Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

FF Google Redirect - Windows XP SP3


  • Please log in to reply
11 replies to this topic

#1 bv2011

bv2011

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:01:16 PM

Posted 18 May 2013 - 07:46 PM

Hi again!



Hi- I have a laptop that I am using google as my default search engine in firefox, however, the browser keeps redirecting. One of the most prominants pages it redirects too is a visitors survey page.

That is really the only issue I am having, but of course irritating.


I have ran malwarebytes showing no infected files.


System:

Windows XP Home Edition Version 2002 SP3


Thank you.

I have been here before so I apprecitae the help!

Donna

 



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,338 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:16 PM

Posted 18 May 2013 - 07:59 PM

Hello and welcome. I moved this from XP to the Am I Infected forum.
 
 lets run these and see how it is after.
 
Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:

  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
 
Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
 
>>>>>

Please Download TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

>>>>>

 
Please download AdwCleaner by Xplode onto your desktop.
•Close all open programs and internet browsers.
•Double click on adwcleaner.exe to run the tool.
•Click on Delete.
•Confirm each time with Ok.
•You will be prompted to restart your computer. A text file will open after the restart.
•Please post the contents of that logfile with your next reply.
•You can find the logfile at C:\AdwCleaner[S1].txt as well.

>>>>

Now I'd like us to scan your machine with ESET OnlineScan[/url][/url][/url][/url]

http://www.bleepingcomputer.com/download/tdsskiller/dl/4/]http://www.bleepingcomputer.com/download/tdsskiller/dl/4/]http://www.bleepingcomputer.com/download/tdsskiller/dl/4/]NOTE:Sometimes if ESET finds no infections it will not create a log.[/url][/url][/url]


Edited by boopme, 19 May 2013 - 07:13 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 bv2011

bv2011
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:01:16 PM

Posted 18 May 2013 - 10:54 PM

Hi boopme!!

 

ESET found no infections. Should I uninstall and close?

 

MiniToolBox by Farbar  Version:21-04-2013
Ran by chickie (administrator) on 18-05-2013 at 18:05:27
Running from "C:\Documents and Settings\chickie\Desktop"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================
Windows IP ConfigurationSuccessfully flushed the DNS Resolver Cache.
========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


127.0.0.1       localhost

========================= IP Configuration: ================================

1394 Net Adapter = 1394 Connection (Disconnected)
Realtek RTL8139/810x Family Fast Ethernet NIC = Local Area Connection (Connected)
Intel® PRO/Wireless 2200BG Network Connection = Wireless Network Connection (Media disconnected)


# ----------------------------------
# Interface IP Configuration         
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp

# Interface IP Configuration for "Wireless Network Connection"

set address name="Wireless Network Connection" source=dhcp
set dns name="Wireless Network Connection" source=dhcp register=PRIMARY
set wins name="Wireless Network Connection" source=dhcp


popd
# End of interface IP configuration


Windows IP Configuration        Host Name . . . . . . . . . . . . : TEMP        Primary Dns Suffix  . . . . . . . :         Node Type . . . . . . . . . . . . : Broadcast        IP Routing Enabled. . . . . . . . : No        WINS Proxy Enabled. . . . . . . . : Yes        DNS Suffix Search List. . . . . . : BelkinEthernet adapter Local Area Connection:        Connection-specific DNS Suffix  . : Belkin        Description . . . . . . . . . . . : Realtek RTL8139/810x Family Fast Ethernet NIC        Physical Address. . . . . . . . . : 00-0F-B0-A3-28-B2        Dhcp Enabled. . . . . . . . . . . : Yes        Autoconfiguration Enabled . . . . : Yes        IP Address. . . . . . . . . . . . : 192.168.2.2        Subnet Mask . . . . . . . . . . . : 255.255.255.0        Default Gateway . . . . . . . . . : 192.168.2.1        DHCP Server . . . . . . . . . . . : 192.168.2.1        DNS Servers . . . . . . . . . . . : 192.168.2.1        Lease Obtained. . . . . . . . . . : Saturday, May 18, 2013 5:59:04 PM        Lease Expires . . . . . . . . . . : Monday, January 18, 2038 8:14:07 PMEthernet adapter Wireless Network Connection:        Media State . . . . . . . . . . . : Media disconnected        Description . . . . . . . . . . . : Intel® PRO/Wireless 2200BG Network Connection        Physical Address. . . . . . . . . : 00-13-CE-A6-BD-FFServer:  UnKnown
Address:  192.168.2.1

Name:    google.com
Addresses:  74.125.224.168, 74.125.224.169, 74.125.224.174, 74.125.224.160
      74.125.224.161, 74.125.224.162, 74.125.224.163, 74.125.224.164, 74.125.224.165
      74.125.224.166, 74.125.224.167

Pinging google.com [74.125.227.0] with 32 bytes of data:Reply from 74.125.227.0: bytes=32 time=58ms TTL=52Reply from 74.125.227.0: bytes=32 time=57ms TTL=52Ping statistics for 74.125.227.0:    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds:    Minimum = 57ms, Maximum = 58ms, Average = 57msServer:  UnKnown
Address:  192.168.2.1

Name:    yahoo.com
Addresses:  98.138.253.109, 98.139.183.24, 206.190.36.45

Pinging yahoo.com [98.138.253.109] with 32 bytes of data:Reply from 98.138.253.109: bytes=32 time=84ms TTL=52Reply from 98.138.253.109: bytes=32 time=81ms TTL=52Ping statistics for 98.138.253.109:    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds:    Minimum = 81ms, Maximum = 84ms, Average = 82msPinging 127.0.0.1 with 32 bytes of data:Reply from 127.0.0.1: bytes=32 time<1ms TTL=128Reply from 127.0.0.1: bytes=32 time<1ms TTL=128Ping statistics for 127.0.0.1:    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds:    Minimum = 0ms, Maximum = 0ms, Average = 0ms===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 0f b0 a3 28 b2 ...... Realtek RTL8139/810x Family Fast Ethernet NIC - Packet Scheduler Miniport
0x10004 ...00 13 ce a6 bd ff ...... Intel® PRO/Wireless 2200BG Network Connection - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.2.1     192.168.2.2      20
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1      1
      192.168.2.0    255.255.255.0      192.168.2.2     192.168.2.2      20
      192.168.2.2  255.255.255.255        127.0.0.1       127.0.0.1      20
    192.168.2.255  255.255.255.255      192.168.2.2     192.168.2.2      20
        224.0.0.0        240.0.0.0      192.168.2.2     192.168.2.2      20
  255.255.255.255  255.255.255.255      192.168.2.2     192.168.2.2      1
  255.255.255.255  255.255.255.255      192.168.2.2           10004      1
Default Gateway:       192.168.2.1
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\system32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 18 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 19 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 20 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 21 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 22 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 23 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 24 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 25 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 26 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 27 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 28 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 29 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (05/17/2013 00:03:43 PM) (Source: Application Error) (User: )
Description: Faulting application svchost.exe, version 5.1.2600.5512, faulting module wzcsvc.dll, version 5.1.2600.5512, fault address 0x0002d3ae.
Processing media-specific event for [svchost.exe!ws!]

Error: (05/16/2013 06:08:20 PM) (Source: Application Error) (User: )
Description: Faulting application svchost.exe, version 5.1.2600.5512, faulting module wzcsvc.dll, version 5.1.2600.5512, fault address 0x0002d3ae.
Processing media-specific event for [svchost.exe!ws!]

Error: (05/16/2013 02:44:17 PM) (Source: Application Hang) (User: )
Description: Hanging application soffice.bin, version 3.1.9398.500, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (05/13/2013 00:38:35 PM) (Source: PerfNet) (User: )
Description: Unable to open the Server service. Server performance data
will not be returned. Error code returned is in data DWORD 0.

Error: (05/13/2013 00:36:20 PM) (Source: Ci) (User: )
Description: A content scan could not be completed on 8.0.0.0__b03f5f7f11d50a3a.

Error: (05/12/2013 05:00:53 PM) (Source: Application Error) (User: )
Description: Faulting application svchost.exe, version 5.1.2600.5512, faulting module wzcsvc.dll, version 5.1.2600.5512, fault address 0x0002d3ae.
Processing media-specific event for [svchost.exe!ws!]

Error: (05/12/2013 04:57:08 PM) (Source: McLogEvent) (User: NT AUTHORITY)
Description: 1

Error: (05/12/2013 04:57:07 PM) (Source: McLogEvent) (User: NT AUTHORITY)
Description: 0x7eThe specified module could not be found.

Error: (05/12/2013 04:57:07 PM) (Source: McLogEvent) (User: NT AUTHORITY)
Description: 1

Error: (05/12/2013 04:57:07 PM) (Source: McLogEvent) (User: NT AUTHORITY)
Description: 0x7eThe specified module could not be found.


System errors:
=============
Error: (05/18/2013 05:59:29 PM) (Source: 0) (User: )
Description: \Device\Scsi\iviVD1

Error: (05/18/2013 05:59:14 PM) (Source: Service Control Manager) (User: )
Description: The Routing and Remote Access service terminated with service-specific error 711 (0x2C7).

