Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

PC Infected


  • Please log in to reply
10 replies to this topic

#1 ProTree500

ProTree500

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:02:56 PM

Posted 13 January 2013 - 06:10 PM

I am fixing a pc for a friend, there was a virus / malware that is still possibly on the pc. Started with Norton 360 didnt find the infection, malware bytes was locking up on the scanning. Finally was able to run Avast and it also didnt find it. I was able to run adwcleaner this is the report it came back after deletion of the infected find.

# AdwCleaner v2.105 - Logfile created 01/13/2013 at 16:42:39
# Updated 08/01/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# Boot Mode : Normal
# Running from : C:\Documents and Settings\bill\My Documents\Downloads\AdwCleaner.exe
# Option [Delete]


***** [Services] *****

Stopped & Deleted : WajamUpdater

***** [Files / Folders] *****

File Deleted : C:\Documents and Settings\bill\Application Data\Mozilla\Firefox\Profiles\1ldr8ixz.default\bprotector_extensions.sqlite
File Deleted : C:\Documents and Settings\bill\Application Data\Mozilla\Firefox\Profiles\1ldr8ixz.default\bprotector_prefs.js
File Deleted : C:\Documents and Settings\bill\Application Data\Mozilla\Firefox\Profiles\1ldr8ixz.default\searchplugins\babylon1.xml
File Deleted : C:\Documents and Settings\bill\Application Data\Mozilla\Firefox\Profiles\1ldr8ixz.default\searchplugins\safesearch.xml
File Deleted : C:\END
Folder Deleted : C:\Documents and Settings\All Users\Application Data\BrowserProtect
Folder Deleted : C:\Documents and Settings\All Users\Start Menu\Programs\Zoom Downloader
Folder Deleted : C:\Documents and Settings\bill\Application Data\imeshbandmltbpi
Folder Deleted : C:\Documents and Settings\bill\Local Settings\Application Data\Wajam
Folder Deleted : C:\Documents and Settings\yahoos\Application Data\imeshbandmltbpi
Folder Deleted : C:\Documents and Settings\yahoos\Application Data\mediabarim
Folder Deleted : C:\Program Files\Ask.com
Folder Deleted : C:\Program Files\Dogpile Bundle Toolbar
Folder Deleted : C:\Program Files\Zoom Downloader

***** [Registry] *****

Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Search
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{474597C5-AB09-49D6-A4D5-2E8D7341384E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E38FA08E-F56A-4169-ABF5-5C71E3C153A1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E5C66DD8-308B-4a4f-AF0A-3D04F25B5343}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{28387537-E3F9-4ED7-860C-11E69AF4A8A0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{474597C5-AB09-49D6-A4D5-2E8D7341384E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D425283-D487-4337-BAB6-AB8354A81457}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E38FA08E-F56A-4169-ABF5-5C71E3C153A1}
Key Deleted : HKCU\Software\Wajam
Key Deleted : HKCU\Software\Zugo
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{28387537-E3F9-4ED7-860C-11E69AF4A8A0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E5C66DD8-308B-4a4f-AF0A-3D04F25B5343}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}
Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamBHO
Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamBHO.1
Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamDownloader
Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamDownloader.1
Key Deleted : HKLM\SOFTWARE\FCTB000060231
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{250BECD2-5C43-48cf-A3C6-666338526D67}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\mywebsearch bar uninstall
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\QuestBrowse
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ShoppingReport2
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{28387537-E3F9-4ED7-860C-11E69AF4A8A0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D425283-D487-4337-BAB6-AB8354A81457}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E5C66DD8-308B-4a4f-AF0A-3D04F25B5343}
Key Deleted : HKLM\Software\Wajam
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
Key Deleted : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Key Deleted : HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Key Deleted : HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Key Deleted : HKU\S-1-5-21-789336058-1637723038-682003330-1006\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{9D425283-D487-4337-BAB6-AB8354A81457}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{28387537-E3F9-4ED7-860C-11E69AF4A8A0}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{9D425283-D487-4337-BAB6-AB8354A81457}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [10]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

-\\ Mozilla Firefox v16.0.2 (en-US)

File : C:\Documents and Settings\bill\Application Data\Mozilla\Firefox\Profiles\1ldr8ixz.default\prefs.js

C:\Documents and Settings\bill\Application Data\Mozilla\Firefox\Profiles\1ldr8ixz.default\user.js ... Deleted !

Deleted : user_pref("avg.install.userHPSettings", "hxxp://search.babylon.com/?affID=110804&tt=5212_7&babsrc=HP[...]
Deleted : user_pref("avg.install.userSPSettings", "Search the web (Babylon)");
Deleted : user_pref("extensions.BabylonToolbar.admin", false);
Deleted : user_pref("extensions.BabylonToolbar.aflt", "babsst");
Deleted : user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");
Deleted : user_pref("extensions.BabylonToolbar.autoRvrt", "false");
Deleted : user_pref("extensions.BabylonToolbar.dfltLng", "en");
Deleted : user_pref("extensions.BabylonToolbar.excTlbr", false);
Deleted : user_pref("extensions.BabylonToolbar.id", "749fadcc000000000000001d7e952239");
Deleted : user_pref("extensions.BabylonToolbar.instlDay", "15699");
Deleted : user_pref("extensions.BabylonToolbar.instlRef", "sst");
Deleted : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
Deleted : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
Deleted : user_pref("extensions.BabylonToolbar.rvrt", "false");
Deleted : user_pref("extensions.BabylonToolbar.tlbrId", "base");
Deleted : user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=[...]
Deleted : user_pref("extensions.BabylonToolbar.vrsn", "1.8.7.2");
Deleted : user_pref("extensions.BabylonToolbar.vrsni", "1.8.7.2");
Deleted : user_pref("extensions.BabylonToolbar_i.babExt", "");
Deleted : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=110804&tt=5212_7");
Deleted : user_pref("extensions.BabylonToolbar_i.excTlbr", false);
Deleted : user_pref("extensions.BabylonToolbar_i.newTab", false);
Deleted : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Deleted : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Deleted : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.8.7.210:52:21");

File : C:\Documents and Settings\yahoos\Application Data\Mozilla\Firefox\Profiles\am8mi9o7.default\prefs.js

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [9014 octets] - [13/01/2013 16:35:59]
AdwCleaner[S1].txt - [8833 octets] - [13/01/2013 16:42:39]

########## EOF - C:\AdwCleaner[S1].txt - [8893 octets] ##########

-----------------------------------------------------------------------

Currently I am only able to use Firefox browser, Internet Explorer doesn't work at all.
If I right click on the IE icon on the desktop it shows this in the menu list
- Browse the Internet
- naom


not sure what the "naom" is or if it is part of the virus. I also cannot double click anything on the desktop to open.

Any help would be appreciated.

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,569 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:56 PM

Posted 13 January 2013 - 07:47 PM

Hello, let's also run these,

TDSS Alt
Please Download TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results.

>>>>

MiniToolBox
Please download MiniToolBox, save it to your desktop and run it.Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.




Junkware Removal Tool
Posted Image Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.


Now,this should run in FF

>>>>

I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image
      icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

NOTE:Sometimes if ESET finds no infections it will not create a log.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 ProTree500

ProTree500
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:02:56 PM

Posted 13 January 2013 - 08:17 PM

here is the TDS log.

