Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Slow Interest, freezing up


  • Please log in to reply
11 replies to this topic

#1 Shawnee2

Shawnee2

  • Members
  • 56 posts
  • OFFLINE
  •  
  • Local time:10:04 AM

Posted 11 September 2013 - 03:26 PM

I have recently started having issue with my Intenet being extremely slow and sometime just locking up.  Ran Malwarebytes and Spybot and both found several items that I deleted.  This did not seem to help any.  CPU seems to be running at 100%.  I am running XP on laptop.  Also when I try to open a link in Outlook express it freezes up to system.

 

What do I need to do to fix this?  thanks for your help



BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,716 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:08:04 AM

Posted 12 September 2013 - 08:26 PM

Same computer?

http://www.bleepingcomputer.com/forums/t/501368/slow-internet-or-non-responsive/


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#3 Shawnee2

Shawnee2
  • Topic Starter

  • Members
  • 56 posts
  • OFFLINE
  •  
  • Local time:10:04 AM

Posted 13 September 2013 - 10:59 AM

Yes, did not see the reponse to the first request for help.  It seemd to get a liitle better but has gottne much worse now.  I have attached the first two requests and will post the other two once scans are completed.  Thanks

 

MiniToolBox by Farbar  Version: 13-07-2013
Ran by JD (administrator) on 13-09-2013 at 11:45:32
Running from "C:\Documents and Settings\JD\Desktop"
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

 

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com

There are 15433 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

Intel® PRO/Wireless 2200BG Network Connection = Wireless Network Connection (Connected)
1394 Net Adapter = 1394 Connection (Connected)
Intel® PRO/100 VE Network Connection = Local Area Connection (Media disconnected)

# ----------------------------------
# Interface IP Configuration        
# ----------------------------------
pushd interface ip

# Interface IP Configuration for "Wireless Network Connection"

set address name="Wireless Network Connection" source=dhcp
set dns name="Wireless Network Connection" source=dhcp register=PRIMARY
set wins name="Wireless Network Connection" source=dhcp

# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp

# Interface IP Configuration for "Network Connect Adapter"

set address name="Network Connect Adapter" source=dhcp
set dns name="Network Connect Adapter" source=dhcp register=PRIMARY
set wins name="Network Connect Adapter" source=dhcp

popd
# End of interface IP configuration

 

Windows IP Configuration

 

        Host Name . . . . . . . . . . . . : 078A6A7107074FC

        Primary Dns Suffix  . . . . . . . :

        Node Type . . . . . . . . . . . . : Unknown

        IP Routing Enabled. . . . . . . . : No

        WINS Proxy Enabled. . . . . . . . : No

        DNS Suffix Search List. . . . . . : carolina.rr.com

 

Ethernet adapter Wireless Network Connection:

 

        Connection-specific DNS Suffix  . : carolina.rr.com

        Description . . . . . . . . . . . : Intel® PRO/Wireless 2200BG Network Connection

        Physical Address. . . . . . . . . : 00-16-6F-82-BB-FB

        Dhcp Enabled. . . . . . . . . . . : Yes

        Autoconfiguration Enabled . . . . : Yes

        IP Address. . . . . . . . . . . . : 192.168.1.110

        Subnet Mask . . . . . . . . . . . : 255.255.255.0

        Default Gateway . . . . . . . . . : 192.168.1.1

        DHCP Server . . . . . . . . . . . : 192.168.1.1

        DNS Servers . . . . . . . . . . . : 209.18.47.61

                                            209.18.47.62

                                            192.168.1.1

        Lease Obtained. . . . . . . . . . : Friday, September 13, 2013 11:20:45 AM

        Lease Expires . . . . . . . . . . : Saturday, September 14, 2013 11:20:45 AM

 

Ethernet adapter Local Area Connection:

 

        Media State . . . . . . . . . . . : Media disconnected

        Description . . . . . . . . . . . : Intel® PRO/100 VE Network Connection

        Physical Address. . . . . . . . . : 00-13-A9-2F-37-CE

 

Ethernet adapter Network Connect Adapter:

 

        Media State . . . . . . . . . . . : Media disconnected

        Description . . . . . . . . . . . : Juniper Network Connect Virtual Adapter

        Physical Address. . . . . . . . . : 00-FF-28-44-CE-86

Server:  dns-cac-lb-01.rr.com
Address:  209.18.47.61

Name:    google.com
Addresses:  74.125.228.32, 74.125.228.33, 74.125.228.34, 74.125.228.35
   74.125.228.36, 74.125.228.37, 74.125.228.38, 74.125.228.39, 74.125.228.40
   74.125.228.41, 74.125.228.46

 

Pinging google.com [74.125.228.101] with 32 bytes of data:

 

Reply from 74.125.228.101: bytes=32 time=30ms TTL=54

Reply from 74.125.228.101: bytes=32 time=31ms TTL=54

 

Ping statistics for 74.125.228.101:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 30ms, Maximum = 31ms, Average = 30ms

Server:  dns-cac-lb-01.rr.com
Address:  209.18.47.61

Name:    yahoo.com
Addresses:  98.138.253.109, 98.139.183.24, 206.190.36.45

 

Pinging yahoo.com [98.139.183.24] with 32 bytes of data:

 

Reply from 98.139.183.24: bytes=32 time=55ms TTL=49

Reply from 98.139.183.24: bytes=32 time=169ms TTL=49

 

Ping statistics for 98.139.183.24:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 55ms, Maximum = 169ms, Average = 112ms

 

Pinging 127.0.0.1 with 32 bytes of data:

 

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

 

Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 16 6f 82 bb fb ...... Intel® PRO/Wireless 2200BG Network Connection - Packet Scheduler Miniport
0x3 ...00 13 a9 2f 37 ce ...... Intel® PRO/100 VE Network Connection - Packet Scheduler Miniport
0x10005 ...00 ff 28 44 ce 86 ...... Juniper Network Connect Virtual Adapter - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1   192.168.1.110   25
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1   1
      169.254.0.0      255.255.0.0    192.168.1.110   192.168.1.110   20
      192.168.1.0    255.255.255.0    192.168.1.110   192.168.1.110   25
    192.168.1.110  255.255.255.255        127.0.0.1       127.0.0.1   25
    192.168.1.255  255.255.255.255    192.168.1.110   192.168.1.110   25
        224.0.0.0        240.0.0.0    192.168.1.110   192.168.1.110   25
  255.255.255.255  255.255.255.255    192.168.1.110   192.168.1.110   1
  255.255.255.255  255.255.255.255    192.168.1.110               3   1
  255.255.255.255  255.255.255.255    192.168.1.110           10005   1
Default Gateway:       192.168.1.1
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\system32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/12/2013 04:55:25 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3468

Error: (09/12/2013 04:55:25 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3468

Error: (09/12/2013 04:55:25 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/12/2013 01:04:32 PM) (Source: Application Error) (User: )
Description: Faulting application tuneuputilitiesapp32.exe, version 12.0.4000.108, faulting module tuneuputilitiesapp32.exe, version 12.0.4000.108, fault address 0x00025df2.
Processing media-specific event for [tuneuputilitiesapp32.exe!ws!]

Error: (09/12/2013 00:48:35 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2906391

Error: (09/12/2013 00:48:35 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2906391

Error: (09/12/2013 00:48:35 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/12/2013 00:00:14 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5141

Error: (09/12/2013 00:00:14 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5141

Error: (09/12/2013 00:00:14 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

System errors:
=============
Error: (09/13/2013 11:22:03 AM) (Source: Service Control Manager) (User: )
Description: The Spybot-S&D 2 Security Center Service service failed to start due to the following error:
%%1053

Error: (09/13/2013 11:22:03 AM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for the Spybot-S&D 2 Security Center Service service to connect.

Error: (09/13/2013 11:22:03 AM) (Source: Service Control Manager) (User: )
Description: The Spybot-S&D 2 Updating Service service depends on the Secondary Logon service which failed to start because of the following error:
%%1058

Error: (09/13/2013 11:22:03 AM) (Source: Service Control Manager) (User: )
Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error:
%%1053

Error: (09/13/2013 11:22:03 AM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for the Spybot-S&D 2 Scanner Service service to connect.

