Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trojan horse Generic34.aspc


  • Please log in to reply
17 replies to this topic

#1 boomstick70

boomstick70

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:02:57 AM

Posted 17 August 2013 - 07:14 PM

Hi, my computer has a Trojan horse Generic34.aspc.  It also shows a trojan.krypt, trojan.agent, heuristic.reserved.\word.exploit and disabled.securitycenter.  I'm not sure where to start.  Would someone have the time to help me?

 

Thanks

 

 

 



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,078 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:57 AM

Posted 17 August 2013 - 07:37 PM

Hello, I moved this to the Am I Infected forum.

What application is reporting them?

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



Please Download TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results.



Please download AdwCleaner by Xplode onto your desktop.
Close all open programs and internet browsers.
Double click on adwcleaner.exe to run the tool.
Click on Delete.
Confirm each time with Ok.
You will be prompted to restart your computer. A text file will open after the restart.
Please post the contents of that logfile with your next reply.
You can find the logfile at C:\AdwCleaner[S1].txt as well.



Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 boomstick70

boomstick70
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:02:57 AM

Posted 17 August 2013 - 10:46 PM

Thanks Boopme, AVG originally put a a dialog box. But nothing would show in a scan. After I updated Malwarebytes, it showed 11 viruses too. After I answered the AVG dialog box, my printer uninstalled and system restore was disabled. Here are my logs.  I keep trying to run eset.  It errors out, 2002.  Maybe it it my slow internet is too slow.    

 

MiniToolBox

MiniToolBox by Farbar  Version: 13-07-2013
Ran by HP_Administrator (administrator) on 17-08-2013 at 19:55:57
Running from "C:\Documents and Settings\HP_Administrator\Desktop"
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


127.0.0.1       localhost

========================= IP Configuration: ================================

Intel® PRO/100 VE Network Connection = Local Area Connection (Connected)
1394 Net Adapter = 1394 Connection (Connected)


# ----------------------------------
# Interface IP Configuration         
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



        Host Name . . . . . . . . . . . . : Kevins-Desktop

        Primary Dns Suffix  . . . . . . . :

        Node Type . . . . . . . . . . . . : Unknown

        IP Routing Enabled. . . . . . . . : No

        WINS Proxy Enabled. . . . . . . . : No

        DNS Suffix Search List. . . . . . : local.tld



Ethernet adapter Local Area Connection:



        Connection-specific DNS Suffix  . : local.tld

        Description . . . . . . . . . . . : Intel® PRO/100 VE Network Connection

        Physical Address. . . . . . . . . : 00-13-D4-47-E4-6D

        Dhcp Enabled. . . . . . . . . . . : Yes

        Autoconfiguration Enabled . . . . : Yes

        IP Address. . . . . . . . . . . . : 192.168.0.140

        Subnet Mask . . . . . . . . . . . : 255.255.255.0

        Default Gateway . . . . . . . . . : 192.168.0.1

        DHCP Server . . . . . . . . . . . : 192.168.0.1

        DNS Servers . . . . . . . . . . . : 192.168.0.1

        Lease Obtained. . . . . . . . . . : Saturday, August 17, 2013 6:29:38 PM

        Lease Expires . . . . . . . . . . : Sunday, August 18, 2013 6:29:38 AM

Server:  cp.local.tld
Address:  192.168.0.1

Name:    google.com
Addresses:  173.194.46.40, 173.194.46.37, 173.194.46.41, 173.194.46.34
      173.194.46.39, 173.194.46.35, 173.194.46.46, 173.194.46.36, 173.194.46.33
      173.194.46.38, 173.194.46.32



Pinging google.com [173.194.46.32] with 32 bytes of data:



Reply from 173.194.46.32: bytes=32 time=84ms TTL=50

Reply from 173.194.46.32: bytes=32 time=76ms TTL=50



Ping statistics for 173.194.46.32:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 76ms, Maximum = 84ms, Average = 80ms

Server:  cp.local.tld
Address:  192.168.0.1

Name:    yahoo.com
Addresses:  206.190.36.45, 98.139.183.24, 98.138.253.109



Pinging yahoo.com [98.138.253.109] with 32 bytes of data:



Request timed out.

Request timed out.



Ping statistics for 98.138.253.109:

    Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 13 d4 47 e4 6d ...... Intel® PRO/100 VE Network Connection - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.0.1   192.168.0.140      20
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1      1
      169.254.0.0      255.255.0.0    192.168.0.140   192.168.0.140      20
      192.168.0.0    255.255.255.0    192.168.0.140   192.168.0.140      20
    192.168.0.140  255.255.255.255        127.0.0.1       127.0.0.1      20
    192.168.0.255  255.255.255.255    192.168.0.140   192.168.0.140      20
        224.0.0.0        240.0.0.0    192.168.0.140   192.168.0.140      20
  255.255.255.255  255.255.255.255    192.168.0.140   192.168.0.140      1
Default Gateway:       192.168.0.1
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\system32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/12/2013 09:57:11 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 108266

Error: (08/12/2013 09:57:11 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 108266

Error: (08/12/2013 09:57:11 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/12/2013 09:57:09 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 106094

Error: (08/12/2013 09:57:09 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 106094

Error: (08/12/2013 09:57:09 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/12/2013 09:57:07 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 104094

Error: (08/12/2013 09:57:07 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 104094

Error: (08/12/2013 09:57:07 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/12/2013 09:55:27 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4188


System errors:
=============
Error: (08/17/2013 06:31:36 PM) (Source: Service Control Manager) (User: )
Description: The vToolbarUpdater15.4.0 service failed to start due to the following error:
%%2

Error: (08/17/2013 06:31:36 PM) (Source: Service Control Manager) (User: )
Description: The vToolbarUpdater13.2.0 service failed to start due to the following error:
%%2

Error: (08/17/2013 06:25:31 PM) (Source: Service Control Manager) (User: )
Description: The Pml Driver HPZ12 service terminated unexpectedly.  It has done this 1 time(s).

Error: (08/17/2013 04:30:17 PM) (Source: Service Control Manager) (User: )
Description: The Print Spooler service terminated unexpectedly.  It has done this 3 time(s).

Error: (08/17/2013 04:27:13 PM) (Source: Service Control Manager) (User: )
Description: The Print Spooler service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (08/17/2013 04:25:32 PM) (Source: Service Control Manager) (User: )
Description: The Print Spooler service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (08/17/2013 04:22:53 PM) (Source: Service Control Manager) (User: )
Description: The Pml Driver HPZ12 service terminated unexpectedly.  It has done this 1 time(s).

Error: (08/17/2013 04:15:47 PM) (Source: Service Control Manager) (User: )
Description: The Print Spooler service terminated unexpectedly.  It has done this 3 time(s).

Error: (08/17/2013 04:13:08 PM) (Source: Service Control Manager) (User: )
Description: The Print Spooler service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (08/17/2013 04:09:59 PM) (Source: Service Control Manager) (User: )
Description: The Print Spooler service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.


Microsoft Office Sessions:
=========================
Error: (08/12/2013 09:57:11 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 108266

Error: (08/12/2013 09:57:11 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 108266

Error: (08/12/2013 09:57:11 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/12/2013 09:57:09 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 106094

Error: (08/12/2013 09:57:09 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 106094

Error: (08/12/2013 09:57:09 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/12/2013 09:57:07 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 104094

Error: (08/12/2013 09:57:07 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 104094

Error: (08/12/2013 09:57:07 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/12/2013 09:55:27 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4188