19:13:41.0750 3816 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
19:13:43.0750 3816 ============================================================
19:13:43.0750 3816 Current date / time: 2013/01/13 19:13:43.0750
19:13:43.0750 3816 SystemInfo:
19:13:43.0750 3816
19:13:43.0750 3816 OS Version: 5.1.2600 ServicePack: 3.0
19:13:43.0750 3816 Product type: Workstation
19:13:43.0750 3816 ComputerName: RSERVICES
19:13:43.0750 3816 UserName: bill
19:13:43.0750 3816 Windows directory: C:\WINDOWS
19:13:43.0750 3816 System windows directory: C:\WINDOWS
19:13:43.0750 3816 Processor architecture: Intel x86
19:13:43.0750 3816 Number of processors: 2
19:13:43.0750 3816 Page size: 0x1000
19:13:43.0750 3816 Boot type: Normal boot
19:13:43.0750 3816 ============================================================
19:13:45.0171 3816 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
19:13:45.0171 3816 Drive \Device\Harddisk1\DR2 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
19:13:45.0593 3816 ============================================================
19:13:45.0593 3816 \Device\Harddisk0\DR0:
19:13:45.0593 3816 MBR partitions:
19:13:45.0593 3816 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A380D41
19:13:45.0593 3816 \Device\Harddisk1\DR2:
19:13:45.0593 3816 MBR partitions:
19:13:45.0593 3816 \Device\Harddisk1\DR2\Partition1: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x3A384C02
19:13:45.0593 3816 ============================================================
19:13:45.0593 3816 C: <-> \Device\Harddisk0\DR0\Partition1
19:13:45.0609 3816 G: <-> \Device\Harddisk1\DR2\Partition1
19:13:45.0609 3816 ============================================================
19:13:45.0609 3816 Initialize success
19:13:45.0609 3816 ============================================================
19:14:08.0265 1276 ============================================================
19:14:08.0265 1276 Scan started
19:14:08.0265 1276 Mode: Manual; TDLFS;
19:14:08.0265 1276 ============================================================
19:14:09.0531 1276 ================ Scan system memory ========================
19:14:09.0531 1276 System memory - ok
19:14:09.0531 1276 ================ Scan services =============================
19:14:09.0875 1276 [ 149A8F7ADF9742554DC323E290551E3E ] Aavmker4 C:\WINDOWS\system32\drivers\Aavmker4.sys
19:14:09.0875 1276 Aavmker4 - ok
19:14:09.0875 1276 Abiosdsk - ok
19:14:09.0875 1276 abp480n5 - ok
19:14:09.0906 1276 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
19:14:09.0906 1276 ACPI - ok
19:14:09.0937 1276 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
19:14:09.0937 1276 ACPIEC - ok
19:14:09.0968 1276 [ 651168B452DA256FA9E1AA172EF5BAC5 ] ADIHdAudAddService C:\WINDOWS\system32\drivers\ADIHdAud.sys
19:14:09.0968 1276 ADIHdAudAddService - ok
19:14:10.0015 1276 [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
19:14:10.0046 1276 AdobeFlashPlayerUpdateSvc - ok
19:14:10.0046 1276 adpu160m - ok
19:14:10.0093 1276 [ B4AFCC2F911939A1C16A26E7EBA7F36B ] AEAudio C:\WINDOWS\system32\drivers\AEAudio.sys
19:14:10.0093 1276 AEAudio - ok
19:14:10.0109 1276 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
19:14:10.0109 1276 aec - ok
19:14:10.0140 1276 [ 2F7F3E8DA380325866E566F5D5EC23D5 ] AegisP C:\WINDOWS\system32\DRIVERS\AegisP.sys
19:14:10.0140 1276 AegisP - ok
19:14:10.0171 1276 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
19:14:10.0171 1276 AFD - ok
19:14:10.0171 1276 Aha154x - ok
19:14:10.0187 1276 aic78u2 - ok
19:14:10.0187 1276 aic78xx - ok
19:14:10.0218 1276 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
19:14:10.0218 1276 Alerter - ok
19:14:10.0218 1276 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
19:14:10.0218 1276 ALG - ok
19:14:10.0234 1276 AliIde - ok
19:14:10.0250 1276 [ EFBB0956BAED786E137351B5CA272AEF ] AmdK8 C:\WINDOWS\system32\DRIVERS\AmdK8.sys
19:14:10.0265 1276 AmdK8 - ok
19:14:10.0265 1276 amsint - ok
19:14:10.0265 1276 AppMgmt - ok
19:14:10.0281 1276 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
19:14:10.0281 1276 Arp1394 - ok
19:14:10.0296 1276 asc - ok
19:14:10.0296 1276 asc3350p - ok
19:14:10.0296 1276 asc3550 - ok
19:14:10.0390 1276 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
19:14:10.0406 1276 aspnet_state - ok
19:14:10.0421 1276 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
19:14:10.0421 1276 AsyncMac - ok
19:14:10.0421 1276 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
19:14:10.0421 1276 atapi - ok
19:14:10.0437 1276 Atdisk - ok
19:14:10.0437 1276 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
19:14:10.0453 1276 Atmarpc - ok
19:14:10.0468 1276 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
19:14:10.0468 1276 AudioSrv - ok
19:14:10.0500 1276 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
19:14:10.0500 1276 audstub - ok
19:14:10.0609 1276 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
19:14:10.0609 1276 avast! Antivirus - ok
19:14:10.0625 1276 [ 438179ABE9B7A922A21B8D6369FF52FF ] BCM42RLY C:\WINDOWS\System32\BCM42RLY.SYS
19:14:10.0625 1276 BCM42RLY - ok
19:14:10.0656 1276 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
19:14:10.0656 1276 Beep - ok
19:14:10.0687 1276 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
19:14:10.0734 1276 BITS - ok
19:14:10.0750 1276 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
19:14:10.0750 1276 Browser - ok
19:14:10.0812 1276 catchme - ok
19:14:10.0828 1276 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
19:14:10.0828 1276 cbidf2k - ok
19:14:10.0828 1276 cd20xrnt - ok
19:14:10.0843 1276 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
19:14:10.0859 1276 Cdaudio - ok
19:14:10.0859 1276 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
19:14:10.0859 1276 Cdfs - ok
19:14:10.0875 1276 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
19:14:10.0890 1276 Cdrom - ok
19:14:10.0890 1276 Changer - ok
19:14:10.0906 1276 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
19:14:10.0906 1276 CiSvc - ok
19:14:10.0921 1276 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
19:14:10.0921 1276 ClipSrv - ok
19:14:10.0984 1276 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:14:10.0984 1276 clr_optimization_v2.0.50727_32 - ok
19:14:11.0000 1276 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:14:11.0031 1276 clr_optimization_v4.0.30319_32 - ok
19:14:11.0031 1276 CmdIde - ok
19:14:11.0046 1276 COMSysApp - ok
19:14:11.0046 1276 Cpqarray - ok
19:14:11.0046 1276 cpuz132 - ok
19:14:11.0078 1276 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
19:14:11.0078 1276 CryptSvc - ok
19:14:11.0078 1276 dac2w2k - ok
19:14:11.0078 1276 dac960nt - ok
19:14:11.0109 1276 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
19:14:11.0109 1276 DcomLaunch - ok
19:14:11.0140 1276 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
19:14:11.0140 1276 Dhcp - ok
19:14:11.0140 1276 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
19:14:11.0140 1276 Disk - ok
19:14:11.0156 1276 dmadmin - ok
19:14:11.0187 1276 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
19:14:11.0187 1276 dmboot - ok
19:14:11.0203 1276 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
19:14:11.0203 1276 dmio - ok
19:14:11.0203 1276 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
19:14:11.0218 1276 dmload - ok
19:14:11.0234 1276 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
19:14:11.0234 1276 dmserver - ok
19:14:11.0250 1276 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
19:14:11.0250 1276 DMusic - ok
19:14:11.0281 1276 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
19:14:11.0281 1276 Dnscache - ok
19:14:11.0296 1276 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
19:14:11.0296 1276 Dot3svc - ok
19:14:11.0312 1276 dpti2o - ok
19:14:11.0312 1276 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
19:14:11.0312 1276 drmkaud - ok
19:14:11.0343 1276 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
19:14:11.0343 1276 EapHost - ok
19:14:11.0343 1276 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
19:14:11.0359 1276 ERSvc - ok
19:14:11.0359 1276 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
19:14:11.0375 1276 Eventlog - ok
19:14:11.0406 1276 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
19:14:11.0406 1276 EventSystem - ok
