Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

virus scan shows clean but folks are getting bogus emails


  • Please log in to reply
7 replies to this topic

#1 bhl

bhl

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:03:45 PM

Posted 30 April 2013 - 05:58 PM

Today I received 5 emails in "response" to emails that I supposedly sent them.  The emails I "sent" consisted of what was obviously mailicious links.

 

I did a full scan with Kaspersky and it came up clean, though awhile back it did catch an attack on JAVA and the last time I ran JAVA update (last week) it told me that I had a corrupted file.

 

Puzzled...



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,917 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:45 PM

Posted 30 April 2013 - 06:12 PM

Hello and welcome..
Please change your Email password.


Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



Please Download TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results.



Please download AdwCleaner by Xplode onto your desktop.
•Close all open programs and internet browsers.
•Double click on adwcleaner.exe to run the tool.
•Click on Delete.
•Confirm each time with Ok.
•You will be prompted to restart your computer. A text file will open after the restart.
•Please post the contents of that logfile with your next reply.
•You can find the logfile at C:\AdwCleaner[S1].txt as well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 bhl

bhl
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:03:45 PM

Posted 01 May 2013 - 10:06 AM

Here is MiniToolBox log

 

MiniToolBox by Farbar  Version:21-04-2013
Ran by user (administrator) on 01-05-2013 at 10:04:57
Running from "C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\T8BWIY6G"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

 

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

127.0.0.1       localhost

========================= IP Configuration: ================================

Realtek RTL8139 Family PCI Fast Ethernet NIC = Local Area Connection (Connected)
1394 Net Adapter = 1394 Connection (Connected)

# ----------------------------------
# Interface IP Configuration        
# ----------------------------------
pushd interface ip

# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp

popd
# End of interface IP configuration

 

Windows IP Configuration

 

        Host Name . . . . . . . . . . . . : user-05b631aad8

        Primary Dns Suffix  . . . . . . . :

        Node Type . . . . . . . . . . . . : Unknown

        IP Routing Enabled. . . . . . . . : No

        WINS Proxy Enabled. . . . . . . . : No

 

Ethernet adapter Local Area Connection:

 

        Connection-specific DNS Suffix  . :

        Description . . . . . . . . . . . : Realtek RTL8139 Family PCI Fast Ethernet NIC

        Physical Address. . . . . . . . . : 00-15-F2-13-ED-18

        Dhcp Enabled. . . . . . . . . . . : Yes

        Autoconfiguration Enabled . . . . : Yes

        IP Address. . . . . . . . . . . . : 10.0.0.4

        Subnet Mask . . . . . . . . . . . : 255.255.255.0

        Default Gateway . . . . . . . . . : 10.0.0.1

        DHCP Server . . . . . . . . . . . : 10.0.0.1

        DNS Servers . . . . . . . . . . . : 10.0.0.1

        Lease Obtained. . . . . . . . . . : Wednesday, May 01, 2013 8:26:48 AM

        Lease Expires . . . . . . . . . . : Thursday, May 02, 2013 8:26:48 AM

Server:  UnKnown
Address:  10.0.0.1

Name:    google.com
Addresses:  74.125.227.135, 74.125.227.142, 74.125.227.130, 74.125.227.132
   74.125.227.133, 74.125.227.137, 74.125.227.128, 74.125.227.129, 74.125.227.134
   74.125.227.136, 74.125.227.131

 

Pinging google.com [74.125.227.131] with 32 bytes of data:

 

Reply from 74.125.227.131: bytes=32 time=57ms TTL=54

Reply from 74.125.227.131: bytes=32 time=58ms TTL=54

 

Ping statistics for 74.125.227.131:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 57ms, Maximum = 58ms, Average = 57ms

Server:  UnKnown
Address:  10.0.0.1

Name:    yahoo.com
Addresses:  206.190.36.45, 98.139.183.24, 98.138.253.109

 

Pinging yahoo.com [98.138.253.109] with 32 bytes of data:

 

Reply from 98.138.253.109: bytes=32 time=912ms TTL=52

Reply from 98.138.253.109: bytes=32 time=856ms TTL=49

 

Ping statistics for 98.138.253.109:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 856ms, Maximum = 912ms, Average = 884ms

 

Pinging 127.0.0.1 with 32 bytes of data:

 

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

 

Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 15 f2 13 ed 18 ...... Realtek RTL8139 Family PCI Fast Ethernet NIC - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0         10.0.0.1        10.0.0.4   20
         10.0.0.0    255.255.255.0         10.0.0.4        10.0.0.4   20
         10.0.0.4  255.255.255.255        127.0.0.1       127.0.0.1   20
   10.255.255.255  255.255.255.255         10.0.0.4        10.0.0.4   20
       23.0.48.29  255.255.255.255         10.0.0.1        10.0.0.4   20
       23.56.0.29  255.255.255.255         10.0.0.1        10.0.0.4   20
      50.56.4.164  255.255.255.255         10.0.0.1        10.0.0.4   20
    66.235.133.33  255.255.255.255         10.0.0.1        10.0.0.4   20
   66.235.139.110  255.255.255.255         10.0.0.1        10.0.0.4   20
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1   1
      169.254.0.0      255.255.0.0         10.0.0.4        10.0.0.4   20
   206.46.232.195  255.255.255.255         10.0.0.1        10.0.0.4   20
        224.0.0.0        240.0.0.0         10.0.0.4        10.0.0.4   20
  255.255.255.255  255.255.255.255         10.0.0.4        10.0.0.4   1
Default Gateway:          10.0.0.1
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\system32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (04/30/2013 00:06:50 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding   23 4.0.0.10.in-addr.arpa. PTR user-05b631aad8.local.

Error: (04/30/2013 00:06:50 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: Received from 10.0.0.4:5353   25 4.0.0.10.in-addr.arpa. PTR user-05b631aad8-2.local.

Error: (04/29/2013 09:48:29 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding   23 5.0.0.10.in-addr.arpa. PTR user-05b631aad8.local.

Error: (04/29/2013 09:48:29 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: Received from 10.0.0.5:5353   25 5.0.0.10.in-addr.arpa. PTR user-05b631aad8-2.local.

Error: (04/29/2013 09:18:18 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding   23 5.0.0.10.in-addr.arpa. PTR user-05b631aad8.local.

Error: (04/29/2013 09:18:18 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: Received from 10.0.0.5:5353   25 5.0.0.10.in-addr.arpa. PTR user-05b631aad8-2.local.

Error: (04/29/2013 11:50:18 AM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding   23 2.0.0.10.in-addr.arpa. PTR user-05b631aad8.local.

Error: (04/29/2013 11:50:18 AM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: Received from 10.0.0.2:5353   25 2.0.0.10.in-addr.arpa. PTR user-05b631aad8-2.local.

Error: (04/28/2013 03:08:05 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding   23 6.0.0.10.in-addr.arpa. PTR user-05b631aad8.local.

Error: (04/28/2013 03:08:05 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: Received from 10.0.0.6:5353   25 6.0.0.10.in-addr.arpa. PTR user-05b631aad8-2.local.