=========================== Installed Programs ============================

Adobe AIR (Version: 2.7.0.19530)
Adobe Flash Player 11 ActiveX (Version: 11.8.800.94)
Adobe Flash Player 11 Plugin (Version: 11.8.800.94)
Adobe Reader X (10.1.7) (Version: 10.1.7)
Agere Systems PCI Soft Modem
Apple Application Support (Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (Version: 2.1.3.127)
ArcSoft PhotoImpression 5
AVG 2012 (Version: 12.0.1913)
AVG 2012 (Version: 12.0.2637)
AVG 2013 (Version: 13.0.3211)
AVG 2013 (Version: 13.0.3392)
AVG 2013 (Version: 2013.0.3392)
AVG PC Tuneup (Version: 10.0.0.27)
AVG SafeGuard toolbar (Version: 15.4.0.5)
Bing Bar (Version: 7.0.609.0)
Bonjour (Version: 3.0.0.10)
Bounce Symphony from HP Media Center (remove only)
BufferChm (Version: 45.4.157.000)
CCleaner (Version: 4.04)
CDDRV_Installer (Version: 4.60)
Copy (Version: 45.4.157.000)
CP_AtenaShokunin1Config (Version: 45.4.131.000)
cp_dwSharkTaleAlbums1 (Version: 45.4.157.000)
cp_dwSharkTaleCards1 (Version: 45.4.157.000)
cp_dwShrek2Albums1 (Version: 45.4.157.000)
cp_dwShrek2Cards1 (Version: 45.4.157.000)
CP_PLSBusinessFlyers (Version: 45.4.157.000)
CreativeProjects (Version: 45.4.157.000)
CreativeProjectsTemplates (Version: 45.4.157.000)
CueTour (Version: 45.4.157.000)
Destinations (Version: 45.4.157.000)
Director (Version: 45.4.157.000)
DocProc (Version: 4.5.0.0)
DocumentViewer (Version: 45.4.157.000)
DVDFab 6.2.1.8 (31/12/2009)
DVDFab 7.0.9.3 (08/08/2010)
DVDFab 8.0.8.5 (19/03/2011)
DVDFab 8.2.2.8 (26/02/2013) Qt
DVDFab 9.0.2.6 (06/02/2013) Qt
DVDFab Platinum 3.1.8.0
Easy Internet Sign-up (Version: FE UI-3.2.0.1491)
EPSON Print CD (Version: 1.50.000)
EPSON Printer Software
EPSON Scan
EPSON Stylus Photo RX580 Scanner Driver Update
EPSON Stylus Photo RX580 User's Guide
erLT (Version: 1.20.137.31)
exPressit S.E. 2.1
Final Drive Nitro from HP Media Center (remove only)
GemMaster Mystic
Google Chrome (Version: 28.0.1500.95)
Google Quick Search Box (Version: 1.2.1151.245)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.5.4209.2358)
Google Update Helper (Version: 1.3.21.153)
Help and Support Additions (Version: 3.0.5)
HP Boot Optimizer (Version: 1.0.2)
HP Help and Support 4.0 (Version: 4.00.0025)
HP Image Zone 4.8.6 (Version: 4.8.6)
HP Image Zone for Media Center PC (Version: 1.02.001)
HP Image Zone Plus 4.8.6 (Version: 4.8.6)
HP Product Assistant (Version: 2.0.0.0)
HP Software Update (Version: 3.0.2.991)
HP Tunes (Version: 2.0.0.0)
HPIZplus450 (Version: 48.2.6.0)
HpSdpAppCoreApp (Version: 3.00.0000)
HPSystemDiagnostics (Version: 1.6.0.0)
InstantShare (Version: 45.4.157.000)
Intel® Graphics Media Accelerator Driver (Version: 6.14.10.4299)
Intel® PRO Network Connections Drivers
InterVideo WinDVD Player (Version: 5.0-B11.776)
iTunes (Version: 11.0.4.4)
J2SE Runtime Environment 5.0 (Version: 1.5.0)
Java 7 Update 17 (Version: 7.0.170)
Java Auto Updater (Version: 2.0.7.2)
Java™ 6 Update 37 (Version: 6.0.370)
KBD
KhalInstallWrapper (Version: 4.60.122)
Lexibox Deluxe from HP Media Center (remove only)
Logitech SetPoint (Version: 4.60)
Logitech Updater (Version: 1.70)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Microsoft .NET Framework 1.0 Hotfix (KB2604042)
Microsoft .NET Framework 1.0 Hotfix (KB2656378)
Microsoft .NET Framework 1.0 Security Update (KB2698035)
Microsoft .NET Framework 1.0 Security Update (KB2833951)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB2833941)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Office 2000 Premium (Version: 9.00.2720)
Microsoft Plus! Dancer LE (Version: 1.1.0.3522)
Microsoft Plus! Digital Media Edition Installer (Version: 1.1.0.3500)
Microsoft Plus! Photo Story 2 LE (Version: 1.1.0.3463)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft UI Engine (Version: 4.0.0318.1)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Works (Version: 08.04.0623)
MotoCast (Version: 2.0.31)
MotoHelper 2.1.40 Driver 5.5.0 (Version: 2.1.40)
MotoHelper MergeModules (Version: 1.0.0)
MotoHelper MergeModules (Version: 1.2.0)
Motorola Device Manager (Version: 2.2.35)
Motorola Device Software Update (Version: 1.0.41)
MOTOROLA MEDIA LINK (Version: 1.9.0002.0)
Motorola Mobile Drivers Installation 5.5.0 (Version: 5.5.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)
muvee autoProducer 4.0 (Version: 4.00.050)
muvee autoProducer unPlugged - HPD (Version: 1.0.000)
Otto
Overball from HP Media Center (remove only)
PanoStandAlone (Version: 45.4.157.000)
Phoenix Assault from HP Media Center (remove only)
PhotoGallery (Version: 45.4.157.000)
Photosmart 320,370,7400,8100,8400 Series (Version: 2.0)
Polar Bowler from HP Media Center (remove only)
Polar Golfer from HP Media Center (remove only)
PrintScreen (Version: 43.1.5.000)
PS2
PSPrinters06 (Version: 1.00.0000)
Python 2.2 pywin32 extensions (build 203)
Python 2.2.3 (Version: 2.2.3)
QFolder (Version: 1.00.0000)
QuickProjects (Version: 43.1.5.000)
Reimage Repair (Version: 1.6.4.2)
Replay Converter 3 (Version: 3.60)
Replay Director (Version: 1.0)
Replay Media Catcher 3.11 (Version: 3.11)
ScannerCopy (Version: 4.5.0.0)
Shooting Stars Pool from HP Media Center (remove only)
SkinsHP1 (Version: 45.4.157.000)
Slyder from HP Media Center (remove only)
Sonic Encoders (Version: 1.00)
Sonic Express Labeler (Version: 2.0.0)
Sonic MyDVD Plus (Version: 6.1.0)
Sonic RecordNow Audio (Version: 2.0.0)
Sonic RecordNow Copy (Version: 2.0.0)
Sonic RecordNow Data (Version: 2.0.0)
Sonic Update Manager (Version: 3.0.0)
Super Granny from HP Media Center (remove only)
Tradewinds from HP Media Center (remove only)
TrayApp (Version: 45.4.157.000)
Unload (Version: 4.5.0)
Update for Windows Internet Explorer 8 (KB975364) (Version: 1)
Update for Windows Internet Explorer 8 (KB976662) (Version: 1)
Update for Windows Internet Explorer 8 (KB976749) (Version: 1)
Update for Windows Internet Explorer 8 (KB980182) (Version: 1)
Update for Windows XP (KB2661254-v2) (Version: 2)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB2736233) (Version: 1)
Update for Windows XP (KB2749655) (Version: 1)
Update for Windows XP (KB2863058) (Version: 1)
Update Rollup 1 for Windows XP Media Center Edition 2005 with HDTV Support (KB873369)
Updates from HP
WebFldrs XP (Version: 9.50.7523)
WebReg (Version: 45.4.157.000)
Windows Installer Clean Up (Version: 3.00.00.0000)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
Windows XP Service Pack 3 (Version: 20080414.031525)

========================= Memory info: ===================================

Percentage of memory in use: 41%
Total physical RAM: 3062.42 MB
Available physical RAM: 1789.74 MB
Total Pagefile: 4425.76 MB
Available Pagefile: 3311.62 MB
Total Virtual: 2047.88 MB
Available Virtual: 1969.73 MB

========================= Partitions: =====================================

1 Drive c: (HP_PAVILION) (Fixed) (Total:226.19 GB) (Free:115.41 GB) NTFS
2 Drive d: (HP_RECOVERY) (Fixed) (Total:6.68 GB) (Free:0.41 GB) FAT32
3 Drive e: (HP_PAVILION ) (Fixed) (Total:465.76 GB) (Free:342.53 GB) NTFS
5 Drive g: (Epson) (CDROM) (Total:0.21 GB) (Free:0 GB) CDFS
7 Drive i: () (Removable) (Total:1.93 GB) (Free:0.8 GB) FAT32

========================= Users: ========================================

User accounts for \\KEVINS-DESKTOP

Administrator            Guest                    HelpAssistant            
HP_Administrator         SUPPORT_388945a0         SUPPORT_fddfa904         