19:14:11.0421 1276 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
19:14:11.0421 1276 Fastfat - ok
19:14:11.0453 1276 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
19:14:11.0640 1276 FastUserSwitchingCompatibility - ok
19:14:11.0656 1276 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
19:14:11.0656 1276 Fdc - ok
19:14:11.0671 1276 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
19:14:11.0671 1276 Fips - ok
19:14:11.0687 1276 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
19:14:11.0687 1276 Flpydisk - ok
19:14:11.0703 1276 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
19:14:11.0703 1276 FltMgr - ok
19:14:11.0734 1276 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
19:14:11.0734 1276 FontCache3.0.0.0 - ok
19:14:11.0781 1276 [ CBE5F69A5E5B918225F420BA748F3742 ] FsUsbExDisk C:\WINDOWS\system32\FsUsbExDisk.SYS
19:14:11.0781 1276 FsUsbExDisk - ok
19:14:11.0781 1276 [ 96633419F4A1E37ACB89B45EBCCFE001 ] FsUsbExService C:\WINDOWS\system32\FsUsbExService.Exe
19:14:11.0796 1276 FsUsbExService - ok
19:14:11.0796 1276 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:14:11.0796 1276 Fs_Rec - ok
19:14:11.0812 1276 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
19:14:11.0812 1276 Ftdisk - ok
19:14:11.0843 1276 [ 5AE3A887ECE5BBB72CFAB273C2FD1CFA ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
19:14:11.0843 1276 GEARAspiWDM - ok
19:14:11.0843 1276 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
19:14:11.0859 1276 Gpc - ok
19:14:11.0875 1276 [ FC80052194D5708254A346568F0E77C0 ] GTNDIS5 C:\WINDOWS\system32\GTNDIS5.SYS
19:14:11.0875 1276 GTNDIS5 - ok
19:14:11.0937 1276 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
19:14:11.0937 1276 gupdate - ok
19:14:11.0937 1276 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
19:14:11.0937 1276 gupdatem - ok
19:14:11.0984 1276 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
19:14:11.0984 1276 HDAudBus - ok
19:14:12.0031 1276 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
19:14:12.0031 1276 helpsvc - ok
19:14:12.0046 1276 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
19:14:12.0062 1276 HidServ - ok
19:14:12.0062 1276 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
19:14:12.0062 1276 hidusb - ok
19:14:12.0093 1276 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
19:14:12.0093 1276 hkmsvc - ok
19:14:12.0093 1276 hpn - ok
19:14:12.0125 1276 [ D03D10F7DED688FECF50F8FBF1EA9B8A ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys
19:14:12.0125 1276 HPZid412 - ok
19:14:12.0156 1276 [ 89F41658929393487B6B7D13C8528CE3 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
19:14:12.0156 1276 HPZipr12 - ok
19:14:12.0171 1276 [ ABCB05CCDBF03000354B9553820E39F8 ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys
19:14:12.0171 1276 HPZius12 - ok
19:14:12.0187 1276 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
19:14:12.0203 1276 HTTP - ok
19:14:12.0203 1276 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
19:14:12.0203 1276 HTTPFilter - ok
19:14:12.0218 1276 i2omgmt - ok
19:14:12.0218 1276 i2omp - ok
19:14:12.0234 1276 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
19:14:12.0234 1276 i8042prt - ok
19:14:12.0281 1276 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:14:12.0296 1276 idsvc - ok
19:14:12.0312 1276 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
19:14:12.0312 1276 Imapi - ok
19:14:12.0328 1276 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
19:14:12.0328 1276 ImapiService - ok
19:14:12.0343 1276 ini910u - ok
19:14:12.0343 1276 IntelIde - ok
19:14:12.0359 1276 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
19:14:12.0359 1276 Ip6Fw - ok
19:14:12.0390 1276 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:14:12.0390 1276 IpFilterDriver - ok
19:14:12.0390 1276 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
19:14:12.0390 1276 IpInIp - ok
19:14:12.0421 1276 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
19:14:12.0421 1276 IpNat - ok
19:14:12.0437 1276 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
19:14:12.0437 1276 IPSec - ok
19:14:12.0453 1276 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
19:14:12.0453 1276 IRENUM - ok
19:14:12.0468 1276 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
19:14:12.0468 1276 isapnp - ok
19:14:12.0531 1276 [ B591E761161D1EF547D76EF236EAA6A5 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
19:14:12.0531 1276 JavaQuickStarterService - ok
19:14:12.0546 1276 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
19:14:12.0546 1276 Kbdclass - ok
19:14:12.0562 1276 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
19:14:12.0562 1276 kbdhid - ok
19:14:12.0578 1276 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
19:14:12.0578 1276 kmixer - ok
19:14:12.0609 1276 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
19:14:12.0609 1276 KSecDD - ok
19:14:12.0625 1276 [ 58759156A6918913EDD368F995BE3E53 ] L8042Kbd C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys
19:14:12.0625 1276 L8042Kbd - ok
19:14:12.0656 1276 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
19:14:12.0656 1276 lanmanserver - ok
19:14:12.0671 1276 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
19:14:12.0671 1276 lanmanworkstation - ok
19:14:12.0671 1276 lbrtfdc - ok
19:14:12.0718 1276 [ A0F7DC0080E4F97DC97DE08B699E231B ] LBTServ C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe
19:14:12.0718 1276 LBTServ - ok
19:14:12.0734 1276 [ 24E0DDB99AECCF86BB37702611761459 ] LHidFilt C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
19:14:12.0734 1276 LHidFilt - ok
19:14:12.0750 1276 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
19:14:12.0750 1276 LmHosts - ok
19:14:12.0765 1276 [ D58B330D318361A66A9FE60D7C9B4951 ] LMouFilt C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
19:14:12.0765 1276 LMouFilt - ok
19:14:12.0796 1276 [ 9BC5A8F08CC4770C95F9C55D992DE929 ] LUsbFilt C:\WINDOWS\system32\Drivers\LUsbFilt.Sys
19:14:12.0796 1276 LUsbFilt - ok
19:14:12.0812 1276 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
19:14:12.0812 1276 Messenger - ok
19:14:12.0843 1276 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
19:14:12.0843 1276 mnmdd - ok
19:14:12.0859 1276 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
19:14:12.0859 1276 mnmsrvc - ok
19:14:12.0875 1276 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
19:14:12.0875 1276 Modem - ok
19:14:12.0875 1276 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
19:14:12.0875 1276 Mouclass - ok
19:14:12.0890 1276 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
19:14:12.0890 1276 mouhid - ok
19:14:12.0906 1276 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
19:14:12.0906 1276 MountMgr - ok
19:14:12.0968 1276 [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
19:14:12.0968 1276 MozillaMaintenance - ok
19:14:12.0968 1276 mraid35x - ok
19:14:13.0000 1276 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
19:14:13.0000 1276 MRxDAV - ok
19:14:13.0031 1276 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:14:13.0031 1276 MRxSmb - ok
19:14:13.0062 1276 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
19:14:13.0062 1276 MSDTC - ok
19:14:13.0078 1276 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
19:14:13.0078 1276 Msfs - ok
19:14:13.0078 1276 MSIServer - ok
19:14:13.0093 1276 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
19:14:13.0093 1276 MSKSSRV - ok
19:14:13.0109 1276 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
19:14:13.0109 1276 MSPCLOCK - ok
19:14:13.0125 1276 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
19:14:13.0125 1276 MSPQM - ok
19:14:13.0140 1276 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
19:14:13.0140 1276 mssmbios - ok
19:14:13.0156 1276 [ D48659BB24C48345D926ECB45C1EBDF5 ] MTsensor C:\WINDOWS\system32\DRIVERS\ASACPI.sys
19:14:13.0156 1276 MTsensor - ok
19:14:13.0187 1276 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
19:14:13.0187 1276 Mup - ok
19:14:13.0218 1276 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
19:14:13.0218 1276 napagent - ok
19:14:13.0250 1276 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
19:14:13.0250 1276 NDIS - ok
19:14:13.0296 1276 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:14:13.0296 1276 NdisTapi - ok
