22:16:00.0590 4348 [ CB5D13966F74D7F000724A907F614193 ] libusb0 C:\WINDOWS\system32\DRIVERS\libusb0.sys
22:16:00.0590 4348 libusb0 - ok
22:16:00.0590 4348 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
22:16:00.0605 4348 LmHosts - ok
22:16:00.0621 4348 [ A3E700D78EEC390F1208098CDCA5C6B6 ] MarvinBus C:\WINDOWS\system32\DRIVERS\MarvinBus.sys
22:16:00.0621 4348 MarvinBus - ok
22:16:00.0637 4348 [ 65E794E86468B61F2BC79ABC48BC4433 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
22:16:00.0637 4348 MBAMProtector - ok
22:16:00.0699 4348 [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
22:16:00.0730 4348 MBAMScheduler - ok
22:16:00.0777 4348 [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
22:16:00.0808 4348 MBAMService - ok
22:16:00.0824 4348 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
22:16:00.0840 4348 Messenger - ok
22:16:00.0855 4348 Microsoft SharePoint Workspace Audit Service - ok
22:16:00.0887 4348 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
22:16:00.0887 4348 mnmdd - ok
22:16:00.0933 4348 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
22:16:00.0933 4348 mnmsrvc - ok
22:16:00.0965 4348 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
22:16:00.0965 4348 Modem - ok
22:16:00.0965 4348 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
22:16:00.0965 4348 Mouclass - ok
22:16:00.0996 4348 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
22:16:00.0996 4348 mouhid - ok
22:16:01.0012 4348 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
22:16:01.0012 4348 MountMgr - ok
22:16:01.0012 4348 mraid35x - ok
22:16:01.0043 4348 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
22:16:01.0043 4348 MRxDAV - ok
22:16:01.0121 4348 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
22:16:01.0121 4348 MRxSmb - ok
22:16:01.0152 4348 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
22:16:01.0168 4348 MSDTC - ok
22:16:01.0183 4348 [ 1477849772712BAC69C144DCF2C9CE81 ] MSDV C:\WINDOWS\system32\DRIVERS\msdv.sys
22:16:01.0183 4348 MSDV - ok
22:16:01.0215 4348 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
22:16:01.0215 4348 Msfs - ok
22:16:01.0230 4348 MSIServer - ok
22:16:01.0262 4348 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
22:16:01.0262 4348 MSKSSRV - ok
22:16:01.0277 4348 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
22:16:01.0277 4348 MSPCLOCK - ok
22:16:01.0293 4348 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
22:16:01.0293 4348 MSPQM - ok
22:16:01.0324 4348 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
22:16:01.0324 4348 mssmbios - ok
22:16:01.0355 4348 [ 5C3F9BDF4DB23B75306388FC26A0A8E5 ] MSTAPE C:\WINDOWS\system32\DRIVERS\mstape.sys
22:16:01.0371 4348 MSTAPE - ok
22:16:01.0371 4348 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
22:16:01.0371 4348 MSTEE - ok
22:16:01.0387 4348 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
22:16:01.0387 4348 Mup - ok
22:16:01.0496 4348 [ B4187346F54E362DAFFE647B25A58D50 ] N360 C:\Program Files\Norton Security Suite\Engine\4.4.0.12\ccSvcHst.exe
22:16:01.0496 4348 N360 - ok
22:16:01.0527 4348 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
22:16:01.0527 4348 NABTSFEC - ok
22:16:01.0543 4348 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
22:16:01.0558 4348 napagent - ok
22:16:01.0652 4348 [ 8E4C77AD9BB279900C00F870CC0C674B ] NAVENG C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20130102.016\NAVENG.SYS
22:16:01.0652 4348 NAVENG - ok
22:16:01.0730 4348 [ 826F699B69E88A3920C70F344DD42D88 ] NAVEX15 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20130102.016\NAVEX15.SYS
22:16:01.0777 4348 NAVEX15 - ok
22:16:01.0808 4348 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
22:16:01.0808 4348 NDIS - ok
22:16:01.0855 4348 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
22:16:01.0855 4348 NdisIP - ok
22:16:01.0902 4348 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
22:16:01.0902 4348 NdisTapi - ok
22:16:01.0949 4348 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
22:16:01.0965 4348 Ndisuio - ok
22:16:01.0965 4348 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
22:16:01.0965 4348 NdisWan - ok
22:16:02.0012 4348 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
22:16:02.0012 4348 NDProxy - ok