Error: (05/18/2013 05:59:14 PM) (Source: Service Control Manager) (User: )
Description: The Windows Service Pack Installer update service service depends on the Security Accounts Manager service which failed to start because of the following error:
%%1058

Error: (05/18/2013 05:59:14 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1058

Error: (05/18/2013 05:54:48 PM) (Source: Service Control Manager) (User: )
Description: The Application Management service terminated with the following error:
%%126

Error: (05/18/2013 05:54:48 PM) (Source: Service Control Manager) (User: )
Description: The Application Management service terminated with the following error:
%%126

Error: (05/18/2013 05:54:48 PM) (Source: Service Control Manager) (User: )
Description: The Application Management service terminated with the following error:
%%126

Error: (05/18/2013 05:54:48 PM) (Source: Service Control Manager) (User: )
Description: The Application Management service terminated with the following error:
%%126

Error: (05/18/2013 05:54:47 PM) (Source: Service Control Manager) (User: )
Description: The Application Management service terminated with the following error:
%%126

Error: (05/18/2013 05:54:47 PM) (Source: Service Control Manager) (User: )
Description: The Application Management service terminated with the following error:
%%126


Microsoft Office Sessions:
=========================
Error: (05/17/2013 00:03:43 PM) (Source: Application Error)(User: )
Description: svchost.exe5.1.2600.5512wzcsvc.dll5.1.2600.55120002d3ae

Error: (05/16/2013 06:08:20 PM) (Source: Application Error)(User: )
Description: svchost.exe5.1.2600.5512wzcsvc.dll5.1.2600.55120002d3ae

Error: (05/16/2013 02:44:17 PM) (Source: Application Hang)(User: )
Description: soffice.bin3.1.9398.500hungapp0.0.0.000000000

Error: (05/13/2013 00:38:35 PM) (Source: PerfNet)(User: )
Description:

Error: (05/13/2013 00:36:20 PM) (Source: Ci)(User: )
Description: 8.0.0.0__b03f5f7f11d50a3a

Error: (05/12/2013 05:00:53 PM) (Source: Application Error)(User: )
Description: svchost.exe5.1.2600.5512wzcsvc.dll5.1.2600.55120002d3ae

Error: (05/12/2013 04:57:08 PM) (Source: McLogEvent)(User: NT AUTHORITY)
Description: 1

Error: (05/12/2013 04:57:07 PM) (Source: McLogEvent)(User: NT AUTHORITY)
Description: 0x7eThe specified module could not be found.

Error: (05/12/2013 04:57:07 PM) (Source: McLogEvent)(User: NT AUTHORITY)
Description: 1

Error: (05/12/2013 04:57:07 PM) (Source: McLogEvent)(User: NT AUTHORITY)
Description: 0x7eThe specified module could not be found.


=========================== Installed Programs ============================

1600 (Version: 47.0.1.000)
1600_Help (Version: 47.1.14.000)
1600Trb (Version: 47.1.14.000)
32 Bit HP CIO Components Installer (Version: 3.1.1)
3Dice Casino
Adobe Acrobat 5.0 (Version: 5.0)
Adobe Flash Player 10 ActiveX (Version: 10.0.12.36)
Adobe Flash Player 11 Plugin (Version: 11.7.700.202)
Adobe InDesign CS (Version: CS)
Adobe Shockwave Player (Version: 10.3.0.24)
AiO_Scan (Version: 47.0.1.000)
AiOSoftware (Version: 47.0.1.000)
ALPS Touch Pad Driver
AVSDK5 (Version: 5.2.9)
Bluetooth Stack for Windows by Toshiba (Version: v3.20.02)
BrickShooter 3.4
BufferChm (Version: 120.0.194.000)
C5500 (Version: 120.0.234.000)
CD/DVD Drive Acoustic Silencer (Version: 1.00.008)
Cda Product Service - shared component
Copy (Version: 45.4.157.000)
Corel Applications
CP_AtenaShokunin1Config (Version: 45.4.131.000)
cp_dwShrek2Albums1 (Version: 45.4.157.000)
cp_dwShrek2Cards1 (Version: 45.4.157.000)
Crazy Tetrix v.2.21
CreativeProjects (Version: 45.4.157.000)
CreativeProjectsTemplates (Version: 45.4.157.000)
Critical Update for Windows Media Player 11 (KB959772)
CueTour (Version: 45.4.157.000)
Destination Component (Version: 110.0.0.0)
DeviceDiscovery (Version: 120.0.194.000)
DIGOpt (Version: 9.0.0917.2)
D-Link DWA-130 Wireless N USB Adapter (Version: )
DocProc (Version: 4.5.0.0)
DocumentViewer (Version: 45.4.157.000)
DrawPad 0.8
DVD-RAM Driver (Version: 5.0.1.8)
Extreme Charts and Simutrade Manager
Fax (Version: 47.0.1.000)
FileZilla Client 3.3.5.1 (Version: 3.3.5.1)
Full Tilt Poker (Version: 4.14.1.WIN.FullTilt.Real)
Google Toolbar for Internet Explorer
Google Update Helper (Version: 1.3.21.145)
GPBaseService2 (Version: 120.0.194.000)
HP Customer Participation Program 12.0 (Version: 12.0)
HP Image Zone 4.7 (Version: 4.7)
HP Imaging Device Functions 12.0 (Version: 12.0)
HP Photosmart C5500 All-In-One Driver Software 12.0 Rel .4 (Version: 12.0)
HP PSC & OfficeJet 4.7
HP Software Update (Version: 3.0.2.991)
HP Solution Center 12.0 (Version: 12.0)
HPPhotoSmartDiscLabel_PaperLabel (Version: 2.04.0000)
HPPhotoSmartDiscLabel_PrintOnDisc (Version: 2.04.0000)
HPPhotoSmartDiscLabelContent1 (Version: 2.04.0000)
hpphotosmartdisclabelplugin (Version: 2.04.0000)
HPPhotosmartEssential (Version: 2.04.0000)
HPProductAssistant (Version: 120.0.194.000)
HPSystemDiagnostics (Version: 1.6.0.0)
InstantShare (Version: 45.4.157.000)
Intel® Graphics Media Accelerator Driver for Mobile
Intel® PROSet/Wireless Software
InterVideo WinDVD Creator 2 (Version: 2.0.14.368)
InterVideo WinDVD for TOSHIBA (Version: 5.0-B11.475)
J2SE Runtime Environment 5.0 Update 1 (Version: 1.5.0.10)
Macromedia Dreamweaver 3 (Version: 3)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
MarketResearch (Version: 120.0.226.000)
mCore (Version: 1.23.0000)
mDrWiFi (Version: 1.23.0000)
mHelp (Version: 1.23.0000)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2742597)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Live Meeting 2005 (Version: 7.9.1709.0)
Microsoft Office Standard Edition 2003 (Version: 11.0.5614.0)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.50727.42)
mIWA (Version: 1.23.0000)
mIWCA (Version: 1.23.0000)
mLogView (Version: 1.23.0000)
mMHouse (Version: 1.23.0000)
Mozilla Firefox 20.0.1 (x86 en-US) (Version: 20.0.1)
Mozilla Maintenance Service (Version: 20.0.1)
mPfMgr (Version: 1.23.0000)
mPfWiz (Version: 1.23.0000)
mProSafe (Version: 9.00.0000)
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
mWlsSafe (Version: 9.00.0000)
mXML (Version: 1.23.0000)
MySQL Server 5.5 (Version: 5.5.10)
mZConfig (Version: 1.23.0000)
Notebook Maximizer
OpenOffice.org 3.1 (Version: 3.1.9399)
Optimal Desktop Prof. 2.0.108 (Version: 1.1.563)
PanoStandAlone (Version: 45.4.157.000)
PhotoGallery (Version: 45.4.157.000)
ProductContext (Version: 47.1.14.000)
PS_AIO_04_C5500_Software_Min (Version: 120.0.234.000)
Pure Networks Port Magic (Version: 1.2.1393.0)
QFolder (Version: 1.00.0000)
Quicken 2005 (Version: 14.00.0000)
QuickTime
RapidFinda (Version: 1.0)
Readme (Version: 47.0.1.000)
RealPlayer
Realtek AC'97 Audio
REALTEK Gigabit and Fast Ethernet NIC Driver (Version: 1.70)
Revo Uninstaller 1.94 (Version: 1.94)
Samsung ML-2010 Series
Scan (Version: 12.0.0.0)
ScannerCopy (Version: 4.5.0.0)
SD Secure Module (Version: 1.0.2)
SkinsHP1 (Version: 45.4.157.000)
SolutionCenter (Version: 120.0.194.000)
Sonic DLA (Version: 4.98)
Sonic RecordNow! (Version: 7.31)
Spybot - Search & Destroy (Version: 1.6.2)
Status (Version: 120.0.194.000)
TD AMERITRADE StrategyDesk 1.1
Toolbox (Version: 120.0.194.000)
TOSHIBA Accessibility (Version: 1.32.0.2C)
TOSHIBA Assist
TOSHIBA ConfigFree (Version: 5.50.13)
TOSHIBA Controls (Version: 1.32.0.6C)
TOSHIBA Fn-esse (Version: 1.0.27.413C)
TOSHIBA Hardware Setup (Version: 1.32.0.7C)
TOSHIBA Hotkey Utility (Version: 1.32.0.4C)
TOSHIBA PC Diagnostic Tool
TOSHIBA Power Saver (Version: 1.32.0.3C)
Toshiba Registration (Version: 1.00.0000)
TOSHIBA SD Memory Card Format
TOSHIBA Software Modem (Version: 2.1.51 (SM2151ALD05))
TOSHIBA Software Upgrades
TOSHIBA Speech System Applications
TOSHIBA Speech System SR Engine(U.S.) Version1.0
TOSHIBA Speech System TTS Engine(U.S.) Version1.0
TOSHIBA Supervisor Password (Version: 1.32.0.2C)
Toshiba Tbiosdrv Driver
TOSHIBA Virtual Sound
TOSHIBA Zooming Utility (Version: 1.32.0.4C)
TouchPad On/Off Utility (Version: 1.32.0.2C)
TrayApp (Version: 120.0.194.000)
Unload (Version: 4.5.0)
UnloadSupport (Version: 11.0.0)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2661254-v2) (Version: 2)
Update for Windows XP (KB2736233) (Version: 1)
Update for Windows XP (KB2749655) (Version: 1)
Update for Windows XP (KB951072-v2) (Version: 2)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB955839) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
USB PC Camera 301P (Version: 1.00.000)
Utility Common Driver (Version: 1.32.0.4C)
WebFldrs XP (Version: 9.50.7523)
WebReg (Version: 120.0.194.000)
Windows Genuine Advantage Notifications (KB905474) (Version: 1.7.0018.5)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0059.1)
Windows Internet Explorer 7 (Version: 20070813.185237)
Windows Media Format 11 runtime
Windows Support Tools (Version: 5.1.2600.2180)
Windows XP Service Pack 3 (Version: 20080414.031525)
Yahoo! Browser Services
Yahoo! Internet Mail
Yahoo! Search Protection
ZSMC USB PC Camera Driver

