Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Random Redirects too


  • Please log in to reply
20 replies to this topic

#1 sanpedsa

sanpedsa

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:01:48 PM

Posted 29 January 2013 - 06:57 PM

Would it be possible to get help with the search engine redirects. It appears that since the Java issue last week, my computer definitely has something going on.
I get random system beeps and my google chrome redirects my searches to "akkreditivsearch". My programs are locking up and crashing. I have run a CC cleaner which found nothing..

I have run the Kaspersky TDSSKiller that was suggested in another post and have that log file..
Also ran the aswMBR which I have the log file for and has some red lines that show something's infected. Just need to be walked through he steps to get this cleaned up. I work on confidential patient files at home and can't have this thing floating around in my PC.. Please tell me what I need to do!!
Thanks!

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:48 PM

Posted 29 January 2013 - 06:59 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 sanpedsa

sanpedsa
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:01:48 PM

Posted 29 January 2013 - 07:08 PM

TDSSKiller results

18:11:40.0875 4376 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
18:11:41.0218 4376 ============================================================
18:11:41.0218 4376 Current date / time: 2013/01/29 18:11:41.0218
18:11:41.0218 4376 SystemInfo:
18:11:41.0218 4376
18:11:41.0218 4376 OS Version: 5.1.2600 ServicePack: 3.0
18:11:41.0218 4376 Product type: Workstation
18:11:41.0218 4376 ComputerName: OURCOMPUTER
18:11:41.0218 4376 UserName: Sara
18:11:41.0218 4376 Windows directory: C:\WINDOWS
18:11:41.0218 4376 System windows directory: C:\WINDOWS
18:11:41.0218 4376 Processor architecture: Intel x86
18:11:41.0218 4376 Number of processors: 2
18:11:41.0218 4376 Page size: 0x1000
18:11:41.0218 4376 Boot type: Normal boot
18:11:41.0218 4376 ============================================================
18:11:43.0109 4376 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
18:11:43.0125 4376 Drive \Device\Harddisk1\DR1 - Size: 0x7280B8000 (28.63 Gb), SectorSize: 0x200, Cylinders: 0xF82, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000054
18:11:43.0203 4376 ============================================================
18:11:43.0203 4376 \Device\Harddisk0\DR0:
18:11:43.0218 4376 MBR partitions:
18:11:43.0218 4376 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xA962F3, BlocksNum 0x11F827CE
18:11:43.0218 4376 \Device\Harddisk0\DR0\Partition2: MBR, Type 0xB, StartLBA 0x3F, BlocksNum 0xA962B4
18:11:43.0218 4376 \Device\Harddisk1\DR1:
18:11:43.0218 4376 MBR partitions:
18:11:43.0218 4376 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x393B2D1
18:11:43.0218 4376 ============================================================
18:11:43.0281 4376 C: <-> \Device\Harddisk0\DR0\Partition1
18:11:43.0281 4376 D: <-> \Device\Harddisk0\DR0\Partition2
18:11:43.0312 4376 J: <-> \Device\Harddisk1\DR1\Partition1
18:11:43.0343 4376 ============================================================
18:11:43.0343 4376 Initialize success
18:11:43.0343 4376 ============================================================
18:11:57.0453 2528 ============================================================
18:11:57.0453 2528 Scan started
18:11:57.0453 2528 Mode: Manual; TDLFS;
18:11:57.0453 2528 ============================================================
18:12:01.0031 2528 ================ Scan system memory ========================
18:12:04.0656 2528 System memory - ok
18:12:04.0656 2528 ================ Scan services =============================
18:12:04.0875 2528 [ 34804DA52276661C31422B5B98EDBEB7 ] 6407 C:\WINDOWS\system32\DRIVERS\6407
18:12:04.0875 2528 6407 - ok
18:12:04.0937 2528 [ 34804DA52276661C31422B5B98EDBEB7 ] 6837 C:\WINDOWS\system32\DRIVERS\6837
18:12:04.0937 2528 6837 - ok
18:12:04.0937 2528 Abiosdsk - ok
18:12:04.0968 2528 [ 6ABB91494FE6C59089B9336452AB2EA3 ] abp480n5 C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
18:12:04.0984 2528 abp480n5 - ok
18:12:05.0031 2528 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
18:12:05.0031 2528 ACPI - ok
18:12:05.0062 2528 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
18:12:05.0062 2528 ACPIEC - ok
18:12:05.0093 2528 [ 9A11864873DA202C996558B2106B0BBC ] adpu160m C:\WINDOWS\system32\DRIVERS\adpu160m.sys
18:12:05.0093 2528 adpu160m - ok
18:12:05.0125 2528 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
18:12:05.0125 2528 aec - ok
18:12:05.0171 2528 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
18:12:05.0171 2528 AFD - ok
18:12:05.0203 2528 [ 08FD04AA961BDC77FB983F328334E3D7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
18:12:05.0218 2528 agp440 - ok
18:12:05.0234 2528 [ 03A7E0922ACFE1B07D5DB2EEB0773063 ] agpCPQ C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
18:12:05.0234 2528 agpCPQ - ok
18:12:05.0250 2528 [ C23EA9B5F46C7F7910DB3EAB648FF013 ] Aha154x C:\WINDOWS\system32\DRIVERS\aha154x.sys
18:12:05.0250 2528 Aha154x - ok
18:12:05.0265 2528 [ 19DD0FB48B0C18892F70E2E7D61A1529 ] aic78u2 C:\WINDOWS\system32\DRIVERS\aic78u2.sys
18:12:05.0265 2528 aic78u2 - ok
18:12:05.0296 2528 [ B7FE594A7468AA0132DEB03FB8E34326 ] aic78xx C:\WINDOWS\system32\DRIVERS\aic78xx.sys
18:12:05.0296 2528 aic78xx - ok
18:12:05.0343 2528 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
18:12:05.0343 2528 Alerter - ok
18:12:05.0375 2528 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
18:12:05.0375 2528 ALG - ok
18:12:05.0421 2528 [ 1140AB9938809700B46BB88E46D72A96 ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys
18:12:05.0421 2528 AliIde - ok
18:12:05.0437 2528 [ CB08AED0DE2DD889A8A820CD8082D83C ] alim1541 C:\WINDOWS\system32\DRIVERS\alim1541.sys
18:12:05.0437 2528 alim1541 - ok
18:12:05.0453 2528 [ 95B4FB835E28AA1336CEEB07FD5B9398 ] amdagp C:\WINDOWS\system32\DRIVERS\amdagp.sys
18:12:05.0453 2528 amdagp - ok
18:12:05.0468 2528 [ 79F5ADD8D24BD6893F2903A3E2F3FAD6 ] amsint C:\WINDOWS\system32\DRIVERS\amsint.sys
18:12:05.0484 2528 amsint - ok
18:12:05.0609 2528 [ 20F6F19FE9E753F2780DC2FA083AD597 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:12:05.0609 2528 Apple Mobile Device - ok
18:12:05.0671 2528 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
18:12:05.0671 2528 AppMgmt - ok
18:12:05.0703 2528 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
18:12:05.0718 2528 Arp1394 - ok
18:12:05.0750 2528 [ 62D318E9A0C8FC9B780008E724283707 ] asc C:\WINDOWS\system32\DRIVERS\asc.sys
18:12:05.0750 2528 asc - ok
18:12:05.0765 2528 [ 69EB0CC7714B32896CCBFD5EDCBEA447 ] asc3350p C:\WINDOWS\system32\DRIVERS\asc3350p.sys
18:12:05.0765 2528 asc3350p - ok
18:12:05.0781 2528 [ 5D8DE112AA0254B907861E9E9C31D597 ] asc3550 C:\WINDOWS\system32\DRIVERS\asc3550.sys
18:12:05.0781 2528 asc3550 - ok
18:12:05.0843 2528 [ D880831279ED91F9A4190A2DB9539EA9 ] ASCTRM C:\WINDOWS\system32\drivers\ASCTRM.sys
18:12:05.0843 2528 ASCTRM - ok
18:12:05.0937 2528 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
18:12:05.0968 2528 aspnet_state - ok
18:12:06.0000 2528 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
18:12:06.0000 2528 AsyncMac - ok
18:12:06.0046 2528 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
18:12:06.0046 2528 atapi - ok
18:12:06.0062 2528 Atdisk - ok
18:12:06.0109 2528 [ 1D4EDB435C59BA0193683739A95E59A6 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
18:12:06.0125 2528 Ati HotKey Poller - ok
18:12:06.0156 2528 [ 2DA0A78E4BB2EB8722FF696E580A0DB9 ] ATI Smart C:\WINDOWS\system32\ati2sgag.exe
18:12:06.0171 2528 ATI Smart - ok
18:12:06.0281 2528 [ 1CABA9EA8ADC5E9A5EBA3882F6A90F9B ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
18:12:06.0328 2528 ati2mtag - ok
18:12:06.0359 2528 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
18:12:06.0359 2528 Atmarpc - ok
18:12:06.0406 2528 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
18:12:06.0421 2528 AudioSrv - ok
18:12:06.0453 2528 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
18:12:06.0453 2528 audstub - ok
18:12:06.0484 2528 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
18:12:06.0484 2528 Beep - ok
18:12:06.0531 2528 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
18:12:06.0593 2528 BITS - ok
18:12:06.0687 2528 [ 622FCF264119F7DF127BE353F796B319 ] BringMeSports_1cService C:\PROGRA~1\BRINGM~2\bar\1.bin\1cbarsvc.exe
18:12:06.0687 2528 BringMeSports_1cService - ok
18:12:06.0718 2528 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
18:12:06.0718 2528 Browser - ok
18:12:06.0781 2528 [ 248DFA5762DDE38DFDDBBD44149E9D7A ] BVRPMPR5 C:\WINDOWS\system32\drivers\BVRPMPR5.SYS
18:12:06.0781 2528 BVRPMPR5 - ok
18:12:06.0812 2528 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
18:12:06.0812 2528 cbidf - ok
18:12:06.0828 2528 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
18:12:06.0828 2528 cbidf2k - ok
18:12:06.0859 2528 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
18:12:06.0859 2528 CCDECODE - ok
18:12:06.0875 2528 [ F3EC03299634490E97BBCE94CD2954C7 ] cd20xrnt C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
18:12:06.0875 2528 cd20xrnt - ok
18:12:06.0906 2528 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
18:12:06.0906 2528 Cdaudio - ok
18:12:06.0921 2528 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
18:12:06.0921 2528 Cdfs - ok
18:12:06.0968 2528 [ BF79E659C506674C0497CC9C61F1A165 ] Cdr4_xp C:\WINDOWS\system32\drivers\Cdr4_xp.sys
18:12:06.0968 2528 Cdr4_xp - ok
18:12:07.0000 2528 [ 2C41CD49D82D5FD85C72D57B6CA25471 ] Cdralw2k C:\WINDOWS\system32\drivers\Cdralw2k.sys
18:12:07.0000 2528 Cdralw2k - ok
18:12:07.0015 2528 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
18:12:07.0015 2528 Cdrom - ok
18:12:07.0031 2528 Changer - ok
18:12:07.0078 2528 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
18:12:07.0078 2528 CiSvc - ok
18:12:07.0093 2528 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
18:12:07.0093 2528 ClipSrv - ok
18:12:07.0125 2528 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:12:07.0218 2528 clr_optimization_v2.0.50727_32 - ok
18:12:07.0296 2528 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:12:07.0296 2528 clr_optimization_v4.0.30319_32 - ok
18:12:07.0328 2528 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
18:12:07.0328 2528 CmBatt - ok
18:12:07.0359 2528 [ E5DCB56C533014ECBC556A8357C929D5 ] CmdIde C:\WINDOWS\system32\DRIVERS\cmdide.sys
18:12:07.0359 2528 CmdIde - ok
18:12:07.0375 2528 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
18:12:07.0375 2528 Compbatt - ok
18:12:07.0390 2528 COMSysApp - ok
18:12:07.0421 2528 [ 3EE529119EED34CD212A215E8C40D4B6 ] Cpqarray C:\WINDOWS\system32\DRIVERS\cpqarray.sys
18:12:07.0421 2528 Cpqarray - ok
18:12:07.0500 2528 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
18:12:07.0500 2528 CryptSvc - ok
18:12:07.0546 2528 [ FFC5377AA2C1A3F5B18F359F661E76C8 ] ctxusbm C:\WINDOWS\system32\DRIVERS\ctxusbm.sys
18:12:07.0546 2528 ctxusbm - ok
18:12:07.0578 2528 [ B5ECADF7708960F1818C7FA015F4C239 ] CVirtA C:\WINDOWS\system32\DRIVERS\CVirtA.sys
18:12:07.0578 2528 CVirtA - ok
18:12:07.0703 2528 [ 66257CB4E4FB69887CDDC71663741435 ] CVPND C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
18:12:07.0750 2528 CVPND - ok
18:12:07.0796 2528 [ 18994842386FD3039279D7865740ABBD ] CVPNDRVA C:\WINDOWS\system32\Drivers\CVPNDRVA.sys
18:12:07.0828 2528 CVPNDRVA - ok
18:12:07.0859 2528 [ E550E7418984B65A78299D248F0A7F36 ] dac2w2k C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
18:12:07.0859 2528 dac2w2k - ok
18:12:07.0875 2528 [ 683789CAA3864EB46125AE86FF677D34 ] dac960nt C:\WINDOWS\system32\DRIVERS\dac960nt.sys
18:12:07.0875 2528 dac960nt - ok
18:12:07.0953 2528 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
18:12:07.0968 2528 DcomLaunch - ok
18:12:08.0015 2528 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
18:12:08.0015 2528 Dhcp - ok
18:12:08.0062 2528 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
18:12:08.0062 2528 Disk - ok
18:12:08.0078 2528 dmadmin - ok
18:12:08.0125 2528 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
18:12:08.0156 2528 dmboot - ok
18:12:08.0187 2528 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
18:12:08.0187 2528 dmio - ok
18:12:08.0218 2528 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
18:12:08.0218 2528 dmload - ok
18:12:08.0250 2528 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
18:12:08.0250 2528 dmserver - ok
18:12:08.0296 2528 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
18:12:08.0296 2528 DMusic - ok
18:12:08.0328 2528 [ B5AA5AA5AC327BD7C1AEC0C58F0C1144 ] DNE C:\WINDOWS\system32\DRIVERS\dne2000.sys
18:12:08.0328 2528 DNE - ok
18:12:08.0375 2528 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
18:12:08.0375 2528 Dnscache - ok
18:12:08.0421 2528 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
18:12:08.0421 2528 Dot3svc - ok
18:12:08.0453 2528 [ 40F3B93B4E5B0126F2F5C0A7A5E22660 ] dpti2o C:\WINDOWS\system32\DRIVERS\dpti2o.sys
18:12:08.0453 2528 dpti2o - ok
18:12:08.0515 2528 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
18:12:08.0515 2528 drmkaud - ok
18:12:08.0546 2528 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
18:12:08.0562 2528 EapHost - ok
18:12:08.0578 2528 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
18:12:08.0593 2528 ERSvc - ok
18:12:08.0625 2528 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
18:12:08.0640 2528 Eventlog - ok
18:12:08.0687 2528 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
18:12:08.0687 2528 EventSystem - ok
18:12:08.0734 2528 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
18:12:08.0734 2528 Fastfat - ok
18:12:08.0781 2528 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
18:12:08.0796 2528 FastUserSwitchingCompatibility - ok
18:12:08.0859 2528 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
18:12:08.0859 2528 Fdc - ok
18:12:08.0890 2528 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
18:12:08.0890 2528 Fips - ok
18:12:08.0968 2528 [ BB0667B0171B632B97EA759515476F07 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
18:12:08.0984 2528 FLEXnet Licensing Service - ok
18:12:09.0015 2528 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
18:12:09.0015 2528 Flpydisk - ok
18:12:09.0062 2528 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
18:12:09.0062 2528 FltMgr - ok
