Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Slow system, flashing pop up ads, programs facebook, microsoft just shut down


  • Please log in to reply
18 replies to this topic

#1 redhot1n

redhot1n

  • Members
  • 58 posts
  • OFFLINE
  •  
  • Local time:08:58 AM

Posted 17 April 2013 - 10:10 PM

I have worked with you guys before so I had Malware bytes on my system and I ran it yesterday. It picked up 8 issues and cleaned them, but my system is still running horribly slow...this is the log with the errors

 

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.02.26.06

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Connie :: CONNIE-2F0A5CA4 [administrator]

4/15/2013 8:46:08 PM
mbam-log-2013-04-15 (20-46-08).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 240705
Time elapsed: 36 minute(s), 17 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 7
HKCR\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9} (PUP.Software.Updater) -> Quarantined and deleted successfully.
HKCR\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476} (PUP.Software.Updater) -> Quarantined and deleted successfully.
HKCR\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67} (PUP.Software.Updater) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96} (PUP.Software.Updater) -> Quarantined and deleted successfully.
HKCR\Updater.AmiUpd.1 (PUP.Software.Updater) -> Quarantined and deleted successfully.
HKCR\Updater.AmiUpd (PUP.Software.Updater) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\CROSSRIDER (Adware.GamePlayLab) -> Quarantined and deleted successfully.

Registry Values Detected: 1
HKCU\Software\Crossrider|215AppVerifier (Adware.GamePlayLab) -> Data: 8f2058de39bbf7f0a3645f725b9fa57e -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 1
C:\Documents and Settings\Connie\Application Data\SwvUpdater (PUP.Software.Updater) -> Quarantined and deleted successfully.

Files Detected: 4
C:\Documents and Settings\Connie\Application Data\SwvUpdater\Updater.exe (PUP.Software.Updater) -> Quarantined and deleted successfully.
C:\Documents and Settings\Connie\Application Data\SwvUpdater\Updater.xml (PUP.Software.Updater) -> Quarantined and deleted successfully.
C:\Documents and Settings\Connie\Application Data\SwvUpdater\status.cfg (PUP.Software.Updater) -> Quarantined and deleted successfully.
C:\WINDOWS\Tasks\AmiUpdXp.job (PUP.Software.Updater) -> Quarantined and deleted successfully.

 

 

 



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,534 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:58 AM

Posted 17 April 2013 - 10:45 PM

Welcome back... :Let's also run these.

 

Please Download TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)
 
Do not change the default options on scan results.

 

 

 

Please download AdwCleaner by Xplode onto your desktop.
•Close all open programs and internet browsers.
•Double click on adwcleaner.exe to run the tool.
•Click on Delete.
•Confirm each time with Ok.
•You will be prompted to restart your computer. A text file will open after the restart.
•Please post the contents of that logfile with your next reply.
•You can find the logfile at C:\AdwCleaner[S1].txt as well.


>>>>

Now I'd like us to scan your machine with ESET OnlineScan

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png  button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

NOTE:Sometimes if ESET finds no infections it will not create a log.

 

 

 

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:

  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 redhot1n

redhot1n
  • Topic Starter

  • Members
  • 58 posts
  • OFFLINE
  •  
  • Local time:08:58 AM

Posted 17 April 2013 - 11:52 PM

Here is the TDSSkiller log

21:40:50.0328 3744  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
21:40:50.0906 3744  ============================================================
21:40:50.0906 3744  Current date / time: 2013/04/17 21:40:50.0906
21:40:50.0906 3744  SystemInfo:
21:40:50.0906 3744 
21:40:50.0906 3744  OS Version: 5.1.2600 ServicePack: 3.0
21:40:50.0906 3744  Product type: Workstation
21:40:50.0921 3744  ComputerName: CONNIE-2F0A5CA4
21:40:50.0921 3744  UserName: Connie
21:40:50.0921 3744  Windows directory: C:\WINDOWS
21:40:50.0921 3744  System windows directory: C:\WINDOWS
21:40:50.0921 3744  Processor architecture: Intel x86
21:40:50.0921 3744  Number of processors: 2
21:40:50.0921 3744  Page size: 0x1000
21:40:50.0921 3744  Boot type: Normal boot
21:40:50.0921 3744  ============================================================
21:40:53.0906 3744  Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
21:40:53.0984 3744  ============================================================
21:40:53.0984 3744  \Device\Harddisk0\DR0:
21:40:53.0984 3744  MBR partitions:
21:40:53.0984 3744  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2738A, BlocksNum 0xD3D3382
21:40:54.0000 3744  ============================================================
21:40:54.0062 3744  C: <-> \Device\Harddisk0\DR0\Partition1
21:40:54.0062 3744  ============================================================
21:40:54.0062 3744  Initialize success
21:40:54.0062 3744  ============================================================
21:42:33.0781 3456  ============================================================
21:42:33.0781 3456  Scan started
21:42:33.0781 3456  Mode: Manual;
21:42:33.0781 3456  ============================================================
21:42:35.0906 3456  ================ Scan system memory ========================
21:42:35.0921 3456  System memory - ok
21:42:35.0921 3456  ================ Scan services =============================
21:42:35.0968 3456  Abiosdsk - ok
21:42:35.0984 3456  abp480n5 - ok
21:42:36.0046 3456  [ 8FD99680A539792A30E97944FDAECF17 ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
21:42:36.0046 3456  ACPI - ok
21:42:36.0109 3456  [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
21:42:36.0109 3456  ACPIEC - ok
21:42:36.0218 3456  [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
21:42:36.0218 3456  AdobeFlashPlayerUpdateSvc - ok
21:42:36.0234 3456  adpu160m - ok
21:42:36.0312 3456  [ 8BED39E3C35D6A489438B8141717A557 ] aec             C:\WINDOWS\system32\drivers\aec.sys
21:42:36.0312 3456  aec - ok
21:42:36.0359 3456  [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
21:42:36.0375 3456  AFD - ok
21:42:36.0375 3456  Aha154x - ok
21:42:36.0390 3456  aic78u2 - ok
21:42:36.0406 3456  aic78xx - ok
21:42:36.0468 3456  [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
21:42:36.0468 3456  Alerter - ok
21:42:36.0500 3456  [ 8C515081584A38AA007909CD02020B3D ] ALG             C:\WINDOWS\System32\alg.exe
21:42:36.0500 3456  ALG - ok
21:42:36.0515 3456  AliIde - ok
21:42:36.0531 3456  amsint - ok
21:42:36.0640 3456  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:42:36.0640 3456  Apple Mobile Device - ok
21:42:36.0656 3456  AppMgmt - ok
21:42:36.0703 3456  [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394         C:\WINDOWS\system32\DRIVERS\arp1394.sys
21:42:36.0703 3456  Arp1394 - ok
21:42:36.0718 3456  asc - ok
21:42:36.0734 3456  asc3350p - ok
21:42:36.0750 3456  asc3550 - ok
21:42:36.0781 3456  [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
21:42:36.0781 3456  AsyncMac - ok
21:42:36.0796 3456  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
21:42:36.0812 3456  atapi - ok
21:42:36.0828 3456  Atdisk - ok
21:42:36.0843 3456  [ 9916C1225104BA14794209CFA8012159 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
21:42:36.0859 3456  Atmarpc - ok
21:42:36.0906 3456  [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
21:42:36.0906 3456  AudioSrv - ok
21:42:36.0968 3456  [ D9F724AA26C010A217C97606B160ED68 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
21:42:36.0968 3456  audstub - ok
21:42:37.0093 3456  [ 9208C78BD9283F79A30252AD954C77A2 ] BCM43XX         C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
21:42:37.0125 3456  BCM43XX - ok
21:42:37.0156 3456  [ CD4646067CC7DCBA1907FA0ACF7E3966 ] bcm4sbxp        C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
21:42:37.0156 3456  bcm4sbxp - ok
21:42:37.0203 3456  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
21:42:37.0203 3456  Beep - ok
21:42:37.0281 3456  [ 574738F61FCA2935F5265DC4E5691314 ] BITS            C:\WINDOWS\system32\qmgr.dll
21:42:37.0328 3456  BITS - ok
21:42:37.0421 3456  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
21:42:37.0437 3456  Bonjour Service - ok
21:42:37.0500 3456  [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser         C:\WINDOWS\System32\browser.dll
21:42:37.0500 3456  Browser - ok
21:42:37.0546 3456  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
21:42:37.0562 3456  cbidf2k - ok
21:42:37.0593 3456  [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE        C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
21:42:37.0609 3456  CCDECODE - ok
21:42:37.0609 3456  cd20xrnt - ok
21:42:37.0656 3456  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
21:42:37.0656 3456  Cdaudio - ok
21:42:37.0671 3456  [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
21:42:37.0671 3456  Cdfs - ok
21:42:37.0703 3456  [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
21:42:37.0703 3456  Cdrom - ok
21:42:37.0734 3456  [ 84853B3FD012251690570E9E7E43343F ] cercsr6         C:\WINDOWS\system32\drivers\cercsr6.sys
21:42:37.0734 3456  cercsr6 - ok
21:42:37.0750 3456  Changer - ok
21:42:37.0812 3456  [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc           C:\WINDOWS\system32\cisvc.exe
21:42:37.0812 3456  CiSvc - ok
21:42:37.0828 3456  [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
21:42:37.0828 3456  ClipSrv - ok
21:42:37.0843 3456  [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt          C:\WINDOWS\system32\DRIVERS\CmBatt.sys
21:42:37.0843 3456  CmBatt - ok
21:42:37.0859 3456  CmdIde - ok
21:42:37.0875 3456  [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt        C:\WINDOWS\system32\DRIVERS\compbatt.sys
21:42:37.0875 3456  Compbatt - ok
21:42:37.0890 3456  COMSysApp - ok
21:42:37.0921 3456  Cpqarray - ok
21:42:37.0937 3456  [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
21:42:37.0937 3456  CryptSvc - ok
21:42:38.0000 3456  [ CB6FF7012BB5D59D7C12350DB795CE1F ] ctxusbm         C:\WINDOWS\system32\DRIVERS\ctxusbm.sys
21:42:38.0000 3456  ctxusbm - ok
21:42:38.0015 3456  dac2w2k - ok
21:42:38.0031 3456  dac960nt - ok
21:42:38.0093 3456  [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
21:42:38.0109 3456  DcomLaunch - ok
21:42:38.0156 3456  [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
21:42:38.0171 3456  Dhcp - ok
21:42:38.0187 3456  [ 044452051F3E02E7963599FC8F4F3E25 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
21:42:38.0187 3456  Disk - ok
21:42:38.0203 3456  dmadmin - ok
21:42:38.0296 3456  [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
21:42:38.0328 3456  dmboot - ok
21:42:38.0359 3456  [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
21:42:38.0359 3456  dmio - ok
21:42:38.0390 3456  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
21:42:38.0390 3456  dmload - ok
21:42:38.0421 3456  [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver        C:\WINDOWS\System32\dmserver.dll
21:42:38.0421 3456  dmserver - ok
21:42:38.0468 3456  [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
21:42:38.0468 3456  DMusic - ok
21:42:38.0531 3456  [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
21:42:38.0531 3456  Dnscache - ok
21:42:38.0578 3456  [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
21:42:38.0578 3456  Dot3svc - ok
21:42:38.0593 3456  dpti2o - ok
21:42:38.0625 3456  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
21:42:38.0625 3456  drmkaud - ok
21:42:38.0656 3456  [ B2C3F71B86E25C3DF78339DDB40A7562 ] dsNcAdpt        C:\WINDOWS\system32\DRIVERS\dsNcAdpt.sys
21:42:38.0671 3456  dsNcAdpt - ok
21:42:38.0765 3456  [ E2FD9B848394F385E74D6137E1A7D95E ] dsNcService     C:\Program Files\Juniper Networks\Common Files\dsNcService.exe
21:42:38.0781 3456  dsNcService - ok
21:42:38.0812 3456  [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost         C:\WINDOWS\System32\eapsvc.dll
21:42:38.0812 3456  EapHost - ok
21:42:38.0843 3456  [ BC93B4A066477954555966D77FEC9ECB ] ERSvc           C:\WINDOWS\System32\ersvc.dll
21:42:38.0843 3456  ERSvc - ok
21:42:38.0875 3456  [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog        C:\WINDOWS\system32\services.exe
21:42:38.0875 3456  Eventlog - ok
21:42:38.0937 3456  [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem     C:\WINDOWS\system32\es.dll
21:42:38.0953 3456  EventSystem - ok
21:42:38.0968 3456  [ 38D332A6D56AF32635675F132548343E ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
21:42:38.0984 3456  Fastfat - ok
21:42:39.0031 3456  [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
21:42:39.0046 3456  FastUserSwitchingCompatibility - ok
21:42:39.0093 3456  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc             C:\WINDOWS\system32\drivers\Fdc.sys
21:42:39.0093 3456  Fdc - ok
21:42:39.0125 3456  [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
21:42:39.0125 3456  Fips - ok
21:42:39.0140 3456  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk        C:\WINDOWS\system32\drivers\Flpydisk.sys
21:42:39.0140 3456  Flpydisk - ok
21:42:39.0187 3456  [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
21:42:39.0187 3456  FltMgr - ok
21:42:39.0203 3456  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
21:42:39.0203 3456  Fs_Rec - ok
21:42:39.0218 3456  [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
21:42:39.0234 3456  Ftdisk - ok
21:42:39.0250 3456  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
21:42:39.0265 3456  Gpc - ok
21:42:39.0281 3456  [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
21:42:39.0296 3456  HDAudBus - ok
21:42:39.0390 3456  [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
21:42:39.0390 3456  helpsvc - ok
21:42:39.0406 3456  HidServ - ok
21:42:39.0453 3456  [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
21:42:39.0453 3456  hkmsvc - ok
21:42:39.0468 3456  hpn - ok
21:42:39.0609 3456  [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
21:42:39.0625 3456  HTTP - ok
21:42:39.0656 3456  [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
21:42:39.0671 3456  HTTPFilter - ok
21:42:39.0671 3456  i2omgmt - ok
21:42:39.0687 3456  i2omp - ok
21:42:39.0750 3456  [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
21:42:39.0750 3456  i8042prt - ok
21:42:40.0046 3456  [ 48846B31BE5A4FA662CCFDE7A1BA86B9 ] ialm            C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
21:42:40.0312 3456  ialm - ok
21:42:40.0453 3456  [ 54E0F4CCD6CE99A807459AF928DD64AC ] IJPLMSVC        C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
21:42:40.0468 3456  IJPLMSVC - ok
21:42:40.0500 3456  [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
21:42:40.0500 3456  Imapi - ok
21:42:40.0562 3456  [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService    C:\WINDOWS\system32\imapi.exe
21:42:40.0578 3456  ImapiService - ok
21:42:40.0593 3456  ini910u - ok
21:42:40.0640 3456  IntelIde - ok
21:42:40.0703 3456  [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
21:42:40.0703 3456  intelppm - ok
21:42:40.0718 3456  [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys
21:42:40.0734 3456  Ip6Fw - ok
21:42:40.0750 3456  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
21:42:40.0750 3456  IpFilterDriver - ok
21:42:40.0765 3456  [ B87AB476DCF76E72010632B5550955F5 ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
21:42:40.0765 3456  IpInIp - ok
21:42:40.0828 3456  [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
21:42:40.0828 3456  IpNat - ok
21:42:40.0859 3456  [ 23C74D75E36E7158768DD63D92789A91 ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
21:42:40.0859 3456  IPSec - ok
21:42:40.0875 3456  [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
21:42:40.0875 3456  IRENUM - ok
21:42:40.0906 3456  [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
21:42:40.0906 3456  isapnp - ok
21:42:41.0000 3456  [ 999DB5F88C8E145CCA9D471E33227143 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
21:42:41.0000 3456  JavaQuickStarterService - ok
21:42:41.0031 3456  [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
21:42:41.0031 3456  Kbdclass - ok
21:42:41.0093 3456  [ 692BCF44383D056AED41B045A323D378 ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
21:42:41.0093 3456  kmixer - ok
21:42:41.0125 3456  [ B467646C54CC746128904E1654C750C1 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
21:42:41.0125 3456  KSecDD - ok
21:42:41.0171 3456  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
21:42:41.0171 3456  lanmanserver - ok
21:42:41.0234 3456  [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
21:42:41.0234 3456  lanmanworkstation - ok
21:42:41.0250 3456  lbrtfdc - ok
21:42:41.0328 3456  [ A7DB739AE99A796D91580147E919CC59 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
21:42:41.0343 3456  LmHosts - ok
21:42:41.0390 3456  [ 629CABB0421668C9D3D402A3C3D77E14 ] MBAMProtector   C:\WINDOWS\system32\drivers\mbam.sys
21:42:41.0390 3456  MBAMProtector - ok
21:42:41.0500 3456  [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler   C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
21:42:41.0500 3456  MBAMScheduler - ok
21:42:41.0546 3456  [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService     C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
21:42:41.0562 3456  MBAMService - ok
21:42:41.0609 3456  [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
21:42:41.0609 3456  Messenger - ok
21:42:41.0656 3456  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
21:42:41.0656 3456  mnmdd - ok
21:42:41.0718 3456  [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
21:42:41.0718 3456  mnmsrvc - ok
21:42:41.0781 3456  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
21:42:41.0781 3456  Modem - ok
21:42:41.0796 3456  [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
21:42:41.0796 3456  Mouclass - ok
21:42:41.0812 3456  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
21:42:41.0828 3456  MountMgr - ok
21:42:41.0875 3456  [ 8A7C8F4C713E70D73946833D76B77035 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
21:42:41.0890 3456  MozillaMaintenance - ok
21:42:41.0906 3456  mraid35x - ok
21:42:41.0921 3456  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
21:42:41.0921 3456  MRxDAV - ok
21:42:42.0000 3456  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
21:42:42.0015 3456  MRxSmb - ok
21:42:42.0062 3456  [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
21:42:42.0078 3456  MSDTC - ok
21:42:42.0093 3456  [ C941EA2454BA8350021D774DAF0F1027 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
21:42:42.0093 3456  Msfs - ok
21:42:42.0109 3456  MSIServer - ok
21:42:42.0125 3456  [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
21:42:42.0125 3456  MSKSSRV - ok
21:42:42.0171 3456  [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
21:42:42.0171 3456  MSPCLOCK - ok
21:42:42.0171 3456  [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
21:42:42.0187 3456  MSPQM - ok
21:42:42.0218 3456  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