========================= Memory info: ===================================

Percentage of memory in use: 35%
Total physical RAM: 1014.42 MB
Available physical RAM: 649.91 MB
Total Pagefile: 2443.87 MB
Available Pagefile: 2050.04 MB
Total Virtual: 2047.88 MB
Available Virtual: 1974.16 MB

========================= Partitions: =====================================

1 Drive c: (SQ003914) (Fixed) (Total:92.97 GB) (Free:55.42 GB) NTFS

========================= Users: ========================================

User accounts for \\TEMP

Administrator            ASPNET                   chickie                  
Dan                      Dennis                   Guest                    
HelpAssistant            SUPPORT_388945a0         


**** End of log ****









11:43:22.0312 0884  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
11:43:23.0046 0884  ============================================================
11:43:23.0062 0884  Current date / time: 2013/05/18 11:43:23.0046
11:43:23.0062 0884  SystemInfo:
11:43:23.0062 0884  
11:43:23.0062 0884  OS Version: 5.1.2600 ServicePack: 3.0
11:43:23.0062 0884  Product type: Workstation
11:43:23.0062 0884  ComputerName: TEMP
11:43:23.0062 0884  UserName: chickie
11:43:23.0062 0884  Windows directory: C:\WINDOWS
11:43:23.0062 0884  System windows directory: C:\WINDOWS
11:43:23.0062 0884  Processor architecture: Intel x86
11:43:23.0062 0884  Number of processors: 1
11:43:23.0062 0884  Page size: 0x1000
11:43:23.0062 0884  Boot type: Normal boot
11:43:23.0062 0884  ============================================================
11:43:24.0906 0884  Drive \Device\Harddisk0\DR0 - Size: 0x173E585200 (92.97 Gb), SectorSize: 0x200, Cylinders: 0x2F69, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
11:43:24.0906 0884  ============================================================
11:43:24.0906 0884  \Device\Harddisk0\DR0:
11:43:24.0906 0884  MBR partitions:
11:43:24.0906 0884  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xB9F2BEA
11:43:24.0906 0884  ============================================================
11:43:24.0953 0884  C: <-> \Device\Harddisk0\DR0\Partition1
11:43:24.0953 0884  ============================================================
11:43:24.0953 0884  Initialize success
11:43:24.0953 0884  ============================================================
11:44:17.0093 3800  ============================================================
11:44:17.0093 3800  Scan started
11:44:17.0093 3800  Mode: Manual; TDLFS;
11:44:17.0093 3800  ============================================================
11:44:17.0656 3800  ================ Scan system memory ========================
11:44:17.0656 3800  System memory - ok
11:44:17.0656 3800  ================ Scan services =============================
11:44:17.0812 3800  [ 44C85670246E4183650EF0E664346DDC ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
11:44:17.0812 3800  !SASCORE - ok
11:44:17.0953 3800  Abiosdsk - ok
11:44:17.0953 3800  abp480n5 - ok
11:44:18.0015 3800  [ 8FD99680A539792A30E97944FDAECF17 ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
11:44:18.0031 3800  ACPI - ok
11:44:18.0062 3800  [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC          C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
11:44:18.0062 3800  ACPIEC - ok
11:44:18.0140 3800  [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
11:44:18.0156 3800  AdobeFlashPlayerUpdateSvc - ok
11:44:18.0171 3800  adpu160m - ok
11:44:18.0203 3800  [ 8BED39E3C35D6A489438B8141717A557 ] aec             C:\WINDOWS\system32\drivers\aec.sys
11:44:18.0203 3800  aec - ok
11:44:18.0265 3800  [ 023867B6606FBABCDD52E089C4A507DA ] AegisP          C:\WINDOWS\system32\DRIVERS\AegisP.sys
11:44:18.0265 3800  AegisP - ok
11:44:18.0328 3800  [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
11:44:18.0328 3800  AFD - ok
11:44:18.0453 3800  [ 029E01CB2938BEC5AF31BF47B6AF0159 ] AgereSoftModem  C:\WINDOWS\system32\DRIVERS\AGRSM.sys
11:44:18.0468 3800  AgereSoftModem - ok
11:44:18.0484 3800  Aha154x - ok
11:44:18.0500 3800  aic78u2 - ok
11:44:18.0515 3800  aic78xx - ok
11:44:18.0687 3800  [ 95AA37BEC6C72C277C2CAEAEE736DD2D ] ALCXWDM         C:\WINDOWS\system32\drivers\ALCXWDM.SYS
11:44:18.0750 3800  ALCXWDM - ok
11:44:18.0796 3800  [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
11:44:18.0796 3800  Alerter - ok
11:44:18.0828 3800  [ 8C515081584A38AA007909CD02020B3D ] ALG             C:\WINDOWS\System32\alg.exe
11:44:18.0828 3800  ALG - ok
11:44:18.0843 3800  AliIde - ok
11:44:18.0875 3800  amsint - ok
11:44:18.0921 3800  [ 3ED81E8B4709D13E5A38DB2D8E792B28 ] ApfiltrService  C:\WINDOWS\system32\DRIVERS\Apfiltr.sys
11:44:18.0937 3800  ApfiltrService - ok
11:44:18.0937 3800  AppMgmt - ok
11:44:18.0968 3800  [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394         C:\WINDOWS\system32\DRIVERS\arp1394.sys
11:44:18.0968 3800  Arp1394 - ok
11:44:18.0984 3800  asc - ok
11:44:18.0984 3800  asc3350p - ok
11:44:19.0000 3800  asc3550 - ok
11:44:19.0140 3800  [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
11:44:19.0156 3800  aspnet_state - ok
11:44:19.0203 3800  [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
11:44:19.0218 3800  AsyncMac - ok
11:44:19.0250 3800  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
11:44:19.0265 3800  atapi - ok
11:44:19.0265 3800  Atdisk - ok
11:44:19.0312 3800  [ 9916C1225104BA14794209CFA8012159 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
11:44:19.0312 3800  Atmarpc - ok
11:44:19.0359 3800  [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
11:44:19.0359 3800  AudioSrv - ok
11:44:19.0421 3800  [ D9F724AA26C010A217C97606B160ED68 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
11:44:19.0421 3800  audstub - ok
11:44:19.0484 3800  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
11:44:19.0484 3800  Beep - ok
11:44:19.0531 3800  [ 574738F61FCA2935F5265DC4E5691314 ] BITS            C:\WINDOWS\system32\qmgr.dll
11:44:19.0546 3800  BITS - ok
11:44:19.0593 3800  [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser         C:\WINDOWS\System32\browser.dll
11:44:19.0593 3800  Browser - ok
11:44:19.0656 3800  [ 3DE014DFC14E8530F3A85572E2763446 ] C-DillaCdaC11BA C:\WINDOWS\system32\drivers\CDAC11BA.EXE
11:44:19.0656 3800  C-DillaCdaC11BA - ok
11:44:19.0796 3800  catchme - ok
11:44:19.0828 3800  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
11:44:19.0828 3800  cbidf2k - ok
11:44:19.0859 3800  [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE        C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
11:44:19.0859 3800  CCDECODE - ok
11:44:19.0875 3800  cd20xrnt - ok
11:44:19.0937 3800  [ 82C4C6A2343B592C4FD590F625A724A9 ] CdaC15BA        C:\WINDOWS\system32\drivers\CDAC15BA.SYS
11:44:19.0937 3800  CdaC15BA - ok
11:44:19.0968 3800  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
11:44:19.0968 3800  Cdaudio - ok
11:44:19.0984 3800  [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
11:44:20.0000 3800  Cdfs - ok
11:44:20.0031 3800  [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
11:44:20.0031 3800  Cdrom - ok
11:44:20.0109 3800  [ 3CB0CC8879956C187E87E18634EE5164 ] CFSvcs          C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
11:44:20.0125 3800  CFSvcs - ok
11:44:20.0125 3800  Changer - ok
11:44:20.0187 3800  [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc           C:\WINDOWS\system32\cisvc.exe
11:44:20.0187 3800  CiSvc - ok
11:44:20.0218 3800  [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
11:44:20.0218 3800  ClipSrv - ok
11:44:20.0265 3800  [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:44:20.0343 3800  clr_optimization_v2.0.50727_32 - ok
11:44:20.0375 3800  [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt          C:\WINDOWS\system32\DRIVERS\CmBatt.sys
11:44:20.0390 3800  CmBatt - ok
11:44:20.0390 3800  CmdIde - ok
11:44:20.0421 3800  [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt        C:\WINDOWS\system32\DRIVERS\compbatt.sys
11:44:20.0421 3800  Compbatt - ok
11:44:20.0437 3800  COMSysApp - ok
11:44:20.0453 3800  Cpqarray - ok
11:44:20.0484 3800  [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
11:44:20.0484 3800  CryptSvc - ok
11:44:20.0500 3800  dac2w2k - ok
11:44:20.0515 3800  dac960nt - ok
11:44:20.0578 3800  [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
11:44:20.0609 3800  DcomLaunch - ok
11:44:20.0656 3800  [ A5034F77B278F07E224FE07CF98A8B76 ] DgiVecp         C:\WINDOWS\system32\Drivers\DgiVecp.sys
11:44:20.0656 3800  DgiVecp - ok
11:44:20.0703 3800  [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
11:44:20.0718 3800  Dhcp - ok
11:44:20.0734 3800  [ 044452051F3E02E7963599FC8F4F3E25 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
11:44:20.0750 3800  Disk - ok
11:44:20.0750 3800  dmadmin - ok
11:44:20.0828 3800  [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
11:44:20.0843 3800  dmboot - ok
11:44:20.0890 3800  [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
11:44:20.0906 3800  dmio - ok
11:44:20.0937 3800  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
11:44:20.0937 3800  dmload - ok
11:44:20.0984 3800  [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver        C:\WINDOWS\System32\dmserver.dll
11:44:21.0000 3800  dmserver - ok
11:44:21.0015 3800  [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
11:44:21.0031 3800  DMusic - ok
11:44:21.0078 3800  [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
11:44:21.0078 3800  Dnscache - ok