18:12:09.0140 2528 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
18:12:09.0140 2528 FontCache3.0.0.0 - ok
18:12:09.0187 2528 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
18:12:09.0187 2528 Fs_Rec - ok
18:12:09.0203 2528 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
18:12:09.0203 2528 Ftdisk - ok
18:12:09.0250 2528 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
18:12:09.0250 2528 GEARAspiWDM - ok
18:12:09.0281 2528 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
18:12:09.0296 2528 Gpc - ok
18:12:09.0375 2528 [ 626A24ED1228580B9518C01930936DF9 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
18:12:09.0390 2528 gupdate - ok
18:12:09.0437 2528 [ 626A24ED1228580B9518C01930936DF9 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
18:12:09.0437 2528 gupdatem - ok
18:12:09.0484 2528 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
18:12:09.0500 2528 gusvc - ok
18:12:09.0562 2528 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
18:12:09.0562 2528 HDAudBus - ok
18:12:09.0640 2528 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
18:12:09.0640 2528 helpsvc - ok
18:12:09.0671 2528 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
18:12:09.0671 2528 HidServ - ok
18:12:09.0703 2528 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
18:12:09.0703 2528 HidUsb - ok
18:12:09.0765 2528 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
18:12:09.0781 2528 hkmsvc - ok
18:12:09.0812 2528 [ B028377DEA0546A5FCFBA928A8AEFAE0 ] hpn C:\WINDOWS\system32\DRIVERS\hpn.sys
18:12:09.0812 2528 hpn - ok
18:12:09.0859 2528 [ 9F1D80908658EB7F1BF70809E0B51470 ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys
18:12:09.0859 2528 HPZid412 - ok
18:12:09.0875 2528 [ F7E3E9D50F9CD3DE28085A8FDAA0A1C3 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
18:12:09.0875 2528 HPZipr12 - ok
18:12:09.0921 2528 [ CF1B7951B4EC8D13F3C93B74BB2B461B ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys
18:12:09.0921 2528 HPZius12 - ok
18:12:09.0968 2528 [ C02DC9D4358E43D088F2061C2B2BF30E ] HSFHWBS2 C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
18:12:09.0984 2528 HSFHWBS2 - ok
18:12:10.0046 2528 [ CBF6831420A97E8FBB91E5F52B707EF7 ] HSF_DPV C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
18:12:10.0109 2528 HSF_DPV - ok
18:12:10.0156 2528 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
18:12:10.0156 2528 HTTP - ok
18:12:10.0187 2528 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
18:12:10.0203 2528 HTTPFilter - ok
18:12:10.0234 2528 [ 9368670BD426EBEA5E8B18A62416EC28 ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys
18:12:10.0234 2528 i2omgmt - ok
18:12:10.0250 2528 [ F10863BF1CCC290BABD1A09188AE49E0 ] i2omp C:\WINDOWS\system32\DRIVERS\i2omp.sys
18:12:10.0250 2528 i2omp - ok
18:12:10.0265 2528 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
18:12:10.0265 2528 i8042prt - ok
18:12:10.0328 2528 [ DAF66902F08796F9C694901660E5A64A ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
18:12:10.0328 2528 IDriverT - ok
18:12:10.0421 2528 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:12:10.0453 2528 idsvc - ok
18:12:10.0500 2528 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
18:12:10.0500 2528 Imapi - ok
18:12:10.0531 2528 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
18:12:10.0546 2528 ImapiService - ok
18:12:10.0578 2528 [ 4A40E045FAEE58631FD8D91AFC620719 ] ini910u C:\WINDOWS\system32\DRIVERS\ini910u.sys
18:12:10.0578 2528 ini910u - ok
18:12:10.0765 2528 [ 2389F12F0ED506176B7C29C8144CEA09 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
18:12:10.0890 2528 IntcAzAudAddService - ok
18:12:10.0937 2528 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
18:12:10.0937 2528 IntelIde - ok
18:12:10.0984 2528 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
18:12:10.0984 2528 intelppm - ok
18:12:11.0015 2528 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
18:12:11.0015 2528 Ip6Fw - ok
18:12:11.0062 2528 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
18:12:11.0062 2528 IpFilterDriver - ok
18:12:11.0093 2528 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
18:12:11.0093 2528 IpInIp - ok
18:12:11.0140 2528 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
18:12:11.0140 2528 IpNat - ok
18:12:11.0203 2528 [ B84A28B3984185EDA8867541AF14CDDB ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
18:12:11.0218 2528 iPod Service - ok
18:12:11.0250 2528 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
18:12:11.0250 2528 IPSec - ok
18:12:11.0281 2528 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
18:12:11.0281 2528 IRENUM - ok
18:12:11.0312 2528 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
18:12:11.0328 2528 isapnp - ok
18:12:11.0515 2528 [ 7FBFEEE245821925129C9F86470BF33C ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
18:12:11.0515 2528 JavaQuickStarterService - ok
18:12:11.0546 2528 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
18:12:11.0546 2528 Kbdclass - ok
18:12:11.0593 2528 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
18:12:11.0593 2528 kbdhid - ok
18:12:11.0640 2528 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
18:12:11.0640 2528 kmixer - ok
18:12:11.0671 2528 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
18:12:11.0671 2528 KSecDD - ok
18:12:11.0687 2528 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
18:12:11.0703 2528 lanmanserver - ok
18:12:11.0734 2528 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
18:12:11.0750 2528 lanmanworkstation - ok
18:12:11.0750 2528 lbrtfdc - ok
18:12:11.0828 2528 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
18:12:11.0828 2528 LmHosts - ok
18:12:11.0875 2528 [ C5EFBD05A5195402121711A6EBBB271F ] LVUSBSta C:\WINDOWS\system32\drivers\lvusbsta.sys
18:12:11.0875 2528 LVUSBSta - ok
18:12:11.0953 2528 [ DF0A511F38F16016BF658FCA0090CB87 ] McrdSvc C:\WINDOWS\ehome\mcrdsvc.exe
18:12:11.0953 2528 McrdSvc - ok
18:12:11.0984 2528 [ 3C318B9CD391371BED62126581EE9961 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
18:12:11.0984 2528 mdmxsdk - ok
18:12:12.0031 2528 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
18:12:12.0046 2528 Messenger - ok
18:12:12.0078 2528 [ B7521F69C0A9B29D356157229376FB21 ] MHN C:\WINDOWS\System32\mhn.dll
18:12:12.0078 2528 MHN - ok
18:12:12.0125 2528 [ 7F2F1D2815A6449D346FCCCBC569FBD6 ] MHNDRV C:\WINDOWS\system32\DRIVERS\mhndrv.sys
18:12:12.0125 2528 MHNDRV - ok
18:12:12.0156 2528 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
18:12:12.0156 2528 mnmdd - ok
18:12:12.0203 2528 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
18:12:12.0203 2528 mnmsrvc - ok
18:12:12.0234 2528 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
18:12:12.0234 2528 Modem - ok
18:12:12.0281 2528 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
18:12:12.0281 2528 Mouclass - ok
18:12:12.0312 2528 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
18:12:12.0312 2528 mouhid - ok
18:12:12.0343 2528 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
18:12:12.0343 2528 MountMgr - ok
18:12:12.0375 2528 [ 3F4BB95E5A44F3BE34824E8E7CAF0737 ] mraid35x C:\WINDOWS\system32\DRIVERS\mraid35x.sys
18:12:12.0375 2528 mraid35x - ok
18:12:12.0406 2528 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
18:12:12.0406 2528 MRxDAV - ok
18:12:12.0468 2528 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
18:12:12.0484 2528 MRxSmb - ok
18:12:12.0578 2528 [ 8E46A7BAC823DD82D4FB2A34C3DF4C1D ] MSCSPTISRV C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
18:12:12.0593 2528 MSCSPTISRV - ok
18:12:12.0656 2528 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
18:12:12.0656 2528 MSDTC - ok
18:12:12.0703 2528 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
18:12:12.0703 2528 Msfs - ok
18:12:12.0703 2528 MSIServer - ok
18:12:12.0750 2528 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
18:12:12.0750 2528 MSKSSRV - ok
18:12:12.0781 2528 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
18:12:12.0781 2528 MSPCLOCK - ok
18:12:12.0828 2528 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
18:12:12.0843 2528 MSPQM - ok
18:12:12.0859 2528 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
18:12:12.0859 2528 mssmbios - ok
18:12:12.0890 2528 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
18:12:12.0890 2528 MSTEE - ok
18:12:12.0921 2528 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
18:12:12.0921 2528 Mup - ok
18:12:12.0968 2528 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
18:12:12.0968 2528 NABTSFEC - ok
18:12:13.0015 2528 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
18:12:13.0031 2528 napagent - ok
18:12:13.0078 2528 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
18:12:13.0078 2528 NDIS - ok
18:12:13.0125 2528 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
18:12:13.0125 2528 NdisIP - ok
18:12:13.0171 2528 [ 1A18F436E4855572260580F4D42C69E8 ] NDISRD C:\WINDOWS\system32\drivers\NDISRD.sys
18:12:13.0171 2528 NDISRD - ok
18:12:13.0203 2528 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
18:12:13.0218 2528 NdisTapi - ok
18:12:13.0250 2528 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
18:12:13.0250 2528 Ndisuio - ok
18:12:13.0281 2528 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
18:12:13.0281 2528 NdisWan - ok
18:12:13.0312 2528 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
18:12:13.0312 2528 NDProxy - ok
18:12:13.0343 2528 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
18:12:13.0343 2528 NetBIOS - ok
18:12:13.0390 2528 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
18:12:13.0390 2528 NetBT - ok
18:12:13.0421 2528 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
18:12:13.0437 2528 NetDDE - ok
18:12:13.0437 2528 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
18:12:13.0437 2528 NetDDEdsdm - ok
18:12:13.0468 2528 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
18:12:13.0468 2528 Netlogon - ok
18:12:13.0515 2528 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
18:12:13.0546 2528 Netman - ok
18:12:13.0578 2528 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:12:13.0578 2528 NetTcpPortSharing - ok
18:12:13.0625 2528 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
18:12:13.0625 2528 NIC1394 - ok
18:12:13.0687 2528 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
18:12:13.0687 2528 Nla - ok
18:12:13.0734 2528 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
18:12:13.0734 2528 Npfs - ok
18:12:13.0890 2528 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
18:12:13.0906 2528 Ntfs - ok
18:12:13.0921 2528 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
18:12:13.0921 2528 NtLmSsp - ok
18:12:13.0968 2528 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
18:12:13.0984 2528 NtmsSvc - ok
18:12:14.0031 2528 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
18:12:14.0031 2528 Null - ok
18:12:14.0046 2528 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
18:12:14.0046 2528 NwlnkFlt - ok
18:12:14.0078 2528 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
18:12:14.0078 2528 NwlnkFwd - ok
18:12:14.0203 2528 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
18:12:14.0234 2528 odserv - ok
18:12:14.0265 2528 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
18:12:14.0265 2528 ohci1394 - ok
18:12:14.0296 2528 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:12:14.0312 2528 ose - ok
18:12:14.0359 2528 [ 753A8F339F231D2B857E2CCD51A6E6CA ] PACSPTISVR C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
18:12:14.0375 2528 PACSPTISVR - ok
18:12:14.0421 2528 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
18:12:14.0421 2528 Parport - ok
18:12:14.0453 2528 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
18:12:14.0453 2528 PartMgr - ok
18:12:14.0500 2528 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
18:12:14.0500 2528 ParVdm - ok
18:12:14.0515 2528 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
18:12:14.0515 2528 PCI - ok
18:12:14.0546 2528 PCIDump - ok
18:12:14.0562 2528 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
18:12:14.0562 2528 PCIIde - ok
18:12:14.0593 2528 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys
18:12:14.0593 2528 Pcmcia - ok
18:12:14.0609 2528 PDCOMP - ok
18:12:14.0625 2528 PDFRAME - ok
18:12:14.0640 2528 PDRELI - ok
18:12:14.0656 2528 PDRFRAME - ok
18:12:14.0703 2528 [ 2A3EFD6C3F116675D149DA5E36A010A4 ] pepifilter C:\WINDOWS\system32\DRIVERS\lv302af.sys
18:12:14.0703 2528 pepifilter - ok
18:12:14.0718 2528 [ 6C14B9C19BA84F73D3A86DBA11133101 ] perc2 C:\WINDOWS\system32\DRIVERS\perc2.sys
18:12:14.0718 2528 perc2 - ok
18:12:14.0734 2528 [ F50F7C27F131AFE7BEBA13E14A3B9416 ] perc2hib C:\WINDOWS\system32\DRIVERS\perc2hib.sys
18:12:14.0734 2528 perc2hib - ok
18:12:14.0828 2528 [ CEBEFEAE6156F4FEE41F56BE89EA9C96 ] PID_08A0 C:\WINDOWS\system32\DRIVERS\LV302AV.SYS
18:12:14.0859 2528 PID_08A0 - ok
18:12:14.0875 2528 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
18:12:14.0890 2528 PlugPlay - ok
18:12:14.0921 2528 [ 9D84376931440F3679BEEF2A414FA493 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.exe
18:12:14.0921 2528 Pml Driver HPZ12 - ok
18:12:14.0968 2528 [ 0E01D7EEBADA0B324DB0CA1EE73440BA ] PnkBstrA C:\WINDOWS\system32\PnkBstrA.exe
18:12:14.0968 2528 PnkBstrA - ok
18:12:15.0000 2528 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
18:12:15.0000 2528 PolicyAgent - ok
18:12:15.0046 2528 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
18:12:15.0046 2528 PptpMiniport - ok
18:12:15.0093 2528 [ 33D7285F12D934268A34206DFC4AD1B3 ] PrismXL C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
18:12:15.0093 2528 PrismXL - ok
18:12:15.0109 2528 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
18:12:15.0109 2528 ProtectedStorage - ok
18:12:15.0125 2528 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
18:12:15.0125 2528 PSched - ok
18:12:15.0140 2528 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
18:12:15.0156 2528 Ptilink - ok
18:12:15.0171 2528 [ 49452BFCEC22F36A7A9B9C2181BC3042 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
18:12:15.0187 2528 PxHelp20 - ok
18:12:15.0187 2528 [ 0A63FB54039EB5662433CABA3B26DBA7 ] ql1080 C:\WINDOWS\system32\DRIVERS\ql1080.sys
18:12:15.0203 2528 ql1080 - ok
18:12:15.0203 2528 [ 6503449E1D43A0FF0201AD5CB1B8C706 ] Ql10wnt C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
18:12:15.0203 2528 Ql10wnt - ok
18:12:15.0218 2528 [ 156ED0EF20C15114CA097A34A30D8A01 ] ql12160 C:\WINDOWS\system32\DRIVERS\ql12160.sys
18:12:15.0218 2528 ql12160 - ok