21:42:42.0218 3456  mssmbios - ok
21:42:42.0234 3456  [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
21:42:42.0234 3456  MSTEE - ok
21:42:42.0265 3456  [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
21:42:42.0265 3456  Mup - ok
21:42:42.0328 3456  [ 622FCF264119F7DF127BE353F796B319 ] MyScrapNook_12Service C:\PROGRA~1\MYSCRA~2\bar\1.bin\12barsvc.exe
21:42:42.0328 3456  MyScrapNook_12Service - ok
21:42:42.0359 3456  [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC        C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
21:42:42.0375 3456  NABTSFEC - ok
21:42:42.0421 3456  [ 0102140028FAD045756796E1C685D695 ] napagent        C:\WINDOWS\System32\qagentrt.dll
21:42:42.0437 3456  napagent - ok
21:42:42.0468 3456  [ 1DF7F42665C94B825322FAE71721130D ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
21:42:42.0484 3456  NDIS - ok
21:42:42.0484 3456  [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP          C:\WINDOWS\system32\DRIVERS\NdisIP.sys
21:42:42.0500 3456  NdisIP - ok
21:42:42.0546 3456  [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
21:42:42.0546 3456  NdisTapi - ok
21:42:42.0593 3456  [ F927A4434C5028758A842943EF1A3849 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
21:42:42.0609 3456  Ndisuio - ok
21:42:42.0625 3456  [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
21:42:42.0625 3456  NdisWan - ok
21:42:42.0687 3456  [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
21:42:42.0687 3456  NDProxy - ok
21:42:42.0703 3456  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
21:42:42.0703 3456  NetBIOS - ok
21:42:42.0734 3456  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
21:42:42.0750 3456  NetBT - ok
21:42:42.0796 3456  [ B857BA82860D7FF85AE29B095645563B ] NetDDE          C:\WINDOWS\system32\netdde.exe
21:42:42.0796 3456  NetDDE - ok
21:42:42.0812 3456  [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
21:42:42.0828 3456  NetDDEdsdm - ok
21:42:42.0890 3456  [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon        C:\WINDOWS\system32\lsass.exe
21:42:42.0890 3456  Netlogon - ok
21:42:42.0921 3456  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman          C:\WINDOWS\System32\netman.dll
21:42:42.0921 3456  Netman - ok
21:42:42.0953 3456  [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394         C:\WINDOWS\system32\DRIVERS\nic1394.sys
21:42:42.0953 3456  NIC1394 - ok
21:42:42.0984 3456  [ 943337D786A56729263071623BBB9DE5 ] Nla             C:\WINDOWS\System32\mswsock.dll
21:42:43.0000 3456  Nla - ok
21:42:43.0015 3456  [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
21:42:43.0015 3456  Npfs - ok
21:42:43.0093 3456  [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
21:42:43.0109 3456  Ntfs - ok
21:42:43.0125 3456  [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
21:42:43.0125 3456  NtLmSsp - ok
21:42:43.0203 3456  [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
21:42:43.0234 3456  NtmsSvc - ok
21:42:43.0250 3456  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\WINDOWS\system32\drivers\Null.sys
21:42:43.0265 3456  Null - ok
21:42:43.0328 3456  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
21:42:43.0328 3456  NwlnkFlt - ok
21:42:43.0343 3456  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
21:42:43.0343 3456  NwlnkFwd - ok
21:42:43.0359 3456  [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394        C:\WINDOWS\system32\DRIVERS\ohci1394.sys
21:42:43.0359 3456  ohci1394 - ok
21:42:43.0453 3456  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:42:43.0453 3456  ose - ok
21:42:43.0750 3456  [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:42:43.0937 3456  osppsvc - ok
21:42:44.0000 3456  [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport         C:\WINDOWS\system32\drivers\Parport.sys
21:42:44.0000 3456  Parport - ok
21:42:44.0031 3456  [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
21:42:44.0031 3456  PartMgr - ok
21:42:44.0078 3456  [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
21:42:44.0078 3456  ParVdm - ok
21:42:44.0093 3456  [ A219903CCF74233761D92BEF471A07B1 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
21:42:44.0093 3456  PCI - ok
21:42:44.0109 3456  PCIDump - ok
21:42:44.0125 3456  [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
21:42:44.0125 3456  PCIIde - ok
21:42:44.0140 3456  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
21:42:44.0140 3456  Pcmcia - ok
21:42:44.0156 3456  PDCOMP - ok
21:42:44.0171 3456  PDFRAME - ok
21:42:44.0187 3456  PDRELI - ok
21:42:44.0187 3456  PDRFRAME - ok
21:42:44.0203 3456  perc2 - ok
21:42:44.0218 3456  perc2hib - ok
21:42:44.0265 3456  [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay        C:\WINDOWS\system32\services.exe
21:42:44.0281 3456  PlugPlay - ok
21:42:44.0281 3456  [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
21:42:44.0296 3456  PolicyAgent - ok
21:42:44.0312 3456  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
21:42:44.0312 3456  PptpMiniport - ok
21:42:44.0328 3456  [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
21:42:44.0328 3456  ProtectedStorage - ok
21:42:44.0343 3456  [ 09298EC810B07E5D582CB3A3F9255424 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
21:42:44.0343 3456  PSched - ok
21:42:44.0390 3456  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
21:42:44.0390 3456  Ptilink - ok
21:42:44.0406 3456  ql1080 - ok
21:42:44.0421 3456  Ql10wnt - ok
21:42:44.0437 3456  ql12160 - ok
21:42:44.0437 3456  ql1240 - ok
21:42:44.0453 3456  ql1280 - ok
21:42:44.0484 3456  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
21:42:44.0484 3456  RasAcd - ok
21:42:44.0562 3456  [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
21:42:44.0562 3456  RasAuto - ok
21:42:44.0593 3456  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
21:42:44.0609 3456  Rasl2tp - ok
21:42:44.0671 3456  [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan          C:\WINDOWS\System32\rasmans.dll
21:42:44.0687 3456  RasMan - ok
21:42:44.0687 3456  [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
21:42:44.0687 3456  RasPppoe - ok
21:42:44.0703 3456  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
21:42:44.0703 3456  Raspti - ok
21:42:44.0734 3456  [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
21:42:44.0734 3456  Rdbss - ok
21:42:44.0750 3456  [ 4912D5B403614CE99C28420F75353332 ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
21:42:44.0750 3456  RDPCDD - ok
21:42:44.0828 3456  [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
21:42:44.0828 3456  RDPWD - ok
21:42:44.0875 3456  [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
21:42:44.0890 3456  RDSessMgr - ok
21:42:44.0953 3456  [ F828DD7E1419B6653894A8F97A0094C5 ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
21:42:44.0968 3456  redbook - ok
21:42:45.0015 3456  [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
21:42:45.0015 3456  RemoteAccess - ok
21:42:45.0031 3456  [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator      C:\WINDOWS\system32\locator.exe
21:42:45.0031 3456  RpcLocator - ok
21:42:45.0062 3456  [ 6B27A5C03DFB94B4245739065431322C ] RpcSs           C:\WINDOWS\system32\rpcss.dll
21:42:45.0093 3456  RpcSs - ok
21:42:45.0125 3456  [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP            C:\WINDOWS\system32\rsvp.exe
21:42:45.0125 3456  RSVP - ok
21:42:45.0171 3456  [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs           C:\WINDOWS\system32\lsass.exe
21:42:45.0171 3456  SamSs - ok
21:42:45.0187 3456  [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
21:42:45.0187 3456  SCardSvr - ok
21:42:45.0265 3456  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule        C:\WINDOWS\system32\schedsvc.dll
21:42:45.0265 3456  Schedule - ok
21:42:45.0312 3456  [ 8D04819A3CE51B9EB47E5689B44D43C4 ] sdbus           C:\WINDOWS\system32\DRIVERS\sdbus.sys
21:42:45.0328 3456  sdbus - ok
21:42:45.0375 3456  [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
21:42:45.0390 3456  Secdrv - ok
21:42:45.0421 3456  [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon        C:\WINDOWS\System32\seclogon.dll
21:42:45.0421 3456  seclogon - ok
21:42:45.0453 3456  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS            C:\WINDOWS\system32\sens.dll
21:42:45.0468 3456  SENS - ok
21:42:45.0500 3456  [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial          C:\WINDOWS\system32\drivers\Serial.sys
21:42:45.0500 3456  Serial - ok
21:42:45.0515 3456  [ 0FA803C64DF0914B41F807EA276BF2A6 ] sffdisk         C:\WINDOWS\system32\DRIVERS\sffdisk.sys
21:42:45.0515 3456  sffdisk - ok
21:42:45.0531 3456  [ C17C331E435ED8737525C86A7557B3AC ] sffp_sd         C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
21:42:45.0531 3456  sffp_sd - ok
21:42:45.0578 3456  [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
21:42:45.0578 3456  Sfloppy - ok
21:42:45.0640 3456  [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
21:42:45.0656 3456  SharedAccess - ok
21:42:45.0687 3456  [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
21:42:45.0687 3456  ShellHWDetection - ok
21:42:45.0703 3456  Simbad - ok
21:42:45.0718 3456  [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP            C:\WINDOWS\system32\DRIVERS\SLIP.sys
21:42:45.0734 3456  SLIP - ok
21:42:45.0734 3456  Sparrow - ok
21:42:45.0796 3456  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
21:42:45.0796 3456  splitter - ok
21:42:45.0859 3456  [ 60784F891563FB1B767F70117FC2428F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
21:42:45.0859 3456  Spooler - ok
21:42:45.0890 3456  [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
21:42:45.0890 3456  sr - ok
21:42:45.0937 3456  [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice       C:\WINDOWS\system32\srsvc.dll
21:42:45.0953 3456  srservice - ok
21:42:46.0015 3456  [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
21:42:46.0015 3456  Srv - ok
21:42:46.0046 3456  [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
21:42:46.0046 3456  SSDPSRV - ok
21:42:46.0171 3456  [ 951801DFB54D86F611F0AF47825476F9 ] STHDA           C:\WINDOWS\system32\drivers\sthda.sys
21:42:46.0203 3456  STHDA - ok
21:42:46.0265 3456  [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
21:42:46.0281 3456  stisvc - ok
21:42:46.0328 3456  [ 77813007BA6265C4B6098187E6ED79D2 ] streamip        C:\WINDOWS\system32\DRIVERS\StreamIP.sys
21:42:46.0343 3456  streamip - ok
21:42:46.0390 3456  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
21:42:46.0390 3456  swenum - ok
21:42:46.0453 3456  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
21:42:46.0453 3456  swmidi - ok
21:42:46.0468 3456  SwPrv - ok
21:42:46.0484 3456  symc810 - ok
21:42:46.0500 3456  symc8xx - ok
21:42:46.0515 3456  sym_hi - ok
21:42:46.0531 3456  sym_u3 - ok
21:42:46.0562 3456  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
21:42:46.0562 3456  sysaudio - ok
21:42:46.0593 3456  [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
21:42:46.0609 3456  SysmonLog - ok
21:42:46.0656 3456  [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
21:42:46.0656 3456  TapiSrv - ok
21:42:46.0703 3456  [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
21:42:46.0718 3456  Tcpip - ok
21:42:46.0781 3456  [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
21:42:46.0781 3456  TDPIPE - ok
21:42:46.0781 3456  [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
21:42:46.0796 3456  TDTCP - ok
21:42:46.0812 3456  [ 88155247177638048422893737429D9E ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
21:42:46.0812 3456  TermDD - ok
21:42:46.0890 3456  [ FF3477C03BE7201C294C35F684B3479F ] TermService     C:\WINDOWS\System32\termsrv.dll
21:42:46.0906 3456  TermService - ok
21:42:46.0921 3456  [ 99BC0B50F511924348BE19C7C7313BBF ] Themes          C:\WINDOWS\System32\shsvcs.dll
21:42:46.0937 3456  Themes - ok
21:42:46.0937 3456  TosIde - ok
21:42:46.0968 3456  [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks          C:\WINDOWS\system32\trkwks.dll
21:42:46.0968 3456  TrkWks - ok
21:42:47.0000 3456  [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
21:42:47.0000 3456  Udfs - ok
21:42:47.0015 3456  ultra - ok
21:42:47.0078 3456  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
21:42:47.0093 3456  Update - ok
21:42:47.0140 3456  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost        C:\WINDOWS\System32\upnphost.dll
21:42:47.0156 3456  upnphost - ok
21:42:47.0187 3456  [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS             C:\WINDOWS\System32\ups.exe
21:42:47.0187 3456  UPS - ok
21:42:47.0250 3456  [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
21:42:47.0250 3456  usbccgp - ok
21:42:47.0265 3456  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
21:42:47.0281 3456  usbehci - ok
21:42:47.0281 3456  [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
21:42:47.0296 3456  usbhub - ok
21:42:47.0312 3456  [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
21:42:47.0312 3456  USBSTOR - ok
21:42:47.0343 3456  [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
21:42:47.0343 3456  usbuhci - ok
21:42:47.0375 3456  [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] usbvideo        C:\WINDOWS\system32\Drivers\usbvideo.sys
21:42:47.0390 3456  usbvideo - ok
21:42:47.0421 3456  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
21:42:47.0421 3456  VgaSave - ok
21:42:47.0437 3456  ViaIde - ok
21:42:47.0484 3456  [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
21:42:47.0484 3456  VolSnap - ok
21:42:47.0562 3456  [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS             C:\WINDOWS\System32\vssvc.exe
21:42:47.0578 3456  VSS - ok
21:42:47.0609 3456  [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time         C:\WINDOWS\system32\w32time.dll
21:42:47.0625 3456  W32Time - ok
21:42:47.0656 3456  [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
21:42:47.0671 3456  Wanarp - ok
21:42:47.0671 3456  WDICA - ok
21:42:47.0703 3456  [ 6768ACF64B18196494413695F0C3A00F ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
21:42:47.0703 3456  wdmaud - ok
21:42:47.0718 3456  [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient       C:\WINDOWS\System32\webclnt.dll
21:42:47.0734 3456  WebClient - ok
21:42:47.0843 3456  [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
21:42:47.0843 3456  winmgmt - ok
21:42:47.0875 3456  wltrysvc - ok
21:42:47.0921 3456  [ C7E39EA41233E9F5B86C8DA3A9F1E4A8 ] WmdmPmSN        C:\WINDOWS\system32\mspmsnsv.dll
21:42:47.0921 3456  WmdmPmSN - ok
21:42:47.0968 3456  [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi         C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
21:42:47.0968 3456  WmiAcpi - ok
21:42:48.0000 3456  [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
21:42:48.0015 3456  WmiApSrv - ok
21:42:48.0062 3456  [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
21:42:48.0078 3456  wscsvc - ok
21:42:48.0093 3456  [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC        C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
21:42:48.0093 3456  WSTCODEC - ok
21:42:48.0156 3456  [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
21:42:48.0156 3456  wuauserv - ok
21:42:48.0250 3456  [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
21:42:48.0265 3456  WZCSVC - ok
21:42:48.0312 3456  [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
21:42:48.0328 3456  xmlprov - ok
21:42:48.0359 3456  ================ Scan global ===============================
21:42:48.0421 3456  [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
21:42:48.0453 3456  [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
21:42:48.0484 3456  [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