22:16:02.0027 4348 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
22:16:02.0027 4348 NetBIOS - ok
22:16:02.0090 4348 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
22:16:02.0090 4348 NetBT - ok
22:16:02.0137 4348 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
22:16:02.0137 4348 NetDDE - ok
22:16:02.0137 4348 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
22:16:02.0137 4348 NetDDEdsdm - ok
22:16:02.0168 4348 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
22:16:02.0168 4348 Netlogon - ok
22:16:02.0230 4348 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
22:16:02.0246 4348 Netman - ok
22:16:02.0277 4348 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:16:02.0277 4348 NetTcpPortSharing - ok
22:16:02.0308 4348 [ 5EF7DD401771693245D46F4B0B69FE2B ] NetworkX C:\WINDOWS\system32\ckldrv.sys
22:16:02.0324 4348 NetworkX - ok
22:16:02.0324 4348 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
22:16:02.0324 4348 NIC1394 - ok
22:16:02.0387 4348 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
22:16:02.0402 4348 Nla - ok
22:16:02.0480 4348 [ 7AEA4DF1CA68FD45DD4BBE1F0243CE7F ] NMSAccess C:\Program Files\CDBurnerXP\NMSAccessU.exe
22:16:02.0480 4348 NMSAccess - ok
22:16:02.0480 4348 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
22:16:02.0480 4348 Npfs - ok
22:16:02.0543 4348 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
22:16:02.0543 4348 Ntfs - ok
22:16:02.0543 4348 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
22:16:02.0543 4348 NtLmSsp - ok
22:16:02.0590 4348 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
22:16:02.0590 4348 NtmsSvc - ok
22:16:02.0621 4348 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
22:16:02.0621 4348 Null - ok
22:16:02.0808 4348 [ 5950E6CC9FB3FABB61604D395DBC8550 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
22:16:02.0933 4348 nv - ok
22:16:02.0980 4348 [ 9FE764D5EECCA13B0932FAB81A4A5A6F ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
22:16:02.0980 4348 NVSvc - ok
22:16:03.0027 4348 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
22:16:03.0027 4348 NwlnkFlt - ok
22:16:03.0027 4348 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
22:16:03.0027 4348 NwlnkFwd - ok
22:16:03.0043 4348 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
22:16:03.0043 4348 ohci1394 - ok
22:16:03.0121 4348 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:16:03.0121 4348 ose - ok
22:16:03.0277 4348 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
22:16:03.0402 4348 osppsvc - ok
22:16:03.0433 4348 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\drivers\Parport.sys
22:16:03.0433 4348 Parport - ok
22:16:03.0433 4348 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
22:16:03.0433 4348 PartMgr - ok
22:16:03.0496 4348 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
22:16:03.0496 4348 ParVdm - ok
22:16:03.0496 4348 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
22:16:03.0496 4348 PCI - ok
22:16:03.0496 4348 PCIDump - ok
22:16:03.0512 4348 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
22:16:03.0512 4348 PCIIde - ok
22:16:03.0543 4348 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
22:16:03.0543 4348 Pcmcia - ok
22:16:03.0543 4348 PDCOMP - ok
22:16:03.0543 4348 PDFRAME - ok
22:16:03.0543 4348 PDRELI - ok
22:16:03.0558 4348 PDRFRAME - ok
22:16:03.0558 4348 perc2 - ok
22:16:03.0558 4348 perc2hib - ok
22:16:03.0605 4348 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
22:16:03.0605 4348 PlugPlay - ok
22:16:03.0621 4348 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
22:16:03.0621 4348 PolicyAgent - ok
22:16:03.0621 4348 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
22:16:03.0637 4348 PptpMiniport - ok
22:16:03.0637 4348 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
22:16:03.0637 4348 ProtectedStorage - ok
22:16:03.0637 4348 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
22:16:03.0637 4348 PSched - ok
22:16:03.0699 4348 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
22:16:03.0699 4348 Ptilink - ok
22:16:03.0762 4348 [ E42E3433DBB4CFFE8FDD91EAB29AEA8E ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
22:16:03.0762 4348 PxHelp20 - ok
22:16:03.0762 4348 ql1080 - ok
22:16:03.0762 4348 Ql10wnt - ok