19:14:13.0312 1276 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
19:14:13.0312 1276 Ndisuio - ok
19:14:13.0328 1276 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:14:13.0328 1276 NdisWan - ok
19:14:13.0343 1276 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
19:14:13.0343 1276 NDProxy - ok
19:14:13.0359 1276 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
19:14:13.0359 1276 NetBIOS - ok
19:14:13.0375 1276 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
19:14:13.0375 1276 NetBT - ok
19:14:13.0390 1276 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
19:14:13.0390 1276 NetDDE - ok
19:14:13.0390 1276 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
19:14:13.0390 1276 NetDDEdsdm - ok
19:14:13.0406 1276 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
19:14:13.0406 1276 Netlogon - ok
19:14:13.0421 1276 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
19:14:13.0421 1276 Netman - ok
19:14:13.0453 1276 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:14:13.0468 1276 NetTcpPortSharing - ok
19:14:13.0484 1276 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
19:14:13.0484 1276 NIC1394 - ok
19:14:13.0515 1276 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
19:14:13.0515 1276 Nla - ok
19:14:13.0531 1276 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
19:14:13.0531 1276 Npfs - ok
19:14:13.0562 1276 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
19:14:13.0578 1276 Ntfs - ok
19:14:13.0578 1276 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
19:14:13.0578 1276 NtLmSsp - ok
19:14:13.0593 1276 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
19:14:13.0609 1276 NtmsSvc - ok
19:14:13.0609 1276 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
19:14:13.0609 1276 Null - ok
19:14:13.0828 1276 [ ED9816DBAF6689542EA7D022631906A1 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
19:14:14.0000 1276 nv - ok
19:14:14.0046 1276 [ FB571595404FFDC5006540CFFCFA88E4 ] NVENETFD C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
19:14:14.0046 1276 NVENETFD - ok
19:14:14.0078 1276 [ 0BA72D1D0B83E1E5500C5DC4C7BAFC32 ] NVHDA C:\WINDOWS\system32\drivers\nvhda32.sys
19:14:14.0078 1276 NVHDA - ok
19:14:14.0109 1276 [ B64AACEFAD2BE5BFF5353FE681253C67 ] nvnetbus C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
19:14:14.0109 1276 nvnetbus - ok
19:14:14.0125 1276 [ C44EE36DD84FA95EB81D79C374756003 ] nvsmu C:\WINDOWS\system32\DRIVERS\nvsmu.sys
19:14:14.0125 1276 nvsmu - ok
19:14:14.0140 1276 [ A2322C6207EBB0761A6C8CC9003EBACF ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
19:14:14.0140 1276 NVSvc - ok
19:14:14.0171 1276 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
19:14:14.0171 1276 NwlnkFlt - ok
19:14:14.0171 1276 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
19:14:14.0187 1276 NwlnkFwd - ok
19:14:14.0203 1276 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
19:14:14.0203 1276 ohci1394 - ok
19:14:14.0234 1276 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:14:14.0250 1276 ose - ok
19:14:14.0265 1276 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\drivers\Parport.sys
19:14:14.0265 1276 Parport - ok
19:14:14.0281 1276 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
19:14:14.0281 1276 PartMgr - ok
19:14:14.0312 1276 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
19:14:14.0312 1276 ParVdm - ok
19:14:14.0328 1276 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
19:14:14.0328 1276 PCI - ok
19:14:14.0328 1276 PCIDump - ok
19:14:14.0343 1276 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
19:14:14.0343 1276 PCIIde - ok
19:14:14.0375 1276 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
19:14:14.0375 1276 Pcmcia - ok
19:14:14.0375 1276 PDCOMP - ok
19:14:14.0375 1276 PDFRAME - ok
19:14:14.0390 1276 PDRELI - ok
19:14:14.0390 1276 PDRFRAME - ok
19:14:14.0390 1276 perc2 - ok
19:14:14.0406 1276 perc2hib - ok
19:14:14.0421 1276 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
19:14:14.0421 1276 PlugPlay - ok
19:14:14.0453 1276 [ 9D84376931440F3679BEEF2A414FA493 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.exe
19:14:14.0453 1276 Pml Driver HPZ12 - ok
19:14:14.0468 1276 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
19:14:14.0468 1276 PolicyAgent - ok
19:14:14.0468 1276 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
19:14:14.0484 1276 PptpMiniport - ok
19:14:14.0484 1276 [ A32BEBAF723557681BFC6BD93E98BD26 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
19:14:14.0484 1276 Processor - ok
19:14:14.0484 1276 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
19:14:14.0484 1276 ProtectedStorage - ok
19:14:14.0500 1276 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
19:14:14.0500 1276 PSched - ok
19:14:14.0515 1276 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
19:14:14.0515 1276 Ptilink - ok
19:14:14.0562 1276 [ 0F1F42C39AB2B16DB957A7A1756FEFFB ] QBCFMonitorService C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
19:14:14.0562 1276 QBCFMonitorService - ok
19:14:14.0593 1276 [ 92AA40E2B692E8637D45FB2D01137D17 ] QBFCService C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
19:14:14.0609 1276 QBFCService - ok
19:14:14.0609 1276 ql1080 - ok
19:14:14.0609 1276 Ql10wnt - ok
19:14:14.0609 1276 ql12160 - ok
19:14:14.0625 1276 ql1240 - ok
19:14:14.0625 1276 ql1280 - ok
19:14:14.0640 1276 QuickBooksDB17 - ok
19:14:14.0656 1276 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:14:14.0656 1276 RasAcd - ok
19:14:14.0671 1276 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
19:14:14.0671 1276 RasAuto - ok
19:14:14.0687 1276 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
19:14:14.0687 1276 Rasl2tp - ok
19:14:14.0703 1276 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
19:14:14.0703 1276 RasMan - ok
19:14:14.0718 1276 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
19:14:14.0718 1276 RasPppoe - ok
19:14:14.0734 1276 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
19:14:14.0734 1276 Raspti - ok
19:14:14.0750 1276 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:14:14.0765 1276 Rdbss - ok
19:14:14.0781 1276 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
19:14:14.0781 1276 RDPCDD - ok
19:14:14.0812 1276 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
19:14:14.0812 1276 RDPWD - ok
19:14:14.0812 1276 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
19:14:14.0828 1276 RDSessMgr - ok
19:14:14.0843 1276 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
19:14:14.0859 1276 redbook - ok
19:14:14.0875 1276 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
19:14:14.0875 1276 RemoteAccess - ok
19:14:14.0890 1276 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
19:14:14.0890 1276 RpcLocator - ok
19:14:14.0921 1276 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\system32\rpcss.dll
19:14:14.0921 1276 RpcSs - ok
19:14:14.0937 1276 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
19:14:14.0937 1276 RSVP - ok
19:14:14.0984 1276 [ 581E74880AEB1DBA1CB5AC8E6E6C0A69 ] RT61 C:\WINDOWS\system32\DRIVERS\RT61.sys
19:14:14.0984 1276 RT61 - ok
19:14:15.0015 1276 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
19:14:15.0015 1276 SamSs - ok
19:14:15.0015 1276 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
19:14:15.0031 1276 SCardSvr - ok
19:14:15.0046 1276 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
19:14:15.0046 1276 Schedule - ok
19:14:15.0078 1276 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
19:14:15.0078 1276 Secdrv - ok
19:14:15.0093 1276 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
19:14:15.0093 1276 seclogon - ok
19:14:15.0109 1276 [ B6A6B409FDA9D9EBD3AADB838D3D7173 ] SenFiltService C:\WINDOWS\system32\drivers\Senfilt.sys
19:14:15.0125 1276 SenFiltService - ok
19:14:15.0140 1276 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
19:14:15.0140 1276 SENS - ok
19:14:15.0140 1276 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
19:14:15.0140 1276 serenum - ok
19:14:15.0171 1276 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
19:14:15.0171 1276 Serial - ok
19:14:15.0203 1276 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
19:14:15.0203 1276 Sfloppy - ok
19:14:15.0218 1276 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