21:42:48.0531 3456  [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
21:42:48.0531 3456  [Global] - ok
21:42:48.0531 3456  ================ Scan MBR ==================================
21:42:48.0562 3456  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
21:42:48.0859 3456  \Device\Harddisk0\DR0 - ok
21:42:48.0875 3456  ================ Scan VBR ==================================
21:42:48.0875 3456  [ 605B105164A97EDF1EF8F8BE6BAD9480 ] \Device\Harddisk0\DR0\Partition1
21:42:48.0875 3456  \Device\Harddisk0\DR0\Partition1 - ok
21:42:48.0875 3456  ============================================================
21:42:48.0875 3456  Scan finished
21:42:48.0875 3456  ============================================================
21:42:48.0906 0672  Detected object count: 0
21:42:48.0906 0672  Actual detected object count: 0
21:43:37.0843 0568  ============================================================
21:43:37.0843 0568  Scan started
21:43:37.0843 0568  Mode: Manual; TDLFS;
21:43:37.0843 0568  ============================================================
21:43:38.0031 0568  ================ Scan system memory ========================
21:43:38.0046 0568  System memory - ok
21:43:38.0046 0568  ================ Scan services =============================
21:43:38.0093 0568  Abiosdsk - ok
21:43:38.0109 0568  abp480n5 - ok
21:43:38.0171 0568  [ 8FD99680A539792A30E97944FDAECF17 ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
21:43:38.0171 0568  ACPI - ok
21:43:38.0234 0568  [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
21:43:38.0234 0568  ACPIEC - ok
21:43:38.0343 0568  [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
21:43:38.0359 0568  AdobeFlashPlayerUpdateSvc - ok
21:43:38.0359 0568  adpu160m - ok
21:43:38.0437 0568  [ 8BED39E3C35D6A489438B8141717A557 ] aec             C:\WINDOWS\system32\drivers\aec.sys
21:43:38.0437 0568  aec - ok
21:43:38.0484 0568  [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
21:43:38.0484 0568  AFD - ok
21:43:38.0500 0568  Aha154x - ok
21:43:38.0515 0568  aic78u2 - ok
21:43:38.0531 0568  aic78xx - ok
21:43:38.0578 0568  [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
21:43:38.0578 0568  Alerter - ok
21:43:38.0609 0568  [ 8C515081584A38AA007909CD02020B3D ] ALG             C:\WINDOWS\System32\alg.exe
21:43:38.0609 0568  ALG - ok
21:43:38.0625 0568  AliIde - ok
21:43:38.0640 0568  amsint - ok
21:43:38.0734 0568  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:43:38.0750 0568  Apple Mobile Device - ok
21:43:38.0750 0568  AppMgmt - ok
21:43:38.0796 0568  [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394         C:\WINDOWS\system32\DRIVERS\arp1394.sys
21:43:38.0796 0568  Arp1394 - ok
21:43:38.0812 0568  asc - ok
21:43:38.0828 0568  asc3350p - ok
21:43:38.0843 0568  asc3550 - ok
21:43:38.0875 0568  [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
21:43:38.0875 0568  AsyncMac - ok
21:43:38.0906 0568  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
21:43:38.0906 0568  atapi - ok
21:43:38.0921 0568  Atdisk - ok
21:43:38.0953 0568  [ 9916C1225104BA14794209CFA8012159 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
21:43:38.0953 0568  Atmarpc - ok
21:43:39.0000 0568  [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
21:43:39.0000 0568  AudioSrv - ok
21:43:39.0046 0568  [ D9F724AA26C010A217C97606B160ED68 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
21:43:39.0046 0568  audstub - ok
21:43:39.0171 0568  [ 9208C78BD9283F79A30252AD954C77A2 ] BCM43XX         C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
21:43:39.0203 0568  BCM43XX - ok
21:43:39.0234 0568  [ CD4646067CC7DCBA1907FA0ACF7E3966 ] bcm4sbxp        C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
21:43:39.0234 0568  bcm4sbxp - ok
21:43:39.0281 0568  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
21:43:39.0281 0568  Beep - ok
21:43:39.0359 0568  [ 574738F61FCA2935F5265DC4E5691314 ] BITS            C:\WINDOWS\system32\qmgr.dll
21:43:39.0375 0568  BITS - ok
21:43:39.0484 0568  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
21:43:39.0500 0568  Bonjour Service - ok
21:43:39.0546 0568  [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser         C:\WINDOWS\System32\browser.dll
21:43:39.0562 0568  Browser - ok
21:43:39.0609 0568  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
21:43:39.0609 0568  cbidf2k - ok
21:43:39.0625 0568  [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE        C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
21:43:39.0625 0568  CCDECODE - ok
21:43:39.0640 0568  cd20xrnt - ok
21:43:39.0656 0568  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
21:43:39.0656 0568  Cdaudio - ok
21:43:39.0687 0568  [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
21:43:39.0687 0568  Cdfs - ok
21:43:39.0703 0568  [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
21:43:39.0703 0568  Cdrom - ok
21:43:39.0734 0568  [ 84853B3FD012251690570E9E7E43343F ] cercsr6         C:\WINDOWS\system32\drivers\cercsr6.sys
21:43:39.0734 0568  cercsr6 - ok
21:43:39.0750 0568  Changer - ok
21:43:39.0781 0568  [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc           C:\WINDOWS\system32\cisvc.exe
21:43:39.0781 0568  CiSvc - ok
21:43:39.0796 0568  [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
21:43:39.0796 0568  ClipSrv - ok
21:43:39.0812 0568  [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt          C:\WINDOWS\system32\DRIVERS\CmBatt.sys
21:43:39.0812 0568  CmBatt - ok
21:43:39.0828 0568  CmdIde - ok
21:43:39.0859 0568  [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt        C:\WINDOWS\system32\DRIVERS\compbatt.sys
21:43:39.0859 0568  Compbatt - ok
21:43:39.0875 0568  COMSysApp - ok
21:43:39.0890 0568  Cpqarray - ok
21:43:39.0937 0568  [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
21:43:39.0937 0568  CryptSvc - ok
21:43:39.0984 0568  [ CB6FF7012BB5D59D7C12350DB795CE1F ] ctxusbm         C:\WINDOWS\system32\DRIVERS\ctxusbm.sys
21:43:40.0000 0568  ctxusbm - ok
21:43:40.0000 0568  dac2w2k - ok
21:43:40.0015 0568  dac960nt - ok
21:43:40.0078 0568  [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
21:43:40.0093 0568  DcomLaunch - ok
21:43:40.0125 0568  [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
21:43:40.0125 0568  Dhcp - ok
21:43:40.0140 0568  [ 044452051F3E02E7963599FC8F4F3E25 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
21:43:40.0140 0568  Disk - ok
21:43:40.0156 0568  dmadmin - ok
21:43:40.0203 0568  [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
21:43:40.0234 0568  dmboot - ok
21:43:40.0250 0568  [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
21:43:40.0250 0568  dmio - ok
21:43:40.0296 0568  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
21:43:40.0296 0568  dmload - ok
21:43:40.0312 0568  [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver        C:\WINDOWS\System32\dmserver.dll
21:43:40.0328 0568  dmserver - ok
21:43:40.0359 0568  [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
21:43:40.0359 0568  DMusic - ok
21:43:40.0421 0568  [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
21:43:40.0421 0568  Dnscache - ok
21:43:40.0484 0568  [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
21:43:40.0484 0568  Dot3svc - ok
21:43:40.0500 0568  dpti2o - ok
21:43:40.0515 0568  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
21:43:40.0515 0568  drmkaud - ok
21:43:40.0546 0568  [ B2C3F71B86E25C3DF78339DDB40A7562 ] dsNcAdpt        C:\WINDOWS\system32\DRIVERS\dsNcAdpt.sys
21:43:40.0546 0568  dsNcAdpt - ok
21:43:40.0656 0568  [ E2FD9B848394F385E74D6137E1A7D95E ] dsNcService     C:\Program Files\Juniper Networks\Common Files\dsNcService.exe
21:43:40.0671 0568  dsNcService - ok
21:43:40.0703 0568  [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost         C:\WINDOWS\System32\eapsvc.dll
21:43:40.0703 0568  EapHost - ok
21:43:40.0734 0568  [ BC93B4A066477954555966D77FEC9ECB ] ERSvc           C:\WINDOWS\System32\ersvc.dll
21:43:40.0734 0568  ERSvc - ok
21:43:40.0765 0568  [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog        C:\WINDOWS\system32\services.exe
21:43:40.0765 0568  Eventlog - ok
21:43:40.0828 0568  [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem     C:\WINDOWS\system32\es.dll
21:43:40.0843 0568  EventSystem - ok
21:43:40.0859 0568  [ 38D332A6D56AF32635675F132548343E ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
21:43:40.0859 0568  Fastfat - ok
21:43:40.0921 0568  [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
21:43:40.0937 0568  FastUserSwitchingCompatibility - ok
21:43:40.0984 0568  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc             C:\WINDOWS\system32\drivers\Fdc.sys
21:43:40.0984 0568  Fdc - ok
21:43:41.0000 0568  [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
21:43:41.0000 0568  Fips - ok
21:43:41.0015 0568  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk        C:\WINDOWS\system32\drivers\Flpydisk.sys
21:43:41.0015 0568  Flpydisk - ok
21:43:41.0062 0568  [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
21:43:41.0078 0568  FltMgr - ok
21:43:41.0078 0568  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
21:43:41.0078 0568  Fs_Rec - ok
21:43:41.0093 0568  [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
21:43:41.0109 0568  Ftdisk - ok
21:43:41.0125 0568  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
21:43:41.0125 0568  Gpc - ok
21:43:41.0156 0568  [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
21:43:41.0156 0568  HDAudBus - ok
21:43:41.0265 0568  [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
21:43:41.0265 0568  helpsvc - ok
21:43:41.0265 0568  HidServ - ok
21:43:41.0328 0568  [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
21:43:41.0328 0568  hkmsvc - ok
21:43:41.0343 0568  hpn - ok
21:43:41.0406 0568  [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
21:43:41.0406 0568  HTTP - ok
21:43:41.0437 0568  [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
21:43:41.0437 0568  HTTPFilter - ok
21:43:41.0453 0568  i2omgmt - ok
21:43:41.0468 0568  i2omp - ok
21:43:41.0515 0568  [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
21:43:41.0531 0568  i8042prt - ok
21:43:41.0828 0568  [ 48846B31BE5A4FA662CCFDE7A1BA86B9 ] ialm            C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
21:43:41.0953 0568  ialm - ok
21:43:42.0093 0568  [ 54E0F4CCD6CE99A807459AF928DD64AC ] IJPLMSVC        C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
21:43:42.0093 0568  IJPLMSVC - ok
21:43:42.0125 0568  [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
21:43:42.0125 0568  Imapi - ok
21:43:42.0187 0568  [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService    C:\WINDOWS\system32\imapi.exe
21:43:42.0187 0568  ImapiService - ok
21:43:42.0203 0568  ini910u - ok
21:43:42.0234 0568  IntelIde - ok
21:43:42.0281 0568  [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
21:43:42.0281 0568  intelppm - ok
21:43:42.0296 0568  [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys
21:43:42.0312 0568  Ip6Fw - ok
21:43:42.0328 0568  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
21:43:42.0328 0568  IpFilterDriver - ok
21:43:42.0343 0568  [ B87AB476DCF76E72010632B5550955F5 ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
21:43:42.0343 0568  IpInIp - ok
21:43:42.0406 0568  [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
21:43:42.0406 0568  IpNat - ok
21:43:42.0437 0568  [ 23C74D75E36E7158768DD63D92789A91 ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
21:43:42.0437 0568  IPSec - ok
21:43:42.0453 0568  [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
21:43:42.0453 0568  IRENUM - ok
21:43:42.0484 0568  [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
21:43:42.0484 0568  isapnp - ok
21:43:42.0578 0568  [ 999DB5F88C8E145CCA9D471E33227143 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
21:43:42.0578 0568  JavaQuickStarterService - ok
21:43:42.0593 0568  [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
21:43:42.0609 0568  Kbdclass - ok
21:43:42.0656 0568  [ 692BCF44383D056AED41B045A323D378 ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
21:43:42.0656 0568  kmixer - ok
21:43:42.0687 0568  [ B467646C54CC746128904E1654C750C1 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
21:43:42.0703 0568  KSecDD - ok
21:43:42.0734 0568  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
21:43:42.0750 0568  lanmanserver - ok
21:43:42.0796 0568  [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
21:43:42.0812 0568  lanmanworkstation - ok
21:43:42.0812 0568  lbrtfdc - ok
21:43:42.0875 0568  [ A7DB739AE99A796D91580147E919CC59 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
21:43:42.0890 0568  LmHosts - ok
21:43:42.0921 0568  [ 629CABB0421668C9D3D402A3C3D77E14 ] MBAMProtector   C:\WINDOWS\system32\drivers\mbam.sys
21:43:42.0937 0568  MBAMProtector - ok
21:43:43.0046 0568  [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler   C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
21:43:43.0062 0568  MBAMScheduler - ok
21:43:43.0109 0568  [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService     C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
21:43:43.0140 0568  MBAMService - ok
21:43:43.0156 0568  [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
21:43:43.0171 0568  Messenger - ok
21:43:43.0203 0568  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
21:43:43.0203 0568  mnmdd - ok
21:43:43.0250 0568  [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
21:43:43.0250 0568  mnmsrvc - ok
21:43:43.0296 0568  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
21:43:43.0296 0568  Modem - ok
21:43:43.0328 0568  [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
21:43:43.0328 0568  Mouclass - ok
21:43:43.0343 0568  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
21:43:43.0343 0568  MountMgr - ok
21:43:43.0406 0568  [ 8A7C8F4C713E70D73946833D76B77035 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
21:43:43.0406 0568  MozillaMaintenance - ok
21:43:43.0421 0568  mraid35x - ok
21:43:43.0437 0568  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
21:43:43.0437 0568  MRxDAV - ok
21:43:43.0515 0568  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
21:43:43.0531 0568  MRxSmb - ok
21:43:43.0562 0568  [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
21:43:43.0578 0568  MSDTC - ok
21:43:43.0578 0568  [ C941EA2454BA8350021D774DAF0F1027 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
21:43:43.0593 0568  Msfs - ok
21:43:43.0593 0568  MSIServer - ok
21:43:43.0609 0568  [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
21:43:43.0609 0568  MSKSSRV - ok
21:43:43.0625 0568  [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
21:43:43.0625 0568  MSPCLOCK - ok
21:43:43.0640 0568  [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
21:43:43.0640 0568  MSPQM - ok
21:43:43.0687 0568  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
21:43:43.0703 0568  mssmbios - ok
21:43:43.0718 0568  [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
21:43:43.0718 0568  MSTEE - ok
21:43:43.0750 0568  [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
21:43:43.0750 0568  Mup - ok
21:43:43.0812 0568  [ 622FCF264119F7DF127BE353F796B319 ] MyScrapNook_12Service C:\PROGRA~1\MYSCRA~2\bar\1.bin\12barsvc.exe
21:43:43.0812 0568  MyScrapNook_12Service - ok
21:43:43.0859 0568  [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC        C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
21:43:43.0875 0568  NABTSFEC - ok
21:43:43.0921 0568  [ 0102140028FAD045756796E1C685D695 ] napagent        C:\WINDOWS\System32\qagentrt.dll
21:43:43.0937 0568  napagent - ok
21:43:43.0968 0568  [ 1DF7F42665C94B825322FAE71721130D ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
21:43:43.0984 0568  NDIS - ok