11:44:21.0125 3800  [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
11:44:21.0140 3800  Dot3svc - ok
11:44:21.0171 3800  [ 3E4B043F8BC6BE1D4820CC6C9C500306 ] Dot4            C:\WINDOWS\system32\DRIVERS\Dot4.sys
11:44:21.0187 3800  Dot4 - ok
11:44:21.0234 3800  [ 77CE63A8A34AE23D9FE4C7896D1DEBE7 ] Dot4Print       C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys
11:44:21.0234 3800  Dot4Print - ok
11:44:21.0281 3800  [ 0A57B5876530FEBB4EBF6AD501864F96 ] dot4ufd         C:\WINDOWS\system32\DRIVERS\hppaufd0.sys
11:44:21.0281 3800  dot4ufd - ok
11:44:21.0296 3800  dpti2o - ok
11:44:21.0328 3800  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
11:44:21.0328 3800  drmkaud - ok
11:44:21.0375 3800  [ 96BC8F872F0270C10EDC3931F1C03776 ] drvmcdb         C:\WINDOWS\system32\drivers\drvmcdb.sys
11:44:21.0375 3800  drvmcdb - ok
11:44:21.0421 3800  [ 5AFBEC7A6AC61B211633DFDB1D9E0C89 ] drvnddm         C:\WINDOWS\system32\drivers\drvnddm.sys
11:44:21.0421 3800  drvnddm - ok
11:44:21.0484 3800  [ C9FFBD6B8EDC46CD3D13E3C6DB914FB7 ] DVD-RAM_Service C:\WINDOWS\system32\DVDRAMSV.exe
11:44:21.0484 3800  DVD-RAM_Service - ok
11:44:21.0515 3800  [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost         C:\WINDOWS\System32\eapsvc.dll
11:44:21.0515 3800  EapHost - ok
11:44:21.0578 3800  [ D3D0EF132EB8F7351E0F6E8072E26331 ] EMSCR           C:\WINDOWS\system32\DRIVERS\EMS7SK.sys
11:44:21.0578 3800  EMSCR - ok
11:44:21.0640 3800  [ BC93B4A066477954555966D77FEC9ECB ] ERSvc           C:\WINDOWS\System32\ersvc.dll
11:44:21.0640 3800  ERSvc - ok
11:44:21.0656 3800  [ FCF25B9EB1876DBB3EFE13BAF37B7BF8 ] ESDCR           C:\WINDOWS\system32\DRIVERS\ESD7SK.sys
11:44:21.0656 3800  ESDCR - ok
11:44:21.0671 3800  [ 7CEC9E3A81142EA0294F2ABBA0B0A846 ] ESMCR           C:\WINDOWS\system32\DRIVERS\ESM7SK.sys
11:44:21.0671 3800  ESMCR - ok
11:44:21.0718 3800  [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog        C:\WINDOWS\system32\services.exe
11:44:21.0734 3800  Eventlog - ok
11:44:21.0812 3800  [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem     C:\WINDOWS\system32\Es.dll
11:44:21.0828 3800  EventSystem - ok
11:44:21.0921 3800  [ 5AE75738B957C2064566007487D973B6 ] EvtEng          C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
11:44:21.0921 3800  EvtEng - ok
11:44:21.0953 3800  [ 38D332A6D56AF32635675F132548343E ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
11:44:21.0968 3800  Fastfat - ok
11:44:22.0015 3800  [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
11:44:22.0031 3800  FastUserSwitchingCompatibility - ok
11:44:22.0062 3800  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc             C:\WINDOWS\system32\drivers\Fdc.sys
11:44:22.0062 3800  Fdc - ok
11:44:22.0109 3800  [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
11:44:22.0109 3800  Fips - ok
11:44:22.0125 3800  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk        C:\WINDOWS\system32\drivers\Flpydisk.sys
11:44:22.0125 3800  Flpydisk - ok
11:44:22.0156 3800  [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
11:44:22.0156 3800  FltMgr - ok
11:44:22.0234 3800  [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
11:44:22.0250 3800  FontCache3.0.0.0 - ok
11:44:22.0281 3800  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
11:44:22.0281 3800  Fs_Rec - ok
11:44:22.0328 3800  [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
11:44:22.0328 3800  Ftdisk - ok
11:44:22.0375 3800  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
11:44:22.0375 3800  Gpc - ok
11:44:22.0500 3800  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
11:44:22.0500 3800  gupdate - ok
11:44:22.0515 3800  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
11:44:22.0515 3800  gupdatem - ok
11:44:22.0593 3800  [ 751C1D2CA2ABF4A9F5A6B8D7D45B907C ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
11:44:22.0593 3800  gusvc - ok
11:44:22.0656 3800  [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
11:44:22.0656 3800  helpsvc - ok
11:44:22.0703 3800  [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ         C:\WINDOWS\System32\hidserv.dll
11:44:22.0703 3800  HidServ - ok
11:44:22.0734 3800  [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
11:44:22.0734 3800  HidUsb - ok
11:44:22.0812 3800  [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
11:44:22.0812 3800  hkmsvc - ok
11:44:22.0828 3800  hpn - ok
11:44:22.0953 3800  [ CE0FCEC4D4D860F36D972759B11EAF0F ] hpqcxs08        C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
11:44:22.0968 3800  hpqcxs08 - ok
11:44:23.0000 3800  [ 7DA3211AC63EDD90B8ECA1CA1ABFD43B ] hpqddsvc        C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
11:44:23.0015 3800  hpqddsvc - ok
11:44:23.0046 3800  [ D03D10F7DED688FECF50F8FBF1EA9B8A ] HPZid412        C:\WINDOWS\system32\DRIVERS\HPZid412.sys
11:44:23.0046 3800  HPZid412 - ok
11:44:23.0078 3800  [ 89F41658929393487B6B7D13C8528CE3 ] HPZipr12        C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
11:44:23.0078 3800  HPZipr12 - ok
11:44:23.0109 3800  [ ABCB05CCDBF03000354B9553820E39F8 ] HPZius12        C:\WINDOWS\system32\DRIVERS\HPZius12.sys
11:44:23.0109 3800  HPZius12 - ok
11:44:23.0171 3800  [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
11:44:23.0187 3800  HTTP - ok
11:44:23.0203 3800  [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
11:44:23.0234 3800  HTTPFilter - ok
11:44:23.0250 3800  i2omgmt - ok
11:44:23.0265 3800  i2omp - ok
11:44:23.0296 3800  [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
11:44:23.0296 3800  i8042prt - ok
11:44:23.0406 3800  [ D4405BD2B6E95EFDC8E674ED4032874F ] ialm            C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
11:44:23.0437 3800  ialm - ok
11:44:23.0531 3800  [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc           c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
11:44:23.0562 3800  idsvc - ok
11:44:23.0578 3800  [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
11:44:23.0578 3800  Imapi - ok
11:44:23.0625 3800  [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService    C:\WINDOWS\system32\imapi.exe
11:44:23.0625 3800  ImapiService - ok
11:44:23.0656 3800  ini910u - ok
11:44:23.0687 3800  [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde        C:\WINDOWS\system32\DRIVERS\intelide.sys
11:44:23.0687 3800  IntelIde - ok
11:44:23.0718 3800  [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
11:44:23.0718 3800  intelppm - ok
11:44:23.0750 3800  [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys
11:44:23.0750 3800  Ip6Fw - ok
11:44:23.0812 3800  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
11:44:23.0812 3800  IpFilterDriver - ok
11:44:23.0859 3800  [ B87AB476DCF76E72010632B5550955F5 ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
11:44:23.0859 3800  IpInIp - ok
11:44:23.0906 3800  [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
11:44:23.0906 3800  IpNat - ok
11:44:23.0937 3800  [ 23C74D75E36E7158768DD63D92789A91 ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
11:44:23.0937 3800  IPSec - ok
11:44:23.0968 3800  [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
11:44:23.0968 3800  IRENUM - ok
11:44:23.0984 3800  [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
11:44:23.0984 3800  isapnp - ok
11:44:24.0031 3800  [ F59C3569A2F2C464BB78CB1BDCDCA55E ] Iviaspi         C:\WINDOWS\system32\drivers\iviaspi.sys
11:44:24.0046 3800  Iviaspi - ok
11:44:24.0078 3800  [ 7BD8FF29FECC1F4EF5B26CE3FFA80AE8 ] iviVD           C:\WINDOWS\system32\DRIVERS\iviVD.sys
11:44:24.0078 3800  iviVD - ok
11:44:24.0156 3800  [ 872D090CA5C306F62D1982BCE6302376 ] IWCA            C:\WINDOWS\system32\DRIVERS\iwca.sys
11:44:24.0156 3800  IWCA - ok
11:44:24.0171 3800  [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
11:44:24.0171 3800  Kbdclass - ok
11:44:24.0218 3800  [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
11:44:24.0218 3800  kbdhid - ok
11:44:24.0250 3800  [ 692BCF44383D056AED41B045A323D378 ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
11:44:24.0265 3800  kmixer - ok
11:44:24.0312 3800  [ B467646C54CC746128904E1654C750C1 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
11:44:24.0312 3800  KSecDD - ok
11:44:24.0390 3800  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
11:44:24.0390 3800  lanmanserver - ok
11:44:24.0468 3800  [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
11:44:24.0468 3800  lanmanworkstation - ok
11:44:24.0484 3800  lbrtfdc - ok
11:44:24.0546 3800  [ A7DB739AE99A796D91580147E919CC59 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
11:44:24.0546 3800  LmHosts - ok
11:44:24.0593 3800  [ 32933B07FC16D9F778BEE12545FA1B1A ] LPDSVC          C:\WINDOWS\system32\tcpsvcs.exe
11:44:24.0593 3800  LPDSVC - ok
11:44:24.0656 3800  [ 9E9306063ECD8AA91B3FB76678D3CEE2 ] LVUSBSta        C:\WINDOWS\system32\drivers\LVUSBSta.sys
11:44:24.0656 3800  LVUSBSta - ok
11:44:24.0703 3800  [ 4A5FFDF0FE830C448830BD4B02B02B4B ] mbamchameleon   C:\WINDOWS\system32\drivers\mbamchameleon.sys
11:44:24.0703 3800  mbamchameleon - ok
11:44:24.0765 3800  [ 4470E3C1E0C3378E4CAB137893C12C3A ] MBAMProtector   C:\WINDOWS\system32\drivers\mbam.sys
11:44:24.0765 3800  MBAMProtector - ok
11:44:24.0828 3800  [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler   C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
11:44:24.0843 3800  MBAMScheduler - ok
11:44:24.0921 3800  [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService     C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
