Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Comodo found win32.amonetize but cannot remove


  • Please log in to reply
15 replies to this topic

#1 hothett

hothett

  • Members
  • 77 posts
  • OFFLINE
  •  
  • Local time:04:30 AM

Posted 12 August 2013 - 06:08 PM

Recently I have been getting a pop up message from Comodo firewall saying it has found win32.amonetize.exe and asks if I want to clean it. I click yes but then get the message back that not all malware could be removed. I tried to scan with Avast Antivirus and that is the extent of it. I really don't know much about scanning for 'stuff'. I am running Windows XP Home Edition.



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,906 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:30 AM

Posted 12 August 2013 - 07:47 PM

Hello and welcome hothett

Please do these and see how it is.

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



Please Download TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results.



Please download AdwCleaner by Xplode onto your desktop.
Close all open programs and internet browsers.
Double click on adwcleaner.exe to run the tool.
Click on Delete.
Confirm each time with Ok.
You will be prompted to restart your computer. A text file will open after the restart.
Please post the contents of that logfile with your next reply.
You can find the logfile at C:\AdwCleaner[S1].txt as well.



Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 hothett

hothett
  • Topic Starter

  • Members
  • 77 posts
  • OFFLINE
  •  
  • Local time:04:30 AM

Posted 12 August 2013 - 08:32 PM

mini tool box

 

MiniToolBox by Farbar  Version: 13-07-2013
Ran by Owner (administrator) on 12-08-2013 at 21:29:11
Running from "C:\Documents and Settings\Owner\My Documents\~5 Drives"
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


127.0.0.1       localhost

========================= IP Configuration: ================================

Intel® PRO/100 VE Network Connection = Local Area Connection 2 (Connected)


# ----------------------------------
# Interface IP Configuration         
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection 2"

set address name="Local Area Connection 2" source=dhcp
set dns name="Local Area Connection 2" source=dhcp register=PRIMARY
set wins name="Local Area Connection 2" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



        Host Name . . . . . . . . . . . . : owner-0fe50e362

        Primary Dns Suffix  . . . . . . . :

        Node Type . . . . . . . . . . . . : Unknown

        IP Routing Enabled. . . . . . . . : No

        WINS Proxy Enabled. . . . . . . . : No



Ethernet adapter Local Area Connection 2:



        Connection-specific DNS Suffix  . :

        Description . . . . . . . . . . . : Intel® PRO/100 VE Network Connection

        Physical Address. . . . . . . . . : 00-13-20-D2-88-09

        Dhcp Enabled. . . . . . . . . . . : Yes

        Autoconfiguration Enabled . . . . : Yes

        IP Address. . . . . . . . . . . . : 192.168.1.2

        Subnet Mask . . . . . . . . . . . : 255.255.255.0

        Default Gateway . . . . . . . . . : 192.168.1.1

        DHCP Server . . . . . . . . . . . : 192.168.1.1

        DNS Servers . . . . . . . . . . . : 192.168.1.1

        Lease Obtained. . . . . . . . . . : Monday, August 12, 2013 6:13:26 PM

        Lease Expires . . . . . . . . . . : Tuesday, August 13, 2013 6:13:26 PM

Server:  UnKnown
Address:  192.168.1.1

Name:    google.com
Addresses:  74.125.226.97, 74.125.226.98, 74.125.226.102, 74.125.226.101
      74.125.226.104, 74.125.226.103, 74.125.226.105, 74.125.226.96, 74.125.226.100
      74.125.226.110, 74.125.226.99



Pinging google.com [74.125.226.98] with 32 bytes of data:



Reply from 74.125.226.98: bytes=32 time=27ms TTL=56

Reply from 74.125.226.98: bytes=32 time=28ms TTL=56



Ping statistics for 74.125.226.98:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 27ms, Maximum = 28ms, Average = 27ms

Server:  UnKnown
Address:  192.168.1.1

Name:    yahoo.com
Addresses:  98.139.183.24, 206.190.36.45, 98.138.253.109



Pinging yahoo.com [98.138.253.109] with 32 bytes of data:



Reply from 98.138.253.109: bytes=32 time=59ms TTL=51

Reply from 98.138.253.109: bytes=32 time=57ms TTL=51



Ping statistics for 98.138.253.109:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 57ms, Maximum = 59ms, Average = 58ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 13 20 d2 88 09 ...... Intel® PRO/100 VE Network Connection - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1     192.168.1.2      20
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1      1
      169.254.0.0      255.255.0.0      192.168.1.2     192.168.1.2      20
      192.168.1.0    255.255.255.0      192.168.1.2     192.168.1.2      20
      192.168.1.2  255.255.255.255        127.0.0.1       127.0.0.1      20
    192.168.1.255  255.255.255.255      192.168.1.2     192.168.1.2      20
        224.0.0.0        240.0.0.0      192.168.1.2     192.168.1.2      20
  255.255.255.255  255.255.255.255      192.168.1.2     192.168.1.2      1
Default Gateway:       192.168.1.1
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\system32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/11/2013 06:14:10 PM) (Source: Application Error) (User: )
Description: Faulting application acdseepro25.exe, version 2.5.333.0, faulting module ide_acdstd.apl, version 5.0.56.0, fault address 0x000dc27f.
Processing media-specific event for [acdseepro25.exe!ws!]

Error: (08/11/2013 05:06:37 PM) (Source: Application Error) (User: )
Description: Faulting application acdseepro25.exe, version 2.5.333.0, faulting module ide_acdstd.apl, version 5.0.56.0, fault address 0x000dc27f.
Processing media-specific event for [acdseepro25.exe!ws!]

Error: (08/11/2013 01:42:14 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.

Error: (08/11/2013 01:42:13 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.

Error: (08/11/2013 01:42:13 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.

Error: (08/11/2013 01:42:13 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.

Error: (08/11/2013 01:42:13 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: The server name or address could not be resolved

Error: (08/11/2013 00:21:13 PM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (08/11/2013 00:21:12 PM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (07/27/2013 05:26:19 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.


System errors:
=============
Error: (07/28/2013 04:26:44 PM) (Source: Print) (User: NT AUTHORITY)
Description: Sharing printer failed + 1722, Printer LexmarkFax share name Printer2.

Error: (07/27/2013 05:25:30 PM) (Source: W32Time) (User: )
Description: The time provider NtpClient is configured to acquire time from one or more
time sources, however none of the sources are currently accessible.
No attempt to contact a source will be made for 14 minutes.
NtpClient has no source of accurate time.

Error: (07/27/2013 05:25:30 PM) (Source: W32Time) (User: )
Description: Time Provider NtpClient: An error occurred during DNS lookup of the manually
configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15
minutes.
The error was: A socket operation was attempted to an unreachable host. (0x80072751)

Error: (07/27/2013 05:25:15 PM) (Source: W32Time) (User: )
Description: The time provider NtpClient is configured to acquire time from one or more
time sources, however none of the sources are currently accessible.
No attempt to contact a source will be made for 14 minutes.
NtpClient has no source of accurate time.

Error: (07/27/2013 05:25:15 PM) (Source: W32Time) (User: )
Description: Time Provider NtpClient: An error occurred during DNS lookup of the manually
configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15
minutes.
The error was: A socket operation was attempted to an unreachable host. (0x80072751)

Error: (07/17/2013 07:17:44 PM) (Source: Dhcp) (User: )
Description: The IP address lease 192.168.1.2 for the Network Card with network address 001320D28809 has been
denied by the DHCP server 99.239.240.33 (The DHCP Server sent a DHCPNACK message).