System errors:
=============
Error: (04/30/2013 05:07:01 PM) (Source: 0) (User: )
Description: \Device\LanmanDatagramReceiverJARVISNetBT_Tcpip_{9F1513E6-6053-410B-85

Error: (04/30/2013 03:58:15 PM) (Source: 0) (User: )
Description: \Device\LanmanDatagramReceiverJARVISNetBT_Tcpip_{9F1513E6-6053-410B-85

Error: (04/30/2013 02:58:05 PM) (Source: 0) (User: )
Description: \Device\LanmanDatagramReceiverJARVISNetBT_Tcpip_{9F1513E6-6053-410B-85

Error: (04/30/2013 01:46:02 PM) (Source: 0) (User: )
Description: \Device\LanmanDatagramReceiverJARVISNetBT_Tcpip_{9F1513E6-6053-410B-85

Error: (04/30/2013 00:06:17 PM) (Source: Dhcp) (User: )
Description: The IP address lease 10.0.0.5 for the Network Card with network address 0015F213ED18 has been
denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).

Error: (04/29/2013 09:17:43 PM) (Source: Dhcp) (User: )
Description: The IP address lease 10.0.0.2 for the Network Card with network address 0015F213ED18 has been
denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).

Error: (04/29/2013 01:09:53 PM) (Source: 0) (User: )
Description: \Device\LanmanDatagramReceiverJARVISNetBT_Tcpip_{9F1513E6-6053-410B-85

Error: (04/29/2013 11:55:50 AM) (Source: 0) (User: )
Description: \Device\LanmanDatagramReceiverJARVISNetBT_Tcpip_{9F1513E6-6053-410B-85

Error: (04/29/2013 11:49:43 AM) (Source: Dhcp) (User: )
Description: The IP address lease 10.0.0.6 for the Network Card with network address 0015F213ED18 has been
denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).

Error: (04/29/2013 06:09:08 AM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for a transaction response from the AVP service.

Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

Adobe Flash Player 11 ActiveX (Version: 11.7.700.169)
Adobe Reader XI (11.0.02) (Version: 11.0.02)
Agere Systems PCI Soft Modem
aioscnnr (Version: 7.6.13.10)
Amazon MP3 Downloader 1.0.17 (Version: 1.0.17)
Apple Application Support (Version: 2.3.2)
Apple Mobile Device Support (Version: 6.0.1.3)
Apple Software Update (Version: 2.1.3.127)
Ask Toolbar (Version: 1.15.9.0)
Ask Toolbar Updater (Version: 1.2.3.29495)
ATI - Software Uninstall Utility (Version: 6.14.10.1022)
ATI Catalyst Control Center (Version: 2.010.0210.2338)
ATI Display Driver (Version: 8.593.100-100210a-095952E-ATI)
Bonjour (Version: 3.0.0.10)
C4USelfUpdater (Version: 1.00.0000)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2010.0210.2339.42455)
Catalyst Control Center Graphics Full Existing (Version: 2010.0210.2339.42455)
Catalyst Control Center Graphics Full New (Version: 2010.0210.2339.42455)
Catalyst Control Center Graphics Light (Version: 2010.0210.2339.42455)
Catalyst Control Center Graphics Previews Common (Version: 2010.0210.2339.42455)
Catalyst Control Center HydraVision Full (Version: 2010.0210.2339.42455)
Catalyst Control Center Localization All (Version: 2010.0210.2339.42455)
CCC Help Chinese Standard (Version: 2010.0210.2338.42455)
CCC Help Chinese Traditional (Version: 2010.0210.2338.42455)
CCC Help Czech (Version: 2010.0210.2338.42455)
CCC Help Danish (Version: 2010.0210.2338.42455)
CCC Help Dutch (Version: 2010.0210.2338.42455)
CCC Help English (Version: 2010.0210.2338.42455)
CCC Help Finnish (Version: 2010.0210.2338.42455)
CCC Help French (Version: 2010.0210.2338.42455)
CCC Help German (Version: 2010.0210.2338.42455)
CCC Help Greek (Version: 2010.0210.2338.42455)
CCC Help Hungarian (Version: 2010.0210.2338.42455)
CCC Help Italian (Version: 2010.0210.2338.42455)
CCC Help Japanese (Version: 2010.0210.2338.42455)
CCC Help Korean (Version: 2010.0210.2338.42455)
CCC Help Norwegian (Version: 2010.0210.2338.42455)
CCC Help Polish (Version: 2010.0210.2338.42455)
CCC Help Portuguese (Version: 2010.0210.2338.42455)
CCC Help Russian (Version: 2010.0210.2338.42455)
CCC Help Spanish (Version: 2010.0210.2338.42455)
CCC Help Swedish (Version: 2010.0210.2338.42455)
CCC Help Thai (Version: 2010.0210.2338.42455)
CCC Help Turkish (Version: 2010.0210.2338.42455)
ccc-core-preinstall (Version: 2010.0210.2339.42455)
ccc-core-static (Version: 2010.0210.2339.42455)
ccc-utility (Version: 2010.0210.2339.42455)
center (Version: 7.7.2.0)
essentials (Version: 7.7.2.0)
File Uploader (Version: 1.2.1)
GIMP 2.6.12-2 (Version: 2.6.12)
GIMP 2.8.2 (Version: 2.8.2)
Google Chrome (Version: 26.0.1410.64)
Google Update Helper (Version: 1.3.21.135)
H&R Block Deluxe + Efile + State 2012 (Version: 12.05.7803)
HiJackThis (Version: 1.0.0)
iLumina Gold (Version: 2.0)
Image Plugin (Version: 3.04.0226)
iTunes (Version: 11.0.1.12)
Java 7 Update 17 (Version: 7.0.170)
Java Auto Updater (Version: 2.1.9.0)
Kaspersky PURE 2.0 (Version: 12.0.2.733)
Kodak AIO Printer (Version: 7.7.2.0)
KODAK AiO Software (Version: 7.7.4.0)
LSI PCI Soft Modem (Version: 2.2.98)
Microsoft .NET Framework 1.0 Hotfix (KB2604042)
Microsoft .NET Framework 1.0 Hotfix (KB2656378)
Microsoft .NET Framework 1.0 Hotfix (KB979904)
Microsoft .NET Framework 1.0 Security Update (KB2698035)
Microsoft .NET Framework 1.0 Security Update (KB2742607)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB2742597)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Software Update for Web Folders  (English) 12 (Version: 12.0.6612.1000)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 6.0 Parser (Version: 6.10.1129.0)
Nikon Message Center (Version: 0.92.000)
Nikon RAW Codec (Version: 1.00.0000)
Nikon Transfer (Version: 1.5.0)
ocr (Version: 6.2.3.50)
Picture Control Utility (Version: 1.1.6)
PreReq (Version: 6.2.4.0)
PrintProjects (Version: 1.0.0.9282)
QuickTime (Version: 7.73.80.64)
RawTherapee 3.0.1 (Version: 3.0.1.0)
Skins (Version: 2010.0210.2339.42455)
Skype Click to Call (Version: 6.8.12323)
Skype™ 6.3 (Version: 6.3.105)
Spyder2PRO
Stellarium 0.11.4 (Version: 0.11.4)
UFRaw 0.18
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2768021) 32-Bit Edition
Update for Windows Internet Explorer 8 (KB2598845) (Version: 1)
Update for Windows Internet Explorer 8 (KB2632503) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2492386) (Version: 1)
Update for Windows XP (KB2661254-v2) (Version: 2)
Update for Windows XP (KB2736233) (Version: 1)
Update for Windows XP (KB2749655) (Version: 1)
Update for Windows XP (KB898461) (Version: 1)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
Update Rollup 2 for Windows XP Media Center Edition 2005
ViewNX (Version: 1.4.0)
WebFldrs XP (Version: 9.50.7523)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Media Format 11 runtime
Windows Media Player 11
Windows Search 4.0 (Version: 04.00.6001.503)
Windows XP Media Center Edition 2005 KB2502898
Windows XP Media Center Edition 2005 KB2619340
Windows XP Media Center Edition 2005 KB2628259
Windows XP Media Center Edition 2005 KB925766
Windows XP Media Center Edition 2005 KB973768
Windows XP Service Pack 3 (Version: 20080414.031525)