11:44:24.0937 3800  MBAMService - ok
11:44:24.0984 3800  [ 7EFAC183A25B30FB5D64CC9D484B1EB6 ] meiudf          C:\WINDOWS\system32\Drivers\meiudf.sys
11:44:24.0984 3800  meiudf - ok
11:44:25.0062 3800  [ 8239DC1DE1605730B595E2B7DB3CAF70 ] memcard         C:\WINDOWS\system32\DRIVERS\memcard.sys
11:44:25.0062 3800  memcard - ok
11:44:25.0109 3800  [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
11:44:25.0109 3800  Messenger - ok
11:44:25.0171 3800  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
11:44:25.0171 3800  mnmdd - ok
11:44:25.0218 3800  [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
11:44:25.0218 3800  mnmsrvc - ok
11:44:25.0265 3800  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
11:44:25.0265 3800  Modem - ok
11:44:25.0281 3800  [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
11:44:25.0296 3800  Mouclass - ok
11:44:25.0359 3800  [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
11:44:25.0359 3800  mouhid - ok
11:44:25.0421 3800  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
11:44:25.0421 3800  MountMgr - ok
11:44:25.0468 3800  [ 7EDBBB9351A38C6BB0FE98CFD44DB430 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
11:44:25.0484 3800  MozillaMaintenance - ok
11:44:25.0484 3800  mraid35x - ok
11:44:25.0515 3800  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
11:44:25.0515 3800  MRxDAV - ok
11:44:25.0593 3800  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
11:44:25.0609 3800  MRxSmb - ok
11:44:25.0640 3800  [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
11:44:25.0640 3800  MSDTC - ok
11:44:25.0656 3800  [ C941EA2454BA8350021D774DAF0F1027 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
11:44:25.0656 3800  Msfs - ok
11:44:25.0671 3800  MSIServer - ok
11:44:25.0687 3800  [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
11:44:25.0687 3800  MSKSSRV - ok
11:44:25.0718 3800  [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
11:44:25.0718 3800  MSPCLOCK - ok
11:44:25.0734 3800  [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
11:44:25.0750 3800  MSPQM - ok
11:44:25.0781 3800  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
11:44:25.0781 3800  mssmbios - ok
11:44:25.0812 3800  [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
11:44:25.0828 3800  MSTEE - ok
11:44:25.0890 3800  [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
11:44:25.0890 3800  Mup - ok
11:44:25.0937 3800  MySQL - ok
11:44:25.0968 3800  [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC        C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
11:44:25.0968 3800  NABTSFEC - ok
11:44:26.0031 3800  [ 0102140028FAD045756796E1C685D695 ] napagent        C:\WINDOWS\System32\qagentrt.dll
11:44:26.0046 3800  napagent - ok
11:44:26.0078 3800  [ 1DF7F42665C94B825322FAE71721130D ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
11:44:26.0093 3800  NDIS - ok
11:44:26.0125 3800  [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP          C:\WINDOWS\system32\DRIVERS\NdisIP.sys
11:44:26.0125 3800  NdisIP - ok
11:44:26.0171 3800  [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
11:44:26.0171 3800  NdisTapi - ok
11:44:26.0218 3800  [ F927A4434C5028758A842943EF1A3849 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
11:44:26.0218 3800  Ndisuio - ok
11:44:26.0234 3800  [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
11:44:26.0250 3800  NdisWan - ok
11:44:26.0281 3800  [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
11:44:26.0281 3800  NDProxy - ok
11:44:26.0343 3800  [ 2969D26EEE289BE7422AA46FC55F4E38 ] Net Driver HPZ12 C:\WINDOWS\system32\HPZinw12.dll
11:44:26.0343 3800  Net Driver HPZ12 - ok
11:44:26.0359 3800  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
11:44:26.0375 3800  NetBIOS - ok
11:44:26.0406 3800  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
11:44:26.0421 3800  NetBT - ok
11:44:26.0468 3800  [ B857BA82860D7FF85AE29B095645563B ] NetDDE          C:\WINDOWS\system32\netdde.exe
11:44:26.0468 3800  NetDDE - ok
11:44:26.0484 3800  [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
11:44:26.0484 3800  NetDDEdsdm - ok
11:44:26.0531 3800  [ 1265EB253ED4EBE4ACB3BD5F548FF796 ] Netdevio        C:\WINDOWS\system32\DRIVERS\netdevio.sys
11:44:26.0531 3800  Netdevio - ok
11:44:26.0578 3800  [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon        C:\WINDOWS\system32\lsass.exe
11:44:26.0578 3800  Netlogon - ok
11:44:26.0609 3800  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman          C:\WINDOWS\System32\netman.dll
11:44:26.0625 3800  Netman - ok
11:44:26.0687 3800  [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:44:26.0687 3800  NetTcpPortSharing - ok
11:44:26.0718 3800  [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394         C:\WINDOWS\system32\DRIVERS\nic1394.sys
11:44:26.0718 3800  NIC1394 - ok
11:44:26.0765 3800  [ 943337D786A56729263071623BBB9DE5 ] Nla             C:\WINDOWS\System32\mswsock.dll
11:44:26.0781 3800  Nla - ok
11:44:26.0812 3800  [ 1E421A6BCF2203CC61B821ADA9DE878B ] nm              C:\WINDOWS\system32\DRIVERS\NMnt.sys
11:44:26.0812 3800  nm - ok
11:44:26.0859 3800  [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
11:44:26.0859 3800  Npfs - ok
11:44:26.0906 3800  [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
11:44:26.0921 3800  Ntfs - ok
11:44:26.0937 3800  [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
11:44:26.0937 3800  NtLmSsp - ok
11:44:27.0000 3800  [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
11:44:27.0015 3800  NtmsSvc - ok
11:44:27.0062 3800  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\WINDOWS\system32\drivers\Null.sys
11:44:27.0062 3800  Null - ok
11:44:27.0109 3800  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
11:44:27.0109 3800  NwlnkFlt - ok
11:44:27.0140 3800  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
11:44:27.0140 3800  NwlnkFwd - ok
11:44:27.0156 3800  [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394        C:\WINDOWS\system32\DRIVERS\ohci1394.sys
11:44:27.0156 3800  ohci1394 - ok
11:44:27.0250 3800  [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:44:27.0250 3800  ose - ok
11:44:27.0296 3800  [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport         C:\WINDOWS\system32\drivers\Parport.sys
11:44:27.0296 3800  Parport - ok
11:44:27.0312 3800  [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
11:44:27.0312 3800  PartMgr - ok
11:44:27.0375 3800  [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
11:44:27.0375 3800  ParVdm - ok
11:44:27.0421 3800  [ A219903CCF74233761D92BEF471A07B1 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
11:44:27.0421 3800  PCI - ok
11:44:27.0437 3800  PCIDump - ok
11:44:27.0468 3800  [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
11:44:27.0468 3800  PCIIde - ok
11:44:27.0500 3800  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia          C:\WINDOWS\system32\DRIVERS\pcmcia.sys
11:44:27.0515 3800  Pcmcia - ok
11:44:27.0531 3800  PDCOMP - ok
11:44:27.0546 3800  PDFRAME - ok
11:44:27.0546 3800  PDRELI - ok
11:44:27.0562 3800  PDRFRAME - ok
11:44:27.0578 3800  perc2 - ok
11:44:27.0593 3800  perc2hib - ok
11:44:27.0937 3800  [ F042EE4C8D66248D9B86DCF52ABAE416 ] PEVSystemStart  C:\ComboFix\pev.3XE
11:44:27.0953 3800  PEVSystemStart - ok
11:44:27.0984 3800  [ 6C1618A07B49E3873582B6449E744088 ] Pfc             C:\WINDOWS\system32\drivers\pfc.sys
11:44:28.0000 3800  Pfc - ok
11:44:28.0109 3800  [ 0DA6C5E0C8DA6CEBE52DAACFE7AE9DE6 ] PID_PEPI        C:\WINDOWS\system32\DRIVERS\LV302V32.SYS
11:44:28.0140 3800  PID_PEPI - ok
11:44:28.0187 3800  [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay        C:\WINDOWS\system32\services.exe
11:44:28.0187 3800  PlugPlay - ok
11:44:28.0250 3800  [ BAFC9706BDF425A02B66468AB2605C59 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.dll
11:44:28.0250 3800  Pml Driver HPZ12 - ok
11:44:28.0265 3800  [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
11:44:28.0281 3800  PolicyAgent - ok
11:44:28.0296 3800  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
11:44:28.0296 3800  PptpMiniport - ok
11:44:28.0312 3800  [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
11:44:28.0312 3800  ProtectedStorage - ok
11:44:28.0328 3800  [ 09298EC810B07E5D582CB3A3F9255424 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
11:44:28.0343 3800  PSched - ok
11:44:28.0375 3800  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
11:44:28.0375 3800  Ptilink - ok
11:44:28.0437 3800  [ 0AF65A778E8E3A651666EBB7F7CE7BFE ] pwi_bus         C:\WINDOWS\system32\DRIVERS\pwi_bus.sys
11:44:28.0437 3800  pwi_bus - ok
11:44:28.0468 3800  [ F6FD82B7E85290882E5AE1820CA2C447 ] pwi_mdfl        C:\WINDOWS\system32\DRIVERS\pwi_mdfl.sys
11:44:28.0468 3800  pwi_mdfl - ok
11:44:28.0515 3800  [ 78765D89D30D9E4886B6F4580E6B1F67 ] pwi_mdm         C:\WINDOWS\system32\DRIVERS\pwi_mdm.sys
11:44:28.0515 3800  pwi_mdm - ok
11:44:28.0546 3800  [ C671E19546554047C4EA8213695225A6 ] pwi_oflt        C:\WINDOWS\system32\DRIVERS\pwi_oflt.sys
11:44:28.0546 3800  pwi_oflt - ok
11:44:28.0578 3800  [ B1704382CF18B1AB3245537E5F7F9F23 ] pwi_serd        C:\WINDOWS\system32\DRIVERS\pwi_serd.sys
11:44:28.0578 3800  pwi_serd - ok
11:44:28.0625 3800  [ 81088114178112618B1C414A65E50F7C ] PxHelp20        C:\WINDOWS\system32\Drivers\PxHelp20.sys
11:44:28.0625 3800  PxHelp20 - ok
11:44:28.0640 3800  ql1080 - ok
11:44:28.0656 3800  Ql10wnt - ok
11:44:28.0671 3800  ql12160 - ok
11:44:28.0687 3800  ql1240 - ok