Error: (07/17/2013 07:08:14 PM) (Source: Dhcp) (User: )
Description: The IP address lease 192.168.1.3 for the Network Card with network address 001320D28809 has been
denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).

Error: (07/17/2013 02:23:28 PM) (Source: Dhcp) (User: )
Description: The IP address lease 192.168.1.3 for the Network Card with network address 001320D28809 has been
denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).

Error: (07/12/2013 11:44:06 PM) (Source: Service Control Manager) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error:
%%1053

Error: (07/12/2013 11:44:05 PM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for the Google Update Service (gupdate) service to connect.


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

ABBYY FineReader 6.0 Sprint (Version: 6.00.1703.41614)
ACDSee Pro 2.5 (Version: 2.5.333)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.268)
Adobe Flash Player 11 Plugin (Version: 11.3.300.268)
Adobe Reader XI (Version: 11.0.00)
Apple Application Support (Version: 2.3.2)
Apple Mobile Device Support (Version: 6.0.1.3)
Apple Software Update (Version: 2.1.3.127)
avast! Free Antivirus (Version: 8.0.1489.0)
AVI ReComp 1.5.0 (Version: 1.5.0)
Avidemux 2.5 (32-bit) (Version: 2.5.6.7716)
AviSynth 2.5
BitTorrent
Bonjour (Version: 3.0.0.10)
Canon MG5300 series MP Drivers
CCleaner (Version: 3.21)
CheshireCat's One Click File Joiner (Version: 1.00.0000)
Comodo Dragon (Version: 15.0)
COMODO GeekBuddy (Version: 3.3.217083.59)
COMODO Internet Security (Version: 5.9.23255.2196)
Conexant D850 56K V.9x DFVc Modem
Directory Lister v0.9.1
FitDay PC version 1.0 (Version: 1.0)
Google Chrome (Version: 28.0.1500.95)
Google Update Helper (Version: 1.3.21.153)
Image Grabber II
Intel® Graphics Media Accelerator Driver (Version: 6.14.10.4299)
Intel® PRO Network Connections Drivers
InterVideo DVDCopy 4 (Version: 4.5-B2.9)
iTunes (Version: 11.0.1.12)
Jasc Animation Shop 3 (Version: 3.05.0000)
K-Lite Codec Pack 8.1.0 (Full) (Version: 8.1.0)
Lexmark 2400 Series
Lexmark Fax Solutions
magicJack (Version: 2.0.6073.4413)
McAfee Total Protection (Version: 11.0.678)
Microsoft .NET Framework 2.0
Microsoft .NET Framework 2.0 (Version: 2.0.50727)
Microsoft Office 2000 Professional (Version: 9.00.2720)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft XML Parser (Version: 8.70.1104.04)
Mozilla Firefox 17.0.1 (x86 en-US) (Version: 17.0.1)
Mozilla Maintenance Service (Version: 17.0.1)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Nero 8 (Version: 8.2.89)
neroxml (Version: 1.0.0)
QuickTime (Version: 7.72.80.56)
Real Alternative 2.0.2 (Version: 2.0.2)
SigmaTel Audio (Version: 5.10.4600.0)
Skype Toolbars (Version: 1.0.4051)
Skype™ 4.2 (Version: 4.2.187)
SMPlayer 0.6.0rc2
Software Version Updater (Version: 1.1.3.7)
SUPER © +Recorder.2013.55 (Mar 7, 2013) version +Recorder.2013. (Version: +Recorder.2013.55)
Update for Windows Internet Explorer 8 (KB2598845) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB898461) (Version: 1)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
VCRedistSetup (Version: 1.0.0)
VisiPics V1.30
VLC media player 2.0.3 (Version: 2.0.3)
VobSub 2.23 (Version: 2.23)
WallMaster (Version: 2.4a)
WebFldrs XP (Version: 9.50.7523)
Winamp (Version: 5.56 )
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Media Format Runtime
WinRAR 4.10 (32-bit) (Version: 4.10.0)
WinX Video Converter 4.5.1
Xvid 1.2.2 (Version: 1.2.2)

========================= Memory info: ===================================

Percentage of memory in use: 23%
Total physical RAM: 2038.07 MB
Available physical RAM: 1563.06 MB
Total Pagefile: 3930.42 MB
Available Pagefile: 3272.13 MB
Total Virtual: 2047.88 MB
Available Virtual: 1970.02 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:465.76 GB) (Free:203.49 GB) NTFS
5 Drive p: (Porn MAIN) (Fixed) (Total:1863.01 GB) (Free:897.04 GB) NTFS

========================= Users: ========================================

User accounts for \\OWNER-0FE50E362

Administrator            Guest                    HelpAssistant            
Owner                    SUPPORT_388945a0         


**** End of log ****
 

doing tdsskiller now



#4 hothett

hothett
  • Topic Starter

  • Members
  • 77 posts
  • OFFLINE
  •  
  • Local time:04:30 AM

Posted 12 August 2013 - 08:34 PM

tdsskiller log

 