21:43:44.0000 0568  [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP          C:\WINDOWS\system32\DRIVERS\NdisIP.sys
21:43:44.0000 0568  NdisIP - ok
21:43:44.0046 0568  [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
21:43:44.0046 0568  NdisTapi - ok
21:43:44.0062 0568  [ F927A4434C5028758A842943EF1A3849 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
21:43:44.0078 0568  Ndisuio - ok
21:43:44.0078 0568  [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
21:43:44.0093 0568  NdisWan - ok
21:43:44.0140 0568  [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
21:43:44.0140 0568  NDProxy - ok
21:43:44.0156 0568  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
21:43:44.0156 0568  NetBIOS - ok
21:43:44.0218 0568  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
21:43:44.0218 0568  NetBT - ok
21:43:44.0281 0568  [ B857BA82860D7FF85AE29B095645563B ] NetDDE          C:\WINDOWS\system32\netdde.exe
21:43:44.0281 0568  NetDDE - ok
21:43:44.0296 0568  [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
21:43:44.0296 0568  NetDDEdsdm - ok
21:43:44.0343 0568  [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon        C:\WINDOWS\system32\lsass.exe
21:43:44.0359 0568  Netlogon - ok
21:43:44.0390 0568  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman          C:\WINDOWS\System32\netman.dll
21:43:44.0390 0568  Netman - ok
21:43:44.0421 0568  [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394         C:\WINDOWS\system32\DRIVERS\nic1394.sys
21:43:44.0421 0568  NIC1394 - ok
21:43:44.0453 0568  [ 943337D786A56729263071623BBB9DE5 ] Nla             C:\WINDOWS\System32\mswsock.dll
21:43:44.0453 0568  Nla - ok
21:43:44.0484 0568  [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
21:43:44.0484 0568  Npfs - ok
21:43:44.0562 0568  [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
21:43:44.0562 0568  Ntfs - ok
21:43:44.0578 0568  [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
21:43:44.0578 0568  NtLmSsp - ok
21:43:44.0671 0568  [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
21:43:44.0671 0568  NtmsSvc - ok
21:43:44.0703 0568  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\WINDOWS\system32\drivers\Null.sys
21:43:44.0703 0568  Null - ok
21:43:44.0765 0568  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
21:43:44.0765 0568  NwlnkFlt - ok
21:43:44.0781 0568  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
21:43:44.0781 0568  NwlnkFwd - ok
21:43:44.0796 0568  [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394        C:\WINDOWS\system32\DRIVERS\ohci1394.sys
21:43:44.0796 0568  ohci1394 - ok
21:43:44.0875 0568  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:43:44.0890 0568  ose - ok
21:43:45.0187 0568  [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:43:45.0281 0568  osppsvc - ok
21:43:45.0359 0568  [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport         C:\WINDOWS\system32\drivers\Parport.sys
21:43:45.0359 0568  Parport - ok
21:43:45.0390 0568  [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
21:43:45.0390 0568  PartMgr - ok
21:43:45.0437 0568  [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
21:43:45.0453 0568  ParVdm - ok
21:43:45.0453 0568  [ A219903CCF74233761D92BEF471A07B1 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
21:43:45.0468 0568  PCI - ok
21:43:45.0468 0568  PCIDump - ok
21:43:45.0484 0568  [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
21:43:45.0484 0568  PCIIde - ok
21:43:45.0531 0568  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
21:43:45.0531 0568  Pcmcia - ok
21:43:45.0531 0568  PDCOMP - ok
21:43:45.0546 0568  PDFRAME - ok
21:43:45.0562 0568  PDRELI - ok
21:43:45.0578 0568  PDRFRAME - ok
21:43:45.0593 0568  perc2 - ok
21:43:45.0609 0568  perc2hib - ok
21:43:45.0671 0568  [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay        C:\WINDOWS\system32\services.exe
21:43:45.0671 0568  PlugPlay - ok
21:43:45.0687 0568  [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
21:43:45.0687 0568  PolicyAgent - ok
21:43:45.0718 0568  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
21:43:45.0718 0568  PptpMiniport - ok
21:43:45.0734 0568  [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
21:43:45.0734 0568  ProtectedStorage - ok
21:43:45.0750 0568  [ 09298EC810B07E5D582CB3A3F9255424 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
21:43:45.0750 0568  PSched - ok
21:43:45.0765 0568  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
21:43:45.0765 0568  Ptilink - ok
21:43:45.0781 0568  ql1080 - ok
21:43:45.0796 0568  Ql10wnt - ok
21:43:45.0796 0568  ql12160 - ok
21:43:45.0812 0568  ql1240 - ok
21:43:45.0828 0568  ql1280 - ok
21:43:45.0859 0568  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
21:43:45.0859 0568  RasAcd - ok
21:43:45.0906 0568  [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
21:43:45.0906 0568  RasAuto - ok
21:43:45.0937 0568  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
21:43:45.0953 0568  Rasl2tp - ok
21:43:46.0000 0568  [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan          C:\WINDOWS\System32\rasmans.dll
21:43:46.0015 0568  RasMan - ok
21:43:46.0031 0568  [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
21:43:46.0031 0568  RasPppoe - ok
21:43:46.0031 0568  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
21:43:46.0046 0568  Raspti - ok
21:43:46.0062 0568  [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
21:43:46.0078 0568  Rdbss - ok
21:43:46.0078 0568  [ 4912D5B403614CE99C28420F75353332 ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
21:43:46.0078 0568  RDPCDD - ok
21:43:46.0156 0568  [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
21:43:46.0156 0568  RDPWD - ok
21:43:46.0218 0568  [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
21:43:46.0218 0568  RDSessMgr - ok
21:43:46.0250 0568  [ F828DD7E1419B6653894A8F97A0094C5 ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
21:43:46.0250 0568  redbook - ok
21:43:46.0296 0568  [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
21:43:46.0296 0568  RemoteAccess - ok
21:43:46.0312 0568  [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator      C:\WINDOWS\system32\locator.exe
21:43:46.0328 0568  RpcLocator - ok
21:43:46.0359 0568  [ 6B27A5C03DFB94B4245739065431322C ] RpcSs           C:\WINDOWS\system32\rpcss.dll
21:43:46.0375 0568  RpcSs - ok
21:43:46.0406 0568  [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP            C:\WINDOWS\system32\rsvp.exe
21:43:46.0406 0568  RSVP - ok
21:43:46.0437 0568  [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs           C:\WINDOWS\system32\lsass.exe
21:43:46.0437 0568  SamSs - ok
21:43:46.0453 0568  [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
21:43:46.0453 0568  SCardSvr - ok
21:43:46.0515 0568  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule        C:\WINDOWS\system32\schedsvc.dll
21:43:46.0531 0568  Schedule - ok
21:43:46.0593 0568  [ 8D04819A3CE51B9EB47E5689B44D43C4 ] sdbus           C:\WINDOWS\system32\DRIVERS\sdbus.sys
21:43:46.0593 0568  sdbus - ok
21:43:46.0656 0568  [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
21:43:46.0656 0568  Secdrv - ok
21:43:46.0671 0568  [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon        C:\WINDOWS\System32\seclogon.dll
21:43:46.0671 0568  seclogon - ok
21:43:46.0687 0568  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS            C:\WINDOWS\system32\sens.dll
21:43:46.0703 0568  SENS - ok
21:43:46.0718 0568  [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial          C:\WINDOWS\system32\drivers\Serial.sys
21:43:46.0718 0568  Serial - ok
21:43:46.0734 0568  [ 0FA803C64DF0914B41F807EA276BF2A6 ] sffdisk         C:\WINDOWS\system32\DRIVERS\sffdisk.sys
21:43:46.0734 0568  sffdisk - ok
21:43:46.0750 0568  [ C17C331E435ED8737525C86A7557B3AC ] sffp_sd         C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
21:43:46.0750 0568  sffp_sd - ok
21:43:46.0781 0568  [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
21:43:46.0781 0568  Sfloppy - ok
21:43:46.0843 0568  [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
21:43:46.0843 0568  SharedAccess - ok
21:43:46.0875 0568  [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
21:43:46.0875 0568  ShellHWDetection - ok
21:43:46.0890 0568  Simbad - ok
21:43:46.0906 0568  [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP            C:\WINDOWS\system32\DRIVERS\SLIP.sys
21:43:46.0906 0568  SLIP - ok
21:43:46.0921 0568  Sparrow - ok
21:43:46.0968 0568  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
21:43:46.0968 0568  splitter - ok
21:43:47.0031 0568  [ 60784F891563FB1B767F70117FC2428F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
21:43:47.0031 0568  Spooler - ok
21:43:47.0062 0568  [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
21:43:47.0062 0568  sr - ok
21:43:47.0125 0568  [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice       C:\WINDOWS\system32\srsvc.dll
21:43:47.0125 0568  srservice - ok
21:43:47.0187 0568  [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
21:43:47.0203 0568  Srv - ok
21:43:47.0218 0568  [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
21:43:47.0234 0568  SSDPSRV - ok
21:43:47.0328 0568  [ 951801DFB54D86F611F0AF47825476F9 ] STHDA           C:\WINDOWS\system32\drivers\sthda.sys
21:43:47.0359 0568  STHDA - ok
21:43:47.0421 0568  [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
21:43:47.0437 0568  stisvc - ok
21:43:47.0500 0568  [ 77813007BA6265C4B6098187E6ED79D2 ] streamip        C:\WINDOWS\system32\DRIVERS\StreamIP.sys
21:43:47.0500 0568  streamip - ok
21:43:47.0515 0568  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
21:43:47.0515 0568  swenum - ok
21:43:47.0578 0568  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
21:43:47.0578 0568  swmidi - ok
21:43:47.0593 0568  SwPrv - ok
21:43:47.0609 0568  symc810 - ok
21:43:47.0625 0568  symc8xx - ok
21:43:47.0640 0568  sym_hi - ok
21:43:47.0656 0568  sym_u3 - ok
21:43:47.0718 0568  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
21:43:47.0718 0568  sysaudio - ok
21:43:47.0750 0568  [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
21:43:47.0750 0568  SysmonLog - ok
21:43:47.0796 0568  [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
21:43:47.0796 0568  TapiSrv - ok
21:43:47.0843 0568  [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
21:43:47.0843 0568  Tcpip - ok
21:43:47.0906 0568  [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
21:43:47.0906 0568  TDPIPE - ok
21:43:47.0906 0568  [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
21:43:47.0921 0568  TDTCP - ok
21:43:47.0937 0568  [ 88155247177638048422893737429D9E ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
21:43:47.0937 0568  TermDD - ok
21:43:48.0000 0568  [ FF3477C03BE7201C294C35F684B3479F ] TermService     C:\WINDOWS\System32\termsrv.dll
21:43:48.0015 0568  TermService - ok
21:43:48.0046 0568  [ 99BC0B50F511924348BE19C7C7313BBF ] Themes          C:\WINDOWS\System32\shsvcs.dll
21:43:48.0062 0568  Themes - ok
21:43:48.0062 0568  TosIde - ok
21:43:48.0093 0568  [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks          C:\WINDOWS\system32\trkwks.dll
21:43:48.0093 0568  TrkWks - ok
21:43:48.0125 0568  [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
21:43:48.0125 0568  Udfs - ok
21:43:48.0125 0568  ultra - ok
21:43:48.0203 0568  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
21:43:48.0203 0568  Update - ok
21:43:48.0265 0568  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost        C:\WINDOWS\System32\upnphost.dll
21:43:48.0281 0568  upnphost - ok
21:43:48.0296 0568  [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS             C:\WINDOWS\System32\ups.exe
21:43:48.0296 0568  UPS - ok
21:43:48.0359 0568  [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
21:43:48.0359 0568  usbccgp - ok
21:43:48.0390 0568  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
21:43:48.0390 0568  usbehci - ok
21:43:48.0406 0568  [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
21:43:48.0406 0568  usbhub - ok
21:43:48.0421 0568  [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
21:43:48.0437 0568  USBSTOR - ok
21:43:48.0453 0568  [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
21:43:48.0453 0568  usbuhci - ok
21:43:48.0468 0568  [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] usbvideo        C:\WINDOWS\system32\Drivers\usbvideo.sys
21:43:48.0484 0568  usbvideo - ok
21:43:48.0500 0568  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
21:43:48.0500 0568  VgaSave - ok
21:43:48.0515 0568  ViaIde - ok
21:43:48.0546 0568  [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
21:43:48.0546 0568  VolSnap - ok
21:43:48.0625 0568  [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS             C:\WINDOWS\System32\vssvc.exe
21:43:48.0640 0568  VSS - ok
21:43:48.0671 0568  [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time         C:\WINDOWS\system32\w32time.dll
21:43:48.0687 0568  W32Time - ok
21:43:48.0718 0568  [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
21:43:48.0718 0568  Wanarp - ok
21:43:48.0734 0568  WDICA - ok
21:43:48.0750 0568  [ 6768ACF64B18196494413695F0C3A00F ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
21:43:48.0765 0568  wdmaud - ok
21:43:48.0796 0568  [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient       C:\WINDOWS\System32\webclnt.dll
21:43:48.0796 0568  WebClient - ok
21:43:48.0890 0568  [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
21:43:48.0906 0568  winmgmt - ok
21:43:48.0921 0568  wltrysvc - ok
21:43:48.0968 0568  [ C7E39EA41233E9F5B86C8DA3A9F1E4A8 ] WmdmPmSN        C:\WINDOWS\system32\mspmsnsv.dll
21:43:48.0968 0568  WmdmPmSN - ok
21:43:49.0000 0568  [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi         C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
21:43:49.0015 0568  WmiAcpi - ok
21:43:49.0046 0568  [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
21:43:49.0046 0568  WmiApSrv - ok
21:43:49.0125 0568  [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
21:43:49.0125 0568  wscsvc - ok
21:43:49.0156 0568  [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC        C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
21:43:49.0156 0568  WSTCODEC - ok
21:43:49.0203 0568  [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
21:43:49.0203 0568  wuauserv - ok
21:43:49.0281 0568  [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
21:43:49.0296 0568  WZCSVC - ok
21:43:49.0343 0568  [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
21:43:49.0359 0568  xmlprov - ok
21:43:49.0390 0568  ================ Scan global ===============================
21:43:49.0437 0568  [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
21:43:49.0484 0568  [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
21:43:49.0500 0568  [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
21:43:49.0546 0568  [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
21:43:49.0562 0568  [Global] - ok
21:43:49.0562 0568  ================ Scan MBR ==================================
21:43:49.0593 0568  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
21:43:49.0937 0568  \Device\Harddisk0\DR0 ( TDSS File System ) - warning
21:43:49.0937 0568  \Device\Harddisk0\DR0 - detected TDSS File System (1)
21:43:49.0937 0568  ================ Scan VBR ==================================
21:43:49.0953 0568  [ 605B105164A97EDF1EF8F8BE6BAD9480 ] \Device\Harddisk0\DR0\Partition1
21:43:49.0953 0568  \Device\Harddisk0\DR0\Partition1 - ok
21:43:49.0953 0568  ============================================================
21:43:49.0953 0568  Scan finished
21:43:49.0953 0568  ============================================================
21:43:49.0968 1900  Detected object count: 1
21:43:49.0968 1900  Actual detected object count: 1
 