Error: (09/13/2013 11:22:03 AM) (Source: Service Control Manager) (User: )
Description: The Help and Support service terminated with the following error:
%%126

Error: (09/13/2013 10:35:06 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (09/13/2013 10:25:49 AM) (Source: 0) (User: )
Description: \Device\Ide\IdePort0

Error: (09/13/2013 10:25:06 AM) (Source: 0) (User: )
Description: \Device\Ide\IdePort0

Error: (09/13/2013 10:24:23 AM) (Source: 0) (User: )
Description: \Device\Ide\IdePort0

Microsoft Office Sessions:
=========================
Error: (09/12/2013 04:55:25 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3468

Error: (09/12/2013 04:55:25 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3468

Error: (09/12/2013 04:55:25 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/12/2013 01:04:32 PM) (Source: Application Error)(User: )
Description: tuneuputilitiesapp32.exe12.0.4000.108tuneuputilitiesapp32.exe12.0.4000.10800025df2

Error: (09/12/2013 00:48:35 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2906391

Error: (09/12/2013 00:48:35 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2906391

Error: (09/12/2013 00:48:35 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/12/2013 00:00:14 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5141

Error: (09/12/2013 00:00:14 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5141

Error: (09/12/2013 00:00:14 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

=========================== Installed Programs ============================

Adobe Acrobat XI Pro (Version: 11.0.03)
Adobe AIR (Version: 3.8.0.870)
Adobe Download Assistant (Version: 1.2.6)
Adobe Flash Player 11 ActiveX (Version: 11.8.800.94)
Adobe Photoshop Elements 11 (Version: 11.0)
Adobe Premiere Elements 11 (Version: 11.0)
Adobe Reader X (10.1.7) (Version: 10.1.7)
ALDLView v0.0-1
Apple Application Support (Version: 2.3.3)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (Version: 2.1.3.127)
AVG 2013 (Version: 13.0.3222)
AVG 2013 (Version: 13.0.3408)
AVG 2013 (Version: 2013.0.3408)
AVG PC TuneUp (Version: 12.0.4000.108)
AVG PC TuneUp Language Pack (en-US) (Version: 12.0.4000.108)
AVG Security Toolbar (Version: 15.5.0.2)
Bonjour (Version: 3.0.0.10)
CCleaner (Version: 4.05)
Click to DVD 2.0.03 Menu Data (Version: 2.0.03)
Click to DVD 2.5.20 (Version: 2.5.20)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Cricut ™ Driver v2.01 (Version: 2.01)
Cricut Craft Room® (Version: 1.0.179)
Cricut Craft Room® (Version: v1.0 build-179)
DVgate Plus
Elements 11 Organizer (Version: 11.0)
Google Update Helper (Version: 1.3.21.135)
GPL Ghostscript 8.71
HDAUDIO SoftV92 Data Fax Modem with SmartCP
HP Deskjet 3050A J611 series Basic Device Software (Version: 28.0.1315.0)
HP Deskjet 3050A J611 series Help (Version: 140.0.2.2)
HP Deskjet 3050A J611 series Product Improvement Study (Version: 28.0.1315.0)
HP Update (Version: 5.003.003.001)
HPDiagnosticCoreDll (Version: 1.0.3.0)
Image Converter 2 Plus (Version: 2.2.04)
Intel® Graphics Media Accelerator Driver for Mobile (Version: 6.14.10.4363)
Intel® PRO Network Connections Drivers
Intel® PROSet/Wireless Software
InterVideo WinDVD for VAIO (Version: 5.0-B11.739)
ISScript (Version: 3.00.185)
iTunes (Version: 11.0.2.26)
J2SE Runtime Environment 5.0 Update 6 (Version: 1.5.0.60)
Java 7 Update 25 (Version: 7.0.250)
Java Auto Updater (Version: 2.1.9.5)
Juniper Networks Network Connect 7.1.0 (Version: 7.1.0.18193)
Juniper Networks, Inc. Setup Client (Version: 7.1.2.10059)
LAN-Express AS IEEE 802.11 Wireless LAN
Macromedia Flash Player 8 (Version: 8.0.22.0)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
mCore (Version: 1.40.0000)
mDriver (Version: 1.40.0000)
Memory Stick Formatter
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB2833941)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Data Access Components KB870669
Microsoft Download Manager (Version: 1.2.1)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0)
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Professional Edition 2003 (Version: 11.0.8173.0)
Microsoft Office Word Viewer 2003 (Version: 11.0.8173.0)
Microsoft SQL Server Desktop Engine (VAIO_VEDB) (Version: 8.00.761)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
mMHouse (Version: 1.40.0000)
mPfMgr (Version: 1.40.0000)
mProSafe (Version: 9.00.0000)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 6.0 Parser (Version: 6.00.3883.8)
mWlsSafe (Version: 9.00.0000)
mXML (Version: 1.40.0000)
Office 2003 Trial Assistant (Version: 1.0.0)
OpenMG Secure Module 4.4.00 (Version: 4.4.00.11241)
PRE11 STI Installer (Version: 11.0)
PSE11 STI Installer (Version: 11.0)
Realtek High Definition Audio Driver (Version: 1.92)
Recuva (Version: 1.42)
Roxio DigitalMedia Audio (Version: 2.0.4)
Roxio DigitalMedia Copy (Version: 2.0.4)
Roxio DigitalMedia Data (Version: 2.0.4)
Setting Utility Series
Sony Certificate PCH
Sony MP4 Shared Library (Version: 2.0)
Sony Utilities DLL
Spybot - Search & Destroy (Version: 2.1.20)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Windows Internet Explorer 8 (KB2598845) (Version: 1)
Update for Windows Internet Explorer 8 (KB2632503) (Version: 1)
Update for Windows Internet Explorer 8 (KB976662) (Version: 1)
VAIO Breeze Wallpaper
VAIO Central (Version: 1.1.02.071205)
VAIO Entertainment Platform (Version: 1.3.30.11290)
VAIO Event Service (Version: 2.2.00.06130)
VAIO Light Flo Wallpaper
VAIO Media 5.0 (Version: 5.0.10)
VAIO Media AC3 Decoder 1.0
VAIO Media Integrated Server 5.0
VAIO Media Redistribution 5.0 (Version: 5.0.10)
VAIO Original Screen Saver
VAIO Original Screen Saver VAIO Cozy Screen SD Wide Contents
VAIO Power Management (Version: 1.7.01.10190)
VAIO Registration (Version: 16.1.0)
VAIO Security Center (Version: 2.01.0222)
VAIO Support Central (Version: 1.1.0.051121)
VAIO Update 2
VAIO Wireless LAN Setup Utility
VAIOSurveySA (Version: 4.02)
WebFldrs XP (Version: 9.50.7523)
WinALDL
Windows Backup Utility (Version: 5.1)
Windows Media Format 11 runtime
Windows Media Player 11

========================= Memory info: ===================================

Percentage of memory in use: 50%
Total physical RAM: 1014.42 MB
Available physical RAM: 497.55 MB
Total Pagefile: 2441.27 MB
Available Pagefile: 1575.27 MB
Total Virtual: 2047.88 MB
Available Virtual: 1974.39 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:68.52 GB) (Free:47.23 GB) NTFS

========================= Users: ========================================

User accounts for \\078A6A7107074FC

Administrator            ASPNET                   Guest                   
HelpAssistant            JD                       SUPPORT_388945a0        

**** End of log ****

 

 