21:32:59.0703 0112  TDSS rootkit removing tool 2.8.18.0 Jun 10 2013 21:44:19
21:33:00.0375 0112  ============================================================
21:33:00.0375 0112  Current date / time: 2013/08/12 21:33:00.0375
21:33:00.0375 0112  SystemInfo:
21:33:00.0375 0112  
21:33:00.0375 0112  OS Version: 5.1.2600 ServicePack: 3.0
21:33:00.0375 0112  Product type: Workstation
21:33:00.0375 0112  ComputerName: OWNER-0FE50E362
21:33:00.0390 0112  UserName: Owner
21:33:00.0390 0112  Windows directory: C:\WINDOWS
21:33:00.0390 0112  System windows directory: C:\WINDOWS
21:33:00.0390 0112  Processor architecture: Intel x86
21:33:00.0390 0112  Number of processors: 2
21:33:00.0390 0112  Page size: 0x1000
21:33:00.0390 0112  Boot type: Normal boot
21:33:00.0390 0112  ============================================================
21:33:02.0343 0112  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
21:33:02.0343 0112  Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
21:33:02.0343 0112  ============================================================
21:33:02.0343 0112  \Device\Harddisk0\DR0:
21:33:02.0343 0112  MBR partitions:
21:33:02.0343 0112  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C02
21:33:02.0343 0112  \Device\Harddisk1\DR1:
21:33:02.0343 0112  MBR partitions:
21:33:02.0343 0112  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xE8E07482
21:33:02.0343 0112  ============================================================
21:33:02.0375 0112  C: <-> \Device\Harddisk0\DR0\Partition1
21:33:02.0375 0112  P: <-> \Device\Harddisk1\DR1\Partition1
21:33:02.0375 0112  ============================================================
21:33:02.0375 0112  Initialize success
21:33:02.0375 0112  ============================================================
21:33:39.0937 3244  ============================================================
21:33:39.0937 3244  Scan started
21:33:39.0937 3244  Mode: Manual; TDLFS;
21:33:39.0937 3244  ============================================================
21:33:41.0859 3244  ================ Scan system memory ========================
21:33:41.0875 3244  System memory - ok
21:33:41.0875 3244  ================ Scan services =============================
21:33:42.0125 3244  Abiosdsk - ok
21:33:42.0125 3244  abp480n5 - ok
21:33:42.0171 3244  [ 8FD99680A539792A30E97944FDAECF17 ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
21:33:42.0171 3244  ACPI - ok
21:33:42.0218 3244  [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
21:33:42.0218 3244  ACPIEC - ok
21:33:42.0218 3244  adpu160m - ok
21:33:42.0250 3244  [ 8BED39E3C35D6A489438B8141717A557 ] aec             C:\WINDOWS\system32\drivers\aec.sys
21:33:42.0265 3244  aec - ok
21:33:42.0312 3244  [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
21:33:42.0312 3244  AFD - ok
21:33:42.0328 3244  Aha154x - ok
21:33:42.0328 3244  aic78u2 - ok
21:33:42.0343 3244  aic78xx - ok
21:33:42.0375 3244  [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
21:33:42.0375 3244  Alerter - ok
21:33:42.0406 3244  [ 8C515081584A38AA007909CD02020B3D ] ALG             C:\WINDOWS\System32\alg.exe
21:33:42.0421 3244  ALG - ok
21:33:42.0421 3244  AliIde - ok
21:33:42.0437 3244  amsint - ok
21:33:42.0593 3244  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:33:42.0593 3244  Apple Mobile Device - ok
21:33:42.0609 3244  AppMgmt - ok
21:33:42.0609 3244  asc - ok
21:33:42.0625 3244  asc3350p - ok
21:33:42.0625 3244  asc3550 - ok
21:33:42.0750 3244  [ D33C507942299753868204CC7642FA27 ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
21:33:42.0765 3244  aspnet_state - ok
21:33:42.0796 3244  [ 4AF5F360BA1E8794D32B366E45A64A0A ] aswFsBlk        C:\WINDOWS\system32\drivers\aswFsBlk.sys
21:33:42.0796 3244  aswFsBlk - ok
21:33:42.0828 3244  [ 1F7094D4268D46F718C51286DC189791 ] aswMonFlt       C:\WINDOWS\system32\drivers\aswMonFlt.sys
21:33:42.0828 3244  aswMonFlt - ok
21:33:42.0843 3244  [ 7B43265F92257A21CBFD88E7A651044C ] AswRdr          C:\WINDOWS\system32\drivers\AswRdr.sys
21:33:42.0843 3244  AswRdr - ok
21:33:42.0859 3244  [ B680134BA1813B78B47FDD1DFF223CA5 ] aswRvrt         C:\WINDOWS\system32\drivers\aswRvrt.sys
21:33:42.0859 3244  aswRvrt - ok
21:33:42.0890 3244  [ CCD565A8A72AF7D45F9A242013870926 ] aswSnx          C:\WINDOWS\system32\drivers\aswSnx.sys
21:33:42.0921 3244  aswSnx - ok
21:33:42.0953 3244  [ 937300BC7C4CDF7576BCCE44E19BBB9D ] aswSP           C:\WINDOWS\system32\drivers\aswSP.sys
21:33:42.0968 3244  aswSP - ok
21:33:43.0015 3244  [ 1F71F170D90E42EFDE9633D81D5E12DC ] aswTdi          C:\WINDOWS\system32\drivers\aswTdi.sys
21:33:43.0015 3244  aswTdi - ok
21:33:43.0093 3244  [ 8CFAA2B965773A653F48F1207A9CB9C4 ] aswVmm          C:\WINDOWS\system32\drivers\aswVmm.sys
21:33:43.0093 3244  aswVmm - ok
21:33:43.0125 3244  [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
21:33:43.0125 3244  AsyncMac - ok
21:33:43.0171 3244  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
21:33:43.0171 3244  atapi - ok
21:33:43.0187 3244  Atdisk - ok
21:33:43.0187 3244  [ 9916C1225104BA14794209CFA8012159 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
21:33:43.0203 3244  Atmarpc - ok
21:33:43.0250 3244  [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
21:33:43.0265 3244  AudioSrv - ok
21:33:43.0312 3244  [ D9F724AA26C010A217C97606B160ED68 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
21:33:43.0312 3244  audstub - ok
21:33:43.0421 3244  [ 28D6701C710AD7BA3CB95E75F8F1A9AA ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
21:33:43.0437 3244  avast! Antivirus - ok
21:33:43.0484 3244  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
21:33:43.0484 3244  Beep - ok
21:33:43.0562 3244  [ 574738F61FCA2935F5265DC4E5691314 ] BITS            C:\WINDOWS\system32\qmgr.dll
21:33:43.0593 3244  BITS - ok
21:33:43.0640 3244  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
21:33:43.0656 3244  Bonjour Service - ok
21:33:43.0687 3244  [ A06CE3399D16DB864F55FAEB1F1927A9 ] Browser         C:\WINDOWS\System32\browser.dll
21:33:43.0687 3244  Browser - ok
21:33:43.0718 3244  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
21:33:43.0718 3244  cbidf2k - ok
21:33:43.0734 3244  cd20xrnt - ok
21:33:43.0781 3244  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
21:33:43.0781 3244  Cdaudio - ok
21:33:43.0843 3244  [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
21:33:43.0843 3244  Cdfs - ok
21:33:43.0890 3244  [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
21:33:43.0906 3244  Cdrom - ok
21:33:43.0953 3244  [ 1C7B1E36F3CED9E4B0B13385E627FE8B ] cfwids          C:\WINDOWS\system32\drivers\cfwids.sys
21:33:43.0953 3244  cfwids - ok
21:33:43.0968 3244  Changer - ok
21:33:44.0000 3244  [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc           C:\WINDOWS\system32\cisvc.exe
21:33:44.0000 3244  CiSvc - ok
21:33:44.0015 3244  [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
21:33:44.0015 3244  ClipSrv - ok
21:33:44.0125 3244  [ BE465A17FDA2E79ED49053CBEC7E9335 ] CLPSLS          C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe
21:33:44.0140 3244  CLPSLS - ok
21:33:44.0203 3244  [ 3C4D595E7F9B747325AEF28B4ADCAAE5 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:33:44.0281 3244  clr_optimization_v2.0.50727_32 - ok
21:33:44.0343 3244  [ 2A2D72271844C52F004901A60312B96A ] cmdAgent        C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