#4 redhot1n

redhot1n
  • Topic Starter

  • Members
  • 58 posts
  • OFFLINE
  •  
  • Local time:08:58 AM

Posted 18 April 2013 - 12:30 AM

When tryin to run AdwCleaner the program clocks freezes and stops responding. It also freezes my system so I can't do anything requiring a hard boot forcing me to just power off.

#5 redhot1n

redhot1n
  • Topic Starter

  • Members
  • 58 posts
  • OFFLINE
  •  
  • Local time:08:58 AM

Posted 18 April 2013 - 05:22 AM

C:\Documents and Settings\All Users\Application Data\Ask\APN-Stub\AD5\APNIC.dll a variant of Win32/Bundled.Toolbar.Ask application cleaned by deleting - quarantined
C:\Documents and Settings\All Users\Application Data\Ask\APN-Stub\AD5\BIT3.tmp a variant of Win32/Bundled.Toolbar.Ask application cleaned by deleting - quarantined
C:\Documents and Settings\Connie\Local Settings\Application Data\Updater26278\Updater26278.exe a variant of Win32/Toolbar.CrossRider.C application cleaned by deleting - quarantined
C:\Documents and Settings\Connie\Local Settings\Temp\ApnStub.exe a variant of Win32/Bundled.Toolbar.Ask application cleaned by deleting - quarantined
C:\Documents and Settings\Connie\Local Settings\Temp\SolidSavings.exe multiple threats cleaned by deleting - quarantined
C:\Documents and Settings\Connie\My Documents\Avery Templates\Business Card Wide.exe a variant of Win32/Bundled.Toolbar.Ask.C application cleaned by deleting - quarantined
C:\Documents and Settings\Connie\My Documents\Avery Templates\round label.exe a variant of Win32/Bundled.Toolbar.Ask.C application cleaned by deleting - quarantined
C:\Program Files\MyScrapNook_12\bar\1.bin\12datact.dll a variant of Win32/Toolbar.MyWebSearch.A application cleaned by deleting - quarantined
C:\Program Files\MyScrapNook_12\bar\1.bin\12htmlmu.dll probably a variant of Win32/Toolbar.MyWebSearch.B application cleaned by deleting - quarantined
C:\Program Files\MyScrapNook_12\bar\1.bin\12ieovr.dll probably a variant of Win32/Toolbar.MyWebSearch.P application cleaned by deleting (after the next restart) - quarantined
C:\Program Files\MyScrapNook_12\bar\1.bin\12skin.dll a variant of Win32/Toolbar.MyWebSearch.P application cleaned by deleting - quarantined
C:\Program Files\MyScrapNook_12\bar\1.bin\T8HTML.DLL probably a variant of Win32/Toolbar.MyWebSearch.F application cleaned by deleting - quarantined
C:\Program Files\Solid Savings\Solid Savings.dll a variant of Win32/Toolbar.CrossRider.A application cleaned by deleting (after the next restart) - quarantined
C:\Program Files\Solid Savings\Uninstall.exe multiple threats cleaned by deleting - quarantined
Operating memory a variant of Win32/Toolbar.CrossRider.A application contained infected files
 



#6 redhot1n

redhot1n
  • Topic Starter

  • Members
  • 58 posts
  • OFFLINE
  •  
  • Local time:08:58 AM

Posted 18 April 2013 - 05:29 AM

MiniToolBox by Farbar  Version:05-03-2013
Ran by Connie (administrator) on 18-04-2013 at 03:27:10
Running from "C:\Documents and Settings\Connie\Local Settings\Temporary Internet Files\Content.IE5\VZMGB9EV"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration

 

Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


127.0.0.1       localhost

========================= IP Configuration: ================================

1394 Net Adapter = 1394 Connection (Connected)
Dell Wireless 1395 WLAN Mini-Card = Wireless Network Connection (Connected)
Broadcom 440x 10/100 Integrated Controller = Local Area Connection (Media disconnected)


# ----------------------------------
# Interface IP Configuration        
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp

# Interface IP Configuration for "Network Connect Adapter"

set address name="Network Connect Adapter" source=dhcp
set dns name="Network Connect Adapter" source=dhcp register=PRIMARY
set wins name="Network Connect Adapter" source=dhcp

# Interface IP Configuration for "Wireless Network Connection"

set address name="Wireless Network Connection" source=dhcp
set dns name="Wireless Network Connection" source=dhcp register=PRIMARY
set wins name="Wireless Network Connection" source=dhcp


popd
# End of interface IP configuration

 


Windows IP Configuration

 

        Host Name . . . . . . . . . . . . : connie-2f0a5ca4

        Primary Dns Suffix  . . . . . . . :

        Node Type . . . . . . . . . . . . : Unknown

        IP Routing Enabled. . . . . . . . : No

        WINS Proxy Enabled. . . . . . . . : No

        DNS Suffix Search List. . . . . . : hsd1.ut.comcast.net.

 

Ethernet adapter Local Area Connection:

 

        Media State . . . . . . . . . . . : Media disconnected

        Description . . . . . . . . . . . : Broadcom 440x 10/100 Integrated Controller

        Physical Address. . . . . . . . . : 00-1D-09-B4-B9-DF

 

Ethernet adapter Network Connect Adapter:

 

        Media State . . . . . . . . . . . : Media disconnected

        Description . . . . . . . . . . . : Juniper Network Connect Virtual Adapter

        Physical Address. . . . . . . . . : 00-FF-88-F4-CC-86

 

Ethernet adapter Wireless Network Connection:

 

        Connection-specific DNS Suffix  . : hsd1.ut.comcast.net.

        Description . . . . . . . . . . . : Dell Wireless 1395 WLAN Mini-Card

        Physical Address. . . . . . . . . : 00-16-44-71-61-A2

        Dhcp Enabled. . . . . . . . . . . : Yes

        Autoconfiguration Enabled . . . . : Yes

        IP Address. . . . . . . . . . . . : 192.168.1.134

        Subnet Mask . . . . . . . . . . . : 255.255.255.0

        Default Gateway . . . . . . . . . : 192.168.1.1

        DHCP Server . . . . . . . . . . . : 192.168.1.1

        DNS Servers . . . . . . . . . . . : 75.75.76.76

                                            75.75.75.75

        Lease Obtained. . . . . . . . . . : Wednesday, April 17, 2013 10:18:15 PM

        Lease Expires . . . . . . . . . . : Thursday, April 18, 2013 10:18:15 PM

Server:  cdns02.comcast.net
Address:  75.75.76.76

Name:    google.com
Addresses:  74.125.224.130, 74.125.224.135, 74.125.224.134, 74.125.224.131
   74.125.224.136, 74.125.224.137, 74.125.224.132, 74.125.224.128, 74.125.224.129
   74.125.224.142, 74.125.224.133

 

Pinging google.com [74.125.224.73] with 32 bytes of data:

 

Reply from 74.125.224.73: bytes=32 time=40ms TTL=55

Reply from 74.125.224.73: bytes=32 time=42ms TTL=55

 

Ping statistics for 74.125.224.73:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 40ms, Maximum = 42ms, Average = 41ms

Server:  cdns02.comcast.net
Address:  75.75.76.76

Name:    yahoo.com
Addresses:  98.139.183.24, 206.190.36.45, 98.138.253.109

 

Pinging yahoo.com [98.139.183.24] with 32 bytes of data:

 

Reply from 98.139.183.24: bytes=32 time=384ms TTL=50

Reply from 98.139.183.24: bytes=32 time=368ms TTL=50

 

Ping statistics for 98.139.183.24:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 368ms, Maximum = 384ms, Average = 376ms

 

Pinging 127.0.0.1 with 32 bytes of data:

 

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

 

Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 1d 09 b4 b9 df ...... Broadcom 440x 10/100 Integrated Controller - Packet Scheduler Miniport
0x3 ...00 ff 88 f4 cc 86 ...... Juniper Network Connect Virtual Adapter - Packet Scheduler Miniport
0x4 ...00 16 44 71 61 a2 ...... Dell Wireless 1395 WLAN Mini-Card - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1   192.168.1.134   25
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1   1
      169.254.0.0      255.255.0.0    192.168.1.134   192.168.1.134   20
      192.168.1.0    255.255.255.0    192.168.1.134   192.168.1.134   25
    192.168.1.134  255.255.255.255        127.0.0.1       127.0.0.1   25
    192.168.1.255  255.255.255.255    192.168.1.134   192.168.1.134   25
        224.0.0.0        240.0.0.0    192.168.1.134   192.168.1.134   25
  255.255.255.255  255.255.255.255    192.168.1.134   192.168.1.134   1
  255.255.255.255  255.255.255.255    192.168.1.134               2   1
  255.255.255.255  255.255.255.255    192.168.1.134               3   1
Default Gateway:       192.168.1.1
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (04/14/2013 01:08:02 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4000

Error: (04/14/2013 01:08:02 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4000

Error: (04/14/2013 01:08:02 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/14/2013 01:08:00 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1969

Error: (04/14/2013 01:08:00 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1969

Error: (04/14/2013 01:08:00 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/14/2013 00:44:58 PM) (Source: Application Hang) (User: )
Description: Hanging application firefox.exe, version 19.0.2.4814, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (04/13/2013 02:48:36 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4141

Error: (04/13/2013 02:48:36 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4141

Error: (04/13/2013 02:48:36 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (04/17/2013 10:17:51 PM) (Source: Print) (User: NT AUTHORITY)
Description: Printer Microsoft XPS Document Writer failed to initialize because a suitable Microsoft XPS Document Writer driver could not be found.

Error: (04/17/2013 10:07:25 PM) (Source: Print) (User: NT AUTHORITY)
Description: Printer Microsoft XPS Document Writer failed to initialize because a suitable Microsoft XPS Document Writer driver could not be found.

Error: (04/17/2013 08:46:25 PM) (Source: Print) (User: NT AUTHORITY)
Description: Printer Microsoft XPS Document Writer failed to initialize because a suitable Microsoft XPS Document Writer driver could not be found.

Error: (04/16/2013 08:29:30 AM) (Source: Dhcp) (User: )
Description: The IP address lease 10.7.230.30 for the Network Card with network address 00FF08F02086 has been
denied by the DHCP server 10.7.239.251 (The DHCP Server sent a DHCPNACK message).

Error: (04/16/2013 08:19:35 AM) (Source: Dhcp) (User: )
Description: The IP address lease 10.7.225.187 for the Network Card with network address 00FF08F02086 has been
denied by the DHCP server 10.7.239.251 (The DHCP Server sent a DHCPNACK message).

Error: (04/16/2013 06:31:02 AM) (Source: DCOM) (User: CONNIE-2F0A5CA4)
Description: Unable to start a DCOM Server: {28DD3979-0566-4ED3-9B14-1548B3187491}.
The error:
"%%2"
Happened while starting this command:
u u A

Error: (04/15/2013 09:26:32 PM) (Source: 0) (User: )
Description: 0xC0000001HarddiskVolume2

Error: (04/15/2013 07:54:22 PM) (Source: Service Control Manager) (User: )
Description: The Application Management service terminated with the following error:
%%126

Error: (04/15/2013 07:54:22 PM) (Source: Service Control Manager) (User: )
Description: The Application Management service terminated with the following error:
%%126

Error: (04/15/2013 07:54:22 PM) (Source: Service Control Manager) (User: )
Description: The Application Management service terminated with the following error:
%%126


Microsoft Office Sessions:
=========================
Error: (04/14/2013 01:08:02 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4000

Error: (04/14/2013 01:08:02 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4000

Error: (04/14/2013 01:08:02 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/14/2013 01:08:00 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1969

Error: (04/14/2013 01:08:00 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1969

Error: (04/14/2013 01:08:00 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/14/2013 00:44:58 PM) (Source: Application Hang)(User: )
Description: firefox.exe19.0.2.4814hungapp0.0.0.000000000

Error: (04/13/2013 02:48:36 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4141

Error: (04/13/2013 02:48:36 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4141

Error: (04/13/2013 02:48:36 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second