22:16:03.0762 4348 ql12160 - ok
22:16:03.0777 4348 ql1240 - ok
22:16:03.0777 4348 ql1280 - ok
22:16:03.0777 4348 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
22:16:03.0777 4348 RasAcd - ok
22:16:03.0824 4348 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
22:16:03.0824 4348 RasAuto - ok
22:16:03.0855 4348 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
22:16:03.0855 4348 Rasl2tp - ok
22:16:03.0902 4348 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
22:16:03.0902 4348 RasMan - ok
22:16:03.0918 4348 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
22:16:03.0918 4348 RasPppoe - ok
22:16:03.0918 4348 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
22:16:03.0918 4348 Raspti - ok
22:16:03.0949 4348 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
22:16:03.0949 4348 Rdbss - ok
22:16:03.0996 4348 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
22:16:03.0996 4348 RDPCDD - ok
22:16:04.0043 4348 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
22:16:04.0043 4348 RDPWD - ok
22:16:04.0074 4348 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
22:16:04.0074 4348 RDSessMgr - ok
22:16:04.0121 4348 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
22:16:04.0121 4348 redbook - ok
22:16:04.0152 4348 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
22:16:04.0168 4348 RemoteAccess - ok
22:16:04.0215 4348 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
22:16:04.0215 4348 RpcLocator - ok
22:16:04.0262 4348 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\System32\rpcss.dll
22:16:04.0262 4348 RpcSs - ok
22:16:04.0308 4348 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
22:16:04.0308 4348 RSVP - ok
22:16:04.0355 4348 SABProcEnum - ok
22:16:04.0355 4348 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
22:16:04.0355 4348 SamSs - ok
22:16:04.0387 4348 [ B244960E5A1DB8E9D5D17086DE37C1E4 ] sbp2port C:\WINDOWS\system32\DRIVERS\sbp2port.sys
22:16:04.0387 4348 sbp2port - ok
22:16:04.0402 4348 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
22:16:04.0402 4348 SCardSvr - ok
22:16:04.0465 4348 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
22:16:04.0465 4348 Schedule - ok
22:16:04.0496 4348 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
22:16:04.0512 4348 Secdrv - ok
22:16:04.0527 4348 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
22:16:04.0527 4348 seclogon - ok
22:16:04.0558 4348 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
22:16:04.0558 4348 SENS - ok
22:16:04.0621 4348 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\drivers\Serial.sys
22:16:04.0621 4348 Serial - ok
22:16:04.0637 4348 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
22:16:04.0637 4348 Sfloppy - ok
22:16:04.0668 4348 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
22:16:04.0683 4348 SharedAccess - ok
22:16:04.0699 4348 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
22:16:04.0699 4348 ShellHWDetection - ok
22:16:04.0699 4348 Simbad - ok
22:16:04.0746 4348 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
22:16:04.0746 4348 SkypeUpdate - ok
22:16:04.0762 4348 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
22:16:04.0762 4348 SLIP - ok
22:16:04.0777 4348 Sparrow - ok
22:16:04.0793 4348 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
22:16:04.0793 4348 splitter - ok
22:16:04.0824 4348 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
22:16:04.0824 4348 Spooler - ok
22:16:04.0871 4348 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
22:16:04.0871 4348 sr - ok
22:16:04.0933 4348 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
22:16:04.0933 4348 srservice - ok
22:16:04.0996 4348 [ EC5C3C6260F4019B03DFAA03EC8CBF6A ] SRTSP C:\WINDOWS\System32\Drivers\N360\0404000.00C\SRTSP.SYS
22:16:04.0996 4348 SRTSP - ok
22:16:05.0012 4348 [ 55D5C37ED41231E3AC2063D16DF50840 ] SRTSPX C:\WINDOWS\system32\drivers\N360\0404000.00C\SRTSPX.SYS
22:16:05.0012 4348 SRTSPX - ok
22:16:05.0074 4348 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
22:16:05.0074 4348 Srv - ok
22:16:05.0137 4348 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
22:16:05.0137 4348 SSDPSRV - ok
22:16:05.0152 4348 [ E57B778208C783D8DEBAB320C16A1B82 ] StarOpen C:\WINDOWS\system32\drivers\StarOpen.sys
22:16:05.0152 4348 StarOpen - ok