========================= Memory info: ===================================

Percentage of memory in use: 47%
Total physical RAM: 1982.48 MB
Available physical RAM: 1035.29 MB
Total Pagefile: 3870.68 MB
Available Pagefile: 2816 MB
Total Virtual: 2047.88 MB
Available Virtual: 1968.82 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:149.04 GB) (Free:64.49 GB) NTFS
8 Drive i: (New Volume) (Fixed) (Total:232.88 GB) (Free:172.1 GB) NTFS

========================= Users: ========================================

User accounts for \\USER-05B631AAD8

Administrator            ASPNET                   Guest                   
HelpAssistant            SUPPORT_388945a0         user                    

**** End of log ****



#4 bhl

bhl
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:03:45 PM

Posted 01 May 2013 - 10:10 AM

TDSS Killer report - 0 threats found

 

10:08:01.0437 3468  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
10:08:02.0062 3468  ============================================================
10:08:02.0062 3468  Current date / time: 2013/05/01 10:08:02.0062
10:08:02.0062 3468  SystemInfo:
10:08:02.0062 3468 
10:08:02.0062 3468  OS Version: 5.1.2600 ServicePack: 3.0
10:08:02.0062 3468  Product type: Workstation
10:08:02.0062 3468  ComputerName: USER-05B631AAD8
10:08:02.0062 3468  UserName: user
10:08:02.0062 3468  Windows directory: C:\WINDOWS
10:08:02.0062 3468  System windows directory: C:\WINDOWS
10:08:02.0062 3468  Processor architecture: Intel x86
10:08:02.0062 3468  Number of processors: 1
10:08:02.0062 3468  Page size: 0x1000
10:08:02.0062 3468  Boot type: Normal boot
10:08:02.0062 3468  ============================================================
10:08:03.0671 3468  Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
10:08:03.0765 3468  Drive \Device\Harddisk5\DR6 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
10:08:03.0765 3468  ============================================================
10:08:03.0765 3468  \Device\Harddisk0\DR0:
10:08:03.0765 3468  MBR partitions:
10:08:03.0765 3468  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x12A14BC1
10:08:03.0765 3468  \Device\Harddisk5\DR6:
10:08:03.0765 3468  MBR partitions:
10:08:03.0765 3468  \Device\Harddisk5\DR6\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D1C4542
10:08:03.0765 3468  ============================================================
10:08:03.0781 3468  C: <-> \Device\Harddisk0\DR0\Partition1
10:08:04.0125 3468  I: <-> \Device\Harddisk5\DR6\Partition1
10:08:04.0125 3468  ============================================================
10:08:04.0125 3468  Initialize success
10:08:04.0125 3468  ============================================================
10:08:10.0781 4796  ============================================================
10:08:10.0781 4796  Scan started
10:08:10.0781 4796  Mode: Manual;
10:08:10.0781 4796  ============================================================
10:08:12.0906 4796  ================ Scan system memory ========================
10:08:12.0906 4796  Scan interrupted by user!
10:08:12.0906 4796  ================ Scan services =============================
10:08:12.0906 4796  Scan interrupted by user!
10:08:12.0906 4796  ================ Scan global ===============================
10:08:12.0906 4796  Scan interrupted by user!
10:08:12.0906 4796  ================ Scan MBR ==================================
10:08:12.0906 4796  Scan interrupted by user!
10:08:12.0906 4796  ================ Scan VBR ==================================
10:08:12.0906 4796  Scan interrupted by user!
10:08:12.0906 4796  ============================================================
10:08:12.0906 4796  Scan finished
10:08:12.0906 4796  ============================================================
10:08:12.0921 4432  Detected object count: 0
10:08:12.0921 4432  Actual detected object count: 0
10:08:28.0750 0392  ============================================================
10:08:28.0750 0392  Scan started
10:08:28.0750 0392  Mode: Manual; TDLFS;
10:08:28.0750 0392  ============================================================
10:08:29.0375 0392  ================ Scan system memory ========================
10:08:31.0062 0392  System memory - ok
10:08:31.0062 0392  ================ Scan services =============================
10:08:31.0203 0392  Abiosdsk - ok
10:08:31.0203 0392  abp480n5 - ok
10:08:31.0250 0392  [ 8FD99680A539792A30E97944FDAECF17 ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
10:08:31.0265 0392  ACPI - ok
10:08:31.0281 0392  [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
10:08:31.0281 0392  ACPIEC - ok
10:08:31.0359 0392  [ 479901C99FA62D1C3261B7ACB1228DAD ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
10:08:31.0359 0392  AdobeFlashPlayerUpdateSvc - ok
10:08:31.0359 0392  adpu160m - ok
10:08:31.0421 0392  [ 8BED39E3C35D6A489438B8141717A557 ] aec             C:\WINDOWS\system32\drivers\aec.sys
10:08:31.0421 0392  aec - ok
10:08:31.0468 0392  [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
10:08:31.0468 0392  AFD - ok
10:08:31.0546 0392  [ 6416F9B6B220F0A890525C38235AFAD7 ] AgereModemAudio C:\Program Files\LSI SoftModem\agrsmsvc.exe
10:08:31.0546 0392  AgereModemAudio - ok
10:08:31.0593 0392  [ 7560F465F1CE69C53BF17559EE195548 ] AgereSoftModem  C:\WINDOWS\system32\DRIVERS\AGRSM.sys
10:08:31.0625 0392  AgereSoftModem - ok
10:08:31.0640 0392  Aha154x - ok
10:08:31.0656 0392  aic78u2 - ok
10:08:31.0656 0392  aic78xx - ok
10:08:31.0750 0392  [ 781C5EC517C53F5214B61253B20C13C4 ] ALCXWDM         C:\WINDOWS\system32\drivers\ALCXWDM.SYS
10:08:31.0828 0392  ALCXWDM - ok
10:08:31.0843 0392  [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
10:08:31.0859 0392  Alerter - ok
10:08:31.0875 0392  [ 8C515081584A38AA007909CD02020B3D ] ALG             C:\WINDOWS\System32\alg.exe
10:08:31.0875 0392  ALG - ok
10:08:31.0875 0392  AliIde - ok
10:08:31.0906 0392  [ 033448D435E65C4BD72E70521FD05C76 ] AmdPPM          C:\WINDOWS\system32\DRIVERS\AmdPPM.sys
10:08:31.0921 0392  AmdPPM - ok
10:08:31.0921 0392  amsint - ok
10:08:32.0031 0392  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:08:32.0031 0392  Apple Mobile Device - ok
10:08:32.0093 0392  [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
10:08:32.0093 0392  AppMgmt - ok
10:08:32.0140 0392  [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394         C:\WINDOWS\system32\DRIVERS\arp1394.sys
10:08:32.0140 0392  Arp1394 - ok
10:08:32.0140 0392  asc - ok
10:08:32.0156 0392  asc3350p - ok
10:08:32.0171 0392  asc3550 - ok
10:08:32.0281 0392  [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
10:08:32.0281 0392  aspnet_state - ok
10:08:32.0312 0392  [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
10:08:32.0312 0392  AsyncMac - ok
10:08:32.0343 0392  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
10:08:32.0343 0392  atapi - ok
10:08:32.0359 0392  Atdisk - ok
10:08:32.0406 0392  [ 471087B5E1E01CC82604E81EA14781D8 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
10:08:32.0453 0392  Ati HotKey Poller - ok
10:08:32.0484 0392  [ B979BA0120B6DB757196A8E2E873FE3C ] ATI Smart       C:\WINDOWS\system32\ati2sgag.exe
10:08:32.0500 0392  ATI Smart - ok
10:08:32.0609 0392  [ C0B86ECB324E50F6BBD529F9D5C6B24B ] ati2mtag        C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
10:08:32.0718 0392  ati2mtag - ok
10:08:32.0750 0392  [ 9916C1225104BA14794209CFA8012159 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
10:08:32.0750 0392  Atmarpc - ok
10:08:32.0796 0392  [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
10:08:32.0796 0392  AudioSrv - ok
10:08:32.0828 0392  [ D9F724AA26C010A217C97606B160ED68 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
10:08:32.0843 0392  audstub - ok