**** End of log ****

TDSS

20:19:37.0515 0x10f0  TDSS rootkit removing tool 2.9.2.0 Aug 15 2013 16:44:29
20:19:38.0046 0x10f0  ============================================================
20:19:38.0046 0x10f0  Current date / time: 2013/08/17 20:19:38.0046
20:19:38.0046 0x10f0  SystemInfo:
20:19:38.0046 0x10f0  
20:19:38.0046 0x10f0  OS Version: 5.1.2600 ServicePack: 3.0
20:19:38.0046 0x10f0  Product type: Workstation
20:19:38.0062 0x10f0  ComputerName: KEVINS-DESKTOP
20:19:38.0062 0x10f0  UserName: HP_Administrator
20:19:38.0062 0x10f0  Windows directory: C:\WINDOWS
20:19:38.0062 0x10f0  System windows directory: C:\WINDOWS
20:19:38.0062 0x10f0  Processor architecture: Intel x86
20:19:38.0062 0x10f0  Number of processors: 2
20:19:38.0062 0x10f0  Page size: 0x1000
20:19:38.0062 0x10f0  Boot type: Normal boot
20:19:38.0062 0x10f0  ============================================================
20:19:38.0875 0x10f0  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x7E2D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000054
20:19:38.0890 0x10f0  Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xFC59, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000054
20:19:39.0015 0x10f0  Drive \Device\Harddisk6\DR9 - Size: 0x7BF80000 (1.94 Gb), SectorSize: 0x200, Cylinders: 0xFC, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
20:19:39.0046 0x10f0  ============================================================
20:19:39.0046 0x10f0  \Device\Harddisk0\DR0:
20:19:39.0046 0x10f0  MBR partitions:
20:19:39.0046 0x10f0  \Device\Harddisk0\DR0\Partition1: MBR, Type 0xB, StartLBA 0x3F, BlocksNum 0xD619C1
20:19:39.0046 0x10f0  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xD61A00, BlocksNum 0x1C45ECC0
20:19:39.0046 0x10f0  \Device\Harddisk1\DR1:
20:19:39.0046 0x10f0  MBR partitions:
20:19:39.0046 0x10f0  \Device\Harddisk6\DR9:
20:19:39.0046 0x10f0  MBR partitions:
20:19:39.0046 0x10f0  \Device\Harddisk6\DR9\Partition1: MBR, Type 0xB, StartLBA 0x20, BlocksNum 0x3DFBE0
20:19:39.0046 0x10f0  ============================================================
20:19:39.0109 0x10f0  C: <-> \Device\Harddisk0\DR0\Partition2
20:19:39.0109 0x10f0  D: <-> \Device\Harddisk0\DR0\Partition1
20:19:39.0109 0x10f0  ============================================================
20:19:39.0109 0x10f0  Initialize success
20:19:39.0109 0x10f0  ============================================================
20:19:46.0765 0x1220  ============================================================
20:19:46.0765 0x1220  Scan started
20:19:46.0765 0x1220  Mode: Manual; TDLFS;
20:19:46.0765 0x1220  ============================================================
20:19:47.0453 0x1220  ================ Scan system memory ========================
20:19:47.0453 0x1220  System memory - ok
20:19:47.0453 0x1220  ================ Scan services =============================
20:19:47.0656 0x1220  Abiosdsk - ok
20:19:47.0671 0x1220  abp480n5 - ok
20:19:47.0703 0x1220  [ 8FD99680A539792A30E97944FDAECF17 ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
20:19:47.0703 0x1220  ACPI - ok
20:19:47.0734 0x1220  [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
20:19:47.0734 0x1220  ACPIEC - ok
20:19:47.0812 0x1220  [ 476BB014F3F68C0C15EDDD5B444DA8FF ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:19:47.0812 0x1220  AdobeFlashPlayerUpdateSvc - ok
20:19:47.0828 0x1220  adpu160m - ok
20:19:47.0843 0x1220  [ 8BED39E3C35D6A489438B8141717A557 ] aec             C:\WINDOWS\system32\drivers\aec.sys
20:19:47.0843 0x1220  aec - ok
20:19:47.0890 0x1220  [ A7B8A3A79D35215D798A300DF49ED23F ] Afc             C:\WINDOWS\system32\drivers\Afc.sys
20:19:47.0890 0x1220  Afc - ok
20:19:47.0921 0x1220  [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
20:19:47.0937 0x1220  AFD - ok
20:19:48.0015 0x1220  [ 593AEFC67283D409F34CC1245D00A509 ] AgereSoftModem  C:\WINDOWS\system32\DRIVERS\AGRSM.sys
20:19:48.0046 0x1220  AgereSoftModem - ok
20:19:48.0046 0x1220  Aha154x - ok
20:19:48.0062 0x1220  aic78u2 - ok
20:19:48.0062 0x1220  aic78xx - ok
20:19:48.0093 0x1220  [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
20:19:48.0093 0x1220  Alerter - ok
20:19:48.0125 0x1220  [ 8C515081584A38AA007909CD02020B3D ] ALG             C:\WINDOWS\System32\alg.exe
20:19:48.0125 0x1220  ALG - ok
20:19:48.0125 0x1220  AliIde - ok
20:19:48.0140 0x1220  amsint - ok
20:19:48.0296 0x1220  [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:19:48.0312 0x1220  Apple Mobile Device - ok
20:19:48.0343 0x1220  [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
20:19:48.0359 0x1220  AppMgmt - ok
20:19:48.0375 0x1220  [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394         C:\WINDOWS\system32\DRIVERS\arp1394.sys
20:19:48.0375 0x1220  Arp1394 - ok
20:19:48.0375 0x1220  asc - ok
20:19:48.0390 0x1220  asc3350p - ok
20:19:48.0390 0x1220  asc3550 - ok
20:19:48.0500 0x1220  [ E1A1206A4FB19B675E947B29CCD25FBA ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
20:19:48.0500 0x1220  aspnet_state - ok
20:19:48.0515 0x1220  [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
20:19:48.0531 0x1220  AsyncMac - ok
20:19:48.0546 0x1220  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
20:19:48.0546 0x1220  atapi - ok
20:19:48.0562 0x1220  Atdisk - ok
20:19:48.0593 0x1220  [ 9916C1225104BA14794209CFA8012159 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
20:19:48.0593 0x1220  Atmarpc - ok
20:19:48.0625 0x1220  [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
20:19:48.0625 0x1220  AudioSrv - ok
20:19:48.0687 0x1220  [ D9F724AA26C010A217C97606B160ED68 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
20:19:48.0687 0x1220  audstub - ok
20:19:48.0890 0x1220  [ 4DB93F4DB7077801D2D82013506AC1D0 ] AVGIDSAgent     C:\Program Files\AVG\AVG2013\avgidsagent.exe
20:19:49.0046 0x1220  AVGIDSAgent - ok
20:19:49.0093 0x1220  [ 4D7E34E36E586EA26F171A258341BD80 ] AVGIDSDriver    C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys
20:19:49.0093 0x1220  AVGIDSDriver - ok
20:19:49.0109 0x1220  [ 7C8E88549BCDAAC965B1B724C175F7A9 ] AVGIDSHX        C:\WINDOWS\system32\DRIVERS\avgidshx.sys
20:19:49.0109 0x1220  AVGIDSHX - ok
20:19:49.0140 0x1220  [ A426B2DC795531D99E2EE1952AEC051A ] AVGIDSShim      C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys
20:19:49.0140 0x1220  AVGIDSShim - ok
20:19:49.0171 0x1220  [ 2018C4E9A40B122408763A5635CF14D9 ] Avgldx86        C:\WINDOWS\system32\DRIVERS\avgldx86.sys
20:19:49.0171 0x1220  Avgldx86 - ok
20:19:49.0187 0x1220  [ E2B9CF2CF787C6978E7CC898E9684E48 ] Avglogx         C:\WINDOWS\system32\DRIVERS\avglogx.sys
20:19:49.0187 0x1220  Avglogx - ok
20:19:49.0218 0x1220  [ 3F59750A3AA55C46663801E7C2FD1E2B ] Avgmfx86        C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
20:19:49.0218 0x1220  Avgmfx86 - ok
20:19:49.0218 0x1220  [ EDDE28E993496EE1DC3F0937DFF7BF28 ] Avgrkx86        C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
20:19:49.0234 0x1220  Avgrkx86 - ok
20:19:49.0281 0x1220  [ 14370FB29526F593C04FA48B5D69F7F0 ] Avgtdix         C:\WINDOWS\system32\DRIVERS\avgtdix.sys
20:19:49.0281 0x1220  Avgtdix - ok
20:19:49.0328 0x1220  [ F798F61B3B5642D7086B96A891B129D2 ] avgtp           C:\WINDOWS\system32\drivers\avgtpx86.sys
20:19:49.0328 0x1220  avgtp - ok
20:19:49.0375 0x1220  [ 48939D9F350AEF9370F03A1E49A49BE2 ] avgwd           C:\Program Files\AVG\AVG2013\avgwdsvc.exe
20:19:49.0375 0x1220  avgwd - ok
20:19:49.0468 0x1220  [ 825F81A6F7DD073509DB101F0BA6DC59 ] BBSvc           C:\Program Files\Microsoft\BingBar\BBSvc.EXE
20:19:49.0484 0x1220  BBSvc - ok
20:19:49.0515 0x1220  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
20:19:49.0531 0x1220  Beep - ok
20:19:49.0578 0x1220  [ 574738F61FCA2935F5265DC4E5691314 ] BITS            C:\WINDOWS\system32\qmgr.dll
20:19:49.0593 0x1220  BITS - ok
20:19:49.0671 0x1220  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:19:49.0687 0x1220  Bonjour Service - ok
20:19:49.0718 0x1220  [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser         C:\WINDOWS\System32\browser.dll
20:19:49.0734 0x1220  Browser - ok
20:19:49.0765 0x1220  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
20:19:49.0765 0x1220  cbidf2k - ok
20:19:49.0781 0x1220  [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE        C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