21:33:44.0390 3244  cmdAgent - ok
21:33:44.0421 3244  [ 9181CC4D007ADBE21DB9A11BFECAFEF5 ] cmdGuard        C:\WINDOWS\system32\DRIVERS\cmdguard.sys
21:33:44.0437 3244  cmdGuard - ok
21:33:44.0453 3244  [ C5A9FB50E8CA7FD99F256255FEE71580 ] cmdHlp          C:\WINDOWS\system32\DRIVERS\cmdhlp.sys
21:33:44.0453 3244  cmdHlp - ok
21:33:44.0484 3244  CmdIde - ok
21:33:44.0484 3244  COMSysApp - ok
21:33:44.0500 3244  Cpqarray - ok
21:33:44.0546 3244  [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
21:33:44.0562 3244  CryptSvc - ok
21:33:44.0562 3244  dac2w2k - ok
21:33:44.0578 3244  dac960nt - ok
21:33:44.0640 3244  [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
21:33:44.0718 3244  DcomLaunch - ok
21:33:44.0796 3244  [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
21:33:44.0796 3244  Dhcp - ok
21:33:44.0843 3244  [ 044452051F3E02E7963599FC8F4F3E25 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
21:33:44.0859 3244  Disk - ok
21:33:44.0859 3244  dmadmin - ok
21:33:44.0906 3244  [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
21:33:44.0937 3244  dmboot - ok
21:33:44.0968 3244  [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
21:33:44.0968 3244  dmio - ok
21:33:45.0046 3244  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
21:33:45.0046 3244  dmload - ok
21:33:45.0062 3244  [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver        C:\WINDOWS\System32\dmserver.dll
21:33:45.0062 3244  dmserver - ok
21:33:45.0109 3244  [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
21:33:45.0125 3244  DMusic - ok
21:33:45.0171 3244  [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
21:33:45.0203 3244  Dnscache - ok
21:33:45.0234 3244  [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
21:33:45.0250 3244  Dot3svc - ok
21:33:45.0265 3244  dpti2o - ok
21:33:45.0296 3244  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
21:33:45.0296 3244  drmkaud - ok
21:33:45.0359 3244  [ 95974E66D3DE4951D29E28E8BC0B644C ] E100B           C:\WINDOWS\system32\DRIVERS\e100b325.sys
21:33:45.0359 3244  E100B - ok
21:33:45.0406 3244  [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost         C:\WINDOWS\System32\eapsvc.dll
21:33:45.0406 3244  EapHost - ok
21:33:45.0437 3244  [ BC93B4A066477954555966D77FEC9ECB ] ERSvc           C:\WINDOWS\System32\ersvc.dll
21:33:45.0453 3244  ERSvc - ok
21:33:45.0500 3244  [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog        C:\WINDOWS\system32\services.exe
21:33:45.0531 3244  Eventlog - ok
21:33:45.0578 3244  [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem     C:\WINDOWS\system32\es.dll
21:33:45.0593 3244  EventSystem - ok
21:33:45.0593 3244  EverestDriver - ok
21:33:45.0640 3244  [ 38D332A6D56AF32635675F132548343E ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
21:33:45.0640 3244  Fastfat - ok
21:33:45.0703 3244  [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
21:33:45.0750 3244  FastUserSwitchingCompatibility - ok
21:33:45.0796 3244  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc             C:\WINDOWS\system32\drivers\Fdc.sys
21:33:45.0796 3244  Fdc - ok
21:33:45.0812 3244  [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
21:33:45.0812 3244  Fips - ok
21:33:45.0828 3244  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk        C:\WINDOWS\system32\drivers\Flpydisk.sys
21:33:45.0828 3244  Flpydisk - ok
21:33:45.0890 3244  [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr          C:\WINDOWS\system32\DRIVERS\fltMgr.sys
21:33:45.0890 3244  FltMgr - ok
21:33:45.0906 3244  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
21:33:45.0906 3244  Fs_Rec - ok
21:33:45.0906 3244  [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
21:33:45.0921 3244  Ftdisk - ok
21:33:45.0968 3244  [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
21:33:45.0968 3244  GEARAspiWDM - ok
21:33:45.0984 3244  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
21:33:46.0000 3244  Gpc - ok
21:33:46.0093 3244  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
21:33:46.0093 3244  gupdate - ok
21:33:46.0109 3244  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
21:33:46.0109 3244  gupdatem - ok
21:33:46.0156 3244  [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
21:33:46.0171 3244  HDAudBus - ok
21:33:46.0265 3244  [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
21:33:46.0281 3244  helpsvc - ok
21:33:46.0281 3244  HidServ - ok
21:33:46.0343 3244  [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
21:33:46.0343 3244  hidusb - ok
21:33:46.0375 3244  [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
21:33:46.0484 3244  hkmsvc - ok
21:33:46.0500 3244  hpn - ok
21:33:46.0562 3244  [ 77E4FF0B73BC0AEAAF39BF0C8104231F ] HSFHWBS2        C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
21:33:46.0578 3244  HSFHWBS2 - ok
21:33:46.0609 3244  [ 60E1604729A15EF4A3B05F298427B3B1 ] HSF_DP          C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
21:33:46.0625 3244  HSF_DP - ok
21:33:46.0687 3244  [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
21:33:46.0687 3244  HTTP - ok
21:33:46.0750 3244  [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
21:33:46.0765 3244  HTTPFilter - ok
21:33:46.0781 3244  i2omgmt - ok
21:33:46.0781 3244  i2omp - ok
21:33:46.0843 3244  [ 0294A30B302CA71A2C26E582DDA93486 ] ialm            C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
21:33:46.0859 3244  ialm - ok
21:33:46.0890 3244  [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
21:33:46.0890 3244  Imapi - ok
21:33:46.0953 3244  [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService    C:\WINDOWS\system32\imapi.exe
21:33:46.0968 3244  ImapiService - ok
21:33:46.0984 3244  ini910u - ok
21:33:47.0031 3244  [ E1DF634BEC066B3D4FFE437BCB78C282 ] Inspect         C:\WINDOWS\system32\DRIVERS\inspect.sys
21:33:47.0046 3244  Inspect - ok
21:33:47.0093 3244  [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde        C:\WINDOWS\system32\DRIVERS\intelide.sys
21:33:47.0109 3244  IntelIde - ok
21:33:47.0171 3244  [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
21:33:47.0187 3244  intelppm - ok
21:33:47.0203 3244  [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw           C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
21:33:47.0203 3244  Ip6Fw - ok
21:33:47.0218 3244  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
21:33:47.0218 3244  IpFilterDriver - ok
21:33:47.0234 3244  [ B87AB476DCF76E72010632B5550955F5 ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
21:33:47.0234 3244  IpInIp - ok
21:33:47.0250 3244  [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
21:33:47.0250 3244  IpNat - ok
21:33:47.0343 3244  [ E8A39D41474BE42FD8830CED32932D6C ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
21:33:47.0343 3244  iPod Service - ok
21:33:47.0359 3244  [ 23C74D75E36E7158768DD63D92789A91 ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
21:33:47.0359 3244  IPSec - ok
21:33:47.0421 3244  [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
21:33:47.0437 3244  IRENUM - ok
21:33:47.0468 3244  [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
21:33:47.0484 3244  isapnp - ok
21:33:47.0500 3244  [ 4AC11B2250106774F694DF2DB4FFED61 ] Iviaspi         C:\WINDOWS\system32\drivers\iviaspi.sys