18:12:15.0234 2528 [ 70F016BEBDE6D29E864C1230A07CC5E6 ] ql1240 C:\WINDOWS\system32\DRIVERS\ql1240.sys
18:12:15.0250 2528 ql1240 - ok
18:12:15.0250 2528 [ 907F0AEEA6BC451011611E732BD31FCF ] ql1280 C:\WINDOWS\system32\DRIVERS\ql1280.sys
18:12:15.0265 2528 ql1280 - ok
18:12:15.0281 2528 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
18:12:15.0281 2528 RasAcd - ok
18:12:15.0328 2528 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
18:12:15.0328 2528 RasAuto - ok
18:12:15.0375 2528 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
18:12:15.0375 2528 Rasl2tp - ok
18:12:15.0406 2528 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
18:12:15.0406 2528 RasMan - ok
18:12:15.0437 2528 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
18:12:15.0437 2528 RasPppoe - ok
18:12:15.0484 2528 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
18:12:15.0484 2528 Raspti - ok
18:12:15.0531 2528 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
18:12:15.0531 2528 Rdbss - ok
18:12:15.0578 2528 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
18:12:15.0578 2528 RDPCDD - ok
18:12:15.0609 2528 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
18:12:15.0625 2528 rdpdr - ok
18:12:15.0656 2528 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
18:12:15.0671 2528 RDPWD - ok
18:12:15.0718 2528 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
18:12:15.0718 2528 RDSessMgr - ok
18:12:15.0750 2528 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
18:12:15.0765 2528 redbook - ok
18:12:15.0796 2528 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
18:12:15.0796 2528 RemoteAccess - ok
18:12:15.0843 2528 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
18:12:15.0859 2528 RemoteRegistry - ok
18:12:15.0890 2528 [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7 ] ROOTMODEM C:\WINDOWS\system32\Drivers\RootMdm.sys
18:12:15.0890 2528 ROOTMODEM - ok
18:12:15.0937 2528 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
18:12:15.0937 2528 RpcLocator - ok
18:12:15.0968 2528 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\system32\rpcss.dll
18:12:15.0984 2528 RpcSs - ok
18:12:16.0000 2528 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
18:12:16.0015 2528 RSVP - ok
18:12:16.0046 2528 [ 7988BFE882BCD94199225B5C3482F1BD ] RTL8023xp C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys
18:12:16.0046 2528 RTL8023xp - ok
18:12:16.0093 2528 [ D507C1400284176573224903819FFDA3 ] rtl8139 C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
18:12:16.0093 2528 rtl8139 - ok
18:12:16.0109 2528 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
18:12:16.0109 2528 SamSs - ok
18:12:16.0140 2528 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
18:12:16.0140 2528 SCardSvr - ok
18:12:16.0203 2528 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
18:12:16.0218 2528 Schedule - ok
18:12:16.0281 2528 [ 8D04819A3CE51B9EB47E5689B44D43C4 ] sdbus C:\WINDOWS\system32\DRIVERS\sdbus.sys
18:12:16.0281 2528 sdbus - ok
18:12:16.0312 2528 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
18:12:16.0312 2528 Secdrv - ok
18:12:16.0359 2528 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
18:12:16.0359 2528 seclogon - ok
18:12:16.0359 2528 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
18:12:16.0375 2528 SENS - ok
18:12:16.0421 2528 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] Serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
18:12:16.0421 2528 Serenum - ok
18:12:16.0468 2528 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
18:12:16.0468 2528 Serial - ok
18:12:16.0546 2528 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
18:12:16.0546 2528 Sfloppy - ok
18:12:16.0609 2528 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
18:12:16.0609 2528 ShellHWDetection - ok
18:12:16.0625 2528 Simbad - ok
18:12:16.0687 2528 [ 6B33D0EBD30DB32E27D1D78FE946A754 ] sisagp C:\WINDOWS\system32\DRIVERS\sisagp.sys
18:12:16.0687 2528 sisagp - ok
18:12:16.0750 2528 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
18:12:16.0750 2528 SkypeUpdate - ok
18:12:16.0796 2528 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
18:12:16.0796 2528 SLIP - ok
18:12:16.0843 2528 [ A1ECEEAA5C5E74B2499EB51D38185B84 ] SONYPVU1 C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
18:12:16.0843 2528 SONYPVU1 - ok
18:12:16.0875 2528 [ 83C0F71F86D3BDAF915685F3D568B20E ] Sparrow C:\WINDOWS\system32\DRIVERS\sparrow.sys
18:12:16.0875 2528 Sparrow - ok
18:12:16.0921 2528 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
18:12:16.0921 2528 splitter - ok
18:12:16.0953 2528 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
18:12:16.0968 2528 Spooler - ok
18:12:17.0015 2528 sprtsvc_medicsp2 - ok
18:12:17.0062 2528 [ E3E6C96B0EF4492C3C8FD0DEEF4E35A1 ] SPTISRV C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
18:12:17.0062 2528 SPTISRV - ok
18:12:17.0093 2528 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
18:12:17.0093 2528 sr - ok
18:12:17.0140 2528 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
18:12:17.0171 2528 srservice - ok
18:12:17.0218 2528 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
18:12:17.0234 2528 Srv - ok
18:12:17.0281 2528 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
18:12:17.0281 2528 SSDPSRV - ok
18:12:17.0328 2528 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
18:12:17.0343 2528 stisvc - ok
18:12:17.0375 2528 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
18:12:17.0375 2528 streamip - ok
18:12:17.0421 2528 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
18:12:17.0421 2528 swenum - ok
18:12:17.0437 2528 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
18:12:17.0437 2528 swmidi - ok
18:12:17.0453 2528 SwPrv - ok
18:12:17.0500 2528 [ 1FF3217614018630D0A6758630FC698C ] symc810 C:\WINDOWS\system32\DRIVERS\symc810.sys
18:12:17.0500 2528 symc810 - ok
18:12:17.0515 2528 [ 070E001D95CF725186EF8B20335F933C ] symc8xx C:\WINDOWS\system32\DRIVERS\symc8xx.sys
18:12:17.0515 2528 symc8xx - ok
18:12:17.0531 2528 [ 80AC1C4ABBE2DF3B738BF15517A51F2C ] sym_hi C:\WINDOWS\system32\DRIVERS\sym_hi.sys
18:12:17.0546 2528 sym_hi - ok
18:12:17.0562 2528 [ BF4FAB949A382A8E105F46EBB4937058 ] sym_u3 C:\WINDOWS\system32\DRIVERS\sym_u3.sys
18:12:17.0562 2528 sym_u3 - ok
18:12:17.0609 2528 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
18:12:17.0609 2528 sysaudio - ok
18:12:17.0640 2528 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
18:12:17.0656 2528 SysmonLog - ok
18:12:17.0687 2528 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
18:12:17.0703 2528 TapiSrv - ok
18:12:17.0750 2528 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
18:12:17.0765 2528 Tcpip - ok
18:12:17.0812 2528 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
18:12:17.0812 2528 TDPIPE - ok
18:12:17.0843 2528 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
18:12:17.0843 2528 TDTCP - ok
18:12:17.0921 2528 [ 622FCF264119F7DF127BE353F796B319 ] TelevisionFanaticService C:\PROGRA~1\TELEVI~2\bar\1.bin\64barsvc.exe
18:12:17.0921 2528 TelevisionFanaticService - ok
18:12:17.0968 2528 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
18:12:17.0968 2528 TermDD - ok
18:12:18.0015 2528 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
18:12:18.0031 2528 TermService - ok
18:12:18.0046 2528 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
18:12:18.0062 2528 Themes - ok
18:12:18.0093 2528 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
18:12:18.0093 2528 TlntSvr - ok
18:12:18.0125 2528 [ F2790F6AF01321B172AA62F8E1E187D9 ] TosIde C:\WINDOWS\system32\DRIVERS\toside.sys
18:12:18.0125 2528 TosIde - ok
18:12:18.0171 2528 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
18:12:18.0171 2528 TrkWks - ok
18:12:18.0203 2528 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
18:12:18.0203 2528 Udfs - ok
18:12:18.0218 2528 [ 1B698A51CD528D8DA4FFAED66DFC51B9 ] ultra C:\WINDOWS\system32\DRIVERS\ultra.sys
18:12:18.0218 2528 ultra - ok
18:12:18.0265 2528 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
18:12:18.0296 2528 Update - ok
18:12:18.0343 2528 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
18:12:18.0375 2528 upnphost - ok
18:12:18.0406 2528 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
18:12:18.0406 2528 UPS - ok
18:12:18.0468 2528 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
18:12:18.0468 2528 usbaudio - ok
18:12:18.0515 2528 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
18:12:18.0515 2528 usbccgp - ok
18:12:18.0546 2528 [ D21CDE1C635BCC5053463579EEE453CF ] USBCM C:\WINDOWS\system32\DRIVERS\Sacm2A.sys
18:12:18.0546 2528 USBCM - ok
18:12:18.0593 2528 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
18:12:18.0593 2528 usbehci - ok
18:12:18.0609 2528 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
18:12:18.0609 2528 usbhub - ok
18:12:18.0656 2528 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
18:12:18.0656 2528 usbohci - ok
18:12:18.0703 2528 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
18:12:18.0703 2528 usbprint - ok
18:12:18.0718 2528 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
18:12:18.0718 2528 usbscan - ok
18:12:18.0750 2528 [ A32426D9B14A089EAA1D922E0C5801A9 ] usbstor C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
18:12:18.0750 2528 usbstor - ok
18:12:18.0781 2528 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
18:12:18.0781 2528 usbuhci - ok
18:12:18.0843 2528 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
18:12:18.0843 2528 VgaSave - ok
18:12:18.0890 2528 [ 754292CE5848B3738281B4F3607EAEF4 ] viaagp C:\WINDOWS\system32\DRIVERS\viaagp.sys
18:12:18.0906 2528 viaagp - ok
18:12:18.0906 2528 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
18:12:18.0906 2528 ViaIde - ok
18:12:18.0937 2528 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
18:12:18.0937 2528 VolSnap - ok
18:12:19.0000 2528 [ 0354BA3A5BA5E28CC247EB5F5DD8793C ] vsdatant C:\WINDOWS\system32\vsdatant.sys
18:12:19.0015 2528 vsdatant - ok
18:12:19.0062 2528 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
18:12:19.0078 2528 VSS - ok
18:12:19.0125 2528 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
18:12:19.0140 2528 W32Time - ok
18:12:19.0156 2528 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
18:12:19.0156 2528 Wanarp - ok
18:12:19.0203 2528 [ 0A716C08CB13C3A8F4F51E882DBF7416 ] wanatw C:\WINDOWS\system32\DRIVERS\wanatw4.sys
18:12:19.0203 2528 wanatw - ok
18:12:19.0250 2528 [ D6EFAF429FD30C5DF613D220E344CCE7 ] WDC_SAM C:\WINDOWS\system32\DRIVERS\wdcsam.sys
18:12:19.0250 2528 WDC_SAM - ok
18:12:19.0328 2528 [ 997F2E3B66F1A987DEE83947FB40A033 ] WDDMService C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
18:12:19.0328 2528 WDDMService - ok
18:12:19.0421 2528 [ 5BB2ED6A1070001038276C814BC8C1DE ] WDFME C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
18:12:19.0468 2528 WDFME - ok
18:12:19.0484 2528 WDICA - ok
18:12:19.0531 2528 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
18:12:19.0531 2528 wdmaud - ok
18:12:19.0578 2528 [ 3BA6FAF9276294285B88C2E6C85A4A09 ] WDSC C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
18:12:19.0609 2528 WDSC - ok
18:12:19.0656 2528 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
18:12:19.0656 2528 WebClient - ok
18:12:19.0703 2528 [ 59D043485A6EDA2ED2685C81489AE5BD ] winachsf C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
18:12:19.0718 2528 winachsf - ok
18:12:19.0828 2528 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
18:12:19.0828 2528 winmgmt - ok
18:12:19.0890 2528 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
18:12:19.0890 2528 WmdmPmSN - ok
18:12:19.0921 2528 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll
18:12:19.0953 2528 Wmi - ok
18:12:20.0000 2528 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
18:12:20.0000 2528 WmiApSrv - ok
18:12:20.0093 2528 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
18:12:20.0109 2528 WMPNetworkSvc - ok
18:12:20.0171 2528 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
18:12:20.0171 2528 WpdUsb - ok
18:12:20.0359 2528 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
18:12:20.0484 2528 WPFFontCache_v0400 - ok
18:12:20.0562 2528 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
18:12:20.0562 2528 WS2IFSL - ok
18:12:20.0593 2528 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
18:12:20.0593 2528 WSTCODEC - ok
18:12:20.0625 2528 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
18:12:20.0640 2528 wuauserv - ok
18:12:20.0687 2528 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
18:12:20.0687 2528 WudfPf - ok
18:12:20.0718 2528 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
18:12:20.0718 2528 WudfRd - ok
18:12:20.0750 2528 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
18:12:20.0750 2528 WudfSvc - ok
18:12:20.0812 2528 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
18:12:20.0843 2528 WZCSVC - ok
18:12:20.0890 2528 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
18:12:20.0906 2528 xmlprov - ok
18:12:20.0937 2528 ================ Scan global ===============================
18:12:20.0984 2528 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
18:12:21.0015 2528 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
18:12:21.0046 2528 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
18:12:21.0062 2528 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
18:12:21.0078 2528 [Global] - ok
18:12:21.0078 2528 ================ Scan MBR ==================================
18:12:21.0093 2528 [ B20939CD98B7710036274839082AE757 ] \Device\Harddisk0\DR0
18:12:21.0375 2528 \Device\Harddisk0\DR0 - ok
18:12:21.0390 2528 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
18:12:21.0640 2528 \Device\Harddisk1\DR1 - ok
18:12:21.0640 2528 ================ Scan VBR ==================================
18:12:21.0671 2528 [ 8F944A53CC0213CE6B3A3E340EF8E493 ] \Device\Harddisk0\DR0\Partition1
18:12:21.0671 2528 \Device\Harddisk0\DR0\Partition1 - ok
18:12:21.0703 2528 [ BF4EDFC89C38E7ECB1CE1ACEFB71F067 ] \Device\Harddisk0\DR0\Partition2
18:12:21.0703 2528 \Device\Harddisk0\DR0\Partition2 - ok
18:12:21.0718 2528 [ 0DFDD0822C006A886401605FFE8A0CBE ] \Device\Harddisk1\DR1\Partition1
18:12:21.0718 2528 \Device\Harddisk1\DR1\Partition1 - ok
18:12:21.0718 2528 ============================================================
18:12:21.0718 2528 Scan finished
18:12:21.0718 2528 ============================================================
18:12:21.0750 3560 Detected object count: 0
18:12:21.0750 3560 Actual detected object count: 0