10:08:33.0062 0392  [ AEFC1353D0FB4E92A23CFB7E3372356D ] AVP             C:\Program Files\Kaspersky Lab\Kaspersky PURE 2.0\avp.exe
10:08:33.0062 0392  AVP - ok
10:08:33.0109 0392  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
10:08:33.0109 0392  Beep - ok
10:08:33.0156 0392  [ 574738F61FCA2935F5265DC4E5691314 ] BITS            C:\WINDOWS\system32\qmgr.dll
10:08:33.0171 0392  BITS - ok
10:08:33.0218 0392  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
10:08:33.0234 0392  Bonjour Service - ok
10:08:33.0265 0392  [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser         C:\WINDOWS\System32\browser.dll
10:08:33.0265 0392  Browser - ok
10:08:33.0312 0392  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
10:08:33.0312 0392  cbidf2k - ok
10:08:33.0328 0392  [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE        C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
10:08:33.0328 0392  CCDECODE - ok
10:08:33.0343 0392  cd20xrnt - ok
10:08:33.0375 0392  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
10:08:33.0390 0392  Cdaudio - ok
10:08:33.0406 0392  [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
10:08:33.0406 0392  Cdfs - ok
10:08:33.0468 0392  [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
10:08:33.0468 0392  Cdrom - ok
10:08:33.0468 0392  Changer - ok
10:08:33.0515 0392  [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc           C:\WINDOWS\system32\cisvc.exe
10:08:33.0531 0392  CiSvc - ok
10:08:33.0531 0392  [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
10:08:33.0546 0392  ClipSrv - ok
10:08:33.0578 0392  [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:08:33.0593 0392  clr_optimization_v2.0.50727_32 - ok
10:08:33.0593 0392  CmdIde - ok
10:08:33.0609 0392  COMSysApp - ok
10:08:33.0625 0392  Cpqarray - ok
10:08:33.0656 0392  [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
10:08:33.0656 0392  CryptSvc - ok
10:08:33.0687 0392  [ 5CBF20674BE8364FEBB6A13451A42F0A ] CSCrySec        C:\WINDOWS\system32\DRIVERS\CSCrySec.sys
10:08:33.0687 0392  CSCrySec - ok
10:08:33.0765 0392  [ 6E5B42219F1FE4A3D087D9D501E343D5 ] CSObjectsSrv    C:\Program Files\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
10:08:33.0796 0392  CSObjectsSrv - ok
10:08:33.0812 0392  [ 2C3F213EDDD231099FB779A45D7680E0 ] CSVirtualDiskDrv C:\WINDOWS\system32\DRIVERS\CSVirtualDiskDrv.sys
10:08:33.0828 0392  CSVirtualDiskDrv - ok
10:08:33.0859 0392  [ C6644D1A70C050FDD7ECBE8C3AC05313 ] cvspydr2        C:\WINDOWS\system32\DRIVERS\cvspydr2.sys
10:08:33.0859 0392  cvspydr2 - ok
10:08:33.0875 0392  dac2w2k - ok
10:08:33.0875 0392  dac960nt - ok
10:08:33.0921 0392  [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
10:08:33.0937 0392  DcomLaunch - ok
10:08:33.0968 0392  [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
10:08:33.0968 0392  Dhcp - ok
10:08:34.0000 0392  [ 044452051F3E02E7963599FC8F4F3E25 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
10:08:34.0000 0392  Disk - ok
10:08:34.0015 0392  dmadmin - ok
10:08:34.0078 0392  [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
10:08:34.0093 0392  dmboot - ok
10:08:34.0109 0392  [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
10:08:34.0109 0392  dmio - ok
10:08:34.0140 0392  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
10:08:34.0140 0392  dmload - ok
10:08:34.0171 0392  [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver        C:\WINDOWS\System32\dmserver.dll
10:08:34.0171 0392  dmserver - ok
10:08:34.0218 0392  [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
10:08:34.0218 0392  DMusic - ok
10:08:34.0250 0392  [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
10:08:34.0250 0392  Dnscache - ok
10:08:34.0296 0392  [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
10:08:34.0312 0392  Dot3svc - ok
10:08:34.0328 0392  dpti2o - ok
10:08:34.0328 0392  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
10:08:34.0343 0392  drmkaud - ok
10:08:34.0359 0392  [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost         C:\WINDOWS\System32\eapsvc.dll
10:08:34.0359 0392  EapHost - ok
10:08:34.0421 0392  [ 5D1347AA5AE6E2F77D7F4F8372D95AC9 ] ehRecvr         C:\WINDOWS\eHome\ehRecvr.exe
10:08:34.0437 0392  ehRecvr - ok
10:08:34.0468 0392  [ A53243709439AC2A4C216B817F8D7411 ] ehSched         C:\WINDOWS\eHome\ehSched.exe
10:08:34.0484 0392  ehSched - ok
10:08:34.0515 0392  [ BC93B4A066477954555966D77FEC9ECB ] ERSvc           C:\WINDOWS\System32\ersvc.dll
10:08:34.0531 0392  ERSvc - ok
10:08:34.0562 0392  [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog        C:\WINDOWS\system32\services.exe
10:08:34.0578 0392  Eventlog - ok
10:08:34.0609 0392  [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem     C:\WINDOWS\system32\es.dll
10:08:34.0625 0392  EventSystem - ok
10:08:34.0640 0392  [ 38D332A6D56AF32635675F132548343E ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
10:08:34.0640 0392  Fastfat - ok
10:08:34.0687 0392  [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
10:08:34.0687 0392  FastUserSwitchingCompatibility - ok
10:08:34.0718 0392  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc             C:\WINDOWS\system32\DRIVERS\fdc.sys
10:08:34.0718 0392  Fdc - ok
10:08:34.0734 0392  [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
10:08:34.0734 0392  Fips - ok
10:08:34.0750 0392  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk        C:\WINDOWS\system32\DRIVERS\flpydisk.sys
10:08:34.0765 0392  Flpydisk - ok
10:08:34.0781 0392  [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
10:08:34.0781 0392  FltMgr - ok
10:08:34.0828 0392  [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
10:08:34.0828 0392  FontCache3.0.0.0 - ok
10:08:34.0859 0392  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
10:08:34.0859 0392  Fs_Rec - ok
10:08:34.0875 0392  [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
10:08:34.0890 0392  Ftdisk - ok
10:08:34.0921 0392  [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
10:08:34.0921 0392  GEARAspiWDM - ok
10:08:34.0953 0392  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
10:08:34.0968 0392  Gpc - ok
10:08:35.0031 0392  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
10:08:35.0046 0392  gupdate - ok
10:08:35.0046 0392  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
10:08:35.0046 0392  gupdatem - ok
10:08:35.0234 0392  [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
10:08:35.0234 0392  helpsvc - ok
10:08:35.0250 0392  HidServ - ok
10:08:35.0296 0392  [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
10:08:35.0296 0392  hkmsvc - ok
10:08:35.0312 0392  hpn - ok
10:08:35.0359 0392  [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
10:08:35.0375 0392  HTTP - ok
10:08:35.0406 0392  [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
10:08:35.0406 0392  HTTPFilter - ok
10:08:35.0421 0392  i2omgmt - ok
10:08:35.0437 0392  i2omp - ok
10:08:35.0484 0392  [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
10:08:35.0484 0392  i8042prt - ok
10:08:35.0531 0392  [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
10:08:35.0531 0392  IDriverT - ok
10:08:35.0687 0392  [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc           c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
10:08:35.0812 0392  idsvc - ok
10:08:35.0843 0392  [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
10:08:35.0843 0392  Imapi - ok
10:08:35.0890 0392  [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService    C:\WINDOWS\system32\imapi.exe
10:08:35.0890 0392  ImapiService - ok
10:08:35.0906 0392  ini910u - ok
10:08:35.0921 0392  IntelIde - ok
10:08:35.0953 0392  [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys
10:08:35.0953 0392  Ip6Fw - ok
10:08:35.0984 0392  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
10:08:35.0984 0392  IpFilterDriver - ok