11:44:28.0703 3800  ql1280 - ok
11:44:28.0765 3800  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
11:44:28.0765 3800  RasAcd - ok
11:44:28.0828 3800  [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
11:44:28.0828 3800  RasAuto - ok
11:44:28.0859 3800  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
11:44:28.0875 3800  Rasl2tp - ok
11:44:28.0937 3800  [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan          C:\WINDOWS\System32\rasmans.dll
11:44:28.0953 3800  RasMan - ok
11:44:28.0968 3800  [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
11:44:28.0968 3800  RasPppoe - ok
11:44:28.0984 3800  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
11:44:28.0984 3800  Raspti - ok
11:44:29.0046 3800  [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
11:44:29.0062 3800  Rdbss - ok
11:44:29.0093 3800  [ 4912D5B403614CE99C28420F75353332 ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
11:44:29.0093 3800  RDPCDD - ok
11:44:29.0187 3800  [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
11:44:29.0187 3800  RDPWD - ok
11:44:29.0234 3800  [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
11:44:29.0234 3800  RDSessMgr - ok
11:44:29.0265 3800  [ F828DD7E1419B6653894A8F97A0094C5 ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
11:44:29.0281 3800  redbook - ok
11:44:29.0343 3800  [ A7EEBA958CFCCADBD4F47C3CDB51C714 ] RegSrvc         C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
11:44:29.0343 3800  RegSrvc - ok
11:44:29.0406 3800  [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
11:44:29.0421 3800  RemoteAccess - ok
11:44:29.0453 3800  [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator      C:\WINDOWS\system32\locator.exe
11:44:29.0453 3800  RpcLocator - ok
11:44:29.0515 3800  [ 6B27A5C03DFB94B4245739065431322C ] RpcSs           C:\WINDOWS\system32\rpcss.dll
11:44:29.0515 3800  RpcSs - ok
11:44:29.0578 3800  [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP            C:\WINDOWS\system32\rsvp.exe
11:44:29.0578 3800  RSVP - ok
11:44:29.0625 3800  [ 7F0413BDD7D53EB4C7A371E7F6F84DF1 ] RTL8023xp       C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys
11:44:29.0625 3800  RTL8023xp - ok
11:44:29.0687 3800  [ D507C1400284176573224903819FFDA3 ] rtl8139         C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
11:44:29.0687 3800  rtl8139 - ok
11:44:29.0765 3800  [ FD0A03C5E862E3C0BCF4E9438D1878F4 ] RTL8192su       C:\WINDOWS\system32\DRIVERS\RTL8192su.sys
11:44:29.0781 3800  RTL8192su - ok
11:44:29.0828 3800  [ 215DEEE103618F102263C8ECF4B8413E ] S24EventMonitor C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
11:44:29.0828 3800  S24EventMonitor - ok
11:44:29.0875 3800  [ 85A26A3BB748DFD3170CDBF45B0DD7FD ] s24trans        C:\WINDOWS\system32\DRIVERS\s24trans.sys
11:44:29.0875 3800  s24trans - ok
11:44:29.0906 3800  [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs           C:\WINDOWS\system32\lsass.exe
11:44:29.0906 3800  SamSs - ok
11:44:30.0015 3800  [ 39763504067962108505BFF25F024345 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
11:44:30.0015 3800  SASDIFSV - ok
11:44:30.0031 3800  [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
11:44:30.0031 3800  SASKUTIL - ok
11:44:30.0062 3800  [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
11:44:30.0078 3800  SCardSvr - ok
11:44:30.0125 3800  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule        C:\WINDOWS\system32\schedsvc.dll
11:44:30.0140 3800  Schedule - ok
11:44:30.0218 3800  [ 8D04819A3CE51B9EB47E5689B44D43C4 ] sdbus           C:\WINDOWS\system32\DRIVERS\sdbus.sys
11:44:30.0218 3800  sdbus - ok
11:44:30.0265 3800  [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
11:44:30.0281 3800  Secdrv - ok
11:44:30.0296 3800  [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon        C:\WINDOWS\System32\seclogon.dll
11:44:30.0312 3800  seclogon - ok
11:44:30.0359 3800  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS            C:\WINDOWS\system32\sens.dll
11:44:30.0375 3800  SENS - ok
11:44:30.0421 3800  [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial          C:\WINDOWS\system32\drivers\Serial.sys
11:44:30.0437 3800  Serial - ok
11:44:30.0453 3800  [ C996C839A3261CAB5409C61E5702B620 ] SerTVOutCtlr    C:\WINDOWS\system32\drivers\EPIOMngr.sys
11:44:30.0468 3800  SerTVOutCtlr - ok
11:44:30.0515 3800  [ 0FA803C64DF0914B41F807EA276BF2A6 ] sffdisk         C:\WINDOWS\system32\DRIVERS\sffdisk.sys
11:44:30.0515 3800  sffdisk - ok
11:44:30.0546 3800  [ C17C331E435ED8737525C86A7557B3AC ] sffp_sd         C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
11:44:30.0546 3800  sffp_sd - ok
11:44:30.0578 3800  [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
11:44:30.0578 3800  Sfloppy - ok
11:44:30.0640 3800  [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
11:44:30.0656 3800  SharedAccess - ok
11:44:30.0687 3800  [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
11:44:30.0687 3800  ShellHWDetection - ok
11:44:30.0703 3800  Simbad - ok
11:44:30.0734 3800  [ 32933B07FC16D9F778BEE12545FA1B1A ] SimpTcp         C:\WINDOWS\system32\tcpsvcs.exe
11:44:30.0734 3800  SimpTcp - ok
11:44:30.0765 3800  [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP            C:\WINDOWS\system32\DRIVERS\SLIP.sys
11:44:30.0765 3800  SLIP - ok
11:44:30.0781 3800  SMNDIS5 - ok
11:44:30.0828 3800  [ 60C377BE6B3CC83F6A8584934B181D2E ] SNMP            C:\WINDOWS\System32\snmp.exe
11:44:30.0828 3800  SNMP - ok
11:44:30.0859 3800  [ 80A050795A107A76C2B1CD4CFBE010E6 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
11:44:30.0875 3800  SNMPTRAP - ok
11:44:30.0890 3800  Sparrow - ok
11:44:30.0921 3800  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
11:44:30.0937 3800  splitter - ok
11:44:30.0984 3800  [ 60784F891563FB1B767F70117FC2428F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
11:44:30.0984 3800  Spooler - ok
11:44:31.0031 3800  [ 5329079D8726DE34A58C2EF0BD2AC8B9 ] spupdsvc        C:\WINDOWS\system32\spupdsvc.exe
11:44:31.0046 3800  spupdsvc - ok
11:44:31.0093 3800  [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
11:44:31.0093 3800  sr - ok
11:44:31.0125 3800  [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice       C:\WINDOWS\system32\srsvc.dll
11:44:31.0140 3800  srservice - ok
11:44:31.0203 3800  [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
11:44:31.0218 3800  Srv - ok
11:44:31.0234 3800  [ 3B01A9316255CDD17F9C8E79AA573406 ] SrvcEKIOMngr    C:\WINDOWS\system32\Drivers\EKIoMngr.sys
11:44:31.0234 3800  SrvcEKIOMngr - ok
11:44:31.0250 3800  [ 79B7AF340D55861DF1D69E7BAC975FCC ] SrvcSSIOMngr    C:\WINDOWS\system32\Drivers\SSIoMngr.sys
11:44:31.0265 3800  SrvcSSIOMngr - ok
11:44:31.0281 3800  [ 98625722AD52B40305E74AAA83C93086 ] sscdbhk5        C:\WINDOWS\system32\drivers\sscdbhk5.sys
11:44:31.0296 3800  sscdbhk5 - ok
11:44:31.0328 3800  [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
11:44:31.0343 3800  SSDPSRV - ok
11:44:31.0359 3800  [ D79412E3942C8A257253487536D5A994 ] ssrtln          C:\WINDOWS\system32\drivers\ssrtln.sys
11:44:31.0359 3800  ssrtln - ok
11:44:31.0390 3800  StickyMesger - ok
11:44:31.0453 3800  [ A9573045BAA16EAB9B1085205B82F1ED ] StillCam        C:\WINDOWS\system32\DRIVERS\serscan.sys
11:44:31.0453 3800  StillCam - ok
11:44:31.0531 3800  [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
11:44:31.0546 3800  stisvc - ok
11:44:31.0593 3800  [ 77813007BA6265C4B6098187E6ED79D2 ] streamip        C:\WINDOWS\system32\DRIVERS\StreamIP.sys
11:44:31.0593 3800  streamip - ok
11:44:31.0640 3800  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
11:44:31.0640 3800  swenum - ok
11:44:31.0656 3800  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
11:44:31.0671 3800  swmidi - ok
11:44:31.0687 3800  SwPrv - ok
11:44:31.0781 3800  [ 486A64AABD88E4E174681E89E9736BC9 ] Swupdtmr        c:\Toshiba\IVP\swupdate\swupdtmr.exe
11:44:31.0781 3800  Swupdtmr - ok
11:44:31.0796 3800  symc810 - ok
11:44:31.0812 3800  symc8xx - ok
11:44:31.0828 3800  sym_hi - ok
11:44:31.0843 3800  sym_u3 - ok
11:44:31.0875 3800  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
11:44:31.0890 3800  sysaudio - ok
11:44:31.0937 3800  [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
11:44:31.0953 3800  SysmonLog - ok
11:44:32.0000 3800  [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
11:44:32.0000 3800  TapiSrv - ok
11:44:32.0046 3800  [ EECA2B57545E7B7BE949B5E70E31444F ] TBiosDrv        C:\WINDOWS\system32\drivers\TBiosDrv.sys
11:44:32.0062 3800  TBiosDrv - ok
11:44:32.0140 3800  [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
11:44:32.0140 3800  Tcpip - ok
11:44:32.0187 3800  [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
11:44:32.0187 3800  TDPIPE - ok
11:44:32.0203 3800  [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
11:44:32.0218 3800  TDTCP - ok
11:44:32.0218 3800  [ 88155247177638048422893737429D9E ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
11:44:32.0218 3800  TermDD - ok
11:44:32.0281 3800  [ FF3477C03BE7201C294C35F684B3479F ] TermService     C:\WINDOWS\System32\termsrv.dll
11:44:32.0281 3800  TermService - ok
11:44:32.0375 3800  [ D0177776E11B0B3F272EEBD262A69661 ] tfsnboio        C:\WINDOWS\system32\dla\tfsnboio.sys
11:44:32.0375 3800  tfsnboio - ok
11:44:32.0390 3800  [ 599804BC938B8305A5422319774DA871 ] tfsncofs        C:\WINDOWS\system32\dla\tfsncofs.sys
11:44:32.0390 3800  tfsncofs - ok
11:44:32.0406 3800  [ A1902C00ADC11C4D83F8E3ED947A6A32 ] tfsndrct        C:\WINDOWS\system32\dla\tfsndrct.sys