#4 sanpedsa

sanpedsa
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:01:48 PM

Posted 29 January 2013 - 07:09 PM

aswMBR results

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-01-29 18:14:21
-----------------------------
18:14:21.953 OS Version: Windows 5.1.2600 Service Pack 3
18:14:21.953 Number of processors: 2 586 0x605
18:14:21.953 ComputerName: OURCOMPUTER UserName: Sara
18:14:24.000 Initialize success
18:17:52.531 AVAST engine defs: 13012903
18:31:58.125 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP4T0L0-17
18:31:58.140 Disk 0 Vendor: WDC_WD1600BB-22RDA0 20.00K20 Size: 152627MB BusType: 3
18:31:58.140 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP4T1L0-1f
18:31:58.140 Disk 1 Vendor: Maxtor_33073H3 YAH814Y0 Size: 29312MB BusType: 3
18:31:58.171 Disk 0 MBR read successfully
18:31:58.171 Disk 0 MBR scan
18:31:59.828 Disk 0 unknown MBR code
18:31:59.843 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 147204 MB offset 11100915
18:32:01.218 Disk 0 Partition 2 00 0B FAT32 RECOVERY 5420 MB offset 63
18:32:01.640 Disk 0 scanning sectors +312576705
18:32:02.406 Disk 0 scanning C:\WINDOWS\system32\drivers
18:32:48.031 Service scanning
18:33:26.484 Modules scanning
18:34:07.968 Disk 0 trace - called modules:
18:34:07.968
18:34:11.953 AVAST engine scan C:\WINDOWS
18:34:23.109 AVAST engine scan C:\WINDOWS\system32
18:40:31.171 AVAST engine scan C:\WINDOWS\system32\drivers
18:41:00.296 AVAST engine scan C:\Documents and Settings\Sara
18:41:04.937 File: C:\Documents and Settings\Sara\Application Data\1b881c94-08ef-49d4-a0c5-558f32834abd79\bcefdacfabd.exe **INFECTED** Win32:Rootkit-gen [Rtk]
18:41:10.828 File: C:\Documents and Settings\Sara\Application Data\agerac.dll **INFECTED** Win32:Medfos-AQ [Trj]
18:42:34.843 File: C:\Documents and Settings\Sara\Application Data\ilaet.dll **INFECTED** Win32:Medfos-AQ [Trj]
18:43:12.000 File: C:\Documents and Settings\Sara\Application Data\rvetr.dll **INFECTED** Win32:Malware-gen
18:47:40.375 File: C:\Documents and Settings\Sara\Local Settings\Temp\wrk1.tmp **INFECTED** Win32:MalOb-IZ [Cryp]
18:50:33.859 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Sara\My Documents\VIRUS LOGS\MBR.dat"
18:50:33.890 The log file has been saved successfully to "C:\Documents and Settings\Sara\My Documents\VIRUS LOGS\aswMBR.txt"

#5 sanpedsa

sanpedsa
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:01:48 PM

Posted 29 January 2013 - 07:20 PM

ESET scanners taking a bit more time..

#6 sanpedsa

sanpedsa
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:01:48 PM

Posted 29 January 2013 - 09:02 PM

Finally.. ESET results

C:\Documents and Settings\All Users\Application Data\CoolYou\bhoclass.dll Win32/Adware.MultiPlug application cleaned by deleting - quarantined
C:\Documents and Settings\All Users\Application Data\128fa590-52cd-46dd-ab88-812143982596.dat a variant of Win32/TrojanDownloader.FakeAlert.BMF trojan cleaned by deleting - quarantined
C:\Documents and Settings\Sara\Application Data\agerac.dll a variant of Win32/Medfos.IU trojan cleaned by deleting - quarantined
C:\Documents and Settings\Sara\Application Data\ilaet.dll a variant of Win32/Medfos.IU trojan cleaned by deleting (after the next restart) - quarantined
C:\Documents and Settings\Sara\Application Data\rvetr.dll a variant of Win32/Medfos.IX trojan cleaned by deleting (after the next restart) - quarantined
C:\Documents and Settings\Sara\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cdjbnddbclciabnckgeahmneohjlahdm\1.0_1\manager.js JS/Redirector.NCG trojan cleaned by deleting - quarantined
C:\Documents and Settings\Sara\Local Settings\Temp\wrk1.tmp a variant of Win32/TrojanDownloader.FakeAlert.BMF trojan cleaned by deleting - quarantined
C:\Documents and Settings\Sara\owner.mycomputer\Local Settings\Temp\nsh199.tmp\Install.dll Win32/Adware.HotBar application cleaned by deleting - quarantined
C:\Documents and Settings\Sara\owner.mycomputer\Local Settings\Temp\tzl2C.tmp Win32/Adware.180Solutions application cleaned by deleting - quarantined
Operating memory multiple threats

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:48 PM

Posted 29 January 2013 - 09:17 PM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.


Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#8 sanpedsa

sanpedsa
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:01:48 PM

Posted 29 January 2013 - 11:27 PM

Malwarebytes results

Malwarebytes Anti-Malware (Trial) 1.70.0.1100
www.malwarebytes.org

Database version: v2013.01.29.11

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Sara :: OURCOMPUTER [administrator]