19:14:15.0218 1276 SharedAccess - ok
19:14:15.0234 1276 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
19:14:15.0234 1276 ShellHWDetection - ok
19:14:15.0234 1276 Simbad - ok
19:14:15.0281 1276 [ A1ECEEAA5C5E74B2499EB51D38185B84 ] SONYPVU1 C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
19:14:15.0281 1276 SONYPVU1 - ok
19:14:15.0281 1276 Sparrow - ok
19:14:15.0296 1276 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
19:14:15.0296 1276 splitter - ok
19:14:15.0296 1276 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
19:14:15.0296 1276 Spooler - ok
19:14:15.0312 1276 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
19:14:15.0312 1276 sr - ok
19:14:15.0328 1276 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
19:14:15.0328 1276 srservice - ok
19:14:15.0359 1276 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
19:14:15.0375 1276 Srv - ok
19:14:15.0390 1276 [ B2063CE662AF3AB20045121A5B716DF6 ] sscebus C:\WINDOWS\system32\DRIVERS\sscebus.sys
19:14:15.0390 1276 sscebus - ok
19:14:15.0406 1276 [ 66799DC0AFE3DCAF8368CAE17394A762 ] sscemdfl C:\WINDOWS\system32\DRIVERS\sscemdfl.sys
19:14:15.0406 1276 sscemdfl - ok
19:14:15.0453 1276 [ CBF03FFC08F8DB547BAB2F79AA663D16 ] sscemdm C:\WINDOWS\system32\DRIVERS\sscemdm.sys
19:14:15.0453 1276 sscemdm - ok
19:14:15.0468 1276 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
19:14:15.0468 1276 SSDPSRV - ok
19:14:15.0484 1276 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
19:14:15.0484 1276 stisvc - ok
19:14:15.0500 1276 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
19:14:15.0500 1276 swenum - ok
19:14:15.0515 1276 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
19:14:15.0515 1276 swmidi - ok
19:14:15.0515 1276 SwPrv - ok
19:14:15.0531 1276 symc810 - ok
19:14:15.0531 1276 symc8xx - ok
19:14:15.0531 1276 sym_hi - ok
19:14:15.0546 1276 sym_u3 - ok
19:14:15.0562 1276 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
19:14:15.0562 1276 sysaudio - ok
19:14:15.0578 1276 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
19:14:15.0578 1276 SysmonLog - ok
19:14:15.0593 1276 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
19:14:15.0593 1276 TapiSrv - ok
19:14:15.0625 1276 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
19:14:15.0625 1276 Tcpip - ok
19:14:15.0640 1276 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
19:14:15.0640 1276 TDPIPE - ok
19:14:15.0656 1276 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
19:14:15.0656 1276 TDTCP - ok
19:14:15.0671 1276 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
19:14:15.0671 1276 TermDD - ok
19:14:15.0687 1276 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
19:14:15.0687 1276 TermService - ok
19:14:15.0718 1276 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
19:14:15.0718 1276 Themes - ok
19:14:15.0765 1276 [ 39BD95A9FE72AAF5C675AD146BE456A9 ] TomTomHOMEService C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
19:14:15.0765 1276 TomTomHOMEService - ok
19:14:15.0765 1276 TosIde - ok
19:14:15.0781 1276 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
19:14:15.0781 1276 TrkWks - ok
19:14:15.0796 1276 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
19:14:15.0796 1276 Udfs - ok
19:14:15.0796 1276 ultra - ok
19:14:15.0828 1276 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
19:14:15.0828 1276 Update - ok
19:14:15.0843 1276 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
19:14:15.0843 1276 upnphost - ok
19:14:15.0859 1276 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
19:14:15.0859 1276 UPS - ok
19:14:15.0875 1276 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
19:14:15.0875 1276 usbccgp - ok
19:14:15.0890 1276 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
19:14:15.0890 1276 usbehci - ok
19:14:15.0890 1276 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
19:14:15.0890 1276 usbhub - ok
19:14:15.0906 1276 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
19:14:15.0921 1276 usbohci - ok
19:14:15.0921 1276 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
19:14:15.0921 1276 usbprint - ok
19:14:15.0937 1276 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
19:14:15.0937 1276 usbscan - ok
19:14:15.0953 1276 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
19:14:15.0953 1276 USBSTOR - ok
19:14:15.0968 1276 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
19:14:15.0968 1276 VgaSave - ok
19:14:15.0968 1276 ViaIde - ok
19:14:15.0984 1276 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
19:14:15.0984 1276 VolSnap - ok
19:14:16.0015 1276 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
19:14:16.0015 1276 VSS - ok
19:14:16.0031 1276 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
19:14:16.0031 1276 W32Time - ok
19:14:16.0062 1276 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:14:16.0062 1276 Wanarp - ok
19:14:16.0093 1276 [ FD47474BD21794508AF449D9D91AF6E6 ] Wdf01000 C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
19:14:16.0093 1276 Wdf01000 - ok
19:14:16.0093 1276 WDICA - ok
19:14:16.0109 1276 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
19:14:16.0109 1276 wdmaud - ok
19:14:16.0140 1276 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
19:14:16.0140 1276 WebClient - ok
19:14:16.0187 1276 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
19:14:16.0187 1276 winmgmt - ok
19:14:16.0234 1276 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
19:14:16.0234 1276 WmdmPmSN - ok
19:14:16.0250 1276 [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
19:14:16.0250 1276 WmiAcpi - ok
19:14:16.0281 1276 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
19:14:16.0281 1276 WmiApSrv - ok
19:14:16.0312 1276 [ CCFDECD6060EA8EB0F8466782A97FF21 ] WMP54Gv4SVC C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
19:14:16.0312 1276 WMP54Gv4SVC - ok
19:14:16.0359 1276 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
19:14:16.0375 1276 WMPNetworkSvc - ok
19:14:16.0390 1276 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
19:14:16.0390 1276 WpdUsb - ok
19:14:16.0437 1276 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
19:14:16.0453 1276 WPFFontCache_v0400 - ok
19:14:16.0468 1276 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
19:14:16.0468 1276 WS2IFSL - ok
19:14:16.0500 1276 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
19:14:16.0500 1276 wscsvc - ok
19:14:16.0515 1276 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
19:14:16.0515 1276 wuauserv - ok
19:14:16.0562 1276 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
19:14:16.0562 1276 WudfPf - ok
19:14:16.0562 1276 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
19:14:16.0578 1276 WudfSvc - ok
19:14:16.0593 1276 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
19:14:16.0593 1276 WZCSVC - ok
19:14:16.0625 1276 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
19:14:16.0625 1276 xmlprov - ok
19:14:16.0625 1276 ================ Scan global ===============================
19:14:16.0656 1276 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
19:14:16.0687 1276 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
19:14:16.0687 1276 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
19:14:16.0718 1276 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
19:14:16.0718 1276 [Global] - ok
19:14:16.0718 1276 ================ Scan MBR ==================================
19:14:16.0718 1276 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
19:14:16.0937 1276 \Device\Harddisk0\DR0 - ok
19:14:16.0953 1276 [ 8FF255184F078C9C04E6A2CE66117C5C ] \Device\Harddisk1\DR2
19:14:17.0609 1276 \Device\Harddisk1\DR2 - ok
19:14:17.0609 1276 ================ Scan VBR ==================================
19:14:17.0609 1276 [ ECA69363897965D7462F8BC12BFE9644 ] \Device\Harddisk0\DR0\Partition1
19:14:17.0609 1276 \Device\Harddisk0\DR0\Partition1 - ok
19:14:17.0609 1276 [ 804636EB5C044381DB2E21C4797262B9 ] \Device\Harddisk1\DR2\Partition1
19:14:17.0609 1276 \Device\Harddisk1\DR2\Partition1 - ok
19:14:17.0609 1276 ============================================================
19:14:17.0609 1276 Scan finished
19:14:17.0609 1276 ============================================================
19:14:17.0625 4000 Detected object count: 0
19:14:17.0625 4000 Actual detected object count: 0