10:08:36.0000 0392  [ B87AB476DCF76E72010632B5550955F5 ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
10:08:36.0000 0392  IpInIp - ok
10:08:36.0031 0392  [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
10:08:36.0031 0392  IpNat - ok
10:08:36.0093 0392  [ E8A39D41474BE42FD8830CED32932D6C ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
10:08:36.0093 0392  iPod Service - ok
10:08:36.0125 0392  [ 23C74D75E36E7158768DD63D92789A91 ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
10:08:36.0125 0392  IPSec - ok
10:08:36.0140 0392  [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
10:08:36.0156 0392  IRENUM - ok
10:08:36.0171 0392  [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
10:08:36.0171 0392  isapnp - ok
10:08:36.0359 0392  [ 999DB5F88C8E145CCA9D471E33227143 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
10:08:36.0375 0392  JavaQuickStarterService - ok
10:08:36.0406 0392  [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
10:08:36.0421 0392  Kbdclass - ok
10:08:36.0453 0392  [ F992818A90C8D79092EE72328968B141 ] KL1             C:\WINDOWS\system32\DRIVERS\kl1.sys
10:08:36.0453 0392  KL1 - ok
10:08:36.0484 0392  [ 7AAD8F20AF01797F0A3C61AB727214E1 ] kl2             C:\WINDOWS\system32\DRIVERS\kl2.sys
10:08:36.0484 0392  kl2 - ok
10:08:36.0515 0392  [ 47F6C0C75528CCD5104C6DDA23314367 ] KLIF            C:\WINDOWS\system32\DRIVERS\klif.sys
10:08:36.0531 0392  KLIF - ok
10:08:36.0546 0392  [ 96A7EC308A93DA26DFE481308BAAC2A2 ] klim5           C:\WINDOWS\system32\DRIVERS\klim5.sys
10:08:36.0546 0392  klim5 - ok
10:08:36.0562 0392  [ 3959530F69E19DA56F1F24F2C89F1E2C ] klmouflt        C:\WINDOWS\system32\DRIVERS\klmouflt.sys
10:08:36.0562 0392  klmouflt - ok
10:08:36.0593 0392  [ 692BCF44383D056AED41B045A323D378 ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
10:08:36.0593 0392  kmixer - ok
10:08:36.0812 0392  [ 041CC860C3CC1C8073A64C3A3790591C ] Kodak AiO Network Discovery Service C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe
10:08:36.0828 0392  Kodak AiO Network Discovery Service - ok
10:08:36.0953 0392  [ E29F999616D7C08B0E91296908C47CAF ] Kodak AiO Status Monitor Service C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
10:08:36.0968 0392  Kodak AiO Status Monitor Service - ok
10:08:37.0000 0392  [ B467646C54CC746128904E1654C750C1 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
10:08:37.0000 0392  KSecDD - ok
10:08:37.0031 0392  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
10:08:37.0031 0392  lanmanserver - ok
10:08:37.0078 0392  [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
10:08:37.0078 0392  lanmanworkstation - ok
10:08:37.0125 0392  lbrtfdc - ok
10:08:37.0156 0392  [ A7DB739AE99A796D91580147E919CC59 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
10:08:37.0171 0392  LmHosts - ok
10:08:37.0203 0392  [ DF0A511F38F16016BF658FCA0090CB87 ] McrdSvc         C:\WINDOWS\ehome\mcrdsvc.exe
10:08:37.0203 0392  McrdSvc - ok
10:08:37.0234 0392  [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
10:08:37.0234 0392  Messenger - ok
10:08:37.0281 0392  [ B7521F69C0A9B29D356157229376FB21 ] MHN             C:\WINDOWS\System32\mhn.dll
10:08:37.0281 0392  MHN - ok
10:08:37.0296 0392  [ 7F2F1D2815A6449D346FCCCBC569FBD6 ] MHNDRV          C:\WINDOWS\system32\DRIVERS\mhndrv.sys
10:08:37.0296 0392  MHNDRV - ok
10:08:37.0359 0392  [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
10:08:37.0375 0392  Microsoft Office Groove Audit Service - ok
10:08:37.0453 0392  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
10:08:37.0453 0392  mnmdd - ok
10:08:37.0500 0392  [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
10:08:37.0500 0392  mnmsrvc - ok
10:08:37.0546 0392  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
10:08:37.0546 0392  Modem - ok
10:08:37.0562 0392  [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
10:08:37.0562 0392  Mouclass - ok
10:08:37.0593 0392  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
10:08:37.0609 0392  MountMgr - ok
10:08:37.0625 0392  mraid35x - ok
10:08:37.0640 0392  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
10:08:37.0656 0392  MRxDAV - ok
10:08:37.0703 0392  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
10:08:37.0718 0392  MRxSmb - ok
10:08:37.0750 0392  [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
10:08:37.0750 0392  MSDTC - ok
10:08:37.0765 0392  [ C941EA2454BA8350021D774DAF0F1027 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
10:08:37.0765 0392  Msfs - ok
10:08:37.0781 0392  MSIServer - ok
10:08:37.0812 0392  [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
10:08:37.0812 0392  MSKSSRV - ok
10:08:37.0828 0392  [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
10:08:37.0828 0392  MSPCLOCK - ok
10:08:37.0859 0392  [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
10:08:37.0859 0392  MSPQM - ok
10:08:37.0890 0392  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
10:08:37.0890 0392  mssmbios - ok
10:08:37.0921 0392  [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
10:08:37.0937 0392  MSTEE - ok
10:08:37.0953 0392  [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
10:08:37.0953 0392  Mup - ok
10:08:38.0015 0392  [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC        C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
10:08:38.0015 0392  NABTSFEC - ok
10:08:38.0062 0392  [ 0102140028FAD045756796E1C685D695 ] napagent        C:\WINDOWS\System32\qagentrt.dll
10:08:38.0062 0392  napagent - ok
10:08:38.0093 0392  [ 1DF7F42665C94B825322FAE71721130D ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
10:08:38.0109 0392  NDIS - ok
10:08:38.0125 0392  [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP          C:\WINDOWS\system32\DRIVERS\NdisIP.sys
10:08:38.0125 0392  NdisIP - ok
10:08:38.0156 0392  [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
10:08:38.0156 0392  NdisTapi - ok
10:08:38.0171 0392  [ F927A4434C5028758A842943EF1A3849 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
10:08:38.0171 0392  Ndisuio - ok
10:08:38.0187 0392  [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
10:08:38.0187 0392  NdisWan - ok
10:08:38.0234 0392  [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
10:08:38.0234 0392  NDProxy - ok
10:08:38.0234 0392  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
10:08:38.0250 0392  NetBIOS - ok
10:08:38.0265 0392  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
10:08:38.0265 0392  NetBT - ok
10:08:38.0312 0392  [ B857BA82860D7FF85AE29B095645563B ] NetDDE          C:\WINDOWS\system32\netdde.exe
10:08:38.0312 0392  NetDDE - ok
10:08:38.0328 0392  [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
10:08:38.0328 0392  NetDDEdsdm - ok
10:08:38.0375 0392  [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon        C:\WINDOWS\system32\lsass.exe
10:08:38.0375 0392  Netlogon - ok
10:08:38.0390 0392  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman          C:\WINDOWS\System32\netman.dll
10:08:38.0390 0392  Netman - ok
10:08:38.0453 0392  [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
10:08:38.0468 0392  NetTcpPortSharing - ok
10:08:38.0500 0392  [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394         C:\WINDOWS\system32\DRIVERS\nic1394.sys
10:08:38.0500 0392  NIC1394 - ok
10:08:38.0515 0392  [ 943337D786A56729263071623BBB9DE5 ] Nla             C:\WINDOWS\System32\mswsock.dll
10:08:38.0515 0392  Nla - ok
10:08:38.0562 0392  [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
10:08:38.0562 0392  Npfs - ok
10:08:38.0578 0392  [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
10:08:38.0593 0392  Ntfs - ok
10:08:38.0593 0392  [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
10:08:38.0593 0392  NtLmSsp - ok