Protection: Enabled

1/29/2013 9:22:14 PM
mbam-log-2013-01-29 (21-22-14).txt

Scan type: Full scan (C:\|D:\|E:\|G:\|H:\|I:\|J:\|K:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 375834
Time elapsed: 1 hour(s), 54 minute(s), 56 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 165
HKCR\CLSID\{002d1ba6-4766-4d7d-82b8-f49439c66f97} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{002D1BA6-4766-4D7D-82B8-F49439C66F97} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{002D1BA6-4766-4D7D-82B8-F49439C66F97} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{002D1BA6-4766-4D7D-82B8-F49439C66F97} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{74cef9d2-506a-4bc6-b577-4f6505317fba} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{1265ae6e-5141-468b-ab11-67ece832f5e8} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{4C7D4EF1-B4DE-4D32-AEDE-4D16E24431A5} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{0696f815-a3a9-490a-bb14-9ec3350b1276} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{5d79f641-c168-40df-a32f-bacea7509e75} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5D79F641-C168-40DF-A32F-BACEA7509E75} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{5D79F641-C168-40DF-A32F-BACEA7509E75} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5D79F641-C168-40DF-A32F-BACEA7509E75} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{fba7cbb1-fc93-4149-8862-d94451a7d167} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{608f7340-e221-4afb-a848-c4dad297cd58} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{966430CC-2097-45CA-8626-2C3F454C3297} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SYSTEM\CurrentControlSet\Services\BringMeSports_1cService (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SYSTEM\CurrentControlSet\Services\TelevisionFanaticService (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{04d2b915-19ff-41e9-994d-95dc898bea43} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{0597d3be-9a4d-4426-a8a7-572ad299852e} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{4E7F49ED-8C94-4AAA-A407-3010D099B11A} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TelevisionFanatic.SettingsPlugin.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TelevisionFanatic.SettingsPlugin (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{04D2B915-19FF-41E9-994D-95DC898BEA43} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{04D2B915-19FF-41E9-994D-95DC898BEA43} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\TelevisionFanaticbar Uninstall (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{cb41fc95-f1b3-4797-8bb6-1012ff62abba} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CB41FC95-F1B3-4797-8BB6-1012FF62ABBA} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{CB41FC95-F1B3-4797-8BB6-1012FF62ABBA} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CB41FC95-F1B3-4797-8BB6-1012FF62ABBA} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{82c7004a-078e-468c-9c0f-2243618ff7cb} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{256b342b-85a7-4e4e-aa2e-101cddef5efd} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{06FB54B9-0ABC-4271-9BB9-9015A19E7A5C} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\BringMeSports_1c.SettingsPlugin.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\BringMeSports_1c.SettingsPlugin (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{82C7004A-078E-468C-9C0F-2243618FF7CB} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{82C7004A-078E-468C-9C0F-2243618FF7CB} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BringMeSports_1cbar Uninstall (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{f653d037-97fa-4755-98c1-7f382eeb59a7} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F653D037-97FA-4755-98C1-7F382EEB59A7} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{F653D037-97FA-4755-98C1-7F382EEB59A7} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{F653D037-97FA-4755-98C1-7F382EEB59A7} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{02515cef-2063-4d64-b87a-d504c99d40dd} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{aed3b1e0-fabb-4c27-a2da-ec8352ee7e30} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{9989BC14-9B5B-4B3B-8040-478FD1685E34} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{07494721-dfcf-41c1-8a03-b3fffb0f8409} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{952c6f00-cba7-47be-baf3-cfc5808e6c7b} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{1E34EA93-600B-4CBC-9858-59BE04C1A581} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{0e8a6cb6-3b14-491d-8bba-86a95a62ff72} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TelevisionFanatic.PseudoTransparentPlugin.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TelevisionFanatic.PseudoTransparentPlugin (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{0E8A6CB6-3B14-491D-8BBA-86A95A62FF72} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{1D7E63AF-274B-426B-B51D-ADF161DF7F24} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TelevisionFanatic.HTMLMenu.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TelevisionFanatic.HTMLMenu (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D7E63AF-274B-426B-B51D-ADF161DF7F24} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{387dface-9e46-415f-8c86-18083b7d6ead} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{73cadbbd-4dc5-419d-84f1-e7bf4c3b20c4} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{32CC4D2E-999C-4853-9D3E-5DE4C02D57C6} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{38deffd9-9379-4ac4-baa9-1a883dba9cd2} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TelevisionFanatic.MultipleButton.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TelevisionFanatic.MultipleButton (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{52d3c28f-c9ac-40b5-848f-1fb63d2badef} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TelevisionFanatic.ScriptButton.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TelevisionFanatic.ScriptButton (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{67d33c35-62e9-4f77-a284-9e9d256f7846} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TelevisionFanatic.DynamicBarButton.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TelevisionFanatic.DynamicBarButton (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{6ffb45e3-cffc-4b3a-95eb-334cb53c85b0} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{a378fd9d-b406-44bb-96d2-8cdaa668713f} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{93A55DA3-83ED-4090-91B6-904C44647639} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TelevisionFanatic.FeedManager.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TelevisionFanatic.FeedManager (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{7895609d-c8b4-4cf5-a2c7-28223d0c3d92} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{34979cb5-728d-4727-81bf-01850a3bb89b} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{934063FB-A81D-4849-B02C-478446DF3219} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TelevisionFanatic.ThirdPartyInstaller.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TelevisionFanatic.ThirdPartyInstaller (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7895609D-C8B4-4CF5-A2C7-28223D0C3D92} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{7952f465-ac46-4a82-b383-870f3784d1cd} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TelevisionFanatic.UrlAlertButton.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TelevisionFanatic.UrlAlertButton (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{7ad9c324-3672-4d33-8477-d9c8e627f4bf} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TelevisionFanatic.Radio.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TelevisionFanatic.Radio (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{8be781d8-5e70-423d-82de-9e4756fce53c} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{026fd9ba-112b-4d9f-86ea-589e28016e8c} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{0328B630-EA94-4FA3-9F27-8250B6324DDB} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TelevisionFanatic.XMLSessionPlugin.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TelevisionFanatic.XMLSessionPlugin (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8BE781D8-5E70-423D-82DE-9E4756FCE53C} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{91a8da6b-8013-44aa-b63f-00195312999a} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{03f59b4b-09d9-40f0-a01a-6e895023f2f0} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{42CB7963-EFE0-4737-A927-CE076FAA3BA0} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TelevisionFanatic.RadioSettings.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TelevisionFanatic.RadioSettings (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{c98d5b61-b0ea-4d48-9839-1079d352d880} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{C98D5B61-B0EA-4D48-9839-1079D352D880} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C98D5B61-B0EA-4D48-9839-1079D352D880} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{d09094b3-b426-4f16-a6d9-e211fe222127} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D09094B3-B426-4F16-A6D9-E211FE222127} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{f02c0832-c85c-4b93-8c6f-9df20121a10d} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{6784d08d-cdc3-419d-9b97-744a351ed908} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{844C2331-94DF-431E-9A67-426ED861D27F} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TelevisionFanatic.HTMLPanel.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TelevisionFanatic.HTMLPanel (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F02C0832-C85C-4B93-8C6F-9DF20121A10D} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{0ED403E8-470A-4A8A-85A4-D7688CFE39A3} (Adware.Gamevance) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A77D3539-581D-450C-9E44-A84C415A6172} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{F02FABCB-92DD-475A-98AF-14217BD50746} (Adware.Gamevance) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4e7f49ed-8c94-4aaa-a407-3010d099b11a} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{b8cbcb5a-9192-4122-b3de-bd139320ec09} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{f6c482a5-17ae-43d3-a6ac-52a70674283c} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{3436BC13-C898-4775-B1EA-BA224587010D} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\BringMeSports_1c.XMLSessionPlugin.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\BringMeSports_1c.XMLSessionPlugin (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B8CBCB5A-9192-4122-B3DE-BD139320EC09} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{8e74a826-02ac-4edf-8827-7cfde086fb48} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{a66eec44-aa6d-4af2-bf75-490e2ca17ae9} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{0243D748-2F31-42C0-AC9D-17A44DC93907} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{716f0a7a-66f8-4c51-9ef2-be22e0ea2f00} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\BringMeSports_1c.DynamicBarButton.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\BringMeSports_1c.DynamicBarButton (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{39ae4193-9636-4786-a7e8-d0bed697cdf3} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{bdfcf196-0622-41cf-bda6-d1cdb44ab5e9} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{55E0C5EA-CEB2-4B31-BF39-37194037C570} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\BringMeSports_1c.FeedManager.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\BringMeSports_1c.FeedManager (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{5489857c-d16b-4f23-a322-9f3d3423dc6d} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{6a751d61-7a6b-4999-bfd0-adf01a40f6f2} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{3F7C4052-B2B0-452C-99CA-BABD1FCB297B} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{779a6469-e20c-4517-9d59-394ee65e216c} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\BringMeSports_1c.MultipleButton.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\BringMeSports_1c.MultipleButton (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{a1912af6-dfe3-48b1-bdfe-9a65259ac702} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\BringMeSports_1c.Radio.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\BringMeSports_1c.Radio (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{5dc6445c-89ce-4895-9eee-79449a453700} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\BringMeSports_1c.ScriptButton.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\BringMeSports_1c.ScriptButton (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{1856a7bd-de8c-488b-aa7a-5682d13166fc} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{92364364-56b2-4c54-aae3-a7d03a30c023} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{A0E4F729-E247-43D3-ADBA-A7BBCEE7B99F} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1856A7BD-DE8C-488B-AA7A-5682D13166FC} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{f0c8ccc2-baaa-4236-ad0a-22b5a401b9ef} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{a50c4254-a6a2-48cb-a2d0-c5e0a53fd965} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{29092667-E116-4C0D-B53F-8C8511571185} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\BringMeSports_1c.ThirdPartyInstaller.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\BringMeSports_1c.ThirdPartyInstaller (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F0C8CCC2-BAAA-4236-AD0A-22B5A401B9EF} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{d424710b-af83-49a6-9f26-033e0cf794b1} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\BringMeSports_1c.UrlAlertButton.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\BringMeSports_1c.UrlAlertButton (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{bc61ca7a-6b81-47ec-b62d-ae1a236cadb9} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{71e326b6-2dc3-40b7-93d8-3ceda9c83f53} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{4691B0B0-2AB8-404C-BD83-DAB9E26BC177} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\BringMeSports_1c.HTMLPanel.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\BringMeSports_1c.HTMLPanel (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{BC61CA7A-6B81-47EC-B62D-AE1A236CADB9} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TelevisionFanatic.SkinLauncher (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TelevisionFanatic.SkinLauncher.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TelevisionFanatic.SkinLauncherSettings (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TelevisionFanatic.SkinLauncherSettings.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\FunWebProducts (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\MozillaPlugins\@TelevisionFanatic.com/Plugin (PUP.MyWebSearch) -> Quarantined and deleted successfully.

Registry Values Detected: 17
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|TelevisionFanatic Browser Plugin Loader (PUP.MyWebSearch) -> Data: C:\PROGRA~1\TELEVI~2\bar\1.bin\64brmon.exe -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|BringMeSports_1c Browser Plugin Loader (PUP.MyWebSearch) -> Data: C:\PROGRA~1\BRINGM~2\bar\1.bin\1cbrmon.exe -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks|{0696F815-A3A9-490A-BB14-9EC3350B1276} (PUP.MyWebSearch) -> Data: -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|TelevisionFanatic Search Scope Monitor (PUP.MyWebSearch) -> Data: "C:\PROGRA~1\TELEVI~2\bar\1.bin\64srchmn.exe" /m=2 /w /h -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|BringMeSports Search Scope Monitor (PUP.MyWebSearch) -> Data: "C:\PROGRA~1\BRINGM~2\bar\1.bin\1csrchmn.exe" /m=2 /w /h -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser|{C98D5B61-B0EA-4D48-9839-1079D352D880} (PUP.MyWebSearch) -> Data: a[HM9yR؀ -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{C98D5B61-B0EA-4D48-9839-1079D352D880} (PUP.MyWebSearch) -> Data: -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} (Adware.Zango) -> Data: -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser|{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} (Adware.Zango) -> Data: a+߬H:; -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{C98D5B61-B0EA-4D48-9839-1079D352D880} (PUP.MyWebSearch) -> Data: -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{0696f815-a3a9-490a-bb14-9ec3350b1276} (PUP.MyWebSearch) -> Data: -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{c98d5b61-b0ea-4d48-9839-1079d352d880} (PUP.MyWebSearch) -> Data: -> Quarantined and deleted successfully.
HKCU\Environment|AVAPP (Rogue.PersonalAntiVirus) -> Data: C:\Program Files\PersonalAV -> Quarantined and deleted successfully.
HKCU\Environment|AVUNINST (Rogue.PersonalAntiVirus) -> Data: C:\Program Files\Common Files\Uninstall\PersonalAV\Uninstall.lnk -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|128fa590-52cd-46dd-ab88-812143982596 (Trojan.FakeAlertP.Gen) -> Data: rundll32.exe "C:\Documents and Settings\All Users\Application Data\128fa590-52cd-46dd-ab88-812143982596.dat", tuqlcuivxxy -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|rvetr (Trojan.RedirRdll2.Gen) -> Data: rundll32.exe "C:\Documents and Settings\Sara\Application Data\rvetr.dll",HrIStreamToBSTR -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Mozilla\Firefox\Extensions|64ffxtbr@TelevisionFanatic.com (PUP.MyWebSearch) -> Data: C:\Program Files\TelevisionFanatic\bar\1.bin -> Quarantined and deleted successfully.

Registry Data Items Detected: 1
HKCR\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32| (Trojan.0Access) -> Bad: (C:\RECYCLER\S-1-5-18\$a2e08dfdaba1fddcd7ec48b990001c00\n.) Good: (fastprox.dll) -> Quarantined and repaired successfully.

Folders Detected: 4
C:\Program Files\FunWebProducts (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\TelevisionFanatic\bar\1.bin (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files\TelevisionFanatic\bar\1.bin\chrome (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\TelevisionFanatic\bar\1.bin\ThirdPartyInstallers (PUP.MyWebSearch) -> Quarantined and deleted successfully.