22:16:05.0199 4348 [ A9573045BAA16EAB9B1085205B82F1ED ] StillCam C:\WINDOWS\system32\DRIVERS\serscan.sys
22:16:05.0199 4348 StillCam - ok
22:16:05.0246 4348 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
22:16:05.0262 4348 stisvc - ok
22:16:05.0277 4348 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
22:16:05.0293 4348 streamip - ok
22:16:05.0293 4348 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
22:16:05.0293 4348 swenum - ok
22:16:05.0340 4348 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
22:16:05.0340 4348 swmidi - ok
22:16:05.0340 4348 SwPrv - ok
22:16:05.0340 4348 symc810 - ok
22:16:05.0355 4348 symc8xx - ok
22:16:05.0402 4348 [ 56890BF9D9204B93042089D4B45AE671 ] SymDS C:\WINDOWS\system32\drivers\N360\0404000.00C\SYMDS.SYS
22:16:05.0418 4348 SymDS - ok
22:16:05.0449 4348 [ 10BA64273FEFF4DF0A7CCB0FF3B9B26B ] SymEFA C:\WINDOWS\system32\drivers\N360\0404000.00C\SYMEFA.SYS
22:16:05.0465 4348 SymEFA - ok
22:16:05.0496 4348 [ 961B48B86F94D4CC8CEB483F8AA89374 ] SymEvent C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
22:16:05.0512 4348 SymEvent - ok
22:16:05.0574 4348 [ DC80FBF0A348E54853EF82EED4E11E35 ] SymIRON C:\WINDOWS\system32\drivers\N360\0404000.00C\Ironx86.SYS
22:16:05.0574 4348 SymIRON - ok
22:16:05.0590 4348 [ BE6DE8FBF2DF9F13A90B8B6E943871B7 ] SYMTDI C:\WINDOWS\System32\Drivers\N360\0404000.00C\SYMTDI.SYS
22:16:05.0605 4348 SYMTDI - ok
22:16:05.0605 4348 sym_hi - ok
22:16:05.0621 4348 sym_u3 - ok
22:16:05.0668 4348 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
22:16:05.0668 4348 sysaudio - ok
22:16:05.0699 4348 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
22:16:05.0699 4348 SysmonLog - ok
22:16:05.0730 4348 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
22:16:05.0730 4348 TapiSrv - ok
22:16:05.0777 4348 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
22:16:05.0777 4348 Tcpip - ok
22:16:05.0824 4348 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
22:16:05.0824 4348 TDPIPE - ok
22:16:05.0840 4348 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
22:16:05.0840 4348 TDTCP - ok
22:16:05.0871 4348 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
22:16:05.0871 4348 TermDD - ok
22:16:05.0902 4348 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
22:16:05.0902 4348 TermService - ok
22:16:05.0918 4348 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
22:16:05.0918 4348 Themes - ok
22:16:05.0965 4348 [ A1124EBC672AA3AE1B327096C1DCC346 ] TIEHDUSB C:\WINDOWS\system32\drivers\tiehdusb.sys
22:16:05.0965 4348 TIEHDUSB - ok
22:16:06.0043 4348 [ 0407143F2BBC1A5DD5B518AC0704FCBF ] TomTomHOMEService C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
22:16:06.0043 4348 TomTomHOMEService - ok
22:16:06.0058 4348 TosIde - ok
22:16:06.0090 4348 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
22:16:06.0090 4348 TrkWks - ok
22:16:06.0105 4348 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
22:16:06.0105 4348 Udfs - ok
22:16:06.0105 4348 ultra - ok
22:16:06.0152 4348 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
22:16:06.0168 4348 Update - ok
22:16:06.0199 4348 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
22:16:06.0199 4348 upnphost - ok
22:16:06.0215 4348 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
22:16:06.0215 4348 UPS - ok
22:16:06.0293 4348 [ 73B41F4EAD65F355962168D766AF0F2E ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
22:16:06.0293 4348 USBAAPL - ok
22:16:06.0308 4348 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
22:16:06.0308 4348 usbccgp - ok
22:16:06.0324 4348 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
22:16:06.0324 4348 usbehci - ok
22:16:06.0340 4348 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
22:16:06.0340 4348 usbhub - ok
22:16:06.0371 4348 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
22:16:06.0371 4348 usbprint - ok
22:16:06.0387 4348 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
22:16:06.0387 4348 usbscan - ok
22:16:06.0402 4348 [ A32426D9B14A089EAA1D922E0C5801A9 ] usbstor C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
22:16:06.0402 4348 usbstor - ok
22:16:06.0433 4348 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
22:16:06.0433 4348 usbuhci - ok