10:08:38.0640 0392  [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
10:08:38.0656 0392  NtmsSvc - ok
10:08:38.0687 0392  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\WINDOWS\system32\drivers\Null.sys
10:08:38.0687 0392  Null - ok
10:08:38.0718 0392  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
10:08:38.0718 0392  NwlnkFlt - ok
10:08:38.0734 0392  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
10:08:38.0734 0392  NwlnkFwd - ok
10:08:38.0843 0392  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
10:08:38.0859 0392  odserv - ok
10:08:38.0890 0392  [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394        C:\WINDOWS\system32\DRIVERS\ohci1394.sys
10:08:38.0890 0392  ohci1394 - ok
10:08:38.0937 0392  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:08:38.0937 0392  ose - ok
10:08:38.0968 0392  [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys
10:08:38.0984 0392  Parport - ok
10:08:38.0984 0392  [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
10:08:39.0000 0392  PartMgr - ok
10:08:39.0031 0392  [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
10:08:39.0031 0392  ParVdm - ok
10:08:39.0046 0392  [ A219903CCF74233761D92BEF471A07B1 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
10:08:39.0046 0392  PCI - ok
10:08:39.0062 0392  PCIDump - ok
10:08:39.0062 0392  [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
10:08:39.0062 0392  PCIIde - ok
10:08:39.0109 0392  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
10:08:39.0109 0392  Pcmcia - ok
10:08:39.0125 0392  PDCOMP - ok
10:08:39.0125 0392  PDFRAME - ok
10:08:39.0140 0392  PDRELI - ok
10:08:39.0156 0392  PDRFRAME - ok
10:08:39.0156 0392  perc2 - ok
10:08:39.0171 0392  perc2hib - ok
10:08:39.0218 0392  [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay        C:\WINDOWS\system32\services.exe
10:08:39.0218 0392  PlugPlay - ok
10:08:39.0234 0392  [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
10:08:39.0234 0392  PolicyAgent - ok
10:08:39.0234 0392  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
10:08:39.0250 0392  PptpMiniport - ok
10:08:39.0265 0392  [ A32BEBAF723557681BFC6BD93E98BD26 ] Processor       C:\WINDOWS\system32\DRIVERS\processr.sys
10:08:39.0265 0392  Processor - ok
10:08:39.0281 0392  [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
10:08:39.0281 0392  ProtectedStorage - ok
10:08:39.0281 0392  [ 09298EC810B07E5D582CB3A3F9255424 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
10:08:39.0296 0392  PSched - ok
10:08:39.0312 0392  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
10:08:39.0312 0392  Ptilink - ok
10:08:39.0328 0392  [ 617ACCADA2E0A0F43EC6030BBAC49513 ] PxHelp20        C:\WINDOWS\system32\Drivers\PxHelp20.sys
10:08:39.0343 0392  PxHelp20 - ok
10:08:39.0343 0392  ql1080 - ok
10:08:39.0359 0392  Ql10wnt - ok
10:08:39.0375 0392  ql12160 - ok
10:08:39.0375 0392  ql1240 - ok
10:08:39.0390 0392  ql1280 - ok
10:08:39.0421 0392  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
10:08:39.0421 0392  RasAcd - ok
10:08:39.0453 0392  [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
10:08:39.0453 0392  RasAuto - ok
10:08:39.0468 0392  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
10:08:39.0468 0392  Rasl2tp - ok
10:08:39.0515 0392  [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan          C:\WINDOWS\System32\rasmans.dll
10:08:39.0515 0392  RasMan - ok
10:08:39.0531 0392  [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
10:08:39.0531 0392  RasPppoe - ok
10:08:39.0546 0392  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
10:08:39.0546 0392  Raspti - ok
10:08:39.0578 0392  [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
10:08:39.0578 0392  Rdbss - ok
10:08:39.0593 0392  [ 4912D5B403614CE99C28420F75353332 ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
10:08:39.0593 0392  RDPCDD - ok
10:08:39.0609 0392  [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys
10:08:39.0625 0392  rdpdr - ok
10:08:39.0656 0392  [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
10:08:39.0656 0392  RDPWD - ok
10:08:39.0687 0392  [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
10:08:39.0687 0392  RDSessMgr - ok
10:08:39.0718 0392  [ F828DD7E1419B6653894A8F97A0094C5 ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
10:08:39.0718 0392  redbook - ok
10:08:39.0750 0392  [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
10:08:39.0765 0392  RemoteAccess - ok
10:08:39.0796 0392  [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
10:08:39.0796 0392  RemoteRegistry - ok
10:08:39.0812 0392  [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator      C:\WINDOWS\system32\locator.exe
10:08:39.0812 0392  RpcLocator - ok
10:08:39.0843 0392  [ 6B27A5C03DFB94B4245739065431322C ] RpcSs           C:\WINDOWS\system32\rpcss.dll
10:08:39.0843 0392  RpcSs - ok
10:08:39.0875 0392  [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP            C:\WINDOWS\system32\rsvp.exe
10:08:39.0890 0392  RSVP - ok
10:08:39.0906 0392  [ D507C1400284176573224903819FFDA3 ] rtl8139         C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
10:08:39.0906 0392  rtl8139 - ok
10:08:39.0921 0392  [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs           C:\WINDOWS\system32\lsass.exe
10:08:39.0937 0392  SamSs - ok
10:08:39.0953 0392  [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
10:08:39.0968 0392  SCardSvr - ok
10:08:40.0000 0392  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule        C:\WINDOWS\system32\schedsvc.dll
10:08:40.0015 0392  Schedule - ok
10:08:40.0031 0392  [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
10:08:40.0031 0392  Secdrv - ok
10:08:40.0062 0392  [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon        C:\WINDOWS\System32\seclogon.dll
10:08:40.0062 0392  seclogon - ok
10:08:40.0093 0392  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS            C:\WINDOWS\system32\sens.dll
10:08:40.0093 0392  SENS - ok
10:08:40.0109 0392  [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial          C:\WINDOWS\system32\drivers\Serial.sys
10:08:40.0109 0392  Serial - ok
10:08:40.0140 0392  [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
10:08:40.0140 0392  Sfloppy - ok
10:08:40.0156 0392  [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
10:08:40.0171 0392  SharedAccess - ok
10:08:40.0187 0392  [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
10:08:40.0187 0392  ShellHWDetection - ok
10:08:40.0203 0392  Simbad - ok
10:08:40.0484 0392  [ 0C1B2E3A897397738D9F81CD3D152AF0 ] Skype C2C Service C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
10:08:40.0609 0392  Skype C2C Service - ok
10:08:40.0734 0392  [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
10:08:40.0734 0392  SkypeUpdate - ok
10:08:40.0781 0392  [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP            C:\WINDOWS\system32\DRIVERS\SLIP.sys
10:08:40.0781 0392  SLIP - ok
10:08:40.0796 0392  Sparrow - ok
10:08:40.0843 0392  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
10:08:40.0843 0392  splitter - ok
10:08:40.0875 0392  [ 60784F891563FB1B767F70117FC2428F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
10:08:40.0890 0392  Spooler - ok
10:08:40.0921 0392  [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
10:08:40.0921 0392  sr - ok
10:08:40.0953 0392  [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice       C:\WINDOWS\system32\srsvc.dll
10:08:40.0953 0392  srservice - ok
10:08:41.0015 0392  [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
10:08:41.0031 0392  Srv - ok
10:08:41.0046 0392  [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
10:08:41.0046 0392  SSDPSRV - ok
10:08:41.0093 0392  [ A9573045BAA16EAB9B1085205B82F1ED ] StillCam        C:\WINDOWS\system32\DRIVERS\serscan.sys
10:08:41.0093 0392  StillCam - ok