20:19:49.0781 0x1220  CCDECODE - ok
20:19:49.0781 0x1220  cd20xrnt - ok
20:19:49.0812 0x1220  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
20:19:49.0812 0x1220  Cdaudio - ok
20:19:49.0828 0x1220  [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
20:19:49.0828 0x1220  Cdfs - ok
20:19:49.0843 0x1220  [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
20:19:49.0843 0x1220  Cdrom - ok
20:19:49.0859 0x1220  Changer - ok
20:19:49.0906 0x1220  [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc           C:\WINDOWS\system32\cisvc.exe
20:19:49.0921 0x1220  CiSvc - ok
20:19:49.0937 0x1220  [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
20:19:49.0937 0x1220  ClipSrv - ok
20:19:49.0953 0x1220  CmdIde - ok
20:19:49.0953 0x1220  COMSysApp - ok
20:19:49.0968 0x1220  Cpqarray - ok
20:19:50.0937 0x1220  cpuz134 - ok
20:19:51.0000 0x1220  [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
20:19:51.0031 0x1220  CryptSvc - ok
20:19:51.0078 0x1220  [ 0D95DCCD7C2755FDF0BD0B416B0B142F ] CXFALCON        C:\WINDOWS\system32\drivers\cxfalcon.sys
20:19:51.0078 0x1220  CXFALCON - ok
20:19:51.0093 0x1220  dac2w2k - ok
20:19:51.0093 0x1220  dac960nt - ok
20:19:51.0156 0x1220  [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
20:19:51.0171 0x1220  DcomLaunch - ok
20:19:51.0281 0x1220  [ 59D90B6A7FBC4CC712DD7C5868618480 ] DeviceMonitorService C:\Program Files\Motorola Media Link\Lite\NServiceEntry.exe
20:19:51.0281 0x1220  DeviceMonitorService - ok
20:19:51.0437 0x1220  [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
20:19:51.0437 0x1220  Dhcp - ok
20:19:51.0468 0x1220  [ 044452051F3E02E7963599FC8F4F3E25 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
20:19:51.0468 0x1220  Disk - ok
20:19:51.0484 0x1220  dmadmin - ok
20:19:51.0515 0x1220  [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
20:19:51.0531 0x1220  dmboot - ok
20:19:51.0531 0x1220  [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
20:19:51.0531 0x1220  dmio - ok
20:19:51.0562 0x1220  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
20:19:51.0562 0x1220  dmload - ok
20:19:51.0593 0x1220  [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver        C:\WINDOWS\System32\dmserver.dll
20:19:51.0593 0x1220  dmserver - ok
20:19:51.0609 0x1220  [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
20:19:51.0609 0x1220  DMusic - ok
20:19:51.0656 0x1220  [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
20:19:51.0656 0x1220  Dnscache - ok
20:19:51.0703 0x1220  [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
20:19:51.0703 0x1220  Dot3svc - ok
20:19:51.0703 0x1220  dpti2o - ok
20:19:51.0718 0x1220  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
20:19:51.0718 0x1220  drmkaud - ok
20:19:51.0765 0x1220  [ 95974E66D3DE4951D29E28E8BC0B644C ] E100B           C:\WINDOWS\system32\DRIVERS\e100b325.sys
20:19:51.0765 0x1220  E100B - ok
20:19:51.0781 0x1220  [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost         C:\WINDOWS\System32\eapsvc.dll
20:19:51.0781 0x1220  EapHost - ok
20:19:51.0859 0x1220  [ 63F371F0248E3732A4821F86E6D0E370 ] ehRecvr         C:\WINDOWS\eHome\ehRecvr.exe
20:19:51.0875 0x1220  ehRecvr - ok
20:19:51.0890 0x1220  [ 16910F8B482919BB6035ED053B691692 ] ehSched         C:\WINDOWS\eHome\ehSched.exe
20:19:51.0890 0x1220  ehSched - ok
20:19:51.0921 0x1220  [ BC93B4A066477954555966D77FEC9ECB ] ERSvc           C:\WINDOWS\System32\ersvc.dll
20:19:51.0937 0x1220  ERSvc - ok
20:19:51.0984 0x1220  [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog        C:\WINDOWS\system32\services.exe
20:19:51.0984 0x1220  Eventlog - ok
20:19:52.0031 0x1220  [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem     C:\WINDOWS\system32\es.dll
20:19:52.0046 0x1220  EventSystem - ok
20:19:52.0062 0x1220  [ 38D332A6D56AF32635675F132548343E ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
20:19:52.0062 0x1220  Fastfat - ok
20:19:52.0093 0x1220  [ 1E580770BDECE924494B368AC980749E ] fasttx2k        C:\WINDOWS\system32\DRIVERS\fasttx2k.sys
20:19:52.0093 0x1220  fasttx2k - ok
20:19:52.0125 0x1220  [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
20:19:52.0140 0x1220  FastUserSwitchingCompatibility - ok
20:19:52.0187 0x1220  [ E97D6A8684466DF94FF3BC24FB787A07 ] Fax             C:\WINDOWS\system32\fxssvc.exe
20:19:52.0187 0x1220  Fax - ok
20:19:52.0203 0x1220  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc             C:\WINDOWS\system32\DRIVERS\fdc.sys
20:19:52.0203 0x1220  Fdc - ok
20:19:52.0234 0x1220  [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
20:19:52.0234 0x1220  Fips - ok
20:19:52.0265 0x1220  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk        C:\WINDOWS\system32\DRIVERS\flpydisk.sys
20:19:52.0265 0x1220  Flpydisk - ok
20:19:52.0296 0x1220  [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
20:19:52.0296 0x1220  FltMgr - ok
20:19:52.0343 0x1220  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:19:52.0343 0x1220  Fs_Rec - ok
20:19:52.0406 0x1220  [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
20:19:52.0406 0x1220  Ftdisk - ok
20:19:52.0453 0x1220  [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
20:19:52.0453 0x1220  GEARAspiWDM - ok
20:19:52.0453 0x1220  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
20:19:52.0453 0x1220  Gpc - ok
20:19:52.0578 0x1220  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
20:19:52.0578 0x1220  gupdate - ok
20:19:52.0578 0x1220  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
20:19:52.0593 0x1220  gupdatem - ok
20:19:52.0640 0x1220  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
20:19:52.0640 0x1220  gusvc - ok
20:19:52.0656 0x1220  [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
20:19:52.0656 0x1220  HDAudBus - ok
20:19:52.0750 0x1220  [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
20:19:52.0750 0x1220  helpsvc - ok
20:19:52.0765 0x1220  [ BB1A6FB7D35A91E599973FA74A619056 ] HidIr           C:\WINDOWS\system32\DRIVERS\hidir.sys
20:19:52.0765 0x1220  HidIr - ok
20:19:52.0781 0x1220  [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ         C:\WINDOWS\System32\hidserv.dll
20:19:52.0781 0x1220  HidServ - ok
20:19:52.0812 0x1220  [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
20:19:52.0812 0x1220  HidUsb - ok
20:19:52.0859 0x1220  [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
20:19:52.0859 0x1220  hkmsvc - ok
20:19:52.0859 0x1220  hpn - ok
20:19:52.0906 0x1220  [ 9F1D80908658EB7F1BF70809E0B51470 ] HPZid412        C:\WINDOWS\system32\DRIVERS\HPZid412.sys
20:19:52.0906 0x1220  HPZid412 - ok
20:19:52.0921 0x1220  [ F7E3E9D50F9CD3DE28085A8FDAA0A1C3 ] HPZipr12        C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
20:19:52.0921 0x1220  HPZipr12 - ok
20:19:52.0937 0x1220  [ CF1B7951B4EC8D13F3C93B74BB2B461B ] HPZius12        C:\WINDOWS\system32\DRIVERS\HPZius12.sys
20:19:52.0937 0x1220  HPZius12 - ok
20:19:52.0968 0x1220  [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
20:19:52.0984 0x1220  HTTP - ok
20:19:52.0984 0x1220  [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
20:19:52.0984 0x1220  HTTPFilter - ok
20:19:53.0000 0x1220  i2omgmt - ok
20:19:53.0000 0x1220  i2omp - ok
20:19:53.0046 0x1220  [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
20:19:53.0046 0x1220  i8042prt - ok
20:19:53.0109 0x1220  [ 0294A30B302CA71A2C26E582DDA93486 ] ialm            C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
20:19:53.0125 0x1220  ialm - ok
20:19:53.0218 0x1220  [ 6F95324909B502E2651442C1548AB12F ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
20:19:53.0218 0x1220  IDriverT - ok
20:19:53.0218 0x1220  [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
20:19:53.0218 0x1220  Imapi - ok
20:19:53.0265 0x1220  [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService    C:\WINDOWS\system32\imapi.exe
20:19:53.0265 0x1220  ImapiService - ok
20:19:53.0281 0x1220  ini910u - ok
20:19:53.0375 0x1220  [ 44792CCBC7B41B42EC068C6416D17DE1 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
20:19:53.0390 0x1220  IntcAzAudAddService - ok
20:19:53.0453 0x1220  [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde        C:\WINDOWS\system32\DRIVERS\intelide.sys
20:19:53.0453 0x1220  IntelIde - ok
20:19:53.0484 0x1220  [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