11:53:36.0500 0x10bc  TDSS rootkit removing tool 2.9.2.0 Aug 15 2013 16:44:29
11:53:37.0921 0x10bc  ============================================================
11:53:37.0921 0x10bc  Current date / time: 2013/09/13 11:53:37.0921
11:53:37.0921 0x10bc  SystemInfo:
11:53:37.0921 0x10bc 
11:53:37.0921 0x10bc  OS Version: 5.1.2600 ServicePack: 3.0
11:53:37.0921 0x10bc  Product type: Workstation
11:53:37.0921 0x10bc  ComputerName: 078A6A7107074FC
11:53:37.0921 0x10bc  UserName: JD
11:53:37.0921 0x10bc  Windows directory: C:\WINDOWS
11:53:37.0921 0x10bc  System windows directory: C:\WINDOWS
11:53:37.0921 0x10bc  Processor architecture: Intel x86
11:53:37.0921 0x10bc  Number of processors: 1
11:53:37.0921 0x10bc  Page size: 0x1000
11:53:37.0921 0x10bc  Boot type: Normal boot
11:53:37.0921 0x10bc  ============================================================
11:53:40.0421 0x10bc  Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
11:53:40.0453 0x10bc  ============================================================
11:53:40.0453 0x10bc  \Device\Harddisk0\DR0:
11:53:40.0515 0x10bc  MBR partitions:
11:53:40.0515 0x10bc  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xC02F10, BlocksNum 0x890B5B1
11:53:40.0515 0x10bc  ============================================================
11:53:40.0625 0x10bc  C: <-> \Device\Harddisk0\DR0\Partition1
11:53:40.0625 0x10bc  ============================================================
11:53:40.0625 0x10bc  Initialize success
11:53:40.0625 0x10bc  ============================================================
11:54:11.0281 0x112c  ============================================================
11:54:11.0281 0x112c  Scan started
11:54:11.0281 0x112c  Mode: Manual; TDLFS;
11:54:11.0281 0x112c  ============================================================
11:54:13.0015 0x112c  ================ Scan system memory ========================
11:54:13.0015 0x112c  System memory - ok
11:54:13.0015 0x112c  ================ Scan services =============================
11:54:13.0125 0x112c  Abiosdsk - ok
11:54:13.0125 0x112c  abp480n5 - ok
11:54:13.0187 0x112c  [ 8FD99680A539792A30E97944FDAECF17 ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
11:54:13.0187 0x112c  ACPI - ok
11:54:13.0203 0x112c  [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC          C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
11:54:13.0203 0x112c  ACPIEC - ok
11:54:13.0343 0x112c  [ BF3818B441955E4D438EC72F06F1FE61 ] AdobeActiveFileMonitor11.0 C:\Program Files\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
11:54:13.0343 0x112c  AdobeActiveFileMonitor11.0 - ok
11:54:13.0343 0x112c  adpu160m - ok
11:54:13.0375 0x112c  [ 8BED39E3C35D6A489438B8141717A557 ] aec             C:\WINDOWS\system32\drivers\aec.sys
11:54:13.0375 0x112c  aec - ok
11:54:13.0437 0x112c  [ 2C5C22990156A1063E19AD162191DC1D ] AegisP          C:\WINDOWS\system32\DRIVERS\AegisP.sys
11:54:13.0437 0x112c  AegisP - ok
11:54:13.0500 0x112c  [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
11:54:13.0500 0x112c  AFD - ok
11:54:13.0515 0x112c  Aha154x - ok
11:54:13.0515 0x112c  aic78u2 - ok
11:54:13.0531 0x112c  aic78xx - ok
11:54:13.0578 0x112c  [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
11:54:13.0578 0x112c  Alerter - ok
11:54:13.0609 0x112c  [ 8C515081584A38AA007909CD02020B3D ] ALG             C:\WINDOWS\System32\alg.exe
11:54:13.0609 0x112c  ALG - ok
11:54:13.0609 0x112c  AliIde - ok
11:54:13.0625 0x112c  amsint - ok
11:54:13.0671 0x112c  [ D3DA11B88AB29076B78FF79F35F0586B ] ApfiltrService  C:\WINDOWS\system32\DRIVERS\Apfiltr.sys
11:54:13.0671 0x112c  ApfiltrService - ok
11:54:13.0734 0x112c  [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:54:13.0734 0x112c  Apple Mobile Device - ok
11:54:13.0750 0x112c  AppMgmt - ok
11:54:13.0781 0x112c  [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394         C:\WINDOWS\system32\DRIVERS\arp1394.sys
11:54:13.0781 0x112c  Arp1394 - ok
11:54:13.0781 0x112c  asc - ok
11:54:13.0796 0x112c  asc3350p - ok
11:54:13.0796 0x112c  asc3550 - ok
11:54:13.0937 0x112c  [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
11:54:13.0953 0x112c  aspnet_state - ok
11:54:13.0984 0x112c  [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
11:54:13.0984 0x112c  AsyncMac - ok
11:54:14.0000 0x112c  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
11:54:14.0015 0x112c  atapi - ok
11:54:14.0015 0x112c  Atdisk - ok
11:54:14.0046 0x112c  [ 9916C1225104BA14794209CFA8012159 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
11:54:14.0046 0x112c  Atmarpc - ok
11:54:14.0078 0x112c  [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
11:54:14.0078 0x112c  AudioSrv - ok
11:54:14.0109 0x112c  [ D9F724AA26C010A217C97606B160ED68 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
11:54:14.0125 0x112c  audstub - ok
11:54:14.0156 0x112c  [ 8BE661C16FBF84A73BCEC84B6B4A9DB5 ] Avgfwdx         C:\WINDOWS\system32\DRIVERS\avgfwdx.sys
11:54:14.0156 0x112c  Avgfwdx - ok
11:54:14.0156 0x112c  [ 8BE661C16FBF84A73BCEC84B6B4A9DB5 ] Avgfwfd         C:\WINDOWS\system32\DRIVERS\avgfwdx.sys
11:54:14.0171 0x112c  Avgfwfd - ok
11:54:14.0531 0x112c  [ 51782A3D230D0337853B43D0810D0193 ] avgfws          C:\Program Files\AVG\AVG2013\avgfws.exe
11:54:14.0562 0x112c  avgfws - ok
11:54:14.0843 0x112c  [ 4DB93F4DB7077801D2D82013506AC1D0 ] AVGIDSAgent     C:\Program Files\AVG\AVG2013\avgidsagent.exe
11:54:15.0078 0x112c  AVGIDSAgent - ok
11:54:15.0109 0x112c  [ 4D7E34E36E586EA26F171A258341BD80 ] AVGIDSDriver    C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys
11:54:15.0109 0x112c  AVGIDSDriver - ok
11:54:15.0125 0x112c  [ 7C8E88549BCDAAC965B1B724C175F7A9 ] AVGIDSHX        C:\WINDOWS\system32\DRIVERS\avgidshx.sys
11:54:15.0125 0x112c  AVGIDSHX - ok
11:54:15.0171 0x112c  [ 2717EBC35166B8793DBFFB4390B8F2E7 ] AVGIDSShim      C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys
11:54:15.0234 0x112c  AVGIDSShim - ok
11:54:15.0265 0x112c  [ 2018C4E9A40B122408763A5635CF14D9 ] Avgldx86        C:\WINDOWS\system32\DRIVERS\avgldx86.sys
11:54:15.0265 0x112c  Avgldx86 - ok
11:54:15.0312 0x112c  [ E2B9CF2CF787C6978E7CC898E9684E48 ] Avglogx         C:\WINDOWS\system32\DRIVERS\avglogx.sys
11:54:15.0312 0x112c  Avglogx - ok
11:54:15.0359 0x112c  [ 3F59750A3AA55C46663801E7C2FD1E2B ] Avgmfx86        C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
11:54:15.0359 0x112c  Avgmfx86 - ok
11:54:15.0375 0x112c  [ CBCE8ED318DB8EA431F9D25AC9B7FF41 ] Avgrkx86        C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
11:54:15.0390 0x112c  Avgrkx86 - ok
11:54:15.0437 0x112c  [ 14370FB29526F593C04FA48B5D69F7F0 ] Avgtdix         C:\WINDOWS\system32\DRIVERS\avgtdix.sys
11:54:15.0437 0x112c  Avgtdix - ok
11:54:15.0500 0x112c  [ 311C5A8D894563CD2712CD297A34FAFB ] avgtp           C:\WINDOWS\system32\drivers\avgtpx86.sys
11:54:15.0500 0x112c  avgtp - ok
11:54:15.0562 0x112c  [ 48939D9F350AEF9370F03A1E49A49BE2 ] avgwd           C:\Program Files\AVG\AVG2013\avgwdsvc.exe
11:54:15.0593 0x112c  avgwd - ok
11:54:15.0609 0x112c  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
11:54:15.0625 0x112c  Beep - ok
11:54:15.0671 0x112c  [ 574738F61FCA2935F5265DC4E5691314 ] BITS            C:\WINDOWS\system32\qmgr.dll
11:54:15.0750 0x112c  BITS - ok
11:54:15.0828 0x112c  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
11:54:15.0828 0x112c  Bonjour Service - ok
11:54:15.0890 0x112c  [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser         C:\WINDOWS\System32\browser.dll
11:54:15.0890 0x112c  Browser - ok
11:54:15.0937 0x112c  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
11:54:15.0937 0x112c  cbidf2k - ok
11:54:15.0937 0x112c  cd20xrnt - ok
11:54:15.0984 0x112c  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
11:54:15.0984 0x112c  Cdaudio - ok
11:54:16.0031 0x112c  [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
11:54:16.0046 0x112c  Cdfs - ok
11:54:16.0062 0x112c  [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
11:54:16.0062 0x112c  Cdrom - ok
11:54:16.0078 0x112c  Changer - ok
11:54:16.0109 0x112c  [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc           C:\WINDOWS\system32\cisvc.exe
11:54:16.0109 0x112c  CiSvc - ok
11:54:16.0125 0x112c  [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
11:54:16.0125 0x112c  ClipSrv - ok