Files Detected: 117
C:\Program Files\BringMeSports_1c\bar\1.bin\1cbrstub.dll (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files\TelevisionFanatic\bar\1.bin\64brstub.dll (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files\TelevisionFanatic\bar\1.bin\64brmon.exe (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files\BringMeSports_1c\bar\1.bin\1cbrmon.exe (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files\BringMeSports_1c\bar\1.bin\1cauxstb.dll (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files\BringMeSports_1c\bar\1.bin\1cSrcAs.dll (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files\BringMeSports_1c\bar\1.bin\1cdlghk.dll (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files\BringMeSports_1c\bar\1.bin\1cieovr.dll (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files\TelevisionFanatic\bar\1.bin\64auxstb.dll (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files\TelevisionFanatic\bar\1.bin\64SrcAs.dll (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files\TelevisionFanatic\bar\1.bin\64dlghk.dll (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files\TelevisionFanatic\bar\1.bin\64ieovr.dll (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files\TelevisionFanatic\bar\1.bin\64SrchMn.exe (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\BringMeSports_1c\bar\1.bin\1cSrchMn.exe (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\BringMeSports_1c\bar\1.bin\1cbarsvc.exe (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\TelevisionFanatic\bar\1.bin\64barsvc.exe (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\TelevisionFanatic\bar\1.bin\64bar.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\BringMeSports_1c\bar\1.bin\1cbar.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\TelevisionFanatic\bar\1.bin\64httpct.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\TelevisionFanatic\bar\1.bin\64skin.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\TelevisionFanatic\bar\1.bin\64htmlmu.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\TelevisionFanatic\bar\1.bin\64datact.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\TelevisionFanatic\bar\1.bin\64mlbtn.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\TelevisionFanatic\bar\1.bin\64script.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\TelevisionFanatic\bar\1.bin\64dyn.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\TelevisionFanatic\bar\1.bin\64feedmg.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\TelevisionFanatic\bar\1.bin\64tpinst.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\TelevisionFanatic\bar\1.bin\64uabtn.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\TelevisionFanatic\bar\1.bin\64radio.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\TelevisionFanatic\bar\1.bin\64msg.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\TelevisionFanatic\bar\1.bin\T8HTML.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\CoolYou\CoolYou.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sara\Local Settings\Temp\NOD5B82.tmp (Trojan.Medfos) -> Delete on reboot.
C:\Program Files\BringMeSports_1c\bar\1.bin\1cmsg.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\BringMeSports_1c\bar\1.bin\1cdatact.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\BringMeSports_1c\bar\1.bin\1cdyn.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\BringMeSports_1c\bar\1.bin\1cfeedmg.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\BringMeSports_1c\bar\1.bin\1chighin.exe (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\BringMeSports_1c\bar\1.bin\1chkstub.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\BringMeSports_1c\bar\1.bin\1chttpct.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\BringMeSports_1c\bar\1.bin\1cidle.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\BringMeSports_1c\bar\1.bin\1cimpipe.exe (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\BringMeSports_1c\bar\1.bin\1cmedint.exe (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\BringMeSports_1c\bar\1.bin\1cmlbtn.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\BringMeSports_1c\bar\1.bin\1cPlugin.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\BringMeSports_1c\bar\1.bin\1cradio.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\BringMeSports_1c\bar\1.bin\1cregfft.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\BringMeSports_1c\bar\1.bin\1creghk.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\BringMeSports_1c\bar\1.bin\1cregiet.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\BringMeSports_1c\bar\1.bin\1cscript.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\BringMeSports_1c\bar\1.bin\1cskin.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\BringMeSports_1c\bar\1.bin\1cskplay.exe (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\BringMeSports_1c\bar\1.bin\1ctpinst.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\BringMeSports_1c\bar\1.bin\1cuabtn.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\BringMeSports_1c\bar\1.bin\NP1cStub.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\BringMeSports_1c\bar\1.bin\T8HTML.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\TelevisionFanatic\bar\1.bin\64highin.exe (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\TelevisionFanatic\bar\1.bin\64hkstub.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\TelevisionFanatic\bar\1.bin\64idle.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\TelevisionFanatic\bar\1.bin\64impipe.exe (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\TelevisionFanatic\bar\1.bin\64medint.exe (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\TelevisionFanatic\bar\1.bin\64Plugin.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\TelevisionFanatic\bar\1.bin\64regfft.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\TelevisionFanatic\bar\1.bin\64reghk.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\TelevisionFanatic\bar\1.bin\64regiet.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\TelevisionFanatic\bar\1.bin\64skplay.exe (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\TelevisionFanatic\bar\1.bin\NP64Stub.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\RECYCLER\S-1-5-18\$a2e08dfdaba1fddcd7ec48b990001c00\n (Trojan.0Access) -> Delete on reboot.
C:\RECYCLER\S-1-5-18\$a2e08dfdaba1fddcd7ec48b990001c00\U\80000000.@ (Trojan.0Access) -> Quarantined and deleted successfully.
C:\RECYCLER\S-1-5-18\$a2e08dfdaba1fddcd7ec48b990001c00\U\800000cb.@ (Trojan.0Access) -> Quarantined and deleted successfully.
C:\RECYCLER\S-1-5-21-4021827940-2731737329-3050424344-1008\$a2e08dfdaba1fddcd7ec48b990001c00\n (Trojan.0Access) -> Delete on reboot.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP633\A0121231.dll (Trojan.Medfos) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP633\A0121232.dll (Adware.Seekmo) -> Quarantined and deleted successfully.
J:\Program Files\Internet Explorer\msimg32.dll (PUP.FunWebProducts) -> Quarantined and deleted successfully.
J:\Program Files\MyWebSearch\bar\1.bin\F3WPHOOK.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.
J:\Program Files\MyWebSearch\bar\1.bin\F3CJPEG.DLL (PUP.FunWebProducts) -> Quarantined and deleted successfully.
J:\Program Files\MyWebSearch\bar\1.bin\F3DTACTL.DLL (PUP.FunWebProducts) -> Quarantined and deleted successfully.
J:\Program Files\MyWebSearch\bar\1.bin\F3HISTSW.DLL (PUP.FunWebProducts) -> Quarantined and deleted successfully.
J:\Program Files\MyWebSearch\bar\1.bin\F3HTMLMU.DLL (PUP.FunWebProducts) -> Quarantined and deleted successfully.
J:\Program Files\MyWebSearch\bar\1.bin\F3HTTPCT.DLL (PUP.FunWebProducts) -> Quarantined and deleted successfully.
J:\Program Files\MyWebSearch\bar\1.bin\F3IMSTUB.DLL (PUP.FunWebProducts) -> Quarantined and deleted successfully.
J:\Program Files\MyWebSearch\bar\1.bin\F3POPSWT.DLL (PUP.FunWebProducts) -> Quarantined and deleted successfully.
J:\Program Files\MyWebSearch\bar\1.bin\F3PSSAVR.SCR (PUP.FunWebProducts) -> Quarantined and deleted successfully.
J:\Program Files\MyWebSearch\bar\1.bin\F3REPROX.DLL (PUP.FunWebProducts) -> Quarantined and deleted successfully.
J:\Program Files\MyWebSearch\bar\1.bin\F3RESTUB.DLL (PUP.FunWebProducts) -> Quarantined and deleted successfully.
J:\Program Files\MyWebSearch\bar\1.bin\F3SCHMON.EXE (PUP.FunWebProducts) -> Quarantined and deleted successfully.
J:\Program Files\MyWebSearch\bar\1.bin\F3SCRCTR.DLL (PUP.FunWebProducts) -> Quarantined and deleted successfully.
J:\Program Files\MyWebSearch\bar\1.bin\F3SHLLVW.DLL (PUP.FunWebProducts) -> Quarantined and deleted successfully.
J:\Program Files\MyWebSearch\bar\1.bin\M3HTML.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.
J:\Program Files\MyWebSearch\bar\1.bin\M3IDLE.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.
J:\Program Files\MyWebSearch\bar\1.bin\M3IMPIPE.EXE (PUP.MyWebSearch) -> Quarantined and deleted successfully.
J:\Program Files\MyWebSearch\bar\1.bin\M3MSG.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.
J:\Program Files\MyWebSearch\bar\1.bin\M3OUTLCN.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.
J:\Program Files\MyWebSearch\bar\1.bin\M3PLUGIN.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.
J:\Program Files\MyWebSearch\bar\1.bin\M3SKIN.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.
J:\Program Files\MyWebSearch\bar\1.bin\M3SKPLAY.EXE (PUP.MyWebSearch) -> Quarantined and deleted successfully.
J:\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE (PUP.MyWebSearch) -> Quarantined and deleted successfully.
J:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.
J:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE (PUP.MyWebSearch) -> Quarantined and deleted successfully.
J:\Program Files\MyWebSearch\bar\1.bin\MWSOEPLG.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.
J:\Program Files\MyWebSearch\bar\1.bin\MWSOESTB.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.
J:\Program Files\MyWebSearch\bar\1.bin\NPMYWEBS.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.
J:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.
J:\WINNT\system32\f3pssavr.scr (PUP.FunWebProducts) -> Quarantined and deleted successfully.
C:\Program Files\TelevisionFanatic\bar\1.bin\64sknlcr.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\TelevisionFanatic\bar\1.bin\BOOTSTRAP.JS (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\TelevisionFanatic\bar\1.bin\CHROME.MANIFEST (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\TelevisionFanatic\bar\1.bin\CREXT.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\TelevisionFanatic\bar\1.bin\CrExtP64.exe (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\TelevisionFanatic\bar\1.bin\INSTALL.RDF (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\TelevisionFanatic\bar\1.bin\installKeys.js (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\TelevisionFanatic\bar\1.bin\LOGO.BMP (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\TelevisionFanatic\bar\1.bin\T8EXTEX.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\TelevisionFanatic\bar\1.bin\T8EXTPEX.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\TelevisionFanatic\bar\1.bin\T8RES.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\TelevisionFanatic\bar\1.bin\T8TICKER.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\TelevisionFanatic\bar\1.bin\chrome\64ffxtbr.jar (PUP.MyWebSearch) -> Quarantined and deleted successfully.

(end)

#9 sanpedsa

sanpedsa
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:01:48 PM

Posted 29 January 2013 - 11:34 PM

Mini toolbox results

Error: (01/11/2013 00:38:35 PM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown

Error: (11/18/2012 09:30:13 AM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown

Error: (11/13/2012 05:38:33 PM) (Source: Application Hang) (User: )
Description: Hanging application nbrplay.exe, version 2028.1204.700.1000, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (11/13/2012 05:38:32 PM) (Source: Application Hang) (User: )
Description: Hanging application nbrplay.exe, version 2028.1204.700.1000, hang module hungapp, version 0.0.0.0, hang address 0x00000000.


System errors:
=============
Error: (01/29/2013 05:40:58 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (01/28/2013 10:12:05 PM) (Source: Dhcp) (User: )
Description: Your computer has lost the lease to its IP address 192.168.1.2 on the
Network Card with network address 001676C63292.

Error: (01/28/2013 10:12:05 PM) (Source: W32Time) (User: )
Description: The time provider NtpClient is configured to acquire time from one or more
time sources, however none of the sources are currently accessible.
No attempt to contact a source will be made for 14 minutes.
NtpClient has no source of accurate time.

Error: (01/28/2013 10:12:05 PM) (Source: W32Time) (User: )
Description: Time Provider NtpClient: An error occurred during DNS lookup of the manually
configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15
minutes.
The error was: A socket operation was attempted to an unreachable host. (0x80072751)

Error: (01/27/2013 02:50:23 PM) (Source: W32Time) (User: )
Description: The time provider NtpClient is configured to acquire time from one or more
time sources, however none of the sources are currently accessible.
No attempt to contact a source will be made for 15 minutes.
NtpClient has no source of accurate time.

Error: (01/27/2013 02:50:23 PM) (Source: W32Time) (User: )
Description: Time Provider NtpClient: An error occurred during DNS lookup of the manually
configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15
minutes.
The error was: A socket operation was attempted to an unreachable host. (0x80072751)

Error: (01/27/2013 02:50:19 PM) (Source: W32Time) (User: )
Description: The time provider NtpClient is configured to acquire time from one or more
time sources, however none of the sources are currently accessible.
No attempt to contact a source will be made for 14 minutes.
NtpClient has no source of accurate time.

Error: (01/27/2013 02:50:19 PM) (Source: W32Time) (User: )
Description: Time Provider NtpClient: An error occurred during DNS lookup of the manually
configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15
minutes.
The error was: A socket operation was attempted to an unreachable host. (0x80072751)

Error: (01/26/2013 10:30:56 AM) (Source: W32Time) (User: )
Description: The time provider NtpClient is configured to acquire time from one or more
time sources, however none of the sources are currently accessible.
No attempt to contact a source will be made for 14 minutes.
NtpClient has no source of accurate time.