20:19:53.0484 0x1220  intelppm - ok
20:19:53.0515 0x1220  [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys
20:19:53.0515 0x1220  Ip6Fw - ok
20:19:53.0546 0x1220  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
20:19:53.0546 0x1220  IpFilterDriver - ok
20:19:53.0562 0x1220  [ B87AB476DCF76E72010632B5550955F5 ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
20:19:53.0562 0x1220  IpInIp - ok
20:19:53.0593 0x1220  [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
20:19:53.0593 0x1220  IpNat - ok
20:19:53.0656 0x1220  [ FE56897B27ED266F9C4E7D90A0B5DA47 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
20:19:53.0671 0x1220  iPod Service - ok
20:19:53.0687 0x1220  [ 23C74D75E36E7158768DD63D92789A91 ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
20:19:53.0687 0x1220  IPSec - ok
20:19:53.0718 0x1220  [ B43B36B382AEA10861F7C7A37F9D4AE2 ] IrBus           C:\WINDOWS\system32\DRIVERS\IrBus.sys
20:19:53.0734 0x1220  IrBus - ok
20:19:53.0750 0x1220  [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
20:19:53.0750 0x1220  IRENUM - ok
20:19:53.0796 0x1220  [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
20:19:53.0796 0x1220  isapnp - ok
20:19:53.0921 0x1220  [ 999DB5F88C8E145CCA9D471E33227143 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
20:19:53.0921 0x1220  JavaQuickStarterService - ok
20:19:53.0953 0x1220  [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
20:19:53.0953 0x1220  Kbdclass - ok
20:19:53.0968 0x1220  [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
20:19:53.0968 0x1220  kbdhid - ok
20:19:54.0015 0x1220  [ 692BCF44383D056AED41B045A323D378 ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
20:19:54.0015 0x1220  kmixer - ok
20:19:54.0046 0x1220  [ B467646C54CC746128904E1654C750C1 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
20:19:54.0046 0x1220  KSecDD - ok
20:19:54.0046 0x1220  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
20:19:54.0062 0x1220  lanmanserver - ok
20:19:54.0093 0x1220  [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
20:19:54.0093 0x1220  lanmanworkstation - ok
20:19:54.0093 0x1220  lbrtfdc - ok
20:19:54.0203 0x1220  [ A0F7DC0080E4F97DC97DE08B699E231B ] LBTServ         C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
20:19:54.0203 0x1220  LBTServ - ok
20:19:54.0250 0x1220  [ 24E0DDB99AECCF86BB37702611761459 ] LHidFilt        C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
20:19:54.0250 0x1220  LHidFilt - ok
20:19:54.0296 0x1220  [ A7DB739AE99A796D91580147E919CC59 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
20:19:54.0296 0x1220  LmHosts - ok
20:19:54.0328 0x1220  [ D58B330D318361A66A9FE60D7C9B4951 ] LMouFilt        C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
20:19:54.0328 0x1220  LMouFilt - ok
20:19:54.0359 0x1220  [ 4470E3C1E0C3378E4CAB137893C12C3A ] MBAMProtector   C:\WINDOWS\system32\drivers\mbam.sys
20:19:54.0375 0x1220  MBAMProtector - ok
20:19:54.0421 0x1220  [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler   C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
20:19:54.0437 0x1220  MBAMScheduler - ok
20:19:54.0484 0x1220  [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService     C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
20:19:54.0500 0x1220  MBAMService - ok
20:19:54.0531 0x1220  [ 0DB7527DB188C7D967A37BB51BBF3963 ] MBAMSwissArmy   C:\WINDOWS\system32\drivers\mbamswissarmy.sys
20:19:54.0531 0x1220  MBAMSwissArmy - ok
20:19:54.0609 0x1220  [ 11F714F85530A2BD134074DC30E99FCA ] MDM             C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
20:19:54.0609 0x1220  MDM - ok
20:19:54.0656 0x1220  [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
20:19:54.0656 0x1220  Messenger - ok
20:19:54.0687 0x1220  [ B7521F69C0A9B29D356157229376FB21 ] MHN             C:\WINDOWS\System32\mhn.dll
20:19:54.0687 0x1220  MHN - ok
20:19:54.0703 0x1220  [ 7F2F1D2815A6449D346FCCCBC569FBD6 ] MHNDRV          C:\WINDOWS\system32\DRIVERS\mhndrv.sys
20:19:54.0703 0x1220  MHNDRV - ok
20:19:54.0750 0x1220  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
20:19:54.0750 0x1220  mnmdd - ok
20:19:54.0781 0x1220  [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
20:19:54.0781 0x1220  mnmsrvc - ok
20:19:54.0812 0x1220  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
20:19:54.0812 0x1220  Modem - ok
20:19:54.0921 0x1220  [ 11AAA0083D30F4677AD2B218EE7F5CE9 ] Motorola Device Manager C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
20:19:54.0921 0x1220  Motorola Device Manager - ok
20:19:54.0968 0x1220  [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
20:19:54.0968 0x1220  Mouclass - ok
20:19:54.0984 0x1220  [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
20:19:54.0984 0x1220  mouhid - ok
20:19:54.0984 0x1220  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
20:19:55.0000 0x1220  MountMgr - ok
20:19:55.0000 0x1220  mraid35x - ok
20:19:55.0015 0x1220  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
20:19:55.0015 0x1220  MRxDAV - ok
20:19:55.0062 0x1220  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
20:19:55.0078 0x1220  MRxSmb - ok
20:19:55.0125 0x1220  [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
20:19:55.0125 0x1220  MSDTC - ok
20:19:55.0125 0x1220  [ C941EA2454BA8350021D774DAF0F1027 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
20:19:55.0140 0x1220  Msfs - ok
20:19:55.0140 0x1220  MSIServer - ok
20:19:55.0171 0x1220  [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
20:19:55.0187 0x1220  MSKSSRV - ok
20:19:55.0187 0x1220  [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
20:19:55.0187 0x1220  MSPCLOCK - ok
20:19:55.0203 0x1220  [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
20:19:55.0218 0x1220  MSPQM - ok
20:19:55.0234 0x1220  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
20:19:55.0234 0x1220  mssmbios - ok
20:19:55.0265 0x1220  [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
20:19:55.0265 0x1220  MSTEE - ok
20:19:55.0296 0x1220  [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
20:19:55.0296 0x1220  Mup - ok
20:19:55.0328 0x1220  [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC        C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
20:19:55.0328 0x1220  NABTSFEC - ok
20:19:55.0359 0x1220  [ 0102140028FAD045756796E1C685D695 ] napagent        C:\WINDOWS\System32\qagentrt.dll
20:19:55.0375 0x1220  napagent - ok
20:19:55.0390 0x1220  [ 1DF7F42665C94B825322FAE71721130D ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
20:19:55.0390 0x1220  NDIS - ok
20:19:55.0421 0x1220  [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP          C:\WINDOWS\system32\DRIVERS\NdisIP.sys
20:19:55.0421 0x1220  NdisIP - ok
20:19:55.0468 0x1220  [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:19:55.0468 0x1220  NdisTapi - ok
20:19:55.0468 0x1220  [ F927A4434C5028758A842943EF1A3849 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
20:19:55.0468 0x1220  Ndisuio - ok
20:19:55.0484 0x1220  [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:19:55.0484 0x1220  NdisWan - ok
20:19:55.0531 0x1220  [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
20:19:55.0531 0x1220  NDProxy - ok
20:19:55.0546 0x1220  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
20:19:55.0546 0x1220  NetBIOS - ok
20:19:55.0562 0x1220  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
20:19:55.0562 0x1220  NetBT - ok
20:19:55.0609 0x1220  [ B857BA82860D7FF85AE29B095645563B ] NetDDE          C:\WINDOWS\system32\netdde.exe
20:19:55.0625 0x1220  NetDDE - ok
20:19:55.0625 0x1220  [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
20:19:55.0625 0x1220  NetDDEdsdm - ok
20:19:55.0671 0x1220  [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon        C:\WINDOWS\system32\lsass.exe
20:19:55.0671 0x1220  Netlogon - ok
20:19:55.0687 0x1220  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman          C:\WINDOWS\System32\netman.dll
20:19:55.0687 0x1220  Netman - ok
20:19:55.0703 0x1220  [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394         C:\WINDOWS\system32\DRIVERS\nic1394.sys
20:19:55.0718 0x1220  NIC1394 - ok
20:19:55.0765 0x1220  [ 943337D786A56729263071623BBB9DE5 ] Nla             C:\WINDOWS\System32\mswsock.dll
20:19:55.0765 0x1220  Nla - ok