11:44:32.0406 3800  tfsndrct - ok
11:44:32.0453 3800  [ D8DDB3F2B1BEF15CFF6728D89C042C61 ] tfsndres        C:\WINDOWS\system32\dla\tfsndres.sys
11:44:32.0468 3800  tfsndres - ok
11:44:32.0484 3800  [ C4F2DEA75300971CDAEE311007DE138D ] tfsnifs         C:\WINDOWS\system32\dla\tfsnifs.sys
11:44:32.0484 3800  tfsnifs - ok
11:44:32.0500 3800  [ 272925BE0EA919F08286D2EE6F102B0F ] tfsnopio        C:\WINDOWS\system32\dla\tfsnopio.sys
11:44:32.0500 3800  tfsnopio - ok
11:44:32.0515 3800  [ 7B7D955E5CEBC2FB88B03EF875D52A2F ] tfsnpool        C:\WINDOWS\system32\dla\tfsnpool.sys
11:44:32.0515 3800  tfsnpool - ok
11:44:32.0546 3800  [ E3D01263109D800C1967C12C10A0B018 ] tfsnudf         C:\WINDOWS\system32\dla\tfsnudf.sys
11:44:32.0562 3800  tfsnudf - ok
11:44:32.0562 3800  [ B9E9C377906E3A65BC74598FFF7F7458 ] tfsnudfa        C:\WINDOWS\system32\dla\tfsnudfa.sys
11:44:32.0578 3800  tfsnudfa - ok
11:44:32.0593 3800  [ 99BC0B50F511924348BE19C7C7313BBF ] Themes          C:\WINDOWS\System32\shsvcs.dll
11:44:32.0609 3800  Themes - ok
11:44:32.0656 3800  [ 62C57E7411B5F20980E70530CA69D5A7 ] toshidpt        C:\WINDOWS\system32\drivers\Toshidpt.sys
11:44:32.0656 3800  toshidpt - ok
11:44:32.0671 3800  TosIde - ok
11:44:32.0703 3800  [ E46FB54BE8A2A395FE96633B838BAAFE ] tosporte        C:\WINDOWS\system32\DRIVERS\tosporte.sys
11:44:32.0718 3800  tosporte - ok
11:44:32.0750 3800  [ 81546DF5DEA8ABF2C8864D6D1F724B35 ] Tosrfbd         C:\WINDOWS\system32\Drivers\tosrfbd.sys
11:44:32.0750 3800  Tosrfbd - ok
11:44:32.0765 3800  [ FE200EECE7521061CDAD658C6EE4F341 ] Tosrfbnp        C:\WINDOWS\system32\Drivers\tosrfbnp.sys
11:44:32.0765 3800  Tosrfbnp - ok
11:44:32.0812 3800  [ D185BE751021BCF1E5D58566D408314A ] Tosrfcom        C:\WINDOWS\system32\Drivers\tosrfcom.sys
11:44:32.0812 3800  Tosrfcom - ok
11:44:32.0843 3800  [ 28C252F4311244A07B6DAFC1FA0A2B0E ] tosrfec         C:\WINDOWS\system32\DRIVERS\tosrfec.sys
11:44:32.0843 3800  tosrfec - ok
11:44:32.0859 3800  [ 341612B9758054E5965BCD6AE111B8F9 ] Tosrfhid        C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys
11:44:32.0859 3800  Tosrfhid - ok
11:44:32.0890 3800  [ C52FD27B9ADF3A1F22CB90E6BCF9B0CB ] tosrfnds        C:\WINDOWS\system32\DRIVERS\tosrfnds.sys
11:44:32.0890 3800  tosrfnds - ok
11:44:32.0906 3800  [ 350814A87F8BA3B0E28278FEDDF36F82 ] TosRfSnd        C:\WINDOWS\system32\drivers\TosRfSnd.sys
11:44:32.0921 3800  TosRfSnd - ok
11:44:32.0921 3800  [ DDB8A339E57D514768F45D33B11BDB50 ] Tosrfusb        C:\WINDOWS\system32\Drivers\tosrfusb.sys
11:44:32.0937 3800  Tosrfusb - ok
11:44:32.0968 3800  [ 542DD0C0D8A1AA428A8C8D1517EDB679 ] TPwSav          C:\WINDOWS\system32\Drivers\TPwSav.sys
11:44:32.0968 3800  TPwSav - ok
11:44:33.0000 3800  [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks          C:\WINDOWS\system32\trkwks.dll
11:44:33.0015 3800  TrkWks - ok
11:44:33.0078 3800  [ 7BC87D123F504D161693F672CFE99EC4 ] Tvs             C:\WINDOWS\system32\DRIVERS\Tvs.sys
11:44:33.0078 3800  Tvs - ok
11:44:33.0093 3800  [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
11:44:33.0109 3800  Udfs - ok
11:44:33.0109 3800  ultra - ok
11:44:33.0171 3800  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
11:44:33.0187 3800  Update - ok
11:44:33.0250 3800  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost        C:\WINDOWS\System32\upnphost.dll
11:44:33.0265 3800  upnphost - ok
11:44:33.0296 3800  [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS             C:\WINDOWS\System32\ups.exe
11:44:33.0296 3800  UPS - ok
11:44:33.0359 3800  [ E919708DB44ED8543A7C017953148330 ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys
11:44:33.0359 3800  usbaudio - ok
11:44:33.0390 3800  [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
11:44:33.0390 3800  usbccgp - ok
11:44:33.0437 3800  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
11:44:33.0437 3800  usbehci - ok
11:44:33.0453 3800  [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
11:44:33.0453 3800  usbhub - ok
11:44:33.0500 3800  [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci         C:\WINDOWS\system32\DRIVERS\usbohci.sys
11:44:33.0500 3800  usbohci - ok
11:44:33.0515 3800  [ A717C8721046828520C9EDF31288FC00 ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys
11:44:33.0531 3800  usbprint - ok
11:44:33.0546 3800  [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
11:44:33.0546 3800  usbscan - ok
11:44:33.0578 3800  [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
11:44:33.0578 3800  USBSTOR - ok
11:44:33.0609 3800  [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
11:44:33.0609 3800  usbuhci - ok
11:44:33.0640 3800  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
11:44:33.0640 3800  VgaSave - ok
11:44:33.0656 3800  ViaIde - ok
11:44:33.0703 3800  [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
11:44:33.0703 3800  VolSnap - ok
11:44:33.0781 3800  [ 9C2F3A9B54316C0A3F53E3272484B17C ] vseamps         C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe
11:44:33.0781 3800  vseamps - ok
11:44:33.0796 3800  [ 00D15FF1E8363F7876396970D913CF26 ] vsedsps         C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe
11:44:33.0812 3800  vsedsps - ok
11:44:33.0843 3800  [ 68CC16E23F3B71918C0A003A046CEF47 ] vseqrts         C:\Program Files\Common Files\Authentium\AntiVirus5\vseqrts.exe
11:44:33.0843 3800  vseqrts - ok
11:44:33.0890 3800  [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS             C:\WINDOWS\System32\vssvc.exe
11:44:33.0906 3800  VSS - ok
11:44:34.0171 3800  [ C89DA341FCC883A3D79DC11727484FC2 ] w29n51          C:\WINDOWS\system32\DRIVERS\w29n51.sys
11:44:34.0265 3800  w29n51 - ok
11:44:34.0312 3800  [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time         C:\WINDOWS\system32\w32time.dll
11:44:34.0328 3800  W32Time - ok
11:44:34.0375 3800  [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
11:44:34.0375 3800  Wanarp - ok
11:44:34.0390 3800  wanatw - ok
11:44:34.0406 3800  WDICA - ok
11:44:34.0437 3800  [ 6768ACF64B18196494413695F0C3A00F ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
11:44:34.0437 3800  wdmaud - ok
11:44:34.0468 3800  [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient       C:\WINDOWS\System32\webclnt.dll
11:44:34.0468 3800  WebClient - ok
11:44:34.0593 3800  [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
11:44:34.0593 3800  winmgmt - ok
11:44:34.0656 3800  [ BB2C5A7A555B387B85481B8BDE5370D7 ] WLNdis50        C:\WINDOWS\system32\DRIVERS\wlndis50.sys
11:44:34.0656 3800  WLNdis50 - ok
11:44:34.0718 3800  [ 5BF6D377D3C277A3A174CAFAE32E5831 ] WLSVC           C:\Program Files\D-Link\DWA-130 revE\WLSVC.exe
11:44:34.0734 3800  WLSVC - ok
11:44:34.0765 3800  [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
11:44:34.0781 3800  WmdmPmSN - ok
11:44:34.0828 3800  [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
11:44:34.0828 3800  WmiApSrv - ok
11:44:34.0953 3800  [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc   C:\Program Files\Windows Media Player\WMPNetwk.exe
11:44:34.0984 3800  WMPNetworkSvc - ok
11:44:35.0031 3800  [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL         C:\WINDOWS\System32\drivers\ws2ifsl.sys
11:44:35.0046 3800  WS2IFSL - ok
11:44:35.0093 3800  [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
11:44:35.0109 3800  wscsvc - ok
11:44:35.0171 3800  [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC        C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
11:44:35.0171 3800  WSTCODEC - ok
11:44:35.0203 3800  [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
11:44:35.0234 3800  wuauserv - ok
11:44:35.0250 3800  [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys
11:44:35.0250 3800  WudfPf - ok
11:44:35.0265 3800  [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys
11:44:35.0265 3800  WudfRd - ok
11:44:35.0312 3800  [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll
11:44:35.0312 3800  WudfSvc - ok
11:44:35.0375 3800  [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
11:44:35.0390 3800  WZCSVC - ok
11:44:35.0437 3800  [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
11:44:35.0453 3800  xmlprov - ok
11:44:35.0515 3800  [ E9D6988A2BB5749BB8B85A0AD6D5E12F ] ZSMC301b        C:\WINDOWS\system32\Drivers\usbVM31b.sys
11:44:35.0515 3800  ZSMC301b - ok
11:44:35.0578 3800  ================ Scan global ===============================
11:44:35.0640 3800  [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
11:44:35.0687 3800  [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
11:44:35.0718 3800  [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
11:44:35.0750 3800  [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
11:44:35.0750 3800  [Global] - ok
11:44:35.0765 3800  ================ Scan MBR ==================================
11:44:35.0781 3800  [ 671B81004FDD1588FA9ED1331C9CECA9 ] \Device\Harddisk0\DR0
11:44:36.0000 3800  \Device\Harddisk0\DR0 - ok
11:44:36.0000 3800  ================ Scan VBR ==================================
11:44:36.0015 3800  [ E4090479267553FB54CF4B342DC2018B ] \Device\Harddisk0\DR0\Partition1
11:44:36.0015 3800  \Device\Harddisk0\DR0\Partition1 - ok
11:44:36.0015 3800  ============================================================
11:44:36.0015 3800  Scan finished
11:44:36.0015 3800  ============================================================
11:44:36.0031 3628  Detected object count: 0
11:44:36.0031 3628  Actual detected object count: 0
11:44:40.0265 2784  Deinitialize success