11:54:16.0156 0x112c  [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:54:16.0187 0x112c  clr_optimization_v2.0.50727_32 - ok
11:54:16.0265 0x112c  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:54:16.0281 0x112c  clr_optimization_v4.0.30319_32 - ok
11:54:16.0312 0x112c  [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt          C:\WINDOWS\system32\DRIVERS\CmBatt.sys
11:54:16.0312 0x112c  CmBatt - ok
11:54:16.0312 0x112c  CmdIde - ok
11:54:16.0328 0x112c  [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt        C:\WINDOWS\system32\DRIVERS\compbatt.sys
11:54:16.0328 0x112c  Compbatt - ok
11:54:16.0328 0x112c  COMSysApp - ok
11:54:16.0343 0x112c  Cpqarray - ok
11:54:16.0375 0x112c  [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
11:54:16.0390 0x112c  CryptSvc - ok
11:54:16.0390 0x112c  dac2w2k - ok
11:54:16.0421 0x112c  dac960nt - ok
11:54:16.0484 0x112c  [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
11:54:16.0484 0x112c  DcomLaunch - ok
11:54:16.0515 0x112c  [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
11:54:16.0515 0x112c  Dhcp - ok
11:54:16.0531 0x112c  [ 044452051F3E02E7963599FC8F4F3E25 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
11:54:16.0531 0x112c  Disk - ok
11:54:16.0546 0x112c  dmadmin - ok
11:54:16.0609 0x112c  [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
11:54:16.0656 0x112c  dmboot - ok
11:54:16.0703 0x112c  [ 526192BF7696F72E29777BF4A180513A ] DMICall         C:\WINDOWS\system32\DRIVERS\DMICall.sys
11:54:16.0703 0x112c  DMICall - ok
11:54:16.0750 0x112c  [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
11:54:16.0750 0x112c  dmio - ok
11:54:16.0796 0x112c  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
11:54:16.0796 0x112c  dmload - ok
11:54:16.0812 0x112c  [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver        C:\WINDOWS\System32\dmserver.dll
11:54:16.0812 0x112c  dmserver - ok
11:54:16.0843 0x112c  [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
11:54:16.0843 0x112c  DMusic - ok
11:54:16.0890 0x112c  [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
11:54:16.0890 0x112c  Dnscache - ok
11:54:16.0937 0x112c  [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
11:54:16.0953 0x112c  Dot3svc - ok
11:54:16.0953 0x112c  dpti2o - ok
11:54:16.0984 0x112c  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
11:54:16.0984 0x112c  drmkaud - ok
11:54:17.0031 0x112c  [ B2C3F71B86E25C3DF78339DDB40A7562 ] dsNcAdpt        C:\WINDOWS\system32\DRIVERS\dsNcAdpt.sys
11:54:17.0031 0x112c  dsNcAdpt - ok
11:54:17.0093 0x112c  [ 586855D6FD2BD978723B502306D6EC78 ] dsNcService     C:\Program Files\Juniper Networks\Common Files\dsNcService.exe
11:54:17.0140 0x112c  dsNcService - ok
11:54:17.0203 0x112c  [ 95974E66D3DE4951D29E28E8BC0B644C ] E100B           C:\WINDOWS\system32\DRIVERS\e100b325.sys
11:54:17.0203 0x112c  E100B - ok
11:54:17.0250 0x112c  [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost         C:\WINDOWS\System32\eapsvc.dll
11:54:17.0250 0x112c  EapHost - ok
11:54:17.0296 0x112c  [ BC93B4A066477954555966D77FEC9ECB ] ERSvc           C:\WINDOWS\System32\ersvc.dll
11:54:17.0296 0x112c  ERSvc - ok
11:54:17.0343 0x112c  [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog        C:\WINDOWS\system32\services.exe
11:54:17.0343 0x112c  Eventlog - ok
11:54:17.0406 0x112c  [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem     C:\WINDOWS\system32\es.dll
11:54:17.0406 0x112c  EventSystem - ok
11:54:17.0468 0x112c  [ 4A2A65B466EF6B4D999AD3CE2BEF827D ] EvtEng          C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
11:54:17.0468 0x112c  EvtEng - ok
11:54:17.0515 0x112c  [ 38D332A6D56AF32635675F132548343E ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
11:54:17.0515 0x112c  Fastfat - ok
11:54:17.0578 0x112c  [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
11:54:17.0578 0x112c  FastUserSwitchingCompatibility - ok
11:54:17.0593 0x112c  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc             C:\WINDOWS\system32\drivers\Fdc.sys
11:54:17.0593 0x112c  Fdc - ok
11:54:17.0656 0x112c  [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
11:54:17.0656 0x112c  Fips - ok
11:54:17.0671 0x112c  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk        C:\WINDOWS\system32\drivers\Flpydisk.sys
11:54:17.0671 0x112c  Flpydisk - ok
11:54:17.0703 0x112c  [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
11:54:17.0703 0x112c  FltMgr - ok
11:54:17.0750 0x112c  [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
11:54:17.0750 0x112c  FontCache3.0.0.0 - ok
11:54:17.0781 0x112c  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
11:54:17.0781 0x112c  Fs_Rec - ok
11:54:17.0796 0x112c  [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
11:54:17.0812 0x112c  Ftdisk - ok
11:54:17.0859 0x112c  [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
11:54:17.0859 0x112c  GEARAspiWDM - ok
11:54:17.0875 0x112c  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
11:54:17.0875 0x112c  Gpc - ok
11:54:18.0000 0x112c  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
11:54:18.0000 0x112c  gupdate - ok
11:54:18.0015 0x112c  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
11:54:18.0015 0x112c  gupdatem - ok
11:54:18.0046 0x112c  [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
11:54:18.0046 0x112c  HDAudBus - ok
11:54:18.0093 0x112c  helpsvc - ok
11:54:18.0109 0x112c  HidServ - ok
11:54:18.0156 0x112c  [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
11:54:18.0156 0x112c  HidUsb - ok
11:54:18.0187 0x112c  [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
11:54:18.0203 0x112c  hkmsvc - ok
11:54:18.0203 0x112c  hpn - ok
11:54:18.0265 0x112c  [ ACC46DDA7FECE95A253AE88CEA172E12 ] HSFHWAZL        C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
11:54:18.0265 0x112c  HSFHWAZL - ok
11:54:18.0296 0x112c  [ C9F4E7DA78A02623ABF78A4A34CE79B1 ] HSF_DPV         C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
11:54:18.0359 0x112c  HSF_DPV - ok
11:54:18.0421 0x112c  [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
11:54:18.0421 0x112c  HTTP - ok
11:54:18.0453 0x112c  [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
11:54:18.0453 0x112c  HTTPFilter - ok
11:54:18.0468 0x112c  i2omgmt - ok
11:54:18.0484 0x112c  i2omp - ok
11:54:18.0515 0x112c  [ 5502B58EEF7486EE6F93F3F164DCB808 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
11:54:18.0531 0x112c  i8042prt - ok
11:54:18.0625 0x112c  [ 240D0F5D7CAAFD87BD8D801A97BBE041 ] ialm            C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
11:54:18.0687 0x112c  ialm - ok
11:54:18.0765 0x112c  [ 6F95324909B502E2651442C1548AB12F ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
11:54:18.0765 0x112c  IDriverT - ok
11:54:18.0843 0x112c  [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc           c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
11:54:18.0890 0x112c  idsvc - ok
11:54:19.0015 0x112c  [ A16DEDF58C40D8236578F0FBB520EA6D ] Image Converter video recording monitor for VAIO Entertainment C:\Program Files\Sony\Image Converter 2\IcVzMon.exe
11:54:19.0015 0x112c  Image Converter video recording monitor for VAIO Entertainment - ok
11:54:19.0031 0x112c  [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
11:54:19.0031 0x112c  Imapi - ok
11:54:19.0078 0x112c  [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService    C:\WINDOWS\system32\imapi.exe
11:54:19.0078 0x112c  ImapiService - ok
11:54:19.0093 0x112c  ini910u - ok
11:54:19.0296 0x112c  [ 5F2657F8781376892035976CF8122A2D ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
11:54:19.0453 0x112c  IntcAzAudAddService - ok
11:54:19.0468 0x112c  [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde        C:\WINDOWS\system32\DRIVERS\intelide.sys
11:54:19.0468 0x112c  IntelIde - ok
11:54:19.0515 0x112c  [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
11:54:19.0515 0x112c  intelppm - ok
11:54:19.0546 0x112c  [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys
11:54:19.0562 0x112c  Ip6Fw - ok
11:54:19.0593 0x112c  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
11:54:19.0593 0x112c  IpFilterDriver - ok
11:54:19.0625 0x112c  [ B87AB476DCF76E72010632B5550955F5 ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
11:54:19.0625 0x112c  IpInIp - ok
11:54:19.0671 0x112c  [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
11:54:19.0671 0x112c  IpNat - ok