20:19:55.0781 0x1220  [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
20:19:55.0781 0x1220  Npfs - ok
20:19:55.0828 0x1220  [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
20:19:55.0843 0x1220  Ntfs - ok
20:19:55.0843 0x1220  [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
20:19:55.0843 0x1220  NtLmSsp - ok
20:19:55.0875 0x1220  [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
20:19:55.0875 0x1220  NtmsSvc - ok
20:19:55.0921 0x1220  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\WINDOWS\system32\drivers\Null.sys
20:19:55.0921 0x1220  Null - ok
20:19:55.0953 0x1220  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
20:19:55.0953 0x1220  NwlnkFlt - ok
20:19:55.0968 0x1220  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
20:19:55.0968 0x1220  NwlnkFwd - ok
20:19:55.0984 0x1220  [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394        C:\WINDOWS\system32\DRIVERS\ohci1394.sys
20:19:55.0984 0x1220  ohci1394 - ok
20:19:56.0000 0x1220  [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys
20:19:56.0015 0x1220  Parport - ok
20:19:56.0015 0x1220  [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
20:19:56.0015 0x1220  PartMgr - ok
20:19:56.0046 0x1220  [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
20:19:56.0046 0x1220  ParVdm - ok
20:19:56.0062 0x1220  [ A219903CCF74233761D92BEF471A07B1 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
20:19:56.0062 0x1220  PCI - ok
20:19:56.0062 0x1220  PCIDump - ok
20:19:56.0078 0x1220  [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
20:19:56.0078 0x1220  PCIIde - ok
20:19:56.0093 0x1220  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
20:19:56.0093 0x1220  Pcmcia - ok
20:19:56.0140 0x1220  [ 5B6C11DE7E839C05248CED8825470FEF ] pcouffin        C:\WINDOWS\system32\Drivers\pcouffin.sys
20:19:56.0140 0x1220  pcouffin - ok
20:19:56.0140 0x1220  PDCOMP - ok
20:19:56.0140 0x1220  PDFRAME - ok
20:19:56.0156 0x1220  PDRELI - ok
20:19:56.0156 0x1220  PDRFRAME - ok
20:19:56.0171 0x1220  perc2 - ok
20:19:56.0171 0x1220  perc2hib - ok
20:19:56.0218 0x1220  [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay        C:\WINDOWS\system32\services.exe
20:19:56.0218 0x1220  PlugPlay - ok
20:19:56.0265 0x1220  [ 9D84376931440F3679BEEF2A414FA493 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.exe
20:19:56.0265 0x1220  Pml Driver HPZ12 - ok
20:19:56.0281 0x1220  [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
20:19:56.0281 0x1220  PolicyAgent - ok
20:19:56.0296 0x1220  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
20:19:56.0296 0x1220  PptpMiniport - ok
20:19:56.0312 0x1220  [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
20:19:56.0312 0x1220  ProtectedStorage - ok
20:19:56.0343 0x1220  [ BFFDB363485501A38F0BCA83AEC810DB ] Ps2             C:\WINDOWS\system32\DRIVERS\PS2.sys
20:19:56.0343 0x1220  Ps2 - ok
20:19:56.0359 0x1220  [ 09298EC810B07E5D582CB3A3F9255424 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
20:19:56.0359 0x1220  PSched - ok
20:19:56.0406 0x1220  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
20:19:56.0406 0x1220  Ptilink - ok
20:19:56.0453 0x1220  [ 7C81AE3C9B82BA2DA437ED4D31BC56CF ] PxHelp20        C:\WINDOWS\system32\Drivers\PxHelp20.sys
20:19:56.0453 0x1220  PxHelp20 - ok
20:19:56.0453 0x1220  ql1080 - ok
20:19:56.0468 0x1220  Ql10wnt - ok
20:19:56.0468 0x1220  ql12160 - ok
20:19:56.0484 0x1220  ql1240 - ok
20:19:56.0484 0x1220  ql1280 - ok
20:19:56.0515 0x1220  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:19:56.0515 0x1220  RasAcd - ok
20:19:56.0531 0x1220  [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
20:19:56.0531 0x1220  RasAuto - ok
20:19:56.0546 0x1220  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
20:19:56.0546 0x1220  Rasl2tp - ok
20:19:56.0562 0x1220  [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan          C:\WINDOWS\System32\rasmans.dll
20:19:56.0578 0x1220  RasMan - ok
20:19:56.0578 0x1220  [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:19:56.0578 0x1220  RasPppoe - ok
20:19:56.0625 0x1220  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
20:19:56.0625 0x1220  Raspti - ok
20:19:56.0640 0x1220  [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
20:19:56.0640 0x1220  Rdbss - ok
20:19:56.0656 0x1220  [ 4912D5B403614CE99C28420F75353332 ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
20:19:56.0656 0x1220  RDPCDD - ok
20:19:56.0671 0x1220  [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys
20:19:56.0671 0x1220  rdpdr - ok
20:19:56.0718 0x1220  [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
20:19:56.0718 0x1220  RDPWD - ok
20:19:56.0750 0x1220  [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
20:19:56.0750 0x1220  RDSessMgr - ok
20:19:56.0765 0x1220  [ F828DD7E1419B6653894A8F97A0094C5 ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
20:19:56.0765 0x1220  redbook - ok
20:19:56.0937 0x1220  [ 946CAC3D3ECD8949A2784FA4765FCC4D ] ReimageRealTimeProtection C:\Program Files\Reimage\Reimage Repair\ReiGuard.exe
20:19:57.0031 0x1220  ReimageRealTimeProtection - ok
20:19:57.0078 0x1220  [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
20:19:57.0093 0x1220  RemoteAccess - ok
20:19:57.0125 0x1220  [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
20:19:57.0125 0x1220  RemoteRegistry - ok
20:19:57.0140 0x1220  [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator      C:\WINDOWS\system32\locator.exe
20:19:57.0140 0x1220  RpcLocator - ok
20:19:57.0156 0x1220  [ 6B27A5C03DFB94B4245739065431322C ] RpcSs           C:\WINDOWS\system32\rpcss.dll
20:19:57.0171 0x1220  RpcSs - ok
20:19:57.0218 0x1220  [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP            C:\WINDOWS\system32\rsvp.exe
20:19:57.0218 0x1220  RSVP - ok
20:19:57.0250 0x1220  [ D507C1400284176573224903819FFDA3 ] rtl8139         C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
20:19:57.0265 0x1220  rtl8139 - ok
20:19:57.0281 0x1220  [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs           C:\WINDOWS\system32\lsass.exe
20:19:57.0281 0x1220  SamSs - ok
20:19:57.0296 0x1220  [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
20:19:57.0296 0x1220  SCardSvr - ok
20:19:57.0343 0x1220  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule        C:\WINDOWS\system32\schedsvc.dll
20:19:57.0359 0x1220  Schedule - ok
20:19:57.0406 0x1220  [ CC781378E7EDA615D2CDCA3B17829FA4 ] SeaPort         C:\Program Files\Microsoft\BingBar\SeaPort.EXE
20:19:57.0406 0x1220  SeaPort - ok
20:19:57.0453 0x1220  [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
20:19:57.0453 0x1220  Secdrv - ok
20:19:57.0468 0x1220  [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon        C:\WINDOWS\System32\seclogon.dll
20:19:57.0468 0x1220  seclogon - ok
20:19:57.0484 0x1220  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS            C:\WINDOWS\system32\sens.dll
20:19:57.0484 0x1220  SENS - ok
20:19:57.0500 0x1220  [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial          C:\WINDOWS\system32\drivers\Serial.sys
20:19:57.0500 0x1220  Serial - ok
20:19:57.0515 0x1220  [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
20:19:57.0515 0x1220  Sfloppy - ok
20:19:57.0562 0x1220  [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
20:19:57.0578 0x1220  SharedAccess - ok
20:19:57.0593 0x1220  [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
20:19:57.0593 0x1220  ShellHWDetection - ok
20:19:57.0593 0x1220  Simbad - ok
20:19:57.0625 0x1220  [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP            C:\WINDOWS\system32\DRIVERS\SLIP.sys
20:19:57.0625 0x1220  SLIP - ok
20:19:57.0625 0x1220  Sparrow - ok
20:19:57.0656 0x1220  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
20:19:57.0656 0x1220  splitter - ok
20:19:57.0703 0x1220  [ 60784F891563FB1B767F70117FC2428F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
20:19:57.0703 0x1220  Spooler - ok
20:19:57.0718 0x1220  [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
20:19:57.0718 0x1220  sr - ok
20:19:57.0765 0x1220  [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice       C:\WINDOWS\system32\srsvc.dll
20:19:57.0781 0x1220  srservice - ok
20:19:57.0812 0x1220  [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
20:19:57.0812 0x1220  Srv - ok