=========================== Installed Programs ============================

Adobe Flash Player 11 ActiveX (Version: 11.6.602.180)
Adobe Flash Player 11 Plugin (Version: 11.6.602.180)
Adobe Reader XI (11.0.02) (Version: 11.0.02)
Advanced Audio FX Engine
Advanced Video FX Engine
Akamai NetSession Interface
AntiLogger SDK version 1.5.6.849 (Version: 1.5.6.849)
Apple Application Support (Version: 2.3.2)
Apple Mobile Device Support (Version: 6.0.1.3)
Apple Software Update (Version: 2.1.3.127)
Bonjour (Version: 3.0.0.10)
Broadcom 440x 10/100 Integrated Controller (Version: 10.04.01)
Canon Easy-PhotoPrint EX
Canon Easy-WebPrint EX
Canon IJ Network Scanner Selector EX
Canon IJ Network Tool
Canon Inkjet Printer/Scanner/Fax Extended Survey Program
Canon MP Navigator EX 5.1
Canon MX430 series MP Drivers
Canon MX430 series On-screen Manual
Canon MX430 series User Registration
Canon My Printer
Canon Solution Menu EX
Canon Speed Dial Utility
Citrix online plug-in - web (Version: 12.1.0.30)
Citrix online plug-in (DV) (Version: 12.1.0.30)
Citrix online plug-in (HDX) (Version: 12.1.0.30)
Citrix online plug-in (USB) (Version: 12.1.0.30)
Citrix online plug-in (Web) (Version: 12.1.0.30)
Constant Guard Protection Suite (Version: 1.13.410.1)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dell Resource CD (Version: 1.00.0000)
Dell Webcam Center
Dell Webcam Manager
Dell Wireless WLAN Card Utility (Version: 4.170.77.13)
ESET Online Scanner v3
Games Bar A Toolbar (Version: 6.11.2.6)
Intel® Graphics Media Accelerator Driver
Java 7 Update 17 (Version: 7.0.170)
Java Auto Updater (Version: 2.1.9.0)
Juniper Networks Host Checker (Version: 6.5.0.15991)
Juniper Networks Network Connect 6.5.0 (Version: 6.5.0.15991)
Juniper Networks Setup Client (Version: 2.1.4.7717)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
Microsoft .NET Framework 2.0
Microsoft .NET Framework 2.0 (Version: 2.0.50727)
Microsoft .NET Framework 3.0
Microsoft .NET Framework 3.0 (Version: 3.0.04506.30)
Microsoft Download Manager (Version: 1.2.1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook Connector (Version: 14.0.6123.5001)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft Software Update for Web Folders  (English) 14 (Version: 14.0.6029.1000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Mozilla Firefox 19.0.2 (x86 en-US) (Version: 19.0.2)
Mozilla Maintenance Service (Version: 19.0.2)
MSXML 6.0 Parser (KB925673) (Version: 6.00.3888.0)
My Scrap Nook Toolbar
Norton Security Suite (Version: 20.1.0.24)
SigmaTel Audio (Version: 5.10.5210.0)
Solid Savings (Version: 1.26.153.1)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition
Update for Windows Internet Explorer 8 (KB2598845) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2661254-v2) (Version: 2)
Update for Windows XP (KB2736233) (Version: 1)
Update for Windows XP (KB2749655) (Version: 1)
Update for Windows XP (KB898461) (Version: 1)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
WebFldrs XP (Version: 9.50.7523)
Windows Communication Foundation (Version: 3.0.04506.30)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Presentation Foundation (Version: 3.0.6920.0)
Windows Workflow Foundation (Version: 3.0.4203.2)
Windows XP Service Pack 3 (Version: 20080414.031525)
XML Paper Specification Shared Components Pack 1.0

========================= Memory info: ===================================

Percentage of memory in use: 92%
Total physical RAM: 1013.97 MB
Available physical RAM: 78 MB
Total Pagefile: 2441.39 MB
Available Pagefile: 1439.92 MB
Total Virtual: 2047.88 MB
Available Virtual: 1969.48 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:105.91 GB) (Free:88.36 GB) NTFS

========================= Users: ========================================

User accounts for \\CONNIE-2F0A5CA4

Administrator            Connie                   Guest                   
HelpAssistant            SUPPORT_388945a0        


**** End of log ****



#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,534 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:58 AM

Posted 18 April 2013 - 09:24 AM

Hello.. there should be more at the end of the TDDS log after...
21:43:49.0953 0568  ============================================================
21:43:49.0968 1900  Detected object count: 1
21:43:49.0968 1900  Actual detected object count: 1

 
 
Try this instead of ADWcleaner or run both from Safe Mode with Networking.
 
.thisisujrt.gif  Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

Edited by boopme, 18 April 2013 - 09:25 AM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 redhot1n

redhot1n
  • Topic Starter

  • Members
  • 58 posts
  • OFFLINE
  •  
  • Local time:08:58 AM

Posted 18 April 2013 - 05:39 PM

21:43:49.0390 0568  ================ Scan global ===============================
21:43:49.0437 0568  [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
21:43:49.0484 0568  [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
21:43:49.0500 0568  [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
21:43:49.0546 0568  [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
21:43:49.0562 0568  [Global] - ok
21:43:49.0562 0568  ================ Scan MBR ==================================
21:43:49.0593 0568  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
21:43:49.0937 0568  \Device\Harddisk0\DR0 ( TDSS File System ) - warning
21:43:49.0937 0568  \Device\Harddisk0\DR0 - detected TDSS File System (1)
21:43:49.0937 0568  ================ Scan VBR ==================================
21:43:49.0953 0568  [ 605B105164A97EDF1EF8F8BE6BAD9480 ] \Device\Harddisk0\DR0\Partition1
21:43:49.0953 0568  \Device\Harddisk0\DR0\Partition1 - ok
21:43:49.0953 0568  ============================================================
21:43:49.0953 0568  Scan finished
21:43:49.0953 0568  ============================================================
21:43:49.0968 1900  Detected object count: 1
21:43:49.0968 1900  Actual detected object count: 1
21:53:33.0281 1900  \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
21:53:33.0281 1900  \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
21:53:40.0093 1296  Deinitialize success



#9 redhot1n

redhot1n
  • Topic Starter

  • Members
  • 58 posts
  • OFFLINE
  •  
  • Local time:08:58 AM

Posted 18 April 2013 - 06:08 PM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.8.5 (04.17.2013:1)
OS: Microsoft Windows XP x86
Ran by Connie on Thu 04/18/2013 at 15:52:52.90
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

~~~ Services

 

~~~ Registry Values

Successfully repaired: [Registry Value] hkey_current_user\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\DisplayName
Successfully repaired: [Registry Value] hkey_current_user\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\URL
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\DisplayName
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\URL

 

~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_current_user\software\conduit
Successfully deleted: [Registry Key] hkey_local_machine\software\conduit
Successfully deleted: [Registry Key] hkey_current_user\software\cr_installer
Successfully deleted: [Registry Key] hkey_current_user\software\crossrider
Successfully deleted: [Registry Key] hkey_current_user\software\installedbrowserextensions
Successfully deleted: [Registry Key] hkey_current_user\software\pricegong
Successfully deleted: [Registry Key] hkey_current_user\software\smartbar
Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\conduit
Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\menuext\&search
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0026278.BHO
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0026278.BHO.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0026278.Sandbox
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0026278.Sandbox.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\software\classes\CrossriderApp0026278.BHO
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\software\classes\CrossriderApp0026278.BHO.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\software\classes\CrossriderApp0026278.Sandbox
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\software\classes\CrossriderApp0026278.Sandbox.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\software\classes\Toolbar.CT3275393
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{11111111-1111-1111-1111-110211621178}
Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{35e9438f-19d4-4516-b2ac-59ba9241de4d}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{35e9438f-19d4-4516-b2ac-59ba9241de4d}
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{3c471948-f874-49f5-b338-4f214a2ee0b1}
Successfully deleted: [Registry Key] "hkey_current_user\software\apn pip"
Successfully deleted: [Registry Key] "hkey_current_user\software\pip"
Successfully deleted: [Registry Key] "hkey_local_machine\software\pip"

 

~~~ Files

Successfully deleted: [File] "C:\end"

 

~~~ Folders

Successfully deleted: [Folder] "C:\Documents and Settings\Connie\Application Data\drivercure"
Successfully deleted: [Folder] "C:\Documents and Settings\Connie\Application Data\pricegong"
Successfully deleted: [Folder] "C:\Documents and Settings\Connie\Local Settings\Application Data\conduit"
Successfully deleted: [Folder] "C:\Documents and Settings\Connie\Local Settings\Application Data\wajam"
Successfully deleted: [Folder] "C:\Program Files\conduit"
Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\ask"