11:54:19.0734 0x112c  [ E46B17060D3962A384AE484094614788 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
11:54:19.0765 0x112c  iPod Service - ok
11:54:19.0796 0x112c  [ 23C74D75E36E7158768DD63D92789A91 ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
11:54:19.0796 0x112c  IPSec - ok
11:54:19.0843 0x112c  [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
11:54:19.0843 0x112c  IRENUM - ok
11:54:19.0859 0x112c  [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
11:54:19.0859 0x112c  isapnp - ok
11:54:20.0015 0x112c  [ 9ECF00E19736054E019C532AED8228FC ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
11:54:20.0015 0x112c  JavaQuickStarterService - ok
11:54:20.0046 0x112c  [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
11:54:20.0046 0x112c  Kbdclass - ok
11:54:20.0078 0x112c  [ 692BCF44383D056AED41B045A323D378 ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
11:54:20.0078 0x112c  kmixer - ok
11:54:20.0125 0x112c  [ B467646C54CC746128904E1654C750C1 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
11:54:20.0125 0x112c  KSecDD - ok
11:54:20.0171 0x112c  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
11:54:20.0187 0x112c  lanmanserver - ok
11:54:20.0234 0x112c  [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
11:54:20.0234 0x112c  lanmanworkstation - ok
11:54:20.0250 0x112c  lbrtfdc - ok
11:54:20.0328 0x112c  [ 3D769924A07C00F5BB4B890F3934CD1E ] LEX_AS_NIC_SERVICE_YNOS C:\WINDOWS\system32\DRIVERS\ExpasAG.sys
11:54:20.0328 0x112c  LEX_AS_NIC_SERVICE_YNOS - ok
11:54:20.0390 0x112c  [ A7DB739AE99A796D91580147E919CC59 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
11:54:20.0390 0x112c  LmHosts - ok
11:54:20.0421 0x112c  [ E246A32C445056996074A397DA56E815 ] mdmxsdk         C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
11:54:20.0437 0x112c  mdmxsdk - ok
11:54:20.0468 0x112c  [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
11:54:20.0468 0x112c  Messenger - ok
11:54:20.0500 0x112c  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
11:54:20.0500 0x112c  mnmdd - ok
11:54:20.0546 0x112c  [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
11:54:20.0546 0x112c  mnmsrvc - ok
11:54:20.0593 0x112c  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
11:54:20.0593 0x112c  Modem - ok
11:54:20.0640 0x112c  [ 34E1F0031153E491910E12551400192C ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
11:54:20.0640 0x112c  Mouclass - ok
11:54:20.0671 0x112c  [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
11:54:20.0671 0x112c  mouhid - ok
11:54:20.0718 0x112c  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
11:54:20.0718 0x112c  MountMgr - ok
11:54:20.0734 0x112c  mraid35x - ok
11:54:20.0765 0x112c  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
11:54:20.0765 0x112c  MRxDAV - ok
11:54:20.0843 0x112c  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
11:54:20.0859 0x112c  MRxSmb - ok
11:54:20.0953 0x112c  [ B490BD0678CB6A4890A86020ED106C75 ] MSCSPTISRV      C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
11:54:20.0953 0x112c  MSCSPTISRV - ok
11:54:20.0968 0x112c  [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
11:54:20.0984 0x112c  MSDTC - ok
11:54:21.0031 0x112c  [ C941EA2454BA8350021D774DAF0F1027 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
11:54:21.0031 0x112c  Msfs - ok
11:54:21.0046 0x112c  MSIServer - ok
11:54:21.0078 0x112c  [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
11:54:21.0078 0x112c  MSKSSRV - ok
11:54:21.0078 0x112c  [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
11:54:21.0078 0x112c  MSPCLOCK - ok
11:54:21.0109 0x112c  [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
11:54:21.0109 0x112c  MSPQM - ok
11:54:21.0140 0x112c  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
11:54:21.0156 0x112c  mssmbios - ok
11:54:21.0187 0x112c  MSSQL$VAIO_VEDB - ok
11:54:21.0234 0x112c  [ CB7524C21727404BD3140DCA32DEB7DE ] MSSQLServerADHelper C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe
11:54:21.0234 0x112c  MSSQLServerADHelper - ok
11:54:21.0265 0x112c  [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
11:54:21.0265 0x112c  Mup - ok
11:54:21.0312 0x112c  [ 0102140028FAD045756796E1C685D695 ] napagent        C:\WINDOWS\System32\qagentrt.dll
11:54:21.0328 0x112c  napagent - ok
11:54:21.0328 0x112c  [ 1DF7F42665C94B825322FAE71721130D ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
11:54:21.0343 0x112c  NDIS - ok
11:54:21.0375 0x112c  [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
11:54:21.0390 0x112c  NdisTapi - ok
11:54:21.0437 0x112c  [ F927A4434C5028758A842943EF1A3849 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
11:54:21.0437 0x112c  Ndisuio - ok
11:54:21.0453 0x112c  [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
11:54:21.0453 0x112c  NdisWan - ok
11:54:21.0468 0x112c  [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
11:54:21.0468 0x112c  NDProxy - ok
11:54:21.0484 0x112c  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
11:54:21.0484 0x112c  NetBIOS - ok
11:54:21.0515 0x112c  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
11:54:21.0515 0x112c  NetBT - ok
11:54:21.0578 0x112c  [ B857BA82860D7FF85AE29B095645563B ] NetDDE          C:\WINDOWS\system32\netdde.exe
11:54:21.0578 0x112c  NetDDE - ok
11:54:21.0593 0x112c  [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
11:54:21.0593 0x112c  NetDDEdsdm - ok
11:54:21.0640 0x112c  [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon        C:\WINDOWS\system32\lsass.exe
11:54:21.0640 0x112c  Netlogon - ok
11:54:21.0671 0x112c  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman          C:\WINDOWS\System32\netman.dll
11:54:21.0671 0x112c  Netman - ok
11:54:21.0718 0x112c  [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:54:21.0718 0x112c  NetTcpPortSharing - ok
11:54:21.0765 0x112c  [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394         C:\WINDOWS\system32\DRIVERS\nic1394.sys
11:54:21.0765 0x112c  NIC1394 - ok
11:54:21.0796 0x112c  [ 943337D786A56729263071623BBB9DE5 ] Nla             C:\WINDOWS\System32\mswsock.dll
11:54:21.0812 0x112c  Nla - ok
11:54:21.0843 0x112c  [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
11:54:21.0843 0x112c  Npfs - ok
11:54:21.0890 0x112c  [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
11:54:21.0906 0x112c  Ntfs - ok
11:54:21.0921 0x112c  [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
11:54:21.0921 0x112c  NtLmSsp - ok
11:54:21.0984 0x112c  [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
11:54:22.0000 0x112c  NtmsSvc - ok
11:54:22.0046 0x112c  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\WINDOWS\system32\drivers\Null.sys
11:54:22.0046 0x112c  Null - ok
11:54:22.0093 0x112c  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
11:54:22.0093 0x112c  NwlnkFlt - ok
11:54:22.0093 0x112c  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
11:54:22.0109 0x112c  NwlnkFwd - ok
11:54:22.0109 0x112c  [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394        C:\WINDOWS\system32\DRIVERS\ohci1394.sys
11:54:22.0109 0x112c  ohci1394 - ok
11:54:22.0203 0x112c  [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:54:22.0203 0x112c  ose - ok
11:54:22.0250 0x112c  [ DCACC2FC7DC0A3D7A60BEB81FA233822 ] PACSPTISVR      C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
11:54:22.0265 0x112c  PACSPTISVR - ok
11:54:22.0296 0x112c  [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport         C:\WINDOWS\system32\drivers\Parport.sys
11:54:22.0296 0x112c  Parport - ok
11:54:22.0312 0x112c  [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
11:54:22.0312 0x112c  PartMgr - ok
11:54:22.0343 0x112c  [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
11:54:22.0359 0x112c  ParVdm - ok
11:54:22.0406 0x112c  [ A219903CCF74233761D92BEF471A07B1 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
11:54:22.0406 0x112c  PCI - ok
11:54:22.0421 0x112c  PCIDump - ok
11:54:22.0453 0x112c  [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
11:54:22.0453 0x112c  PCIIde - ok
11:54:22.0468 0x112c  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia          C:\WINDOWS\system32\DRIVERS\pcmcia.sys
11:54:22.0468 0x112c  Pcmcia - ok
11:54:22.0468 0x112c  PDCOMP - ok
11:54:22.0484 0x112c  PDFRAME - ok
11:54:22.0500 0x112c  PDRELI - ok
11:54:22.0500 0x112c  PDRFRAME - ok