#4 ProTree500

ProTree500
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:02:56 PM

Posted 13 January 2013 - 08:25 PM

MiniToolBox results.

MiniToolBox by Farbar Version:10-01-2013
Ran by bill (administrator) on 13-01-2013 at 19:19:21
Running from "C:\Documents and Settings\bill\Desktop"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com

There are 15290 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

1394 Net Adapter = 1394 Connection (Connected)
Linksys Wireless-G PCI Adapter = Wireless Network Connection (Connected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Wireless Network Connection"

set address name="Wireless Network Connection" source=dhcp
set dns name="Wireless Network Connection" source=dhcp register=PRIMARY
set wins name="Wireless Network Connection" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : rservices

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Unknown

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No

DNS Suffix Search List. . . . . . : nconnect.net



Ethernet adapter Wireless Network Connection:



Connection-specific DNS Suffix . : nconnect.net

Description . . . . . . . . . . . : Linksys Wireless-G PCI Adapter

Physical Address. . . . . . . . . : 00-1D-7E-95-22-39

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.2.101

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.2.1

DHCP Server . . . . . . . . . . . : 192.168.2.1

DNS Servers . . . . . . . . . . . : 206.126.208.35

206.126.209.162

206.126.209.78

Lease Obtained. . . . . . . . . . : Sunday, January 13, 2013 4:47:57 PM

Lease Expires . . . . . . . . . . : Monday, January 14, 2013 4:47:57 PM

Server: ns1.bertramwireless.com
Address: 206.126.208.35

Name: google.com
Addresses: 74.125.225.163, 74.125.225.168, 74.125.225.161, 74.125.225.165
74.125.225.166, 74.125.225.160, 74.125.225.167, 74.125.225.174, 74.125.225.164
74.125.225.162, 74.125.225.169



Pinging google.com [74.125.225.161] with 32 bytes of data:



Reply from 74.125.225.161: bytes=32 time=152ms TTL=48

Reply from 74.125.225.161: bytes=32 time=161ms TTL=48



Ping statistics for 74.125.225.161:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 152ms, Maximum = 161ms, Average = 156ms

Server: ns1.bertramwireless.com
Address: 206.126.208.35

Name: yahoo.com
Addresses: 98.138.253.109, 98.139.183.24, 72.30.38.140



Pinging yahoo.com [98.139.183.24] with 32 bytes of data:



Reply from 98.139.183.24: bytes=32 time=257ms TTL=45

Reply from 98.139.183.24: bytes=32 time=279ms TTL=45



Ping statistics for 98.139.183.24:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 257ms, Maximum = 279ms, Average = 268ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=64

Reply from 127.0.0.1: bytes=32 time<1ms TTL=64



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 1d 7e 95 22 39 ...... Linksys Wireless-G PCI Adapter - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.2.1 192.168.2.101 25
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.2.0 255.255.255.0 192.168.2.101 192.168.2.101 25
192.168.2.101 255.255.255.255 127.0.0.1 127.0.0.1 25
192.168.2.255 255.255.255.255 192.168.2.101 192.168.2.101 25
224.0.0.0 240.0.0.0 192.168.2.101 192.168.2.101 25
255.255.255.255 255.255.255.255 192.168.2.101 192.168.2.101 1
Default Gateway: 192.168.2.1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/13/2013 03:46:59 PM) (Source: MsiInstaller) (User: RSERVICES)
Description: Product: Ad-Aware Antivirus -- Error 2755. Server returned unexpected error 1601 attempting to install package C:\WINDOWS\Installer\f502f.msi.

Error: (01/13/2013 03:26:05 AM) (Source: NTBackup) (User: )
Description: End Operation: Warnings or errors were encountered.

Consult the backup report for more details.

Error: (01/13/2013 03:26:05 AM) (Source: NTBackup) (User: )
Description: End Backup of 'C:' 'Warnings or errors were encountered.'


Verify: Off

Mode: Replace

Type: Copy


Consult the backup report for more details.

Error: (01/13/2013 03:19:13 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: An internal inconsistency was detected in trying
to contact shadow copy service writers. Please check to see that the Event Service
and Volume Shadow Copy Service are operating properly.

Error: (01/12/2013 02:43:15 PM) (Source: MsiInstaller) (User: RSERVICES)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2013 -- Error 27046. CA_Error27046: DriverInstallation(0xE0010058): Driver installation failed

Error: (01/12/2013 02:43:15 PM) (Source: MsiInstaller) (User: RSERVICES)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2013 -- Error 27046. CA_Error27046: DriverInstallationFun(0xE0010058): Driver installation failed

Error: (01/12/2013 02:19:29 PM) (Source: MsiInstaller) (User: RSERVICES)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2013 -- Error 27046. CA_Error27046: DriverInstallation(0xE0010058): Driver installation failed

Error: (01/12/2013 02:19:29 PM) (Source: MsiInstaller) (User: RSERVICES)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2013 -- Error 27046. CA_Error27046: DriverInstallationFun(0xE0010058): Driver installation failed

Error: (01/12/2013 02:05:24 PM) (Source: MsiInstaller) (User: RSERVICES)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2013 -- Error 27046. CA_Error27046: DriverInstallation(0xE0010058): Driver installation failed

Error: (01/12/2013 02:05:24 PM) (Source: MsiInstaller) (User: RSERVICES)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2013 -- Error 27046. CA_Error27046: DriverInstallationFun(0xE0010058): Driver installation failed


System errors:
=============
Error: (01/13/2013 05:56:11 PM) (Source: Service Control Manager) (User: )
Description: The Google Update Service (gupdate) service terminated unexpectedly. It has done this 1 time(s).