20:19:57.0843 0x1220  [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
20:19:57.0843 0x1220  SSDPSRV - ok
20:19:57.0859 0x1220  [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
20:19:57.0875 0x1220  stisvc - ok
20:19:57.0906 0x1220  [ 77813007BA6265C4B6098187E6ED79D2 ] streamip        C:\WINDOWS\system32\DRIVERS\StreamIP.sys
20:19:57.0906 0x1220  streamip - ok
20:19:57.0921 0x1220  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
20:19:57.0921 0x1220  swenum - ok
20:19:57.0937 0x1220  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
20:19:57.0937 0x1220  swmidi - ok
20:19:57.0937 0x1220  SwPrv - ok
20:19:57.0953 0x1220  symc810 - ok
20:19:57.0968 0x1220  symc8xx - ok
20:19:57.0968 0x1220  sym_hi - ok
20:19:57.0968 0x1220  sym_u3 - ok
20:19:58.0000 0x1220  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
20:19:58.0000 0x1220  sysaudio - ok
20:19:58.0015 0x1220  [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
20:19:58.0031 0x1220  SysmonLog - ok
20:19:58.0031 0x1220  [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
20:19:58.0046 0x1220  TapiSrv - ok
20:19:58.0093 0x1220  [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
20:19:58.0093 0x1220  Tcpip - ok
20:19:58.0125 0x1220  [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
20:19:58.0125 0x1220  TDPIPE - ok
20:19:58.0125 0x1220  [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
20:19:58.0140 0x1220  TDTCP - ok
20:19:58.0156 0x1220  [ 88155247177638048422893737429D9E ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
20:19:58.0156 0x1220  TermDD - ok
20:19:58.0187 0x1220  [ FF3477C03BE7201C294C35F684B3479F ] TermService     C:\WINDOWS\System32\termsrv.dll
20:19:58.0187 0x1220  TermService - ok
20:19:58.0203 0x1220  [ 99BC0B50F511924348BE19C7C7313BBF ] Themes          C:\WINDOWS\System32\shsvcs.dll
20:19:58.0203 0x1220  Themes - ok
20:19:58.0250 0x1220  [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr         C:\WINDOWS\system32\tlntsvr.exe
20:19:58.0265 0x1220  TlntSvr - ok
20:19:58.0265 0x1220  TosIde - ok
20:19:58.0281 0x1220  [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks          C:\WINDOWS\system32\trkwks.dll
20:19:58.0296 0x1220  TrkWks - ok
20:19:58.0328 0x1220  [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
20:19:58.0328 0x1220  Udfs - ok
20:19:58.0328 0x1220  ultra - ok
20:19:58.0343 0x1220  [ 1977313E362C8732C1AF4D1BCB9C06B7 ] UMWdf           C:\WINDOWS\system32\wdfmgr.exe
20:19:58.0359 0x1220  UMWdf - ok
20:19:58.0390 0x1220  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
20:19:58.0390 0x1220  Update - ok
20:19:58.0406 0x1220  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost        C:\WINDOWS\System32\upnphost.dll
20:19:58.0421 0x1220  upnphost - ok
20:19:58.0421 0x1220  [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS             C:\WINDOWS\System32\ups.exe
20:19:58.0421 0x1220  UPS - ok
20:19:58.0468 0x1220  [ 6E421CCC57059B0186C6259CA3B6DFC9 ] USBAAPL         C:\WINDOWS\system32\Drivers\usbaapl.sys
20:19:58.0468 0x1220  USBAAPL - ok
20:19:58.0500 0x1220  [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
20:19:58.0500 0x1220  usbccgp - ok
20:19:58.0515 0x1220  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
20:19:58.0515 0x1220  usbehci - ok
20:19:58.0562 0x1220  [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
20:19:58.0562 0x1220  usbhub - ok
20:19:58.0578 0x1220  [ A717C8721046828520C9EDF31288FC00 ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys
20:19:58.0593 0x1220  usbprint - ok
20:19:58.0593 0x1220  [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
20:19:58.0593 0x1220  usbscan - ok
20:19:58.0593 0x1220  [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
20:19:58.0609 0x1220  USBSTOR - ok
20:19:58.0625 0x1220  [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
20:19:58.0625 0x1220  usbuhci - ok
20:19:58.0640 0x1220  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
20:19:58.0640 0x1220  VgaSave - ok
20:19:58.0671 0x1220  [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde          C:\WINDOWS\system32\DRIVERS\viaide.sys
20:19:58.0671 0x1220  ViaIde - ok
20:19:58.0687 0x1220  [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
20:19:58.0703 0x1220  VolSnap - ok
20:19:58.0734 0x1220  [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS             C:\WINDOWS\System32\vssvc.exe
20:19:58.0734 0x1220  VSS - ok
20:19:58.0734 0x1220  vToolbarUpdater13.2.0 - ok
20:19:58.0750 0x1220  vToolbarUpdater15.4.0 - ok
20:19:58.0781 0x1220  [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time         C:\WINDOWS\system32\w32time.dll
20:19:58.0781 0x1220  W32Time - ok
20:19:58.0796 0x1220  [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:19:58.0796 0x1220  Wanarp - ok
20:19:58.0859 0x1220  [ FD47474BD21794508AF449D9D91AF6E6 ] Wdf01000        C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
20:19:58.0859 0x1220  Wdf01000 - ok
20:19:58.0875 0x1220  WDICA - ok
20:19:58.0906 0x1220  [ 6768ACF64B18196494413695F0C3A00F ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
20:19:58.0921 0x1220  wdmaud - ok
20:19:58.0921 0x1220  [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient       C:\WINDOWS\System32\webclnt.dll
20:19:58.0937 0x1220  WebClient - ok
20:19:59.0000 0x1220  [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
20:19:59.0015 0x1220  winmgmt - ok
20:19:59.0093 0x1220  [ 5144AE67D60EC653F97DDF3FEED29E77 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:19:59.0140 0x1220  wlidsvc - ok
20:19:59.0187 0x1220  [ 6EAA72FD9EF993EC1FA9A06DE65105DA ] WmdmPmSN        C:\WINDOWS\system32\mspmsnsv.dll
20:19:59.0187 0x1220  WmdmPmSN - ok
20:19:59.0218 0x1220  [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi             C:\WINDOWS\System32\advapi32.dll
20:19:59.0218 0x1220  Wmi - ok
20:19:59.0265 0x1220  [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
20:19:59.0265 0x1220  WmiApSrv - ok
20:19:59.0312 0x1220  [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
20:19:59.0312 0x1220  wscsvc - ok
20:19:59.0343 0x1220  [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC        C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
20:19:59.0359 0x1220  WSTCODEC - ok
20:19:59.0390 0x1220  [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
20:19:59.0390 0x1220  wuauserv - ok
20:19:59.0453 0x1220  [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
20:19:59.0468 0x1220  WZCSVC - ok
20:19:59.0484 0x1220  [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
20:19:59.0484 0x1220  xmlprov - ok
20:19:59.0500 0x1220  ================ Scan global ===============================
20:19:59.0546 0x1220  [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
20:19:59.0578 0x1220  [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
20:19:59.0593 0x1220  [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
20:19:59.0609 0x1220  [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
20:19:59.0609 0x1220  [Global] - ok
20:19:59.0609 0x1220  ================ Scan MBR ==================================
20:19:59.0640 0x1220  [ BAD0263FBE81B49F5F07B32DC9D198B3 ] \Device\Harddisk0\DR0
20:19:59.0875 0x1220  \Device\Harddisk0\DR0 - ok
20:19:59.0875 0x1220  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
20:19:59.0953 0x1220  \Device\Harddisk1\DR1 - ok
20:19:59.0968 0x1220  [ 65E858A8A0293BE11A920B0BC99D695E ] \Device\Harddisk6\DR9
20:20:00.0687 0x1220  \Device\Harddisk6\DR9 - ok
20:20:00.0687 0x1220  ================ Scan VBR ==================================
20:20:00.0687 0x1220  [ C25EBBA38ED34F44C6A3071B1BBEBFBD ] \Device\Harddisk0\DR0\Partition1
20:20:00.0687 0x1220  \Device\Harddisk0\DR0\Partition1 - ok
20:20:00.0703 0x1220  [ D9E477871FB3577E8C1C85CC21DC1772 ] \Device\Harddisk0\DR0\Partition2
20:20:00.0703 0x1220  \Device\Harddisk0\DR0\Partition2 - ok
20:20:00.0703 0x1220  [ 88FFF0ADBE68103EB375C60096FA5029 ] \Device\Harddisk6\DR9\Partition1
20:20:00.0703 0x1220  \Device\Harddisk6\DR9\Partition1 - ok
20:20:00.0703 0x1220  ============================================================
20:20:00.0703 0x1220  Scan finished
20:20:00.0703 0x1220  ============================================================
20:20:00.0718 0x1214  Detected object count: 0
20:20:00.0718 0x1214  Actual detected object count: 0
20:20:02.0843 0x1088  Deinitialize success