11:54:22.0515 0x112c  perc2 - ok
11:54:22.0515 0x112c  perc2hib - ok
11:54:22.0578 0x112c  [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay        C:\WINDOWS\system32\services.exe
11:54:22.0578 0x112c  PlugPlay - ok
11:54:22.0609 0x112c  [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
11:54:22.0609 0x112c  PolicyAgent - ok
11:54:22.0640 0x112c  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
11:54:22.0640 0x112c  PptpMiniport - ok
11:54:22.0656 0x112c  [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
11:54:22.0656 0x112c  ProtectedStorage - ok
11:54:22.0656 0x112c  [ 09298EC810B07E5D582CB3A3F9255424 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
11:54:22.0656 0x112c  PSched - ok
11:54:22.0687 0x112c  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
11:54:22.0687 0x112c  Ptilink - ok
11:54:22.0718 0x112c  [ B6A1692FC131F1FE5162513D78A9B6FC ] PxHelp20        C:\WINDOWS\system32\Drivers\PxHelp20.sys
11:54:22.0734 0x112c  PxHelp20 - ok
11:54:22.0734 0x112c  ql1080 - ok
11:54:22.0750 0x112c  Ql10wnt - ok
11:54:22.0750 0x112c  ql12160 - ok
11:54:22.0765 0x112c  ql1240 - ok
11:54:22.0781 0x112c  ql1280 - ok
11:54:22.0828 0x112c  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
11:54:22.0828 0x112c  RasAcd - ok
11:54:22.0859 0x112c  [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
11:54:22.0875 0x112c  RasAuto - ok
11:54:22.0906 0x112c  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
11:54:22.0906 0x112c  Rasl2tp - ok
11:54:22.0953 0x112c  [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan          C:\WINDOWS\System32\rasmans.dll
11:54:22.0968 0x112c  RasMan - ok
11:54:22.0984 0x112c  [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
11:54:22.0984 0x112c  RasPppoe - ok
11:54:22.0984 0x112c  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
11:54:23.0000 0x112c  Raspti - ok
11:54:23.0031 0x112c  [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
11:54:23.0046 0x112c  Rdbss - ok
11:54:23.0062 0x112c  [ 4912D5B403614CE99C28420F75353332 ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
11:54:23.0078 0x112c  RDPCDD - ok
11:54:23.0125 0x112c  [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
11:54:23.0140 0x112c  RDPWD - ok
11:54:23.0187 0x112c  [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
11:54:23.0187 0x112c  RDSessMgr - ok
11:54:23.0234 0x112c  [ F828DD7E1419B6653894A8F97A0094C5 ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
11:54:23.0234 0x112c  redbook - ok
11:54:23.0296 0x112c  [ 2D14ED3EF8A7506174936D865528EDC7 ] RegSrvc         C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
11:54:23.0296 0x112c  RegSrvc - ok
11:54:23.0343 0x112c  [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
11:54:23.0359 0x112c  RemoteAccess - ok
11:54:23.0390 0x112c  [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator      C:\WINDOWS\system32\locator.exe
11:54:23.0390 0x112c  RpcLocator - ok
11:54:23.0437 0x112c  [ 6B27A5C03DFB94B4245739065431322C ] RpcSs           C:\WINDOWS\System32\rpcss.dll
11:54:23.0453 0x112c  RpcSs - ok
11:54:23.0500 0x112c  [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP            C:\WINDOWS\system32\rsvp.exe
11:54:23.0500 0x112c  RSVP - ok
11:54:23.0546 0x112c  [ 1C0284983B44E2714BCEDDF84E1845E9 ] S24EventMonitor C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
11:54:23.0562 0x112c  S24EventMonitor - ok
11:54:23.0578 0x112c  [ 123F270A7F89C1A826FF8A1AE7DC41E5 ] s24trans        C:\WINDOWS\system32\DRIVERS\s24trans.sys
11:54:23.0578 0x112c  s24trans - ok
11:54:23.0609 0x112c  [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs           C:\WINDOWS\system32\lsass.exe
11:54:23.0609 0x112c  SamSs - ok
11:54:23.0671 0x112c  [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
11:54:23.0671 0x112c  SCardSvr - ok
11:54:23.0718 0x112c  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule        C:\WINDOWS\system32\schedsvc.dll
11:54:23.0734 0x112c  Schedule - ok
11:54:23.0890 0x112c  [ 95AA9E165C7DE1B64A11E8B18E91E499 ] SDScannerService C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
11:54:24.0000 0x112c  SDScannerService - ok
11:54:24.0062 0x112c  [ D31398D4BB4907B517B6E784C2100C4A ] SDUpdateService C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
11:54:24.0109 0x112c  SDUpdateService - ok
11:54:24.0140 0x112c  [ 6AE8E702D1027A9627DDE2B77BB9992B ] SDWSCService    C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
11:54:24.0156 0x112c  SDWSCService - ok
11:54:24.0203 0x112c  [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
11:54:24.0203 0x112c  Secdrv - ok
11:54:24.0218 0x112c  [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon        C:\WINDOWS\System32\seclogon.dll
11:54:24.0234 0x112c  seclogon - ok
11:54:24.0281 0x112c  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS            C:\WINDOWS\System32\sens.dll
11:54:24.0281 0x112c  SENS - ok
11:54:24.0312 0x112c  [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial          C:\WINDOWS\system32\drivers\Serial.sys
11:54:24.0312 0x112c  Serial - ok
11:54:24.0359 0x112c  [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy         C:\WINDOWS\system32\DRIVERS\sfloppy.sys
11:54:24.0359 0x112c  Sfloppy - ok
11:54:24.0421 0x112c  [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
11:54:24.0437 0x112c  SharedAccess - ok
11:54:24.0484 0x112c  [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
11:54:24.0484 0x112c  ShellHWDetection - ok
11:54:24.0500 0x112c  Simbad - ok
11:54:24.0546 0x112c  [ BE6038E0A7D2E2FE69107E41A0265831 ] SNC             C:\WINDOWS\system32\Drivers\SonyNC.sys
11:54:24.0562 0x112c  SNC - ok
11:54:24.0562 0x112c  Sparrow - ok
11:54:24.0593 0x112c  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
11:54:24.0593 0x112c  splitter - ok
11:54:24.0640 0x112c  [ 60784F891563FB1B767F70117FC2428F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
11:54:24.0656 0x112c  Spooler - ok
11:54:24.0703 0x112c  [ 1B7447278005E38E464B34A7E841D628 ] SPTISRV         C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
11:54:24.0703 0x112c  SPTISRV - ok
11:54:24.0718 0x112c  SQLAgent$VAIO_VEDB - ok
11:54:24.0750 0x112c  [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
11:54:24.0765 0x112c  sr - ok
11:54:24.0812 0x112c  [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice       C:\WINDOWS\system32\srsvc.dll
11:54:24.0812 0x112c  srservice - ok
11:54:24.0875 0x112c  [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
11:54:24.0890 0x112c  Srv - ok
11:54:24.0921 0x112c  [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
11:54:24.0921 0x112c  SSDPSRV - ok
11:54:24.0984 0x112c  [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
11:54:24.0984 0x112c  stisvc - ok
11:54:25.0031 0x112c  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
11:54:25.0031 0x112c  swenum - ok
11:54:25.0062 0x112c  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
11:54:25.0062 0x112c  swmidi - ok
11:54:25.0078 0x112c  SwPrv - ok
11:54:25.0093 0x112c  symc810 - ok
11:54:25.0109 0x112c  symc8xx - ok
11:54:25.0109 0x112c  sym_hi - ok
11:54:25.0125 0x112c  sym_u3 - ok
11:54:25.0156 0x112c  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
11:54:25.0171 0x112c  sysaudio - ok
11:54:25.0187 0x112c  [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
11:54:25.0203 0x112c  SysmonLog - ok
11:54:25.0234 0x112c  [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
11:54:25.0250 0x112c  TapiSrv - ok
11:54:25.0296 0x112c  [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
11:54:25.0312 0x112c  Tcpip - ok
11:54:25.0343 0x112c  [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
11:54:25.0343 0x112c  TDPIPE - ok
11:54:25.0359 0x112c  [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
11:54:25.0359 0x112c  TDTCP - ok
11:54:25.0375 0x112c  [ 88155247177638048422893737429D9E ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
11:54:25.0375 0x112c  TermDD - ok
11:54:25.0437 0x112c  [ FF3477C03BE7201C294C35F684B3479F ] TermService     C:\WINDOWS\System32\termsrv.dll
11:54:25.0437 0x112c  TermService - ok
11:54:25.0484 0x112c  [ 99BC0B50F511924348BE19C7C7313BBF ] Themes          C:\WINDOWS\System32\shsvcs.dll
11:54:25.0484 0x112c  Themes - ok
11:54:25.0546 0x112c  [ 72AAA3343AF62E02AE37001EEA5C9A0E ] tifmsony        C:\WINDOWS\system32\drivers\tifmsony.sys
11:54:25.0546 0x112c  tifmsony - ok