21:33:47.0500 3244  Iviaspi - ok
21:33:47.0531 3244  [ 7BD8FF29FECC1F4EF5B26CE3FFA80AE8 ] iviVD           C:\WINDOWS\system32\DRIVERS\iviVD.sys
21:33:47.0531 3244  iviVD - ok
21:33:47.0531 3244  [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
21:33:47.0531 3244  Kbdclass - ok
21:33:47.0546 3244  [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
21:33:47.0546 3244  kbdhid - ok
21:33:47.0578 3244  [ 692BCF44383D056AED41B045A323D378 ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
21:33:47.0593 3244  kmixer - ok
21:33:47.0625 3244  [ B467646C54CC746128904E1654C750C1 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
21:33:47.0640 3244  KSecDD - ok
21:33:47.0687 3244  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] LanmanServer    C:\WINDOWS\System32\srvsvc.dll
21:33:47.0734 3244  LanmanServer - ok
21:33:47.0781 3244  [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
21:33:47.0812 3244  lanmanworkstation - ok
21:33:47.0812 3244  lbrtfdc - ok
21:33:47.0890 3244  [ A7DB739AE99A796D91580147E919CC59 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
21:33:47.0906 3244  LmHosts - ok
21:33:47.0906 3244  lxcr_device - ok
21:33:48.0031 3244  [ 7E6932EEDA54C8EAF7DC6C2225261B85 ] McMPFSvc        C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
21:33:48.0046 3244  McMPFSvc - ok
21:33:48.0046 3244  [ 7E6932EEDA54C8EAF7DC6C2225261B85 ] mcmscsvc        C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
21:33:48.0062 3244  mcmscsvc - ok
21:33:48.0125 3244  [ 7E6932EEDA54C8EAF7DC6C2225261B85 ] McNaiAnn        C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
21:33:48.0125 3244  McNaiAnn - ok
21:33:48.0140 3244  [ 7E6932EEDA54C8EAF7DC6C2225261B85 ] McNASvc         C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
21:33:48.0140 3244  McNASvc - ok
21:33:48.0281 3244  [ 135AA9E9E7047B7DC1F753205D421A26 ] McODS           C:\Program Files\McAfee\VirusScan\mcods.exe
21:33:48.0296 3244  McODS - ok
21:33:48.0296 3244  [ 7E6932EEDA54C8EAF7DC6C2225261B85 ] McProxy         C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
21:33:48.0312 3244  McProxy - ok
21:33:48.0343 3244  [ 85DB8DDD2D664716BB5B2D3405F9EF92 ] McShield        C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
21:33:48.0359 3244  McShield - ok
21:33:48.0390 3244  [ EEAEA6514BA7C9D273B5E87C4E1AAB30 ] mdmxsdk         C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
21:33:48.0390 3244  mdmxsdk - ok
21:33:48.0421 3244  [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
21:33:48.0437 3244  Messenger - ok
21:33:48.0484 3244  [ 43C31BDF404A6D7A7AC1BFD5EAD2A566 ] mfeapfk         C:\WINDOWS\system32\drivers\mfeapfk.sys
21:33:48.0484 3244  mfeapfk - ok
21:33:48.0500 3244  [ C1DC5F42D3367F33B6451BE78B38BD46 ] mfeavfk         C:\WINDOWS\system32\drivers\mfeavfk.sys
21:33:48.0515 3244  mfeavfk - ok
21:33:48.0515 3244  mfeavfk01 - ok
21:33:48.0562 3244  [ 0435C43F4C2BE01B84868AD2A906397B ] mfebopk         C:\WINDOWS\system32\drivers\mfebopk.sys
21:33:48.0562 3244  mfebopk - ok
21:33:48.0578 3244  [ 183AB9DCE971E029C50223765671839C ] mfefire         C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
21:33:48.0578 3244  mfefire - ok
21:33:48.0625 3244  [ 4EA6FF90015424517843E931448E00F1 ] mfefirek        C:\WINDOWS\system32\drivers\mfefirek.sys
21:33:48.0640 3244  mfefirek - ok
21:33:48.0671 3244  [ D1E998748BA24A731106611D535C6BBF ] mfehidk         C:\WINDOWS\system32\drivers\mfehidk.sys
21:33:48.0687 3244  mfehidk - ok
21:33:48.0750 3244  [ 26C76D10ED650E6492800D6F081ECFBA ] mfendisk        C:\WINDOWS\system32\DRIVERS\mfendisk.sys
21:33:48.0765 3244  mfendisk - ok
21:33:48.0781 3244  [ 26C76D10ED650E6492800D6F081ECFBA ] mfendiskmp      C:\WINDOWS\system32\DRIVERS\mfendisk.sys
21:33:48.0781 3244  mfendiskmp - ok
21:33:48.0828 3244  [ F454A13377F0A006D20A8C14A753C432 ] mferkdet        C:\WINDOWS\system32\drivers\mferkdet.sys
21:33:48.0828 3244  mferkdet - ok
21:33:48.0859 3244  [ 070D3FAF2EAC417C59D8674A8752F7A6 ] mfetdi2k        C:\WINDOWS\system32\drivers\mfetdi2k.sys
21:33:48.0859 3244  mfetdi2k - ok
21:33:48.0890 3244  [ 2B8DFC60EDDDAA33EB5E9F7C91B48ACD ] mfevtp          C:\WINDOWS\system32\mfevtps.exe
21:33:48.0906 3244  mfevtp - ok
21:33:48.0968 3244  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
21:33:48.0968 3244  mnmdd - ok
21:33:49.0031 3244  [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
21:33:49.0031 3244  mnmsrvc - ok
21:33:49.0062 3244  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
21:33:49.0078 3244  Modem - ok
21:33:49.0125 3244  [ 1992E0D143B09653AB0F9C5E04B0FD65 ] MODEMCSA        C:\WINDOWS\system32\drivers\MODEMCSA.sys
21:33:49.0125 3244  MODEMCSA - ok
21:33:49.0156 3244  [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
21:33:49.0156 3244  Mouclass - ok
21:33:49.0187 3244  [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
21:33:49.0187 3244  mouhid - ok
21:33:49.0218 3244  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
21:33:49.0234 3244  MountMgr - ok
21:33:49.0328 3244  [ 730A519505621DF46BCBF9CDAC9FB6AD ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
21:33:49.0328 3244  MozillaMaintenance - ok
21:33:49.0343 3244  mraid35x - ok
21:33:49.0359 3244  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
21:33:49.0375 3244  MRxDAV - ok
21:33:49.0421 3244  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
21:33:49.0453 3244  MRxSmb - ok
21:33:49.0468 3244  [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
21:33:49.0484 3244  MSDTC - ok
21:33:49.0500 3244  [ C941EA2454BA8350021D774DAF0F1027 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
21:33:49.0515 3244  Msfs - ok
21:33:49.0515 3244  MSIServer - ok
21:33:49.0546 3244  [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
21:33:49.0562 3244  MSKSSRV - ok
21:33:49.0593 3244  [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
21:33:49.0593 3244  MSPCLOCK - ok
21:33:49.0609 3244  [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
21:33:49.0609 3244  MSPQM - ok
21:33:49.0640 3244  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
21:33:49.0640 3244  mssmbios - ok
21:33:49.0703 3244  [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
21:33:49.0703 3244  Mup - ok
21:33:49.0750 3244  [ 0102140028FAD045756796E1C685D695 ] napagent        C:\WINDOWS\System32\qagentrt.dll
21:33:49.0796 3244  napagent - ok
21:33:49.0843 3244  [ 1DF7F42665C94B825322FAE71721130D ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
21:33:49.0843 3244  NDIS - ok
21:33:49.0890 3244  [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
21:33:49.0890 3244  NdisTapi - ok
21:33:49.0921 3244  [ F927A4434C5028758A842943EF1A3849 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
21:33:49.0921 3244  Ndisuio - ok
21:33:49.0937 3244  [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
21:33:49.0953 3244  NdisWan - ok
21:33:50.0015 3244  [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
21:33:50.0015 3244  NDProxy - ok
21:33:50.0156 3244  [ C5052FB77AA42ED440F9F6B4E37145A9 ] Nero BackItUp Scheduler 3 C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
21:33:50.0171 3244  Nero BackItUp Scheduler 3 - ok
21:33:50.0234 3244  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
21:33:50.0234 3244  NetBIOS - ok
21:33:50.0250 3244  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