Error: (01/13/2013 05:55:59 PM) (Source: Service Control Manager) (User: )
Description: The Pml Driver HPZ12 service terminated unexpectedly. It has done this 1 time(s).

Error: (01/13/2013 04:52:50 PM) (Source: Internet Explorer 8) (User: RSERVICES)
Description: Internet Explorer 8 ie8 uninstall failed, leaving Internet Explorer 8 partially updated.
Internet Explorer 8 Uninstall canceled.

Error: (01/13/2013 04:49:23 PM) (Source: Service Control Manager) (User: )
Description: The TomTomHOMEService service terminated unexpectedly. It has done this 1 time(s).

Error: (01/13/2013 04:42:39 PM) (Source: Service Control Manager) (User: )
Description: The Pml Driver HPZ12 service terminated unexpectedly. It has done this 1 time(s).

Error: (01/13/2013 04:40:25 PM) (Source: Service Control Manager) (User: )
Description: The WajamUpdater service failed to start due to the following error:
%%3

Error: (01/13/2013 04:19:53 PM) (Source: Service Control Manager) (User: )
Description: The Pml Driver HPZ12 service terminated unexpectedly. It has done this 1 time(s).

Error: (01/13/2013 03:47:10 PM) (Source: Service Control Manager) (User: )
Description: The Windows Installer service terminated unexpectedly. It has done this 2 time(s).

Error: (01/13/2013 03:46:53 PM) (Source: Service Control Manager) (User: )
Description: The Windows Installer service terminated unexpectedly. It has done this 1 time(s).

Error: (01/13/2013 03:44:59 PM) (Source: Service Control Manager) (User: )
Description: The TomTomHOMEService service terminated unexpectedly. It has done this 1 time(s).


Microsoft Office Sessions:
=========================
Error: (01/13/2013 03:46:59 PM) (Source: MsiInstaller)(User: RSERVICES)
Description: Product: Ad-Aware Antivirus -- Error 2755. Server returned unexpected error 1601 attempting to install package C:\WINDOWS\Installer\f502f.msi.(NULL)(NULL)(NULL)

Error: (01/13/2013 03:26:05 AM) (Source: NTBackup)(User: )
Description: Warnings or errors were encountered.

Error: (01/13/2013 03:26:05 AM) (Source: NTBackup)(User: )
Description: C:Warnings or errors were encountered.OffReplaceCopy

Error: (01/13/2013 03:19:13 AM) (Source: VSS)(User: )
Description:

Error: (01/12/2013 02:43:15 PM) (Source: MsiInstaller)(User: RSERVICES)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2013 -- Error 27046. CA_Error27046: DriverInstallation(0xE0010058): Driver installation failed(NULL)(NULL)(NULL)

Error: (01/12/2013 02:43:15 PM) (Source: MsiInstaller)(User: RSERVICES)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2013 -- Error 27046. CA_Error27046: DriverInstallationFun(0xE0010058): Driver installation failed(NULL)(NULL)(NULL)

Error: (01/12/2013 02:19:29 PM) (Source: MsiInstaller)(User: RSERVICES)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2013 -- Error 27046. CA_Error27046: DriverInstallation(0xE0010058): Driver installation failed(NULL)(NULL)(NULL)

Error: (01/12/2013 02:19:29 PM) (Source: MsiInstaller)(User: RSERVICES)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2013 -- Error 27046. CA_Error27046: DriverInstallationFun(0xE0010058): Driver installation failed(NULL)(NULL)(NULL)

Error: (01/12/2013 02:05:24 PM) (Source: MsiInstaller)(User: RSERVICES)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2013 -- Error 27046. CA_Error27046: DriverInstallation(0xE0010058): Driver installation failed(NULL)(NULL)(NULL)

Error: (01/12/2013 02:05:24 PM) (Source: MsiInstaller)(User: RSERVICES)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2013 -- Error 27046. CA_Error27046: DriverInstallationFun(0xE0010058): Driver installation failed(NULL)(NULL)(NULL)


=========================== Installed Programs ============================

5600 (Version: 50.0.206.000)
5600_Help (Version: 50.0.206.000)
5600Trb (Version: 50.0.206.000)
Ad-Aware Antivirus (Version: 10.4.49.4168)
Adobe Flash Player 10 Plugin (Version: 10.0.45.2)
Adobe Flash Player 11 ActiveX (Version: 11.5.502.135)
Adobe Reader 9.5.2 (Version: 9.5.2)
AiO_Scan (Version: 50.0.206.000)
AiOSoftware (Version: 50.0.206.000)
AMD Processor Driver (Version: 1.3.2.0053)
avast! Free Antivirus (Version: 7.0.1474.0)
BufferChm (Version: 53.0.13.000)
CDDRV_Installer (Version: 4.60)
CP_Package_Variety1 (Version: 53.0.13.000)
CP_Package_Variety2 (Version: 53.0.13.000)
CP_Package_Variety3 (Version: 53.0.13.000)
CustomerResearchQFolder (Version: 1.00.0000)
Destinations (Version: 53.0.13.000)
DeviceManagementQFolder (Version: 1.00.0000)
DocProc (Version: 5.2.0.0)
DVD Decoder Pak for Windows XP (Version: 1.0.0)
ESET Online Scanner v3
eSupportQFolder (Version: 1.00.0000)
Fax (Version: 50.0.206.000)
Google Update Helper (Version: 1.3.21.123)
High Definition Audio Driver Package - KB888111 (Version: 20040219.000000)
HP Extended Capabilities 5.3 (Version: 5.3)
HP Image Zone Express (Version: 1.5.1.29)
HP Imaging Device Functions 5.3 (Version: 5.3)
HP PSC & OfficeJet 5.3.B
HP Software Update (Version: 3.0.5.001)
HP Solution Center & Imaging Support Tools 5.3 (Version: 5.3)
HPProductAssistant (Version: 53.0.13.000)
Java 7 Update 9 (Version: 7.0.90)
Java Auto Updater (Version: 2.1.9.0)
Java™ 6 Update 30 (Version: 6.0.300)
KhalInstallWrapper (Version: 4.60.122)
Linksys Wireless-G PCI Adapter
Logitech SetPoint (Version: 4.60)
MarketResearch (Version: 53.0.13.000)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB2742597)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Default Manager (Version: 2.1.54.0)
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Small Business Edition 2003 (Version: 11.0.8173.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Mozilla Firefox 16.0.2 (x86 en-US) (Version: 16.0.2)
Mozilla Maintenance Service (Version: 16.0.2)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
NewCopy (Version: 50.0.206.000)
NVIDIA Drivers (Version: 1.10.62.40)
NVIDIA nView Desktop Manager (Version: 6.14.10.13527)
ProductContext (Version: 50.0.206.000)
QuickBooks Pro 2007 (Version: )
QuickBooks Product Listing Service (Version: 2.0.132)
Readme (Version: 50.0.206.000)
Samsung New PC Studio (Version: 1.00.0000)
SAMSUNG USB Driver for Mobile Phones (Version: 1.3.650.0)
Scan (Version: 5.2.0.0)
ScannerCopy (Version: 5.2.0.0)
Segoe UI (Version: 14.0.4327.805)
SolutionCenter (Version: 50.0.152.000)
SoundMAX (Version: 5.10.01.6310)
Status (Version: 53.0.13.000)
TomTom HOME 2.8.1.2218 (Version: 2.8.1.2218)
TomTom HOME Visual Studio Merge Modules (Version: 1.0.2)
TrayApp (Version: 53.0.13.000)
Unload (Version: 5.0.0)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft Windows (KB971513)
Update for Windows Internet Explorer 8 (KB976662) (Version: 1)
Update for Windows Internet Explorer 8 (KB980182) (Version: 1)
Update for Windows XP (KB2141007) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2492386) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2607712) (Version: 1)
Update for Windows XP (KB2616676) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2661254-v2) (Version: 2)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB2736233) (Version: 1)
Update for Windows XP (KB2749655) (Version: 1)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB961503) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
Update for Windows XP (KB978207) (Version: 1)
WebFldrs XP (Version: 9.50.7523)
WebReg (Version: 53.0.13.000)
Windows Backup Utility (Version: 5.1)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Live Call (Version: 14.0.8117.0416)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Essentials (Version: 14.0.8117.0416)
Windows Live Essentials (Version: 14.0.8117.416)
Windows Live Messenger (Version: 14.0.8117.0416)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Media Format 11 runtime
Windows Media Player 11
Windows PowerShell™ 1.0 (Version: 2)
Windows XP Service Pack 3 (Version: 20080414.031525)
Wise Registry Cleaner 6.21