22:16:06.0449 4348 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
22:16:06.0449 4348 VgaSave - ok
22:16:06.0449 4348 ViaIde - ok
22:16:06.0465 4348 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
22:16:06.0465 4348 VolSnap - ok
22:16:06.0496 4348 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
22:16:06.0543 4348 VSS - ok
22:16:06.0574 4348 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
22:16:06.0574 4348 W32Time - ok
22:16:06.0590 4348 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
22:16:06.0590 4348 Wanarp - ok
22:16:06.0652 4348 [ D918617B46457B9AC28027722E30F647 ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
22:16:06.0699 4348 Wdf01000 - ok
22:16:06.0699 4348 WDICA - ok
22:16:06.0762 4348 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
22:16:06.0762 4348 wdmaud - ok
22:16:06.0793 4348 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
22:16:06.0808 4348 WebClient - ok
22:16:06.0871 4348 [ 52C18A4B4AC4778B6980CF8284893FB8 ] WebOptimizer C:\WINDOWS\system32\dmwu.exe
22:16:06.0902 4348 WebOptimizer - ok
22:16:07.0012 4348 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
22:16:07.0012 4348 winmgmt - ok
22:16:07.0074 4348 [ 18F347402DA544A780949B8FDF83351B ] WinRM C:\WINDOWS\system32\WsmSvc.dll
22:16:07.0105 4348 WinRM - ok
22:16:07.0137 4348 [ FD600B032E741EB6AAB509FC630F7C42 ] winusb C:\WINDOWS\system32\DRIVERS\winusb.sys
22:16:07.0137 4348 winusb - ok
22:16:07.0199 4348 [ 5144AE67D60EC653F97DDF3FEED29E77 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
22:16:07.0230 4348 wlidsvc - ok
22:16:07.0262 4348 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
22:16:07.0262 4348 WmdmPmSN - ok
22:16:07.0277 4348 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
22:16:07.0293 4348 WmiApSrv - ok
22:16:07.0371 4348 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
22:16:07.0418 4348 WMPNetworkSvc - ok
22:16:07.0512 4348 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
22:16:07.0543 4348 wscsvc - ok
22:16:07.0543 4348 WSearch - ok
22:16:07.0574 4348 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
22:16:07.0574 4348 WSTCODEC - ok
22:16:07.0605 4348 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
22:16:07.0637 4348 wuauserv - ok
22:16:07.0668 4348 [ EAA6324F51214D2F6718977EC9CE0DEF ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
22:16:07.0668 4348 WudfPf - ok
22:16:07.0715 4348 [ F91FF1E51FCA30B3C3981DB7D5924252 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
22:16:07.0715 4348 WudfRd - ok
22:16:07.0746 4348 [ DDEE3682FE97037C45F4D7AB467CB8B6 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
22:16:07.0746 4348 WudfSvc - ok
22:16:07.0808 4348 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
22:16:07.0840 4348 WZCSVC - ok
22:16:07.0871 4348 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
22:16:07.0902 4348 xmlprov - ok
22:16:07.0902 4348 zumbus - ok
22:16:07.0918 4348 ================ Scan global ===============================
22:16:07.0949 4348 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
22:16:07.0996 4348 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
22:16:08.0012 4348 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
22:16:08.0027 4348 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
22:16:08.0027 4348 [Global] - ok
22:16:08.0027 4348 ================ Scan MBR ==================================
22:16:08.0058 4348 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
22:16:08.0262 4348 \Device\Harddisk0\DR0 - ok
22:16:08.0262 4348 [ A4A15D6782E6FE1DCE41A606CB3AFFE3 ] \Device\Harddisk1\DR2
22:16:08.0480 4348 \Device\Harddisk1\DR2 - ok
22:16:08.0480 4348 ================ Scan VBR ==================================
22:16:08.0480 4348 [ 949F396DC0DBE0D99B07B650741031A4 ] \Device\Harddisk0\DR0\Partition1
22:16:08.0480 4348 \Device\Harddisk0\DR0\Partition1 - ok
22:16:08.0496 4348 [ 69E75EE8CC36F25C5058DB65C90C873F ] \Device\Harddisk1\DR2\Partition1
22:16:08.0496 4348 \Device\Harddisk1\DR2\Partition1 - ok
22:16:08.0496 4348 ============================================================
22:16:08.0496 4348 Scan finished
22:16:08.0496 4348 ============================================================
22:16:08.0496 5660 Detected object count: 0
22:16:08.0496 5660 Actual detected object count: 0