21:33:50.0250 3244  NetBT - ok
21:33:50.0312 3244  [ B857BA82860D7FF85AE29B095645563B ] NetDDE          C:\WINDOWS\system32\netdde.exe
21:33:50.0328 3244  NetDDE - ok
21:33:50.0343 3244  [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
21:33:50.0359 3244  NetDDEdsdm - ok
21:33:50.0390 3244  [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon        C:\WINDOWS\system32\lsass.exe
21:33:50.0406 3244  Netlogon - ok
21:33:50.0453 3244  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman          C:\WINDOWS\System32\netman.dll
21:33:50.0468 3244  Netman - ok
21:33:50.0515 3244  [ 943337D786A56729263071623BBB9DE5 ] Nla             C:\WINDOWS\System32\mswsock.dll
21:33:50.0531 3244  Nla - ok
21:33:50.0640 3244  [ 74149BCF0307BB76D68C0F8912DF731C ] NMIndexingService C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
21:33:50.0687 3244  NMIndexingService - ok
21:33:50.0734 3244  [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
21:33:50.0750 3244  Npfs - ok
21:33:50.0796 3244  [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
21:33:50.0812 3244  Ntfs - ok
21:33:50.0812 3244  [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
21:33:50.0828 3244  NtLmSsp - ok
21:33:50.0906 3244  [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
21:33:50.0937 3244  NtmsSvc - ok
21:33:50.0968 3244  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\WINDOWS\system32\drivers\Null.sys
21:33:50.0968 3244  Null - ok
21:33:51.0015 3244  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
21:33:51.0015 3244  NwlnkFlt - ok
21:33:51.0031 3244  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
21:33:51.0046 3244  NwlnkFwd - ok
21:33:51.0046 3244  [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport         C:\WINDOWS\system32\drivers\Parport.sys
21:33:51.0062 3244  Parport - ok
21:33:51.0062 3244  [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
21:33:51.0078 3244  PartMgr - ok
21:33:51.0093 3244  [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
21:33:51.0093 3244  ParVdm - ok
21:33:51.0109 3244  [ A219903CCF74233761D92BEF471A07B1 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
21:33:51.0109 3244  PCI - ok
21:33:51.0125 3244  PCIDump - ok
21:33:51.0140 3244  [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde          C:\WINDOWS\system32\drivers\PCIIde.sys
21:33:51.0140 3244  PCIIde - ok
21:33:51.0156 3244  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
21:33:51.0156 3244  Pcmcia - ok
21:33:51.0171 3244  PDCOMP - ok
21:33:51.0187 3244  PDFRAME - ok
21:33:51.0203 3244  PDRELI - ok
21:33:51.0218 3244  PDRFRAME - ok
21:33:51.0218 3244  perc2 - ok
21:33:51.0234 3244  perc2hib - ok
21:33:51.0296 3244  [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay        C:\WINDOWS\system32\services.exe
21:33:51.0328 3244  PlugPlay - ok
21:33:51.0328 3244  [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
21:33:51.0343 3244  PolicyAgent - ok
21:33:51.0359 3244  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
21:33:51.0375 3244  PptpMiniport - ok
21:33:51.0390 3244  [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
21:33:51.0406 3244  ProtectedStorage - ok
21:33:51.0421 3244  [ 09298EC810B07E5D582CB3A3F9255424 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
21:33:51.0421 3244  PSched - ok
21:33:51.0437 3244  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
21:33:51.0453 3244  Ptilink - ok
21:33:51.0484 3244  [ 153D02480A0A2F45785522E814C634B6 ] PxHelp20        C:\WINDOWS\system32\Drivers\PxHelp20.sys
21:33:51.0484 3244  PxHelp20 - ok
21:33:51.0500 3244  ql1080 - ok
21:33:51.0515 3244  Ql10wnt - ok
21:33:51.0531 3244  ql12160 - ok
21:33:51.0531 3244  ql1240 - ok
21:33:51.0546 3244  ql1280 - ok
21:33:51.0562 3244  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
21:33:51.0562 3244  RasAcd - ok
21:33:51.0593 3244  [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
21:33:51.0625 3244  RasAuto - ok
21:33:51.0625 3244  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
21:33:51.0640 3244  Rasl2tp - ok
21:33:51.0671 3244  [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan          C:\WINDOWS\System32\rasmans.dll
21:33:51.0734 3244  RasMan - ok
21:33:51.0765 3244  [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
21:33:51.0765 3244  RasPppoe - ok
21:33:51.0781 3244  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
21:33:51.0781 3244  Raspti - ok
21:33:51.0828 3244  [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
21:33:51.0843 3244  Rdbss - ok
21:33:51.0843 3244  [ 4912D5B403614CE99C28420F75353332 ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
21:33:51.0875 3244  RDPCDD - ok
21:33:51.0937 3244  [ 6589DB6E5969F8EEE594CF71171C5028 ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
21:33:51.0953 3244  RDPWD - ok
21:33:52.0000 3244  [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
21:33:52.0046 3244  RDSessMgr - ok
21:33:52.0078 3244  [ F828DD7E1419B6653894A8F97A0094C5 ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
21:33:52.0093 3244  redbook - ok
21:33:52.0125 3244  [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
21:33:52.0156 3244  RemoteAccess - ok
21:33:52.0187 3244  [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator      C:\WINDOWS\system32\locator.exe
21:33:52.0203 3244  RpcLocator - ok
21:33:52.0250 3244  [ 6B27A5C03DFB94B4245739065431322C ] RpcSs           C:\WINDOWS\system32\rpcss.dll
21:33:52.0265 3244  RpcSs - ok
21:33:52.0328 3244  [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP            C:\WINDOWS\system32\rsvp.exe
21:33:52.0343 3244  RSVP - ok
21:33:52.0390 3244  [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs           C:\WINDOWS\system32\lsass.exe
21:33:52.0390 3244  SamSs - ok
21:33:52.0437 3244  [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
21:33:52.0468 3244  SCardSvr - ok
21:33:52.0500 3244  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule        C:\WINDOWS\system32\schedsvc.dll
21:33:52.0531 3244  Schedule - ok
21:33:52.0578 3244  [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
21:33:52.0578 3244  Secdrv - ok
21:33:52.0609 3244  [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon        C:\WINDOWS\System32\seclogon.dll
21:33:52.0640 3244  seclogon - ok
21:33:52.0671 3244  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS            C:\WINDOWS\system32\sens.dll
21:33:52.0718 3244  SENS - ok
21:33:52.0765 3244  [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial          C:\WINDOWS\system32\drivers\Serial.sys
21:33:52.0765 3244  Serial - ok
21:33:52.0781 3244  [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
21:33:52.0781 3244  Sfloppy - ok
21:33:52.0828 3244  [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
21:33:52.0843 3244  SharedAccess - ok
21:33:52.0859 3244  [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
21:33:52.0875 3244  ShellHWDetection - ok
21:33:52.0890 3244  Simbad - ok
21:33:52.0906 3244  Sparrow - ok
21:33:52.0968 3244  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
21:33:52.0968 3244  splitter - ok
21:33:53.0015 3244  [ 60784F891563FB1B767F70117FC2428F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
21:33:53.0031 3244  Spooler - ok
21:33:53.0078 3244  [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
21:33:53.0093 3244  sr - ok