10:08:41.0156 0392  [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
10:08:41.0156 0392  stisvc - ok
10:08:41.0187 0392  [ 77813007BA6265C4B6098187E6ED79D2 ] streamip        C:\WINDOWS\system32\DRIVERS\StreamIP.sys
10:08:41.0187 0392  streamip - ok
10:08:41.0218 0392  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
10:08:41.0218 0392  swenum - ok
10:08:41.0234 0392  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
10:08:41.0234 0392  swmidi - ok
10:08:41.0250 0392  SwPrv - ok
10:08:41.0265 0392  symc810 - ok
10:08:41.0265 0392  symc8xx - ok
10:08:41.0281 0392  sym_hi - ok
10:08:41.0296 0392  sym_u3 - ok
10:08:41.0328 0392  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
10:08:41.0328 0392  sysaudio - ok
10:08:41.0375 0392  [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
10:08:41.0390 0392  SysmonLog - ok
10:08:41.0453 0392  [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
10:08:41.0453 0392  TapiSrv - ok
10:08:41.0515 0392  [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
10:08:41.0515 0392  Tcpip - ok
10:08:41.0546 0392  [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
10:08:41.0546 0392  TDPIPE - ok
10:08:41.0562 0392  [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
10:08:41.0562 0392  TDTCP - ok
10:08:41.0593 0392  [ 88155247177638048422893737429D9E ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
10:08:41.0593 0392  TermDD - ok
10:08:41.0625 0392  [ FF3477C03BE7201C294C35F684B3479F ] TermService     C:\WINDOWS\System32\termsrv.dll
10:08:41.0625 0392  TermService - ok
10:08:41.0656 0392  [ 99BC0B50F511924348BE19C7C7313BBF ] Themes          C:\WINDOWS\System32\shsvcs.dll
10:08:41.0656 0392  Themes - ok
10:08:41.0687 0392  [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr         C:\WINDOWS\system32\tlntsvr.exe
10:08:41.0703 0392  TlntSvr - ok
10:08:41.0703 0392  TosIde - ok
10:08:41.0750 0392  [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks          C:\WINDOWS\system32\trkwks.dll
10:08:41.0750 0392  TrkWks - ok
10:08:41.0796 0392  [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
10:08:41.0796 0392  Udfs - ok
10:08:41.0812 0392  ultra - ok
10:08:41.0828 0392  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
10:08:41.0843 0392  Update - ok
10:08:41.0875 0392  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost        C:\WINDOWS\System32\upnphost.dll
10:08:41.0875 0392  upnphost - ok
10:08:41.0890 0392  [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS             C:\WINDOWS\System32\ups.exe
10:08:41.0890 0392  UPS - ok
10:08:42.0046 0392  [ 8BF5D980CDCE35FB26F05047144BB57E ] USBAAPL         C:\WINDOWS\system32\Drivers\usbaapl.sys
10:08:42.0046 0392  USBAAPL - ok
10:08:42.0078 0392  [ E919708DB44ED8543A7C017953148330 ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys
10:08:42.0078 0392  usbaudio - ok
10:08:42.0093 0392  [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
10:08:42.0093 0392  usbccgp - ok
10:08:42.0125 0392  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
10:08:42.0125 0392  usbehci - ok
10:08:42.0140 0392  [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
10:08:42.0140 0392  usbhub - ok
10:08:42.0156 0392  [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci         C:\WINDOWS\system32\DRIVERS\usbohci.sys
10:08:42.0156 0392  usbohci - ok
10:08:42.0203 0392  [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
10:08:42.0203 0392  usbscan - ok
10:08:42.0218 0392  [ A32426D9B14A089EAA1D922E0C5801A9 ] usbstor         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
10:08:42.0218 0392  usbstor - ok
10:08:42.0250 0392  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
10:08:42.0250 0392  VgaSave - ok
10:08:42.0250 0392  ViaIde - ok
10:08:42.0296 0392  [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
10:08:42.0296 0392  VolSnap - ok
10:08:42.0328 0392  [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS             C:\WINDOWS\System32\vssvc.exe
10:08:42.0343 0392  VSS - ok
10:08:42.0421 0392  [ 42870675B4D84ACD81A9DA69B83F14C5 ] VX3000          C:\WINDOWS\system32\DRIVERS\VX3000.sys
10:08:42.0484 0392  VX3000 - ok
10:08:42.0515 0392  [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time         C:\WINDOWS\system32\w32time.dll
10:08:42.0515 0392  W32Time - ok
10:08:42.0531 0392  [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
10:08:42.0546 0392  Wanarp - ok
10:08:42.0546 0392  WDICA - ok
10:08:42.0578 0392  [ 6768ACF64B18196494413695F0C3A00F ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
10:08:42.0578 0392  wdmaud - ok
10:08:42.0593 0392  [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient       C:\WINDOWS\System32\webclnt.dll
10:08:42.0609 0392  WebClient - ok
10:08:42.0687 0392  [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
10:08:42.0687 0392  winmgmt - ok
10:08:42.0750 0392  [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
10:08:42.0750 0392  WmdmPmSN - ok
10:08:42.0796 0392  [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi             C:\WINDOWS\System32\advapi32.dll
10:08:42.0796 0392  Wmi - ok
10:08:42.0843 0392  [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
10:08:42.0843 0392  WmiApSrv - ok
10:08:42.0937 0392  [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc   C:\Program Files\Windows Media Player\WMPNetwk.exe
10:08:42.0968 0392  WMPNetworkSvc - ok
10:08:43.0031 0392  [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
10:08:43.0031 0392  wscsvc - ok
10:08:43.0046 0392  WSearch - ok
10:08:43.0078 0392  [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC        C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
10:08:43.0078 0392  WSTCODEC - ok
10:08:43.0109 0392  [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
10:08:43.0109 0392  wuauserv - ok
10:08:43.0140 0392  [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys
10:08:43.0140 0392  WudfPf - ok
10:08:43.0187 0392  [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys
10:08:43.0187 0392  WudfRd - ok
10:08:43.0203 0392  [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll
10:08:43.0203 0392  WudfSvc - ok
10:08:43.0265 0392  [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
10:08:43.0265 0392  WZCSVC - ok
10:08:43.0312 0392  [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
10:08:43.0312 0392  xmlprov - ok
10:08:43.0328 0392  ================ Scan global ===============================
10:08:43.0375 0392  [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
10:08:43.0453 0392  [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
10:08:43.0468 0392  [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
10:08:43.0484 0392  [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
10:08:43.0500 0392  [Global] - ok
10:08:43.0500 0392  ================ Scan MBR ==================================
10:08:43.0515 0392  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
10:08:43.0765 0392  \Device\Harddisk0\DR0 - ok
10:08:43.0781 0392  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk5\DR6
10:08:44.0031 0392  \Device\Harddisk5\DR6 - ok
10:08:44.0031 0392  ================ Scan VBR ==================================
10:08:44.0046 0392  [ 358E57FA1DBFA07A286C868CACF2C55A ] \Device\Harddisk0\DR0\Partition1
10:08:44.0046 0392  \Device\Harddisk0\DR0\Partition1 - ok
10:08:44.0062 0392  [ 3138A2BF10D792ADB5D988B5DDD8893F ] \Device\Harddisk5\DR6\Partition1
10:08:44.0062 0392  \Device\Harddisk5\DR6\Partition1 - ok
10:08:44.0062 0392  ============================================================
10:08:44.0062 0392  Scan finished
10:08:44.0062 0392  ============================================================
10:08:44.0078 5276  Detected object count: 0
10:08:44.0078 5276  Actual detected object count: 0
10:09:06.0968 5028  Deinitialize success
 