4. AdwCleaner

# AdwCleaner v2.104 - Logfile created 01/03/2013 at 22:20:23
# Updated 29/12/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Kenmuir Family - KENMUIR-ACCC0D8
# Boot Mode : Normal
# Running from : G:\My Documents\Downloads\AdwCleaner.exe
# Option [Delete]


***** [Services] *****

Stopped & Deleted : WebOptimizer

***** [Files / Folders] *****

File Deleted : C:\user.js
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Ask
Folder Deleted : C:\Documents and Settings\Kenmuir Family\Application Data\Toolbar4
Folder Deleted : C:\Documents and Settings\Kenmuir Family\Local Settings\Application Data\Conduit
Folder Deleted : C:\Documents and Settings\Kenmuir Family\Local Settings\Application Data\Ilivid
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\WINDOWS\system32\WNLT
Folder Deleted : G:\My Documents\Software

***** [Registry] *****

Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\Headlight
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{96BD48DD-741B-41AE-AC4A-AFF96BA00F7E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403a-B9D2-65C292C39087}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403a-B9D2-65C292C39087}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\TBSB07898
Key Deleted : HKCU\Software\Web Assistant
Key Deleted : HKCU\Software\WNLT
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler
Key Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Key Deleted : HKLM\SOFTWARE\Classes\TBSB07898.IEToolbar
Key Deleted : HKLM\SOFTWARE\Classes\TBSB07898.IEToolbar.1
Key Deleted : HKLM\SOFTWARE\Classes\TBSB07898.TBSB07898
Key Deleted : HKLM\SOFTWARE\Classes\TBSB07898.TBSB07898.3
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.TBSB07898
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.TBSB07898.1
Key Deleted : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook
Key Deleted : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook.1
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\WNLT
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WNLT
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\Web Assistant
Key Deleted : HKLM\Software\WNLT
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

-\\ Google Chrome v23.0.1271.97

File : C:\Documents and Settings\Kenmuir Family\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [5942 octets] - [03/01/2013 22:20:23]

########## EOF - C:\AdwCleaner[S1].txt - [6002 octets] ##########

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,917 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:53 AM

Posted 04 January 2013 - 10:44 AM

Let's look at rootkits as is not much there,

Please download aswMBR ( 4.5MB ) to your desktop.
  • Double click the aswMBR.exe icon, and click Run.
  • When asked if you'd like to "download the latest Avast! virus definitions", click Yes.
  • Click the Scan button to start the scan.
  • On completion of the scan, click the save log button, save it to your desktop, then copy and paste it in your next reply.