Error: (01/26/2013 10:30:56 AM) (Source: W32Time) (User: )
Description: Time Provider NtpClient: An error occurred during DNS lookup of the manually
configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15
minutes.
The error was: A socket operation was attempted to an unreachable host. (0x80072751)


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

1500 (Version: 50.0.206.000)
1500_Help (Version: 50.0.206.000)
1500Trb (Version: 50.0.206.000)
3DVIA player 4.1 (Version: 4.1.0.78)
AAC Decoder (Version: 7.1.0)
Adobe AIR (Version: 3.2.0.2070)
Adobe Flash Player 10 ActiveX (Version: 10.0.22.87)
Adobe Flash Player 10 Plugin (Version: 10.0.22.87)
Adobe Reader 7.1.0 (Version: 7.1.0)
Adobe Shockwave Player 11.5 (Version: 11.5)
AiO_Scan (Version: 50.0.206.000)
AiOSoftware (Version: 50.0.206.000)
Amazon MP3 Downloader 1.0.12 (Version: 1.0.12)
Apple Application Support (Version: 1.5.2)
Apple Mobile Device Support (Version: 3.4.1.2)
Apple Software Update (Version: 2.1.3.127)
ATI Display Driver (Version: 8.22-060115a1-031605C-Intel)
AutoUpdate (Version: 1.1)
BitTorrent (Version: 7.7.0.27987)
BitTorrentControl_v12 Toolbar (Version: 6.9.0.16)
BufferChm (Version: 53.0.13.000)
Canon Digital Camera RS-232C TWAIN Driver
Canon Digital Camera USB Driver
Canon PhotoRecord
Canon Utilities PhotoStitch 3.1
Canon Utilities RAW Image Converter
Canon Utilities RemoteCapture 1.3
CCleaner (Version: 3.07)
Citrix Authentication Manager (Version: 3.0.0.47031)
Citrix Receiver (HDX Flash Redirection) (Version: 13.3.0.55)
Citrix Receiver (Version: 13.3.0.55)
Citrix Receiver Inside (Version: 3.3.0.17208)
Citrix Receiver Updater (Version: 3.3.0.17207)
Citrix Receiver(Aero) (Version: 13.3.0.55)
Citrix Receiver(DV) (Version: 13.3.0.55)
Citrix Receiver(USB) (Version: 13.3.0.55)
ConverterLite 1.4.0 (Version: 1.4.0)
CP_Package_Variety1 (Version: 53.0.13.000)
CP_Package_Variety2 (Version: 53.0.13.000)
CP_Package_Variety3 (Version: 53.0.13.000)
Critical Update for Windows Media Player 11 (KB959772)
CustomerResearchQFolder (Version: 1.00.0000)
Destinations (Version: 53.0.13.000)
DeviceManagementQFolder (Version: 1.00.0000)
Digital Media Reader (Version: 2.01.00.02)
DivX Codec (Version: 6.8.5)
DivX Converter (Version: 7.1.0)
DivX Player (Version: 7.2.0)
DivX Plus DirectShow Filters
DivX Version Checker (Version: 7.1.0.2)
DivX Web Player (Version: 1.5.0)
DocProc (Version: 5.2.0.0)
DVD Solution
ESET Online Scanner v3
eSupportQFolder (Version: 1.00.0000)
Fax (Version: 50.0.206.000)
Garmin Communicator Plugin (Version: 4.0.3)
Garmin USB Drivers (Version: 2.3.0.0)
Google Chrome (Version: 24.0.1312.56)
Google Talk Plugin (Version: 3.10.2.10212)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3607.2246)
Google Update Helper (Version: 1.3.21.123)
Google Updater (Version: 2.4.2432.1652)
GoToMeeting 5.1.0.880 (Version: 5.1.0.880)
H.264 Decoder (Version: 1.1.0)
HandBrake 0.9.8 (Version: 0.9.8)
High Definition Audio Driver Package - KB888111 (Version: 20040219.000000)
HP Extended Capabilities 5.3 (Version: 5.3)
HP Image Zone Express (Version: 1.5.1.29)
HP Imaging Device Functions 5.3 (Version: 5.3)
HP PSC & OfficeJet 5.3.B
HP Software Update (Version: 3.0.5.001)
HP Solution Center & Imaging Support Tools 5.3 (Version: 5.3)
HPProductAssistant (Version: 53.0.13.000)
iTunes (Version: 10.3.1.55)
J2SE Runtime Environment 5.0 Update 2 (Version: 1.5.0.20)
Java 7 Update 11 (Version: 7.0.110)
Java Auto Updater (Version: 2.1.9.0)
Java™ 6 Update 13 (Version: 6.0.130)
Java™ 6 Update 7 (Version: 1.6.0.70)
Junk Mail filter update (Version: 14.0.8117.416)
Legalsounds Download Manager (Version: 1.4.9)
Logitech Desktop Messenger
Logitech QuickCam Software (Version: 8.47.0000)
Logitech Camera Driver
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
MarketResearch (Version: 53.0.13.000)
Microsoft .NET Framework 1.0 Hotfix (KB2572066)
Microsoft .NET Framework 1.0 Hotfix (KB2604042)
Microsoft .NET Framework 1.0 Hotfix (KB2656378)
Microsoft .NET Framework 1.0 Hotfix (KB953295)
Microsoft .NET Framework 1.0 Hotfix (KB979904)
Microsoft .NET Framework 1.0 Security Update (KB2698035)
Microsoft .NET Framework 1.0 Security Update (KB2742607)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Digital Image Library 9 - Blocker (Version: 9.00.0000)
Microsoft Digital Image Starter Edition 2006 (Version: 11.0.0422)
Microsoft Digital Image Starter Edition 2006 Editor (Version: 11.0.0422)
Microsoft Digital Image Starter Edition 2006 Library (Version: 11.0.0422)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Money 2006 (Version: 15)
Microsoft National Language Support Downlevel APIs
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook Connector (Version: 12.0.6423.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Professional Plus 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft Software Update for Web Folders (English) 12 (Version: 12.0.6612.1000)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Works (Version: 08.05.0818)
MKV Splitter (Version: 1.0.1)
MODUS Screen Saver
MSN
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Napster Burn Engine (Version: 2.5.0000)
NewCopy (Version: 50.0.206.000)
Online Plug-in (Version: 13.3.0.55)
OpenMG Limited Patch 4.7-07-14-05-01
OpenMG Secure Module 4.7.00 (Version: 4.7.00.12140)
PayPal Plug-In (Version: 2.2.26.0)
PayPal Plug-In (Version: 2.2.3.0)
Picasa 3 (Version: 3.8)
PowerDVD
ProductContext (Version: 50.0.206.000)
QuickTime (Version: 7.69.80.9)
Readme (Version: 50.0.206.000)
RealPlayer Basic
REALTEK GbE & FE Ethernet PCI NIC Driver (Version: 1.00.0000)
Realtek High Definition Audio Driver (Version: 2.06)
Recovery Software Suite eMachines (Version: 1.00.0000)
Road Runner Install
Road Runner Medic 6.1 (Version: 6.1.31)
Rosetta Stone Version 3 (Version: 3.4.7.0)
Samsung USB Driver (MCCI 4.34) WHQL v3.0 (Version: 4.34)
Satellite Direct v11.1.1.2
Scan (Version: 5.2.0.0)
ScannerCopy (Version: 5.2.0.0)
Scientific-Atlanta WebSTAR 2000 series Cable Modem
Segoe UI (Version: 14.0.4327.805)
Self-service Plug-in (Version: 3.3.0.27839)
Skype 5.10 (Version: 5.10.116)
Soft Data Fax Modem with SmartCP
SolutionCenter (Version: 50.0.152.000)
Sonic Encoders (Version: 1.00)
Status (Version: 53.0.13.000)
SyncBack
TeamViewer 4
TrayApp (Version: 53.0.13.000)
Unity Web Player (Version: 2.5.0f5_21627)
Unload (Version: 5.0.0)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2760586) 32-Bit Edition
Update for Windows Internet Explorer 7 (KB976749) (Version: 1)
Update for Windows Internet Explorer 7 (KB980182) (Version: 1)
Update for Windows Internet Explorer 8 (KB2598845) (Version: 1)
Update for Windows Media Player 10 (KB910393)
Update for Windows Media Player 10 (KB913800)
Update for Windows Media Player 10 (KB926251)
Update for Windows XP (KB2141007) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2607712) (Version: 1)
Update for Windows XP (KB2616676-v2) (Version: 2)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2661254-v2) (Version: 2)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB2736233) (Version: 1)
Update for Windows XP (KB2749655) (Version: 1)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB955839) (Version: 1)
Update for Windows XP (KB961503) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
Update Rollup 2 for Windows XP Media Center Edition 2005
VC80CRTRedist - 8.0.50727.762 (Version: 1.0.0)
Viewpoint Media Player
VPN Client 32 5.0.07.0290 Cisco (Version: 5.0.7)
WD SmartWare (Version: 1.3.0.16)
Web Assistant 2.0.0.455
WebFldrs XP (Version: 9.50.7523)
WebReg (Version: 53.0.13.000)
WildTangent Web Driver
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0) (Version: 06/03/2009 2.3.0.0)
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray (Version: 1.0)
Windows Genuine Advantage Notifications (KB905474) (Version: 1.7.0018.5)
Windows Genuine Advantage Validation Tool
Windows Internet Explorer 7 (Version: 20070813.185237)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Live Call (Version: 14.0.8117.0416)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Essentials (Version: 14.0.8117.0416)
Windows Live Essentials (Version: 14.0.8117.416)
Windows Live Mail (Version: 14.0.8117.0416)
Windows Live Messenger (Version: 14.0.8117.0416)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Media Format 11 runtime
Windows XP Media Center Edition 2005 KB2502898
Windows XP Media Center Edition 2005 KB2619340
Windows XP Media Center Edition 2005 KB2628259
Windows XP Media Center Edition 2005 KB925766
Windows XP Media Center Edition 2005 KB973768
Windows XP Service Pack 3 (Version: 20080414.031525)

========================= Memory info: ===================================

Percentage of memory in use: 53%
Total physical RAM: 1405.41 MB
Available physical RAM: 655.81 MB
Total Pagefile: 1830.94 MB
Available Pagefile: 1161.59 MB
Total Virtual: 2047.88 MB
Available Virtual: 1969.11 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:143.75 GB) (Free:118.85 GB) NTFS
2 Drive d: () (Fixed) (Total:5.28 GB) (Free:3.41 GB) FAT32
7 Drive j: () (Fixed) (Total:28.62 GB) (Free:12.37 GB) NTFS

========================= Users: ========================================

User accounts for \\OURCOMPUTER

Administrator ASPNET Guest
HelpAssistant Sara SUPPORT_388945a0

========================= Restore Points ==================================

07-10-2012 06:22:51 System Checkpoint
07-10-2012 07:00:40 Software Distribution Service 3.0
18-10-2012 20:34:27 System Checkpoint
19-10-2012 07:00:52 Software Distribution Service 3.0
02-11-2012 12:21:34 System Checkpoint
04-11-2012 22:36:20 System Checkpoint
05-11-2012 23:05:15 System Checkpoint
08-11-2012 00:09:33 Software Distribution Service 3.0
11-11-2012 18:00:57 System Checkpoint
18-11-2012 00:59:22 Software Distribution Service 3.0
24-11-2012 14:35:52 System Checkpoint
25-11-2012 16:44:33 System Checkpoint
30-11-2012 18:47:27 System Checkpoint
09-12-2012 12:51:02 System Checkpoint
16-12-2012 13:06:34 Software Distribution Service 3.0
22-12-2012 18:47:58 Software Distribution Service 3.0
06-01-2013 14:04:19 Software Distribution Service 3.0
10-01-2013 21:37:38 Software Distribution Service 3.0
17-01-2013 23:26:05 Software Distribution Service 3.0
22-01-2013 23:07:59 Installed Java 7 Update 11

**** End of log ****

Mini toolbox results

Error: (01/11/2013 00:38:35 PM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown

Error: (11/18/2012 09:30:13 AM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown

Error: (11/13/2012 05:38:33 PM) (Source: Application Hang) (User: )
Description: Hanging application nbrplay.exe, version 2028.1204.700.1000, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (11/13/2012 05:38:32 PM) (Source: Application Hang) (User: )
Description: Hanging application nbrplay.exe, version 2028.1204.700.1000, hang module hungapp, version 0.0.0.0, hang address 0x00000000.


System errors:
=============
Error: (01/29/2013 05:40:58 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (01/28/2013 10:12:05 PM) (Source: Dhcp) (User: )
Description: Your computer has lost the lease to its IP address 192.168.1.2 on the
Network Card with network address 001676C63292.

Error: (01/28/2013 10:12:05 PM) (Source: W32Time) (User: )
Description: The time provider NtpClient is configured to acquire time from one or more
time sources, however none of the sources are currently accessible.
No attempt to contact a source will be made for 14 minutes.
NtpClient has no source of accurate time.

Error: (01/28/2013 10:12:05 PM) (Source: W32Time) (User: )
Description: Time Provider NtpClient: An error occurred during DNS lookup of the manually
configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15
minutes.
The error was: A socket operation was attempted to an unreachable host. (0x80072751)

Error: (01/27/2013 02:50:23 PM) (Source: W32Time) (User: )
Description: The time provider NtpClient is configured to acquire time from one or more
time sources, however none of the sources are currently accessible.
No attempt to contact a source will be made for 15 minutes.
NtpClient has no source of accurate time.

Error: (01/27/2013 02:50:23 PM) (Source: W32Time) (User: )
Description: Time Provider NtpClient: An error occurred during DNS lookup of the manually
configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15
minutes.
The error was: A socket operation was attempted to an unreachable host. (0x80072751)

Error: (01/27/2013 02:50:19 PM) (Source: W32Time) (User: )
Description: The time provider NtpClient is configured to acquire time from one or more
time sources, however none of the sources are currently accessible.
No attempt to contact a source will be made for 14 minutes.
NtpClient has no source of accurate time.

Error: (01/27/2013 02:50:19 PM) (Source: W32Time) (User: )
Description: Time Provider NtpClient: An error occurred during DNS lookup of the manually
configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15
minutes.
The error was: A socket operation was attempted to an unreachable host. (0x80072751)

Error: (01/26/2013 10:30:56 AM) (Source: W32Time) (User: )
Description: The time provider NtpClient is configured to acquire time from one or more
time sources, however none of the sources are currently accessible.
No attempt to contact a source will be made for 14 minutes.
NtpClient has no source of accurate time.