#5 bhl

bhl
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:03:45 PM

Posted 01 May 2013 - 10:44 AM

AdwCleaner log

 

# AdwCleaner v2.300 - Logfile created 05/01/2013 at 10:12:10
# Updated 28/04/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : user - USER-05B631AAD8
# Boot Mode : Normal
# Running from : C:\Documents and Settings\user\Desktop\AdwCleaner.exe
# Option [Delete]

***** [Services] *****

***** [Files / Folders] *****

File Deleted : C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Ask
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Tarma Installer
Folder Deleted : C:\Documents and Settings\user\Application Data\DefaultTab
Folder Deleted : C:\Documents and Settings\user\Local Settings\Application Data\AskToolbar
Folder Deleted : C:\Documents and Settings\user\My Documents\ShopToWin
Folder Deleted : C:\Program Files\Ask.com
Folder Deleted : C:\Program Files\Shop To Win
Folder Deleted : C:\WINDOWS\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

***** [Registry] *****

Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\AskToolbar
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKLM\Software\APN
Key Deleted : HKLM\Software\AskToolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\120DFADEB50841F408F04D2A278F9509
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2BDF3E992C0908741B7C11F4B4E0F775
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6B3BC4CF5ECE1F54BBA174C13A1AB907
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B5BAE2ED018083A4C8DA86D6E3F4B024
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BEABAA33A5E68374DBF197F2A00CD011
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CB61AF52AD64B6B45930BE969F316720
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

-\\ Google Chrome v26.0.1410.64

File : C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\user Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [8245 octets] - [01/05/2013 10:12:10]

########## EOF - C:\AdwCleaner[S1].txt - [8305 octets] ##########



#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,917 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:45 PM

Posted 01 May 2013 - 01:45 PM

Uninstall this thru Control Panel >Add/Remove

Java 7 Update 17 (Version: 7.0.170)

Reboot

Install the latest Version 7 Update 21

 

 

Lets see how it is now...


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 bhl

bhl
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:03:45 PM

Posted 02 May 2013 - 08:44 PM

it's all good.  thanks.



#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,917 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:45 PM

Posted 02 May 2013 - 08:58 PM

If there are no more problems or signs of infection, you should Create a New Restore Point to prevent possible reinfection from an old one. Some of the malware you picked up could have been saved in System Restore. Since this is a protected directory your tools cannot access to delete these files, they sometimes can reinfect your system if you accidentally use an old restore point. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state.

The easiest and safest way to do this is:

  • Go to Start > Programs > Accessories > System Tools and click "System Restore".
  • Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name, then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
  • Then use Disk Cleanup to remove all but the most recently created Restore Point.
  • Go to Start > Run and type: Cleanmgr
  • Click "Ok". Disk Cleanup will scan your files for several minutes, then open.
  • Click the "More Options" tab, then click the "Clean up" button under System Restore.
  • Click Ok. You will be prompted with "Are you sure you want to delete all but the most recent restore point?"
  • Click Yes, then click Ok.
  • Click Yes again when prompted with "Are you sure you want to perform these actions?"
  • Disk Cleanup will remove the files and close automatically.
Vista Users can refer to these links: Create a New Restore Point and Disk Cleanup.

Tips to protect yourself against malware and reduce the potential for re-infection:


? Avoid gaming sites, pirated software, cracking tools, [url="http://wiki.answers.com/Q/What_is_a_keygen"]keygens[/url], and peer-to-peer[/b] (P2P) file sharing programs. They are a security risk which can make your computer susceptible to a smörgåsbord of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites. Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users. The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications. Read P2P Software User Advisories and Risks of File-Sharing Technology.

? Keeping Autorun enabled on USB and other removable drives has become a significant security risk due to the increasing number of malware variants that can infect them and transfer the infection to your computer. To learn more about this risk, please read:


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users