11:54:25.0562 0x112c  TosIde - ok
11:54:25.0593 0x112c  [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks          C:\WINDOWS\system32\trkwks.dll
11:54:25.0609 0x112c  TrkWks - ok
11:54:25.0765 0x112c  [ 9DF6AD6FC51A802808621CBFB2A88453 ] TuneUp.UtilitiesSvc C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe
11:54:25.0859 0x112c  TuneUp.UtilitiesSvc - ok
11:54:25.0890 0x112c  [ 94C4CD2D19B8C4137A46261F229FEC24 ] TuneUpUtilitiesDrv C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver32.sys
11:54:25.0906 0x112c  TuneUpUtilitiesDrv - ok
11:54:25.0937 0x112c  [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
11:54:25.0953 0x112c  Udfs - ok
11:54:25.0984 0x112c  ultra - ok
11:54:26.0062 0x112c  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
11:54:26.0093 0x112c  Update - ok
11:54:26.0140 0x112c  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost        C:\WINDOWS\System32\upnphost.dll
11:54:26.0140 0x112c  upnphost - ok
11:54:26.0187 0x112c  [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS             C:\WINDOWS\System32\ups.exe
11:54:26.0187 0x112c  UPS - ok
11:54:26.0234 0x112c  [ 6E421CCC57059B0186C6259CA3B6DFC9 ] USBAAPL         C:\WINDOWS\system32\Drivers\usbaapl.sys
11:54:26.0234 0x112c  USBAAPL - ok
11:54:26.0265 0x112c  [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
11:54:26.0265 0x112c  usbccgp - ok
11:54:26.0296 0x112c  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
11:54:26.0296 0x112c  usbehci - ok
11:54:26.0343 0x112c  [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
11:54:26.0359 0x112c  usbhub - ok
11:54:26.0390 0x112c  [ A717C8721046828520C9EDF31288FC00 ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys
11:54:26.0390 0x112c  usbprint - ok
11:54:26.0390 0x112c  [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
11:54:26.0390 0x112c  usbscan - ok
11:54:26.0453 0x112c  [ A32426D9B14A089EAA1D922E0C5801A9 ] usbstor         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
11:54:26.0453 0x112c  usbstor - ok
11:54:26.0500 0x112c  [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
11:54:26.0500 0x112c  usbuhci - ok
11:54:26.0578 0x112c  [ FB1A8F8CBD361FC1F0D144D5018C97F3 ] VAIO Entertainment TV Device Arbitration Service C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
11:54:26.0578 0x112c  VAIO Entertainment TV Device Arbitration Service - ok
11:54:26.0609 0x112c  [ 2B0EAC2B6E5F1C5E007DABAE101028B0 ] VAIO Event Service C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
11:54:26.0625 0x112c  VAIO Event Service - ok
11:54:26.0765 0x112c  [ 8A851EE335A459440B69A44C1CD50BDB ] VAIOMediaPlatform-IntegratedServer-AppServer C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
11:54:26.0890 0x112c  VAIOMediaPlatform-IntegratedServer-AppServer - ok
11:54:26.0937 0x112c  [ B74A27540B0B7FE393A882B94B0D2188 ] VAIOMediaPlatform-IntegratedServer-HTTP C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
11:54:26.0937 0x112c  VAIOMediaPlatform-IntegratedServer-HTTP - ok
11:54:27.0000 0x112c  [ 4914B65DCCF68CB95C2D1303C7264C8C ] VAIOMediaPlatform-IntegratedServer-UPnP C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
11:54:27.0046 0x112c  VAIOMediaPlatform-IntegratedServer-UPnP - ok
11:54:27.0062 0x112c  Vcsw - ok
11:54:27.0093 0x112c  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
11:54:27.0093 0x112c  VgaSave - ok
11:54:27.0093 0x112c  ViaIde - ok
11:54:27.0156 0x112c  [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
11:54:27.0156 0x112c  VolSnap - ok
11:54:27.0203 0x112c  [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS             C:\WINDOWS\System32\vssvc.exe
11:54:27.0218 0x112c  VSS - ok
11:54:27.0406 0x112c  [ EB94A2C1F99E9E1634683B916F4EB1A2 ] vToolbarUpdater15.5.0 C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe
11:54:27.0500 0x112c  vToolbarUpdater15.5.0 - ok
11:54:27.0578 0x112c  [ 0BD64CCEA7B4BF25CA2FB9BF1444DFD9 ] VzCdbSvc        C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
11:54:27.0578 0x112c  VzCdbSvc - ok
11:54:27.0640 0x112c  [ E81E8C7DC7EBC6CEDE156EAAD5EF9C8E ] VzFw            C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
11:54:27.0640 0x112c  VzFw - ok
11:54:28.0046 0x112c  [ 7A4A198462FE786EE3CE80721A16F5A9 ] w29n51          C:\WINDOWS\system32\DRIVERS\w29n51.sys
11:54:28.0218 0x112c  w29n51 - ok
11:54:28.0234 0x112c  [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time         C:\WINDOWS\system32\w32time.dll
11:54:28.0250 0x112c  W32Time - ok
11:54:28.0265 0x112c  [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
11:54:28.0265 0x112c  Wanarp - ok
11:54:28.0328 0x112c  [ D918617B46457B9AC28027722E30F647 ] Wdf01000        C:\WINDOWS\system32\Drivers\wdf01000.sys
11:54:28.0343 0x112c  Wdf01000 - ok
11:54:28.0359 0x112c  WDICA - ok
11:54:28.0390 0x112c  [ 6768ACF64B18196494413695F0C3A00F ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
11:54:28.0390 0x112c  wdmaud - ok
11:54:28.0437 0x112c  [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient       C:\WINDOWS\System32\webclnt.dll
11:54:28.0437 0x112c  WebClient - ok
11:54:28.0500 0x112c  [ C1D5CBD8AA0D674DA1BA1BB189696396 ] winachsf        C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
11:54:28.0546 0x112c  winachsf - ok
11:54:28.0640 0x112c  [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
11:54:28.0656 0x112c  winmgmt - ok
11:54:28.0750 0x112c  [ 18F347402DA544A780949B8FDF83351B ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
11:54:28.0828 0x112c  WinRM - ok
11:54:28.0890 0x112c  [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
11:54:28.0890 0x112c  WmdmPmSN - ok
11:54:28.0937 0x112c  [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
11:54:28.0937 0x112c  WmiApSrv - ok
11:54:29.0062 0x112c  [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc   C:\Program Files\Windows Media Player\WMPNetwk.exe
11:54:29.0109 0x112c  WMPNetworkSvc - ok
11:54:29.0218 0x112c  [ B800EEC15851597405784126C407188C ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
11:54:29.0250 0x112c  WPFFontCache_v0400 - ok
11:54:29.0296 0x112c  [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
11:54:29.0296 0x112c  wscsvc - ok
11:54:29.0312 0x112c  WSearch - ok
11:54:29.0343 0x112c  [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
11:54:29.0343 0x112c  wuauserv - ok
11:54:29.0406 0x112c  [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys
11:54:29.0406 0x112c  WudfPf - ok
11:54:29.0421 0x112c  [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys
11:54:29.0437 0x112c  WudfRd - ok
11:54:29.0453 0x112c  [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll
11:54:29.0453 0x112c  WudfSvc - ok
11:54:29.0531 0x112c  [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
11:54:29.0562 0x112c  WZCSVC - ok
11:54:29.0609 0x112c  [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
11:54:29.0609 0x112c  xmlprov - ok
11:54:29.0640 0x112c  ================ Scan global ===============================
11:54:29.0671 0x112c  [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
11:54:29.0718 0x112c  [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
11:54:29.0734 0x112c  [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
11:54:29.0765 0x112c  [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
11:54:29.0765 0x112c  [Global] - ok
11:54:29.0765 0x112c  ================ Scan MBR ==================================
11:54:29.0781 0x112c  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
11:54:30.0093 0x112c  \Device\Harddisk0\DR0 ( TDSS File System ) - warning
11:54:30.0093 0x112c  \Device\Harddisk0\DR0 - detected TDSS File System (1)
11:54:30.0109 0x112c  ================ Scan VBR ==================================
11:54:30.0109 0x112c  [ 9E1D686F6E00C8ECEDC0B73EF12F45B3 ] \Device\Harddisk0\DR0\Partition1
11:54:30.0109 0x112c  \Device\Harddisk0\DR0\Partition1 - ok
11:54:30.0109 0x112c  ============================================================
11:54:30.0109 0x112c  Scan finished
11:54:30.0109 0x112c  ============================================================
11:54:30.0125 0x1718  Detected object count: 1
11:54:30.0125 0x1718  Actual detected object count: 1
11:54:48.0578 0x1718  \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
11:54:48.0578 0x1718  \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
11:55:06.0234 0x12c0  Deinitialize success
 