 

~~~ FireFox

Successfully deleted: [File] C:\Documents and Settings\Connie\Application Data\mozilla\firefox\profiles\ccqmv0ah.default\searchplugins\conduit.xml
Successfully deleted: [Folder] C:\Documents and Settings\Connie\Application Data\mozilla\firefox\profiles\ccqmv0ah.default\smartbar
Successfully deleted the following from C:\Documents and Settings\Connie\Application Data\mozilla\firefox\profiles\ccqmv0ah.default\prefs.js

user_pref("CT3275393.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3275393&SearchSource=2&CUI=UN18847367841881413&UM=2&q=");
user_pref("CT3275393.embeddedsData", "[{\"appId\":\"10000002\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFrameTitle\":true,\"getMainFrameUrl\":true,\"getSearchTerm
user_pref("CT3275393.hxxp___freeridegames_conduitapps_com.APP_WIN_FEATURES.enc", "cmVzaXphYmxlPTAsaHNjcm9sbD0wLHZzY3JvbGw9MCx0aXRsZWJhcj0xLGNsb3NlYnV0dG9uPTEsc2F2ZXJlc2l6ZWRza
user_pref("CT3275393.installId", "conduitinstaller.exe");
user_pref("CT3275393.installType", "conduitnsisintegration");
user_pref("CT3275393.lastNewTabSettings", "{\"isEnabled\":false,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT3275393&octid=CT3275393&SearchSource=15&CUI=UN188473678418814
user_pref("CT3275393.mam_gk_appsData.enc", "eyJhcHBzIjpbeyJpZCI6IlByaWNlR29uZyIsInVybCI6Imh0dHA6Ly9wcmljZWdvbmcuY29uZHVpdGFwcHMuY29tL01BTS92MS9odG1sX2NvbXAuaHRtbCIsIm9wdGlvbnN
user_pref("CT3275393.mam_gk_localization.enc", "eyJnYWRnZXRDb250ZW50UG9saWN5Ijp7IlRleHQiOiJDb250ZW50IFBvbGljeSJ9LCJnYWRnZXREZXNjcmlwdGlvblByaW1hcnkiOnsiVGV4dCI6IlZhbHVlIEFwcHM
user_pref("CT3275393.mam_gk_settings1.4.4.6.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiNjFfLTEiLCJpc1Rlc3QiOmZhbHNlLCJpc1dlbGNvbWVFeHBlcmll
user_pref("CT3275393.search.searchAppId", "10000002");
user_pref("CT3275393.search.searchCount", "0");
user_pref("CT3275393.smartbar.CTID", "CT3275393");
user_pref("CT3275393.smartbar.Uninstall", "0");
user_pref("CT3275393.smartbar.homepage", true);
user_pref("CT3275393.smartbar.toolbarName", "Games Bar A ");
user_pref("CT3275393.toolbarNotificationQueue.enc", "W3siYXBwIjoiMTMwMDE0OTcwNDU5MjA0MzQ2MCIsImFyZ3MiOnsidGl0bGUiOiJNeSBHYW1lcyIsImNoYW5uZWwiOnsidXJsIjoiaHR0cDovL2ZyZWVyaWRlZ2
user_pref("CT3275393.toolbarNotificationSettings.enc", "eyJzZW5kTm90aWZpY2F0aW9ucyI6eyJhbGwiOnRydWUsImFwcHMiOnsiMTMwMDE0OTcwNDU5MjA0MzQ2Ijp7InNob3ciOnRydWUsImFwcE5hbWUiOiJNeSB
user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3275393&CUI=UN18847367841881413&UM=2&SearchSource=13");
user_pref("Smartbar.ConduitSearchEngineList", "Games Bar A Customized Web Search");
user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3275393&SearchSource=2&CUI=UN18847367841881413&UM=2&q=");
user_pref("Smartbar.SearchFromAddressBarSavedUrl", "");
user_pref("Smartbar.keywordURLSelectedCTID", "CT3275393");
user_pref("browser.search.defaultthis.engineName", "Games Bar A Customized Web Search");
user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3275393&CUI=UN18847367841881413&UM=2&SearchSource=3&q={searchTerms}");
user_pref("browser.search.selectedEngine", "Games Bar A Customized Web Search");
user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT3275393&CUI=UN18847367841881413&UM=2&SearchSource=13");
user_pref("extensions.crossriderapp26278.adsOldValue", 10);
user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3275393&SearchSource=2&CUI=UN18847367841881413&UM=&q=");
user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3275393&octid=CT3275393&SearchSource=61&CUI=UN18847367841881413&UM=2&UP=SP39E86CB8-C004-4D3F-8630-
user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3275393&SearchSource=2&CUI=UN18847367841881413&UM=2&q=,hxxp://search.condui
user_pref("smartbar.machineId", "NHI2MPE5ABQUME3YGCECPBMCEIQWYK2Y+JN2SX2TDW49K9GVYDDWJCSTTJNDPHZBEEDZ5+G3PC5CWS46SYMJRG");
user_pref("smartbar.originalHomepage", "hxxp://www.google.com/");
user_pref("smartbar.originalSearchAddressUrl", "");
user_pref("smartbar.originalSearchEngine", "Google");

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 04/18/2013 at 16:00:29.46
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,534 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:58 AM

Posted 18 April 2013 - 07:09 PM

How is it running now?
 
Lets also run MBAM....

Please download Malwarebytes Anti-Malware mbamicontw5.gif and save it to your desktop.
  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.
  • Double-click on the renamed file to install, then follow these instructions
  • for doing a Quick Scan in normal mode.
  • Don't forget to check for database definition updates through the program's interface (preferable method) before scanning.
  • If you cannot update Malwarebytes or use the Internet to download any files to the infected computer, manually update the database by following the instructions in FAQ Section A: 4. Issues
Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.
  • After completing the scan, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab .
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.
Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

-- Some types of malware will target Malwarebytes and other security tools to keep them from running properly. If that's the case, use Malwarebytes Chameleon and follow the onscreen instructions. The Chameleon folder can be accessed by opening the program folder for Malwarebytes Anti-Malware (normally C:\Program Files\Malwarebytes' Anti-Malware or C:\Program Files (x86)\Malwarebytes' Anti-Malware).
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 redhot1n

redhot1n
  • Topic Starter

  • Members
  • 58 posts
  • OFFLINE
  •  
  • Local time:08:58 AM

Posted 18 April 2013 - 07:23 PM

Since running the junkware removal..it allowed me to rung the adware...here is the log...its seems to be running okay, but my internet proxy settings have to be changed every time I open a browser. I will follow the malwarebytes instructions next.

 

Here is the adware log...

# AdwCleaner v2.200 - Logfile created 04/18/2013 at 17:11:41
# Updated 02/04/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Connie - CONNIE-2F0A5CA4
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Connie\Local Settings\Temporary Internet Files\Content.IE5\1EIHT07G\AdwCleaner[1].exe
# Option [Delete]

***** [Services] *****

***** [Files / Folders] *****

Deleted on reboot : C:\Documents and Settings\Connie\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jljbhenkepchpiknajdnfglojnccebbi
Deleted on reboot : C:\Documents and Settings\Connie\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jljbhenkepchpiknajdnfglojnccebbi
Deleted on reboot : C:\Documents and Settings\Connie\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jljbhenkepchpiknajdnfglojnccebbi
Deleted on reboot : C:\Documents and Settings\Connie\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jljbhenkepchpiknajdnfglojnccebbi
Deleted on reboot : C:\Documents and Settings\Connie\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
File Deleted : C:\DOCUME~1\Connie\LOCALS~1\Temp\Uninstall.exe
File Deleted : C:\Documents and Settings\Connie\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage
File Deleted : C:\Documents and Settings\Connie\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage-journal
Folder Deleted : C:\DOCUME~1\Connie\LOCALS~1\Temp\CT3275393
Folder Deleted : C:\DOCUME~1\Connie\LOCALS~1\Temp\Wajam
Folder Deleted : C:\Documents and Settings\All Users\Application Data\APN
Folder Deleted : C:\Documents and Settings\Connie\Application Data\Mozilla\Firefox\Profiles\ccqmv0ah.default\CT3275393
Folder Deleted : C:\Documents and Settings\Connie\Application Data\Mozilla\Firefox\Profiles\ccqmv0ah.default\extensions\{a55bb532-2438-4ece-820e-3e2c86861893}
Folder Deleted : C:\Documents and Settings\Connie\Application Data\Mozilla\Firefox\Profiles\ccqmv0ah.default\Smartbar
Folder Deleted : C:\Documents and Settings\Connie\Local Settings\Application Data\Games_Bar_A
Folder Deleted : C:\Program Files\Games_Bar_A
Folder Deleted : C:\Program Files\MyScrapNook_12

***** [Registry] *****

Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\Games_Bar_A
Key Deleted : HKCU\Software\Google\Chrome\Extensions\jljbhenkepchpiknajdnfglojnccebbi
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0214754E-4E7D-4589-829D-E2523E6A3085}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{65F159FB-5F5E-46F4-B45D-CCFA236D2073}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A55BB532-2438-4ECE-820E-3E2C86861893}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FE6F06FB-0FC0-4499-828F-EE48088F504F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0214754E-4E7D-4589-829D-E2523E6A3085}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{65F159FB-5F5E-46F4-B45D-CCFA236D2073}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9976DD51-3673-4E9E-B028-88A44490BDC9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A55BB532-2438-4ECE-820E-3E2C86861893}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B3B5C47E-61F7-4D81-AF06-461FC86686CE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FE6F06FB-0FC0-4499-828F-EE48088F504F}
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKCU\Toolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0214754E-4E7D-4589-829D-E2523E6A3085}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{13119113-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{33119133-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{65F159FB-5F5E-46F4-B45D-CCFA236D2073}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9976DD51-3673-4E9E-B028-88A44490BDC9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A55BB532-2438-4ECE-820E-3E2C86861893}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE6F06FB-0FC0-4499-828F-EE48088F504F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{03119103-0854-469D-807A-171568457991}
Key Deleted : HKLM\Software\Games_Bar_A
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jljbhenkepchpiknajdnfglojnccebbi
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6943D01A-B006-4523-84BA-8B45BFA8D610}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C969E231-323C-483A-9D21-B3F0D04A3889}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Games_Bar_A Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Wajam
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0214754E-4E7D-4589-829D-E2523E6A3085}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{65F159FB-5F5E-46F4-B45D-CCFA236D2073}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55BB532-2438-4ECE-820E-3E2C86861893}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9976DD51-3673-4E9E-B028-88A44490BDC9}
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Games_Bar_A Toolbar
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{A55BB532-2438-4ECE-820E-3E2C86861893}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{FE6F06FB-0FC0-4499-828F-EE48088F504F}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{A55BB532-2438-4ECE-820E-3E2C86861893}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{B3B5C47E-61F7-4D81-AF06-461FC86686CE}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{A55BB532-2438-4ECE-820E-3E2C86861893}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{FE6F06FB-0FC0-4499-828F-EE48088F504F}]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

-\\ Mozilla Firefox v19.0.2 (en-US)

File : C:\Documents and Settings\Connie\Application Data\Mozilla\Firefox\Profiles\ccqmv0ah.default\prefs.js

Deleted : user_pref("CT3275393.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT3275393.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...]
Deleted : user_pref("CT3275393.FirstTime", "true");
Deleted : user_pref("CT3275393.FirstTimeFF3", "true");
Deleted : user_pref("CT3275393.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT327[...]
Deleted : user_pref("CT3275393.UserID", "UN02080202592968560");
Deleted : user_pref("CT3275393.addressBarTakeOverEnabledInHidden", "true");
Deleted : user_pref("CT3275393.browser.search.defaultthis.engineName", true);
Deleted : user_pref("CT3275393.embeddedsData", "[{\"appId\":\"10000002\",\"apiPermissions\":{\"crossDomainAjax[...]
Deleted : user_pref("CT3275393.enableFix404ByUser", "FALSE");
Deleted : user_pref("CT3275393.firstTimeDialogOpened", "true");
Deleted : user_pref("CT3275393.fixPageNotFoundErrorByUser", "TRUE");
Deleted : user_pref("CT3275393.fixPageNotFoundErrorInHidden", "true");
Deleted : user_pref("CT3275393.fixUrls", true);
Deleted : user_pref("CT3275393.isCheckedStartAsHidden", true);
Deleted : user_pref("CT3275393.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT3275393.isFirstTimeToolbarLoading", "false");
Deleted : user_pref("CT3275393.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Deleted : user_pref("CT3275393.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Deleted : user_pref("CT3275393.keyword", true);
Deleted : user_pref("CT3275393.lastNewTabSettings", "{\"isEnabled\":false,\"newTabUrl\":\"hxxp://search.condui[...]
Deleted : user_pref("CT3275393.lastVersion", "10.15.0.562");
Deleted : user_pref("CT3275393.migrateAppsAndComponents", true);
Deleted : user_pref("CT3275393.navigationAliasesJson", "{\"EB_MAIN_FRAME_URL\":\"hxxp%3A%2F%2Fus.data.toolbar.[...]
Deleted : user_pref("CT3275393.personalApps", "{\"dataType\":\"object\",\"data\":\"[\\\"EMAIL_NOTIFIER\\\",\\\[...]
Deleted : user_pref("CT3275393.revertSettingsEnabled", "false");
Deleted : user_pref("CT3275393.search.searchAppId", "10000002");
Deleted : user_pref("CT3275393.search.searchCount", "0");
Deleted : user_pref("CT3275393.searchFromAddressBarEnabledByUser", "true");
Deleted : user_pref("CT3275393.searchInNewTabEnabledByUser", "true");
Deleted : user_pref("CT3275393.searchInNewTabEnabledInHidden", "true");
Deleted : user_pref("CT3275393.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT3275393.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]
Deleted : user_pref("CT3275393.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"2\[...]
Deleted : user_pref("CT3275393.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
Deleted : user_pref("CT3275393.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
Deleted : user_pref("CT3275393.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
Deleted : user_pref("CT3275393.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
Deleted : user_pref("CT3275393.settingsINI", true);
Deleted : user_pref("CT3275393.showToolbarPermission", "false");
Deleted : user_pref("CT3275393.smartbar.CTID", "CT3275393");
Deleted : user_pref("CT3275393.smartbar.Uninstall", "0");
Deleted : user_pref("CT3275393.smartbar.homepage", true);
Deleted : user_pref("CT3275393.smartbar.toolbarName", "Games Bar A ");
Deleted : user_pref("CT3275393.toolbarBornServerTime", "18-4-2013");
Deleted : user_pref("CT3275393.toolbarCurrentServerTime", "18-4-2013");
Deleted : user_pref("CT3275393.toolbarLoginClientTime", "Thu Apr 18 2013 16:33:24 GMT-0700 (Pacific Daylight T[...]
Deleted : user_pref("CT3275393_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...]
Deleted : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3275393&SearchSource=1[...]
Deleted : user_pref("Smartbar.ConduitSearchEngineList", "Games Bar A Customized Web Search");
Deleted : user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3275393[...]
Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "data:text/plain,keyword.URL=hxxp://search.yahoo.[...]
Deleted : user_pref("Smartbar.keywordURLSelectedCTID", "CT3275393");
Deleted : user_pref("browser.search.selectedEngine", "Games Bar A Customized Web Search");
Deleted : user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT3275393&SearchSource=13&CUI[...]
Deleted : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3275393&SearchSource=2&CU[...]
Deleted : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3275393&CUI=UN188473678[...]
Deleted : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT[...]
Deleted : user_pref("smartbar.originalHomepage", "data:text/plain,browser.startup.homepage=hxxp://search.yahoo[...]
Deleted : user_pref("smartbar.originalSearchAddressUrl", "data:text/plain,keyword.URL=hxxp://search.yahoo.com/[...]
Deleted : user_pref("smartbar.originalSearchEngine", false);

-\\ Google Chrome v [Unable to get version]

File : C:\Documents and Settings\Connie\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

Deleted [l.2200] : homepage = "hxxp://search.conduit.com/?ctid=CT3275393&SearchSource=48&CUI=UN42909188091808185&UM[...]
Deleted [l.2442] : urls_to_restore_on_startup = [ "hxxp://search.conduit.com/?ctid=CT3275393&SearchSource=48&CUI[...]

*************************

AdwCleaner[S1].txt - [433 octets] - [17/04/2013 21:56:58]
AdwCleaner[S2].txt - [433 octets] - [17/04/2013 22:12:34]
AdwCleaner[S3].txt - [433 octets] - [18/04/2013 03:36:24]
AdwCleaner[S4].txt - [13392 octets] - [18/04/2013 17:11:42]

########## EOF - C:\AdwCleaner[S4].txt - [13453 octets] ##########



#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,534 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:58 AM

Posted 18 April 2013 - 08:14 PM

If the proxy continues after MBAM run
Please download Rkill by Grinler from one of the 4 links below (if one of them does not work try another...) and save it to your desktop:

Link 1
Link 2
Link 3
Link 4

•In order for Rkill to run properly you must disable your anti-malware software. Please refer to this page if you are not sure how.
•Double-click on Rkill. (If you are using Windows Vista, please right-click on it and select Run As Administrator)?Note: You may have to run Rkill a few times before it is successful. You may also have to download Rkill from a different link which will save it as a different file name.

•A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
•An Rkill.log will appear. Please copy and paste the contents in your reply (file also located at c:\rkill.log)
•Do not reboot your computer after running Rkill as the malware programs will start again. If your computer reboots, run Rkill again before continuing on to the next step.
•If nothing happens or if the tool does not run, please let me know in your next reply.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#13 redhot1n

redhot1n
  • Topic Starter

  • Members
  • 58 posts
  • OFFLINE
  •  
  • Local time:08:58 AM

Posted 19 April 2013 - 12:43 AM

Malwarebytes Anti-Malware (Trial) 1.70.0.1100
www.malwarebytes.org

Database version: v2013.02.12.06

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Connie :: CONNIE-2F0A5CA4 [administrator]

Protection: Enabled

2/12/2013 6:52:16 AM
mbam-log-2013-02-12 (06-52-16).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 247493
Time elapsed: 48 minute(s), 25 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)



#14 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,534 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:58 AM

Posted 19 April 2013 - 10:22 AM

See post 12
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#15 redhot1n

redhot1n
  • Topic Starter

  • Members
  • 58 posts
  • OFFLINE
  •  
  • Local time:08:58 AM

Posted 19 April 2013 - 09:51 PM

Rkill 2.4.7 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 04/19/2013 07:49:59 PM in x86 mode.
Windows Version: Microsoft Windows XP Service Pack 3

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * C:\WINDOWS\System32\WLTRYSVC.EXE (PID: 1680) [WD-HEUR]
 * C:\WINDOWS\System32\bcmwltry.exe (PID: 1696) [WD-HEUR]
 * C:\WINDOWS\system32\WLTRAY.exe (PID: 484) [WD-HEUR]

3 proccesses terminated!

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * Windows Firewall Disabled

   [HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
   "EnableFirewall" = dword:00000000

Checking Windows Service Integrity:

 * No issues found.

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * HOSTS file entries found:

  127.0.0.1       localhost

Program finished at: 04/19/2013 07:50:39 PM
Execution time: 0 hours(s), 0 minute(s), and 39 seconds(s)






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users