========================= Memory info: ===================================

Percentage of memory in use: 17%
Total physical RAM: 3198.42 MB
Available physical RAM: 2630.55 MB
Total Pagefile: 7129.59 MB
Available Pagefile: 6705.72 MB
Total Virtual: 2047.88 MB
Available Virtual: 1971.05 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:465.75 GB) (Free:436.77 GB) NTFS
4 Drive g: (My Book) (Fixed) (Total:465.65 GB) (Free:352.61 GB) FAT32

========================= Users: ========================================

User accounts for \\RSERVICES

Administrator ASPNET bill
Guest HelpAssistant QBDataServiceUser17
SUPPORT_388945a0 yahoos


**** End of log ****

#5 ProTree500

ProTree500
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:02:56 PM

Posted 13 January 2013 - 08:35 PM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.4.2 (01.08.2013:1)
OS: Microsoft Windows XP x86
Ran by bill on Sun 01/13/2013 at 19:29:06.39
Blog: http://thisisudax.blogspot.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\DisplayName
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\URL



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Documents and Settings\bill\Application Data\drivercure"
Successfully deleted: [Folder] "C:\Documents and Settings\bill\appdata\locallow\datamngr"
Successfully deleted: [Folder] "C:\Program Files\imesh applications"





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 01/13/2013 at 19:32:50.82
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

#6 ProTree500

ProTree500
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:02:56 PM

Posted 13 January 2013 - 08:38 PM

ESET Results.

C:\Documents and Settings\bill\My Documents\Downloads\RN_ErrorsFix_Setup.exe a variant of Win32/RegistryNuke application cleaned by deleting - quarantined

#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,569 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:56 PM

Posted 13 January 2013 - 09:01 PM

Ok that was good.
Go into Control Panel .>Add/Remove and remove
One AV.. Avast or AdAwaware. I'd lose the latter.

next..
Java 7 Update 9 (Version: 7.0.90)
Java Auto Updater (Version: 2.1.9.0)
Java™ 6 Update 30 (Version: 6.0.300)

And any Registry Cleaners installed.

Reboot

Run 2 last scans and tell how it is.

Please download Malwarebytes Anti-Malware Posted Image and save it to your desktop.
  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.
Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you cannot update Malwarebytes or use the Internet to download any files to the infected computer, manually update the database by following the instructions in FAQ Section A: 4. Issues.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When the scan is complete, click OK, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.
Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

-- Some types of malware will target Malwarebytes and other security tools to keep them from running properly. If that's the case, use Malwarebytes Chameleon and follow the onscreen instructions. The Chameleon folder can be accessed by opening the program folder for Malwarebytes Anti-Malware (normally C:\Program Files\Malwarebytes' Anti-Malware or C:\Program Files (x86)\Malwarebytes' Anti-Malware).


And SAS:
Please download and scan with SUPERAntiSpyware Free
  • Double-click SUPERAntiSypware.exe and use the default settings for installation.
    For instructions with screenshots, please refer to the How to use SUPERAntiSpyware to scan and remove malware from your computer Guide.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If it will not start, go to Start > All Prgrams > SUPERAntiSpyware and click on Alternate Start.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here. Double-click on the hyperlink for Download Installer and save SASDEFINITIONS.EXE to your desktop. Then double-click on SASDEFINITIONS.EXE to install the definitions.)
  • In the Main Menu, click the Preferences... button.
  • Click the "General and Startup" tab, and under Start-up Options, make sure "Start SUPERAntiSpyware when Windows starts" box is unchecked.
  • Click the "Scanning Control" tab, and under Scanner Options, make sure the following are checked (leave all other options as they are set):
    • Close browsers before scanning.
    • Scan for tracking cookies.
    • Terminate memory threats before quarantining.
  • Click the "Close" button to leave the Control Center screen.
  • Back on the main screen, under "Select Scan Type" check the box for Complete Scan.
  • If your computer is badly infected, be sure to check the box next to Enable Rescue Scan (Highly Infected Systems ONLY).
  • Click the Scan your computer... button.
  • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
  • Make sure everything has a checkmark next to it and click "Next".
  • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
  • If asked if you want to reboot, click "Yes" and reboot normally.

To retrieve the scan log after reboot, launch SUPERAntiSpyware again.
  • Click the View Scan Logs button at the bottom.
  • This will open the Scanner Logs Window.
  • Click on the log to highlight it and then click on View Selected Log to open it.
  • Copy and paste the scan log results in your next reply.
-- Some types of malware will disable security tools. If SUPERAntiSpyware will not install, please refer to these instructions for using the SUPERAntiSpyware Installer. If SUPERAntiSpyware is already installed but will not run, then follow the instructions for using RUNSAS.EXE to launch the program.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 ProTree500

ProTree500
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:02:56 PM

Posted 14 January 2013 - 09:28 PM

Okay. I was able to install Malwarebytes, but ran into this error probably cause by the infection.

Run-Time error '372'
Failed to load control 'WebBrowser' from ieframe.dll

I ran the Chameleon and it also threw that error.

------------------

Right now im running Xp should i still uninstall malwarebytes?
I tryed installing SAS and cant get it to install. Tryed the free version, runsas, sassaferun none will install. I get error creating shortcuts, aborting installation. The SASSAFERUN says definition database is outdated.

-------------------

My last run of ESET last night found these.

C:\Documents and Settings\bill\My Documents\Downloads\cbsidlm-tr1_9-Free_Window_Registry_Repair-SEO-10606555.exe Win32/DownloadAdmin.F application cleaned by deleting - quarantined
C:\RECYCLER\S-1-5-21-789336058-1637723038-682003330-500\Dc3.exe Win32/OpenCandy application deleted - quarantined
C:\RECYCLER\S-1-5-21-789336058-1637723038-682003330-500\Dc4.exe Win32/DownloadAdmin.F application cleaned by deleting - quarantined

#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,569 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:56 PM

Posted 15 January 2013 - 11:48 AM

Please follow the instructions in the new topic.

Edited by boopme, 15 January 2013 - 11:49 AM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 ProTree500

ProTree500
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:02:56 PM

Posted 15 January 2013 - 02:18 PM

Whats the new topic?

#11 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,569 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:56 PM

Posted 15 January 2013 - 03:59 PM

http://www.bleepingcomputer.com/forums/topic481656.html/page__p__2946690#entry2946690
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users