Error: (01/26/2013 10:30:56 AM) (Source: W32Time) (User: )
Description: Time Provider NtpClient: An error occurred during DNS lookup of the manually
configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15
minutes.
The error was: A socket operation was attempted to an unreachable host. (0x80072751)


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

1500 (Version: 50.0.206.000)
1500_Help (Version: 50.0.206.000)
1500Trb (Version: 50.0.206.000)
3DVIA player 4.1 (Version: 4.1.0.78)
AAC Decoder (Version: 7.1.0)
Adobe AIR (Version: 3.2.0.2070)
Adobe Flash Player 10 ActiveX (Version: 10.0.22.87)
Adobe Flash Player 10 Plugin (Version: 10.0.22.87)
Adobe Reader 7.1.0 (Version: 7.1.0)
Adobe Shockwave Player 11.5 (Version: 11.5)
AiO_Scan (Version: 50.0.206.000)
AiOSoftware (Version: 50.0.206.000)
Amazon MP3 Downloader 1.0.12 (Version: 1.0.12)
Apple Application Support (Version: 1.5.2)
Apple Mobile Device Support (Version: 3.4.1.2)
Apple Software Update (Version: 2.1.3.127)
ATI Display Driver (Version: 8.22-060115a1-031605C-Intel)
AutoUpdate (Version: 1.1)
BitTorrent (Version: 7.7.0.27987)
BitTorrentControl_v12 Toolbar (Version: 6.9.0.16)
BufferChm (Version: 53.0.13.000)
Canon Digital Camera RS-232C TWAIN Driver
Canon Digital Camera USB Driver
Canon PhotoRecord
Canon Utilities PhotoStitch 3.1
Canon Utilities RAW Image Converter
Canon Utilities RemoteCapture 1.3
CCleaner (Version: 3.07)
Citrix Authentication Manager (Version: 3.0.0.47031)
Citrix Receiver (HDX Flash Redirection) (Version: 13.3.0.55)
Citrix Receiver (Version: 13.3.0.55)
Citrix Receiver Inside (Version: 3.3.0.17208)
Citrix Receiver Updater (Version: 3.3.0.17207)
Citrix Receiver(Aero) (Version: 13.3.0.55)
Citrix Receiver(DV) (Version: 13.3.0.55)
Citrix Receiver(USB) (Version: 13.3.0.55)
ConverterLite 1.4.0 (Version: 1.4.0)
CP_Package_Variety1 (Version: 53.0.13.000)
CP_Package_Variety2 (Version: 53.0.13.000)
CP_Package_Variety3 (Version: 53.0.13.000)
Critical Update for Windows Media Player 11 (KB959772)
CustomerResearchQFolder (Version: 1.00.0000)
Destinations (Version: 53.0.13.000)
DeviceManagementQFolder (Version: 1.00.0000)
Digital Media Reader (Version: 2.01.00.02)
DivX Codec (Version: 6.8.5)
DivX Converter (Version: 7.1.0)
DivX Player (Version: 7.2.0)
DivX Plus DirectShow Filters
DivX Version Checker (Version: 7.1.0.2)
DivX Web Player (Version: 1.5.0)
DocProc (Version: 5.2.0.0)
DVD Solution
ESET Online Scanner v3
eSupportQFolder (Version: 1.00.0000)
Fax (Version: 50.0.206.000)
Garmin Communicator Plugin (Version: 4.0.3)
Garmin USB Drivers (Version: 2.3.0.0)
Google Chrome (Version: 24.0.1312.56)
Google Talk Plugin (Version: 3.10.2.10212)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3607.2246)
Google Update Helper (Version: 1.3.21.123)
Google Updater (Version: 2.4.2432.1652)
GoToMeeting 5.1.0.880 (Version: 5.1.0.880)
H.264 Decoder (Version: 1.1.0)
HandBrake 0.9.8 (Version: 0.9.8)
High Definition Audio Driver Package - KB888111 (Version: 20040219.000000)
HP Extended Capabilities 5.3 (Version: 5.3)
HP Image Zone Express (Version: 1.5.1.29)
HP Imaging Device Functions 5.3 (Version: 5.3)
HP PSC & OfficeJet 5.3.B
HP Software Update (Version: 3.0.5.001)
HP Solution Center & Imaging Support Tools 5.3 (Version: 5.3)
HPProductAssistant (Version: 53.0.13.000)
iTunes (Version: 10.3.1.55)
J2SE Runtime Environment 5.0 Update 2 (Version: 1.5.0.20)
Java 7 Update 11 (Version: 7.0.110)
Java Auto Updater (Version: 2.1.9.0)
Java™ 6 Update 13 (Version: 6.0.130)
Java™ 6 Update 7 (Version: 1.6.0.70)
Junk Mail filter update (Version: 14.0.8117.416)
Legalsounds Download Manager (Version: 1.4.9)
Logitech Desktop Messenger
Logitech QuickCam Software (Version: 8.47.0000)
Logitech Camera Driver
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
MarketResearch (Version: 53.0.13.000)
Microsoft .NET Framework 1.0 Hotfix (KB2572066)
Microsoft .NET Framework 1.0 Hotfix (KB2604042)
Microsoft .NET Framework 1.0 Hotfix (KB2656378)
Microsoft .NET Framework 1.0 Hotfix (KB953295)
Microsoft .NET Framework 1.0 Hotfix (KB979904)
Microsoft .NET Framework 1.0 Security Update (KB2698035)
Microsoft .NET Framework 1.0 Security Update (KB2742607)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Digital Image Library 9 - Blocker (Version: 9.00.0000)
Microsoft Digital Image Starter Edition 2006 (Version: 11.0.0422)
Microsoft Digital Image Starter Edition 2006 Editor (Version: 11.0.0422)
Microsoft Digital Image Starter Edition 2006 Library (Version: 11.0.0422)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Money 2006 (Version: 15)
Microsoft National Language Support Downlevel APIs
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook Connector (Version: 12.0.6423.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Professional Plus 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft Software Update for Web Folders (English) 12 (Version: 12.0.6612.1000)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Works (Version: 08.05.0818)
MKV Splitter (Version: 1.0.1)
MODUS Screen Saver
MSN
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Napster Burn Engine (Version: 2.5.0000)
NewCopy (Version: 50.0.206.000)
Online Plug-in (Version: 13.3.0.55)
OpenMG Limited Patch 4.7-07-14-05-01
OpenMG Secure Module 4.7.00 (Version: 4.7.00.12140)
PayPal Plug-In (Version: 2.2.26.0)
PayPal Plug-In (Version: 2.2.3.0)
Picasa 3 (Version: 3.8)
PowerDVD
ProductContext (Version: 50.0.206.000)
QuickTime (Version: 7.69.80.9)
Readme (Version: 50.0.206.000)
RealPlayer Basic
REALTEK GbE & FE Ethernet PCI NIC Driver (Version: 1.00.0000)
Realtek High Definition Audio Driver (Version: 2.06)
Recovery Software Suite eMachines (Version: 1.00.0000)
Road Runner Install
Road Runner Medic 6.1 (Version: 6.1.31)
Rosetta Stone Version 3 (Version: 3.4.7.0)
Samsung USB Driver (MCCI 4.34) WHQL v3.0 (Version: 4.34)
Satellite Direct v11.1.1.2
Scan (Version: 5.2.0.0)
ScannerCopy (Version: 5.2.0.0)
Scientific-Atlanta WebSTAR 2000 series Cable Modem
Segoe UI (Version: 14.0.4327.805)
Self-service Plug-in (Version: 3.3.0.27839)
Skype 5.10 (Version: 5.10.116)
Soft Data Fax Modem with SmartCP
SolutionCenter (Version: 50.0.152.000)
Sonic Encoders (Version: 1.00)
Status (Version: 53.0.13.000)
SyncBack
TeamViewer 4
TrayApp (Version: 53.0.13.000)
Unity Web Player (Version: 2.5.0f5_21627)
Unload (Version: 5.0.0)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2760586) 32-Bit Edition
Update for Windows Internet Explorer 7 (KB976749) (Version: 1)
Update for Windows Internet Explorer 7 (KB980182) (Version: 1)
Update for Windows Internet Explorer 8 (KB2598845) (Version: 1)
Update for Windows Media Player 10 (KB910393)
Update for Windows Media Player 10 (KB913800)
Update for Windows Media Player 10 (KB926251)
Update for Windows XP (KB2141007) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2607712) (Version: 1)
Update for Windows XP (KB2616676-v2) (Version: 2)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2661254-v2) (Version: 2)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB2736233) (Version: 1)
Update for Windows XP (KB2749655) (Version: 1)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB955839) (Version: 1)
Update for Windows XP (KB961503) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
Update Rollup 2 for Windows XP Media Center Edition 2005
VC80CRTRedist - 8.0.50727.762 (Version: 1.0.0)
Viewpoint Media Player
VPN Client 32 5.0.07.0290 Cisco (Version: 5.0.7)
WD SmartWare (Version: 1.3.0.16)
Web Assistant 2.0.0.455
WebFldrs XP (Version: 9.50.7523)
WebReg (Version: 53.0.13.000)
WildTangent Web Driver
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0) (Version: 06/03/2009 2.3.0.0)
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray (Version: 1.0)
Windows Genuine Advantage Notifications (KB905474) (Version: 1.7.0018.5)
Windows Genuine Advantage Validation Tool
Windows Internet Explorer 7 (Version: 20070813.185237)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Live Call (Version: 14.0.8117.0416)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Essentials (Version: 14.0.8117.0416)
Windows Live Essentials (Version: 14.0.8117.416)
Windows Live Mail (Version: 14.0.8117.0416)
Windows Live Messenger (Version: 14.0.8117.0416)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Media Format 11 runtime
Windows XP Media Center Edition 2005 KB2502898
Windows XP Media Center Edition 2005 KB2619340
Windows XP Media Center Edition 2005 KB2628259
Windows XP Media Center Edition 2005 KB925766
Windows XP Media Center Edition 2005 KB973768
Windows XP Service Pack 3 (Version: 20080414.031525)

========================= Memory info: ===================================

Percentage of memory in use: 53%
Total physical RAM: 1405.41 MB
Available physical RAM: 655.81 MB
Total Pagefile: 1830.94 MB
Available Pagefile: 1161.59 MB
Total Virtual: 2047.88 MB
Available Virtual: 1969.11 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:143.75 GB) (Free:118.85 GB) NTFS
2 Drive d: () (Fixed) (Total:5.28 GB) (Free:3.41 GB) FAT32
7 Drive j: () (Fixed) (Total:28.62 GB) (Free:12.37 GB) NTFS

========================= Users: ========================================

User accounts for \\OURCOMPUTER

Administrator ASPNET Guest
HelpAssistant Sara SUPPORT_388945a0

========================= Restore Points ==================================

07-10-2012 06:22:51 System Checkpoint
07-10-2012 07:00:40 Software Distribution Service 3.0
18-10-2012 20:34:27 System Checkpoint
19-10-2012 07:00:52 Software Distribution Service 3.0
02-11-2012 12:21:34 System Checkpoint
04-11-2012 22:36:20 System Checkpoint
05-11-2012 23:05:15 System Checkpoint
08-11-2012 00:09:33 Software Distribution Service 3.0
11-11-2012 18:00:57 System Checkpoint
18-11-2012 00:59:22 Software Distribution Service 3.0
24-11-2012 14:35:52 System Checkpoint
25-11-2012 16:44:33 System Checkpoint
30-11-2012 18:47:27 System Checkpoint
09-12-2012 12:51:02 System Checkpoint
16-12-2012 13:06:34 Software Distribution Service 3.0
22-12-2012 18:47:58 Software Distribution Service 3.0
06-01-2013 14:04:19 Software Distribution Service 3.0
10-01-2013 21:37:38 Software Distribution Service 3.0
17-01-2013 23:26:05 Software Distribution Service 3.0
22-01-2013 23:07:59 Installed Java 7 Update 11

**** End of log ****

#10 sanpedsa

sanpedsa
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:01:48 PM

Posted 29 January 2013 - 11:38 PM

FSS results

Farbar Service Scanner Version: 16-01-2013
Ran by Sara (administrator) on 29-01-2013 at 23:37:15
Running from "C:\Documents and Settings\Sara\My Documents\Downloads"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is offline
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
sharedaccess Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to retrieve start type of sharedaccess. The value does not exist.
Checking ImagePath: ATTENTION!=====> Unable to retrieve ImagePath of sharedaccess. The value does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open sharedaccess registry key. The service key does not exist.
Checking LEGACY_sharedaccess: ATTENTION!=====> Unable to open LEGACY_sharedaccess\0000 registry key. The key does not exist.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking LEGACY_wscsvc: ATTENTION!=====> Unable to open LEGACY_wscsvc\0000 registry key. The key does not exist.


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
DNE(8) Gpc(6) IPSec(4) NetBT(5) PSched(7) Tcpip(3)
0x080000000400000001000000020000000300000005000000060000000700000008000000
IpSec Tag value is correct.

**** End of log ****

#11 sanpedsa

sanpedsa
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:01:48 PM

Posted 30 January 2013 - 11:51 AM

adware cleaner locks up the computer.. tried it twice..
now also getting a "Run dll" error on restart..
file location
C:/Documents and Settings\Sara\Application Data\ilaet.dll

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:48 PM

Posted 30 January 2013 - 11:52 AM

We never finished our scans.Still need the remaining logs.Try to run ADWARE CLEANER from safemode.

#13 sanpedsa

sanpedsa
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:01:48 PM

Posted 30 January 2013 - 12:14 PM

working on getting into safe mode.. PC seems to be one step ahead right now and not letting me do this stuff!

#14 sanpedsa

sanpedsa
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:01:48 PM

Posted 30 January 2013 - 12:26 PM

got the PC into safe mode and ran the adware cleaner. it said I would get a log file in reboot, but none is generated.. is there a way to find it?

#15 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:48 PM

Posted 30 January 2013 - 12:29 PM

Ignore it and move to next scan.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users