21:33:53.0140 3244  [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice       C:\WINDOWS\system32\srsvc.dll
21:33:53.0171 3244  srservice - ok
21:33:53.0218 3244  [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
21:33:53.0234 3244  Srv - ok
21:33:53.0265 3244  [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
21:33:53.0296 3244  SSDPSRV - ok
21:33:53.0359 3244  [ 2A2DC39623ADEF8AB3703AB9FAC4B440 ] STHDA           C:\WINDOWS\system32\drivers\sthda.sys
21:33:53.0390 3244  STHDA - ok
21:33:53.0453 3244  [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
21:33:53.0500 3244  stisvc - ok
21:33:53.0531 3244  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
21:33:53.0531 3244  swenum - ok
21:33:53.0546 3244  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
21:33:53.0546 3244  swmidi - ok
21:33:53.0562 3244  SwPrv - ok
21:33:53.0578 3244  symc810 - ok
21:33:53.0578 3244  symc8xx - ok
21:33:53.0593 3244  sym_hi - ok
21:33:53.0609 3244  sym_u3 - ok
21:33:53.0625 3244  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
21:33:53.0640 3244  sysaudio - ok
21:33:53.0687 3244  [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
21:33:53.0734 3244  SysmonLog - ok
21:33:53.0765 3244  [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
21:33:53.0843 3244  TapiSrv - ok
21:33:53.0890 3244  [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
21:33:53.0921 3244  Tcpip - ok
21:33:53.0953 3244  [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
21:33:53.0953 3244  TDPIPE - ok
21:33:53.0968 3244  [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
21:33:53.0984 3244  TDTCP - ok
21:33:53.0984 3244  [ 88155247177638048422893737429D9E ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
21:33:54.0000 3244  TermDD - ok
21:33:54.0031 3244  [ FF3477C03BE7201C294C35F684B3479F ] TermService     C:\WINDOWS\System32\termsrv.dll
21:33:54.0062 3244  TermService - ok
21:33:54.0093 3244  [ 99BC0B50F511924348BE19C7C7313BBF ] Themes          C:\WINDOWS\System32\shsvcs.dll
21:33:54.0109 3244  Themes - ok
21:33:54.0125 3244  TosIde - ok
21:33:54.0140 3244  [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks          C:\WINDOWS\system32\trkwks.dll
21:33:54.0171 3244  TrkWks - ok
21:33:54.0203 3244  [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
21:33:54.0218 3244  Udfs - ok
21:33:54.0234 3244  ultra - ok
21:33:54.0281 3244  [ AB0A7CA90D9E3D6A193905DC1715DED0 ] UMWdf           C:\WINDOWS\system32\wdfmgr.exe
21:33:54.0343 3244  UMWdf - ok
21:33:54.0359 3244  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
21:33:54.0390 3244  Update - ok
21:33:54.0421 3244  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost        C:\WINDOWS\System32\upnphost.dll
21:33:54.0453 3244  upnphost - ok
21:33:54.0484 3244  [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS             C:\WINDOWS\System32\ups.exe
21:33:54.0515 3244  UPS - ok
21:33:54.0578 3244  [ 8BF5D980CDCE35FB26F05047144BB57E ] USBAAPL         C:\WINDOWS\system32\Drivers\usbaapl.sys
21:33:54.0578 3244  USBAAPL - ok
21:33:54.0609 3244  [ E919708DB44ED8543A7C017953148330 ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys
21:33:54.0625 3244  usbaudio - ok
21:33:54.0640 3244  [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
21:33:54.0640 3244  usbccgp - ok
21:33:54.0656 3244  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
21:33:54.0656 3244  usbehci - ok
21:33:54.0671 3244  [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
21:33:54.0687 3244  usbhub - ok
21:33:54.0734 3244  [ A717C8721046828520C9EDF31288FC00 ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys
21:33:54.0734 3244  usbprint - ok
21:33:54.0781 3244  [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
21:33:54.0796 3244  usbscan - ok
21:33:54.0812 3244  [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
21:33:54.0828 3244  USBSTOR - ok
21:33:54.0843 3244  [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
21:33:54.0859 3244  usbuhci - ok
21:33:54.0875 3244  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
21:33:54.0890 3244  VgaSave - ok
21:33:54.0906 3244  ViaIde - ok
21:33:55.0015 3244  [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
21:33:55.0031 3244  VolSnap - ok
21:33:55.0078 3244  [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS             C:\WINDOWS\System32\vssvc.exe
21:33:55.0140 3244  VSS - ok
21:33:55.0187 3244  [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time         C:\WINDOWS\system32\w32time.dll
21:33:55.0234 3244  W32Time - ok
21:33:55.0265 3244  [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
21:33:55.0281 3244  Wanarp - ok
21:33:55.0296 3244  WDICA - ok
21:33:55.0312 3244  [ 6768ACF64B18196494413695F0C3A00F ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
21:33:55.0312 3244  wdmaud - ok
21:33:55.0343 3244  [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient       C:\WINDOWS\System32\webclnt.dll
21:33:55.0375 3244  WebClient - ok
21:33:55.0437 3244  [ F59ED5A43B988A18EF582BB07B2327A7 ] winachsf        C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
21:33:55.0453 3244  winachsf - ok
21:33:55.0562 3244  [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
21:33:55.0562 3244  winmgmt - ok
21:33:55.0640 3244  [ 140EF97B64F560FD78643CAE2CDAD838 ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
21:33:55.0640 3244  WmdmPmSN - ok
21:33:55.0718 3244  [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
21:33:55.0718 3244  WmiApSrv - ok
21:33:55.0781 3244  [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
21:33:55.0843 3244  wscsvc - ok
21:33:55.0875 3244  [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
21:33:55.0984 3244  wuauserv - ok
21:33:56.0031 3244  [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
21:33:56.0062 3244  WZCSVC - ok
21:33:56.0109 3244  [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
21:33:56.0140 3244  xmlprov - ok
21:33:56.0156 3244  ================ Scan global ===============================
21:33:56.0187 3244  [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
21:33:56.0234 3244  [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
21:33:56.0281 3244  [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
21:33:56.0328 3244  [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
21:33:56.0343 3244  [Global] - ok
21:33:56.0343 3244  ================ Scan MBR ==================================
21:33:56.0375 3244  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
21:33:56.0718 3244  \Device\Harddisk0\DR0 - ok
21:33:56.0718 3244  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
21:33:56.0781 3244  \Device\Harddisk1\DR1 - ok
21:33:56.0781 3244  ================ Scan VBR ==================================
21:33:56.0781 3244  [ 5F0E6075B6C1348F47A08B8FA7F76E9B ] \Device\Harddisk0\DR0\Partition1
21:33:56.0781 3244  \Device\Harddisk0\DR0\Partition1 - ok
21:33:56.0781 3244  [ 1924C1D2C2A5848877D0B1EEB3FE2AA8 ] \Device\Harddisk1\DR1\Partition1
21:33:56.0781 3244  \Device\Harddisk1\DR1\Partition1 - ok
21:33:56.0781 3244  ============================================================
21:33:56.0781 3244  Scan finished
21:33:56.0781 3244  ============================================================
21:33:56.0796 0284  Detected object count: 0
21:33:56.0796 0284  Actual detected object count: 0
 