Important Note: Your version of Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system.Please follow these steps to remove older version Java components and update:
  • Download the latest version of Java Runtime Environment (JRE) Version 7 and save it to your desktop.
  • Look for "Java Platform, Standard Edition".
  • Click the "Download JRE" button to the right.
  • Read the License Agreement, and then check the box that says: "Accept License Agreement".
  • From the list, select your OS and Platform (32-bit or 64-bit).
    64-bit OS users, should read: Which Java download should I choose for my 64-bit Windows operating system?
  • If a download for an Offline Installation is available, it is recommended to choose that and save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
Go to Posted Image > Control Panel, double-click on Add/Remove Programs or Programs and Features in Vista/Windows 7 and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button and follow the onscreen instructions for the Java uninstaller.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-7u10-windows-i586.exe (or jre-7u10-windows-x64.exe for 64-bit) to install the newest version.
  • If using Windows 7 or Vista and the installer refuses to launch due to insufficient user permissions, then Run As Administrator.
  • When the Java Setup - Welcome window opens, click the Install > button.
  • If offered any unwanted software or toolbars during installation, just uncheck the box before continuing unless you want it.
  • The McAfee Security Scan Plus tool is installed by default unless you uncheck the McAfee installation box when updating Java.
Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications but it's not necessary.
To disable the JQS service if you don't want,update to imilarly to use it:
  • Go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter.
  • Click Ok and reboot your computer.

Similarly,update to Adobe Reader XI
NOTE: Uncheck the box in front of this line.
Yes, install Chrome as my default browser and Google Toolbar for Internet Explorer – optional.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 Seriously Infected

Seriously Infected
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:12:53 AM

Posted 04 January 2013 - 10:00 PM

Hello and thanks again. I tried to update the Java and the Adobe. the Java link did not have a 32 bit OS option and the Adobe did not load due to multiple "script errors" on the page.

here is the Log from aswMBR:

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-01-04 18:41:05
-----------------------------
18:41:05.609 OS Version: Windows 5.1.2600 Service Pack 3
18:41:05.609 Number of processors: 2 586 0xF0D
18:41:05.609 ComputerName: KENMUIR-ACCC0D8 UserName: Kenmuir Family
18:41:07.468 Initialize success
18:42:25.937 AVAST engine defs: 13010401
18:42:56.609 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
18:42:56.609 Disk 0 Vendor: WDC_WD2500JS-75NCB3 10.02E04 Size: 238418MB BusType: 3
18:42:56.609 Disk 1 \Device\Harddisk1\DR2 -> \Device\Sbp2\Maxtor&OneTouch&0&0010b902_1144ff31_Instance00
18:42:56.609 Disk 1 Vendor: Maxtor 0121 Size: 953869MB BusType: 4
18:42:56.640 Disk 0 MBR read successfully
18:42:56.640 Disk 0 MBR scan
18:42:56.687 Disk 0 Windows XP default MBR code
18:42:56.687 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 238409 MB offset 63
18:42:56.687 Disk 0 scanning sectors +488263545
18:42:56.765 Disk 0 scanning C:\WINDOWS\system32\drivers
18:43:12.687 Service scanning
18:43:38.843 Modules scanning
18:43:45.703 Disk 0 trace - called modules:
18:43:45.750 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
18:43:45.750 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8ad0aab8]
18:43:45.750 3 CLASSPNP.SYS[ba108fd7] -> nt!IofCallDriver -> \Device\0000006f[0x8ad37f18]
18:43:45.750 5 ACPI.sys[b9f7f620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x8accdd18]
18:43:46.218 AVAST engine scan C:\WINDOWS
18:43:53.406 AVAST engine scan C:\WINDOWS\system32
18:48:04.046 AVAST engine scan C:\WINDOWS\system32\drivers
18:48:27.593 AVAST engine scan C:\Documents and Settings\Kenmuir Family
19:08:33.015 AVAST engine scan C:\Documents and Settings\All Users
19:23:01.765 Scan finished successfully
20:45:36.187 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Kenmuir Family\Desktop\2\MBR.dat"
20:45:36.203 The log file has been saved successfully to "C:\Documents and Settings\Kenmuir Family\Desktop\2\aswMBR.txt"

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,917 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:53 AM

Posted 04 January 2013 - 10:46 PM

Hmmm, I think we a deeper look to see what is here as its stopping the updates too. Please follow this Preparation Guide and post in a new topic.

Let me know if all went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users