ADW

# AdwCleaner v2.306 - Logfile created 08/17/2013 at 20:06:43
# Updated 19/07/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : HP_Administrator - KEVINS-DESKTOP
# Boot Mode : Normal
# Running from : I:\Virus\adwcleaner(1).exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

-\\ Mozilla Firefox v [Unable to get version]

File : C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rh64qvj5.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v28.0.1500.95

File : C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************



AdwCleaner[R1].txt - [3409 octets] - [17/08/2013 15:53:47]
AdwCleaner[R2].txt - [3531 octets] - [17/08/2013 16:22:21]
AdwCleaner[R3].txt - [1388 octets] - [17/08/2013 20:06:12]
AdwCleaner[S1].txt - [17664 octets] - [12/08/2013 23:07:57]
AdwCleaner[S2].txt - [319 octets] - [17/08/2013 15:54:37]
AdwCleaner[S3].txt - [2089 octets] - [17/08/2013 16:22:45]
AdwCleaner[S4].txt - [1397 octets] - [17/08/2013 18:25:29]
AdwCleaner[S5].txt - [1319 octets] - [17/08/2013 20:06:43]

########## EOF - C:\AdwCleaner[S5].txt - [1379 octets] ##########


Eset

C:\Documents and Settings\HP_Administrator\Local Settings\Temp\ApnStub.exe    a variant of Win32/Bundled.Toolbar.Ask application    cleaned by deleting - quarantined
C:\Documents and Settings\HP_Administrator\Local Settings\Temp\BabylonMngr.xpi    Win32/bProtector.C application    deleted - quarantined
C:\Documents and Settings\HP_Administrator\Local Settings\Temp\ICReinstall_mozilla-firefox-toDownload[1].exe    a variant of Win32/InstallCore.AG application    cleaned by deleting - quarantined
C:\Documents and Settings\HP_Administrator\Local Settings\Temp\7A6D9F1D-BAB0-7891-BC6E-619FF23086DE\BExternal.dll    a variant of Win32/Toolbar.Babylon.F application    cleaned by deleting - quarantined
C:\Documents and Settings\HP_Administrator\Local Settings\Temp\7A6D9F1D-BAB0-7891-BC6E-619FF23086DE\IECookieLow.dll    a variant of Win32/Toolbar.Babylon.E application    cleaned by deleting - quarantined
C:\Documents and Settings\HP_Administrator\Local Settings\Temp\7A6D9F1D-BAB0-7891-BC6E-619FF23086DE\Setup.exe    a variant of Win32/Toolbar.Babylon.H application    cleaned by deleting - quarantined
C:\Documents and Settings\HP_Administrator\Local Settings\Temp\7A6D9F1D-BAB0-7891-BC6E-619FF23086DE\Latest\BExternal.dll    a variant of Win32/Toolbar.Babylon.F application    cleaned by deleting - quarantined
C:\Documents and Settings\HP_Administrator\Local Settings\Temp\7A6D9F1D-BAB0-7891-BC6E-619FF23086DE\Latest\IECookieLow.dll    a variant of Win32/Toolbar.Babylon.E application    cleaned by deleting - quarantined
C:\Documents and Settings\HP_Administrator\Local Settings\Temp\7A6D9F1D-BAB0-7891-BC6E-619FF23086DE\Latest\MyBabylonTB.exe    probably a variant of Win32/Toolbar.Babylon application    cleaned by deleting - quarantined
C:\Documents and Settings\HP_Administrator\Local Settings\Temp\7A6D9F1D-BAB0-7891-BC6E-619FF23086DE\Latest\Setup.exe    a variant of Win32/Toolbar.Babylon.H application    cleaned by deleting - quarantined
 


Edited by boomstick70, 18 August 2013 - 06:59 AM.


#4 boomstick70

boomstick70
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:02:57 AM

Posted 18 August 2013 - 06:41 AM

Sere are the Eset results:

 

C:\Documents and Settings\HP_Administrator\Local Settings\Temp\ApnStub.exe    a variant of Win32/Bundled.Toolbar.Ask application    cleaned by deleting - quarantined
C:\Documents and Settings\HP_Administrator\Local Settings\Temp\BabylonMngr.xpi    Win32/bProtector.C application    deleted - quarantined
C:\Documents and Settings\HP_Administrator\Local Settings\Temp\ICReinstall_mozilla-firefox-toDownload[1].exe    a variant of Win32/InstallCore.AG application    cleaned by deleting - quarantined
C:\Documents and Settings\HP_Administrator\Local Settings\Temp\7A6D9F1D-BAB0-7891-BC6E-619FF23086DE\BExternal.dll    a variant of Win32/Toolbar.Babylon.F application    cleaned by deleting - quarantined
C:\Documents and Settings\HP_Administrator\Local Settings\Temp\7A6D9F1D-BAB0-7891-BC6E-619FF23086DE\IECookieLow.dll    a variant of Win32/Toolbar.Babylon.E application    cleaned by deleting - quarantined
C:\Documents and Settings\HP_Administrator\Local Settings\Temp\7A6D9F1D-BAB0-7891-BC6E-619FF23086DE\Setup.exe    a variant of Win32/Toolbar.Babylon.H application    cleaned by deleting - quarantined
C:\Documents and Settings\HP_Administrator\Local Settings\Temp\7A6D9F1D-BAB0-7891-BC6E-619FF23086DE\Latest\BExternal.dll    a variant of Win32/Toolbar.Babylon.F application    cleaned by deleting - quarantined
C:\Documents and Settings\HP_Administrator\Local Settings\Temp\7A6D9F1D-BAB0-7891-BC6E-619FF23086DE\Latest\IECookieLow.dll    a variant of Win32/Toolbar.Babylon.E application    cleaned by deleting - quarantined
C:\Documents and Settings\HP_Administrator\Local Settings\Temp\7A6D9F1D-BAB0-7891-BC6E-619FF23086DE\Latest\MyBabylonTB.exe    probably a variant of Win32/Toolbar.Babylon application    cleaned by deleting - quarantined
C:\Documents and Settings\HP_Administrator\Local Settings\Temp\7A6D9F1D-BAB0-7891-BC6E-619FF23086DE\Latest\Setup.exe    a variant of Win32/Toolbar.Babylon.H application    cleaned by deleting - quarantined
 



#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,078 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:57 AM

Posted 19 August 2013 - 08:29 AM

Ok, things should be a lot better now.

In Control Panel, uninstall these...
Adobe Reader X (10.1.7) (Version: 10.1.7)
Java 7 Update 17 (Version: 7.0.170)
Java™ 6 Update 37 (Version: 6.0.370)

Reboot.

Empty your temp folders using TFC (Temporary File Cleaner)
  • Please download TFC by Old Timer and save it to your desktop.
    alternate download link
  • Save any unsaved work. (TFC will close ALL open programs including your browser!)
  • Double-click on TFC.exe to run it. (If you are using Vista, right-click on the file and choose "Run As Administrator".)
  • Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
  • Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway allowing Windows to load normally (not into Safe Mode) to ensure a complete clean.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 boomstick70

boomstick70
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:02:57 AM

Posted 22 August 2013 - 11:12 AM

I had quite a bit of trouble uninstalling Java, but it looks like everything is OK now.



#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,078 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:57 AM

Posted 22 August 2013 - 12:38 PM

OK, Now to install the latest versions go here.
Adobe reader XI
 
Java Version 7 Update 25  .. Install the Windows Offline (32-bit)
 
Note UN Check Or look for any NO options to install extra Toolbars etc..
 
Example:
 
Google_banner_225x66.png


Yes, install Chrome as my default browser and Google Toolbar for Internet Explorer – optional. (32.11 MB) Install Options
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 boomstick70

boomstick70
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:02:57 AM

Posted 23 August 2013 - 11:13 AM

Everything is installed and it looks good.  Malwarebytes keeps blocking a malicious site though.



#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,078 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:57 AM

Posted 23 August 2013 - 01:02 PM

Can you post what it is blocking?

Is it the paid version of MBAM?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 boomstick70

boomstick70
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:02:57 AM

Posted 23 August 2013 - 08:02 PM

Yes it is the paid Pro version.  Would I find the blocked site in the logs?

 

Thanks



#11 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,078 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:57 AM

Posted 23 August 2013 - 09:07 PM

open Malwarebytes Anti-Malware and once open, there will be a series of tabs, labeled in order:

Scanner | Protection | Update | Quarantine | Logs | Ignore list | Settings | More Tools | About


Click the 'Ignore list' tab. Lets see if its there.

Also what browser are you using?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#12 boomstick70

boomstick70
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:02:57 AM

Posted 27 August 2013 - 07:51 AM

The ignore tab is empty.  I mostly use IE, and rarly Firefox and Chrome.



#13 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,078 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:57 AM

Posted 27 August 2013 - 07:54 PM

Does it still block it and if so can you write it down??
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#14 boomstick70

boomstick70
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:02:57 AM

Posted 29 August 2013 - 09:49 AM

No, I have not seen it come up lately.

 

Thanks



#15 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,078 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:57 AM

Posted 29 August 2013 - 01:40 PM

I think you are good to go.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users