 

proceeding to adwcleaner



#5 hothett

hothett
  • Topic Starter

  • Members
  • 77 posts
  • OFFLINE
  •  
  • Local time:04:30 AM

Posted 12 August 2013 - 08:44 PM

adwcleaner txt

 

# AdwCleaner v2.306 - Logfile created 08/12/2013 at 21:37:04
# Updated 19/07/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Owner - OWNER-0FE50E362
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Owner\My Documents\~5 Drives\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\WINDOWS\Tasks\AmiUpdXp.job
Folder Deleted : C:\Documents and Settings\Owner\Application Data\SwvUpdater

***** [Registry] *****

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

-\\ Mozilla Firefox v17.0.1 (en-US)

File : C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0nmu6dak.default-1344031034296\prefs.js

[OK] File is clean.

File : C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\zj5i7hx3.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v28.0.1500.95

File : C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

File : C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [2662 octets] - [12/08/2013 21:37:04]

########## EOF - C:\AdwCleaner[S1].txt - [2722 octets] ##########
 

now onto ESET scan



#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,906 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:30 AM

Posted 12 August 2013 - 09:02 PM

OK, appears you are running 3 Antivirus apps....Avast, Comodo and McAfee. This will cause problem's. You can only have one active.


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 hothett

hothett
  • Topic Starter

  • Members
  • 77 posts
  • OFFLINE
  •  
  • Local time:04:30 AM

Posted 12 August 2013 - 09:10 PM

Sounds about right... when I installed Avast I thought I turned off McAfee and thought Comodo was only firewall, or at least thought I enabled only the firewall part of it. Please direct me on what to do to remedy this. btw when you say this I looked into control panel to see what I could see and notice Windows Firewall is active as well as Comodo...

 

ESET is still running and has found at least one threat so log incoming.

 

AND big thanks for your help. You bleeping guys are always great help.

 

 

 

edit= Comodo antivirus is Defense+? Should I set that to disabled?

edit2=McAfee appears to be both firewall and antivirus.... so I am running 3 firewalls and 3 antiviruses?!? Overall suggestions?


Edited by hothett, 12 August 2013 - 09:16 PM.


#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,906 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:30 AM

Posted 12 August 2013 - 09:16 PM

Turn off Windows if Comodo FW is running
 
Let's wait till after ESET and then
 
Go to Piriform's website, and click the big download.png button. %5BLIST%5D
  • Click Download from Piriform.com (the FileHippo link requires an extra click). Or if you want to use a portable version of Speccy (which doesn't require installation), click the builds page link and download the portable version.
  • You will now be asked where you want to save the file. The best place to put it is the Desktop, as it will be easy to find later.
  • [/list] After the file finishes downloading, you are ready to run Speccy. If you downloaded the installer, simply double-click on it and follow the prompts until installation is complete. If you downloaded the portable version, you will need to unzip it before use. Right-click the ZIP file and click Extract all. Click Next. Open up the extracted folder and double-click on Speccy. ==================== Once inside Speccy, it will look similar to this (with your computer's specifications, of course): speccyq.png
  • Now, at the top, click File > Publish Snapshot
  • You will see the following prompt: publish.png
  • Click Yes > then Copy to Clipboard
  • copydi.png ==================== Now, once you are back in the forum topic you are posting in, click the reply.png button. Right-click in the empty space of the Reply box and click Paste. Then, click Add Reply below the Reply box. Congrats! You have just posted your specs! :)

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 hothett

hothett
  • Topic Starter

  • Members
  • 77 posts
  • OFFLINE
  •  
  • Local time:04:30 AM

Posted 12 August 2013 - 09:35 PM

ok boopme, but it is at 20% and is time for bed. Will reply tomorrow with logs.



#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,906 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:30 AM

Posted 12 August 2013 - 09:43 PM

Yep, me too


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 hothett

hothett
  • Topic Starter

  • Members
  • 77 posts
  • OFFLINE
  •  
  • Local time:04:30 AM

Posted 13 August 2013 - 05:59 AM

ESET log

 

C:\Documents and Settings\Owner\My Documents\Downloads\Cryptload1.1.8\router\FRITZ!Box\nc.exe    Win32/RemoteAdmin.NetCat application    cleaned by deleting - quarantined
C:\Documents and Settings\Owner\My Documents\working\computer set up\Active-Nero v.8.4.0.0 Ultra Edition\Nero8Keygen.exe    a variant of Win32/Keygen.AW application    cleaned by deleting - quarantined
C:\Documents and Settings\Owner\My Documents\working\computer set up\Active-Nero v.8.4.0.0 Ultra Edition\setup.exe    multiple threats    cleaned by deleting - quarantined
C:\Documents and Settings\Owner\My Documents\working\computer set up\BitTorrent-6.3c\BitTorrent-6.3c.exe    multiple threats    cleaned by deleting - quarantined
C:\Documents and Settings\Owner\My Documents\working\computer set up\Cryptload1.1.8\router\FRITZ!Box\nc.exe    Win32/RemoteAdmin.NetCat application    cleaned by deleting - quarantined
 

 

Speccy snapshot

http://speccy.piriform.com/results/Ggei5QYkM8Q7xx1kTt7scNw



#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,906 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:30 AM

Posted 13 August 2013 - 12:57 PM

Firewall
Firewall: 
Enabled
Company Name: 
McAfee
Display Name: 
McAfee Firewall
 
Antivirus
 
avast! Antivirus
Antivirus: 
Enabled
Company Name: 
AVAST Software
Product Version: 
8.0.1489.0
Virus Signature Database: 
Up to date
 
McAfee Anti-Virus and Anti-Spyware
Antivirus: 
Disabled
Company Name: 
McAfee
Virus Signature Database: 
Up to date

 

C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe

 

So it looks like you are running Avast as your AV, McAfee as the Firewall and only Comodo's Geek Buddy system. I am guessing that Geek will not remove items as the Comodo AV is not running.

 

Byt he way , appears you infrcted yourself using keygens and torrents, usually a guarantee..


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#13 hothett

hothett
  • Topic Starter

  • Members
  • 77 posts
  • OFFLINE
  •  
  • Local time:04:30 AM

Posted 13 August 2013 - 05:28 PM

What makes no sense is that McAfee, when opened says firewall on, but when I go to settings it says firewall off, with a button to turn it on. Meanwhile back at Comodo it give me firewall pop ups and shows all the signs it is turned on.

 

animated gif to show you what I am seeing...

rjkrbr.jpg

 

 

So should I be clean now? And are you sure it was the keygen/torrents that infected me? The reason I ask is I have had those for years and haven't had a problem before a couple weeks ago, and haven't used any of those things in months and months.



#14 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,906 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:30 AM

Posted 13 August 2013 - 09:42 PM

Eset shows these infections
Nero8Keygen.exe a variant of Win32/Keygen.AW application, which VirusTotal says:
https://www.virustotal.com/en/file/09d6861a0bbb0f8ecdf16e1c93c1f47fd2bd5733560b155425d4839657468ed5/analysis/
BitTorrent-6.3c\BitTorrent-6.3c.exe multiple threats

Before we say clean. I want to run MBAM.
Please download Malwarebytes Anti-Malware mbamicontw5.gif and save it to your desktop.
  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.
  • Double-click on the renamed file to install, then follow these instructions
  • for doing a Quick Scan in normal mode.
  • Don't forget to check for database definition updates through the program's interface (preferable method) before scanning.
  • If you cannot update Malwarebytes or use the Internet to download any files to the infected computer, manually update the database by following the instructions in FAQ Section A: 4. Issues
Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.
  • After completing the scan, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab .
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.
Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

-- Some types of malware will target Malwarebytes and other security tools to keep them from running properly. If that's the case, use Malwarebytes Chameleon and follow the onscreen instructions. The Chameleon folder can be accessed by opening the program folder for Malwarebytes Anti-Malware (normally C:\Program Files\Malwarebytes' Anti-Malware or C:\Program Files (x86)\Malwarebytes' Anti-Malware).



Did you pay for any of those AV's?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#15 hothett

hothett
  • Topic Starter

  • Members
  • 77 posts
  • OFFLINE
  •  
  • Local time:04:30 AM

Posted 15 August 2013 - 08:53 PM

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.08.15.06

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Owner :: OWNER-0FE50E362 [administrator]

8/15/2013 9:32:22 PM
mbam-log-2013-08-15 (21-32-22).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 231010
Time elapsed: 5 minute(s), 54 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Documents and Settings\Owner\Local Settings\Temp\Updater.exe (PUP.Optional.Amonetize) -> Quarantined and deleted successfully.

(end)
 

 

 

 

The McAfee came on the computer and the avast is the free version. Comodo is also free version but when I got it I was sure it was only to be firewall...maybe an update changed it to a multi, I don't know. I never intended to use the windows or macafee, but rather the comodo as firewall and avast as antivirus. Open to suggestions and thank you for the help so far.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users