# AdwCleaner v2.301 - Logfile created 05/18/2013 at 18:12:29
# Updated 16/05/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : chickie - TEMP
# Boot Mode : Normal
# Running from : C:\Documents and Settings\chickie\Desktop\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v7.0.6000.21335

[OK] Registry is clean.

-\\ Mozilla Firefox v20.0.1 (en-US)

File : C:\Documents and Settings\Dan\Application Data\Mozilla\Firefox\Profiles\8khb8vq7.default\prefs.js

[OK] File is clean.

File : C:\Documents and Settings\chickie\Application Data\Mozilla\Firefox\Profiles\5wcvudi8.default\prefs.js

[OK] File is clean.

File : C:\Documents and Settings\Dennis\Application Data\Mozilla\Firefox\Profiles\x4l821ed.default\prefs.js

[OK] File is clean.

File : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\11ukt2hu.default\prefs.js

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [13574 octets] - [16/05/2013 10:41:16]
AdwCleaner[S1].txt - [13886 octets] - [16/05/2013 10:43:52]
AdwCleaner[S2].txt - [333 octets] - [16/05/2013 11:14:33]
AdwCleaner[S3].txt - [1420 octets] - [16/05/2013 11:14:45]
AdwCleaner[S4].txt - [333 octets] - [18/05/2013 11:18:30]
AdwCleaner[S5].txt - [2124 octets] - [18/05/2013 11:18:42]
AdwCleaner[S6].txt - [1470 octets] - [18/05/2013 18:12:29]

########## EOF - C:\AdwCleaner[S6].txt - [1530 octets] ##########
 



#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,338 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:16 PM

Posted 19 May 2013 - 12:37 PM

Yes on ESET.

You do not have an Antivirus installed, did I miss it?

 

Disable or remove Add-ons

in Firefox one by one until you see which is causing the issue.

 

 

My note for next step

J2SE Runtime Environment 5.0 Update 1 (Version: 1.5.0.10)


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 bv2011

bv2011
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:01:16 PM

Posted 19 May 2013 - 05:09 PM

Hi boopme - I believe the culprit is the firefox extension "RapidFinda 1.0" I have enabled and disabled multiple times and found that when off my browser is fine but when on in brings up irrelevant searches as well as redirects me to that survey where the address is always the same "rewardszoneusa". Have you heard of this before?
.

As far as an antivirus, presently I do not have one because this laptop has not been extensively used for a very long time. Any suggestions would be helpful.

 

Donna

Yes on ESET.

You do not have an Antivirus installed, did I miss it?

 

Disable or remove Add-ons

in Firefox one by one until you see which is causing the issue.

 

 

My note for next step

J2SE Runtime Environment 5.0 Update 1 (Version: 1.5.0.10)



#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,338 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:16 PM

Posted 19 May 2013 - 06:47 PM

Ok Donna, good keep it disabled and yes there a few of these out there now.
 
Here's an excellent free AV. Install . update it and run the scan,
 
Avira Antivir
 
 
 
Important Note: Your version of Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system.Please follow these steps to remove older version Java components and update:
  • Download the latest version of Java Runtime Environment (JRE) Version 7 and save it to your desktop.
  • Look for "Java Platform, Standard Edition".
  • Click the "Download JRE" button to the right.
  • Read the License Agreement, and then check the box that says: "Accept License Agreement".
  • From the list, select your OS and Platform (32-bit or 64-bit). 64-bit OS users, should read: Which Java download should I choose for my 64-bit Windows operating system?
  • If a download for an Offline Installation is available, it is recommended to choose that and save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
  • Go to StartBtn.gif > Control Panel,
    double-click on Add/Remove Programs or Programs and Features in Vista/Windows 7/8 and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button and follow the onscreen instructions for the Java uninstaller.
  • Repeat as many times as necessary to remove each Java version.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-7u21-windows-i586.exe (or jre-7u21-windows-x64.exe for 64-bit) to install the newest version.
  • If using Windows 7/8 or Vista and the installer refuses to launch due to insufficient user permissions, then Run As Administrator.
  • When the Java Setup - Welcome window opens, click the Install > button.
  • If offered any unwanted software or toolbars during installation, just uncheck the box before continuing unless you want it.
  • The McAfee Security Scan Plus
    tool is installed by default unless you uncheck the McAfee installation box when updating Java.
  • -- Java is updated frequently. If you want to be automatically notified of future updates, just turn on the Java Automatic Update feature and you will not have to remember to update when Java releases a new version.

    Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications but it's not necessary. To disable the JQS service if you don't want to use it:
    • Go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter.
    • Click Ok and reboot your computer.
Microsoft MVP - Consumer Security 2007-2013 MVP.gif

Edited by boopme, 19 May 2013 - 06:48 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 bv2011

bv2011
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:01:16 PM

Posted 19 May 2013 - 08:22 PM

Hi boopme - I have successfully completed both downloads. Is there anything else I need to do?

 

Donna



#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,338 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:16 PM

Posted 19 May 2013 - 08:31 PM

Looks good, now you should Create a New Restore Point to prevent possible reinfection from an old one. Some of the malware you picked up could have been backed up, renamed and saved in System Restore. Since this is a protected directory your tools cannot access to delete these files, they sometimes can re-infect your system if you accidentally use an old restore point. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state. The easiest and safest way to do this is:

  • Go to Start > Programs > Accessories > System Tools and click "System Restore".
  • Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name, then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
  •  
  • Then use Disk Cleanup
  • to remove all but the most recently created Restore Point.
  • Go to Start > Run and type: Cleanmgr
  • Click "Ok". Disk Cleanup will scan your files for several minutes, then open.
  • Click the "More Options" tab, then click the "Clean up" button under System Restore.
  • Click Ok. You will be prompted with "Are you sure you want to delete all but the most recent restore point?"
  • Click Yes, then click Ok.
  • Click Yes again when prompted with "Are you sure you want to perform these actions?"
  • Disk Cleanup will remove the files and close automatically. Vista and Windows 7 users can refer to these links:
  • Create a New Restore Point in Vista
  • Create a New Restore Point in Windows 7 (alternate method)
  • Disk Cleanup in Vista
  • Disk Cleanup in Windows 7
  • ◾Reboot and see how it is.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 bv2011

bv2011
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:01:16 PM

Posted 19 May 2013 - 10:19 PM

Hi boopme, I have created a new restore point, ran the disk cleanup and rebooted. All seems to be running efficiently!!

 

Donna



#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,338 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:16 PM

Posted 20 May 2013 - 11:42 AM

Well then we are good to go... Have a great day!!
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 bv2011

bv2011
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:01:16 PM

Posted 22 May 2013 - 12:47 PM

Well then we are good to go... Have a great day!!

 

 

Ok boopme you too, thanks again!!!!

 

Until next time :whistle: lol

 

Donna



#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,338 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:16 PM

Posted 22 May 2013 - 08:34 PM

LOL , Donna we'll have to stop meeting like this :hello:


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users