#4 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,716 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:08:04 AM

Posted 13 September 2013 - 05:04 PM

Well, first of all I'd suggest you PM boopme with some apology for abandoning the other topic.

 

Then...

 

p22002970.gif Download Security Check from here or here and save it to your Desktop.

  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2 SecurityCheck may produce some false warning(s), so leave the results reading to me.

p22002970.gif Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


p22002970.gif Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (do NOT change any settings here)
  • List Users, Partitions and Memory size

Click Go and post the result.

p22002970.gif Download Malwarebytes' Anti-Malware (aka MBAM): https://www.bleepingcomputer.com/download/malwarebytes-anti-malware/ to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

Be sure to restart the computer.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

p22002970.gifDownload Malwarebytes Anti-Rootkit from HERE to your Desktop.
  • Unzip downloaded file.
  • Open the folder where the contents were unzipped and run mbar.exe
  • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
  • DO NOT click on the Cleanup button. Simply exit the program.
  • When done, please post the two logs produced they will be in the MBAR folder..... mbar-log-xxxxx.txt and system-log.txt


p22002970.gif Please download Rkill (courtesy of BleepingComputer.com) to your desktop.
There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/

  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista or Windows 7 right-click on it and choose Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • Do not reboot until instructed.
  • If the tool does not run from any of the links provided, please let me know.


If normal mode still doesn't work, run the tool from safe mode.

When the scan is done Notepad will open with rKill log.
Post it in your next reply.

NOTE. rKill.txt log will also be present on your desktop.

NOTE Do NOT wrap your logs in "quote" or "code" brackets.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#5 Shawnee2

Shawnee2
  • Topic Starter

  • Members
  • 56 posts
  • OFFLINE
  •  
  • Local time:10:04 AM

Posted 13 September 2013 - 09:51 PM

Apology sent..  Attached are the scan results:

 

 Results of screen317's Security Check version 0.99.73 
 Windows XP Service Pack 3 x86  
 Internet Explorer 8 
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Disabled! 
 AVG 2013    
 AVG PC TuneUp   
 AVG 2013    
 AVG PC TuneUp   
 AVG PC TuneUp Language Pack (en-US)
 ESET Online Scanner v3  
`````````Anti-malware/Other Utilities Check:`````````
 MVPS Hosts File 
 Spybot - Search & Destroy
 Malwarebytes Anti-Malware version 1.75.0.1300 
 AVG PC TuneUp  
 AVG PC TuneUp Language Pack (en-US)
 CCleaner    
 Java 7 Update 25 
 Adobe Reader 10.1.7 Adobe Reader out of Date! 
````````Process Check: objlist.exe by Laurent```````` 
 Spybot Teatimer.exe is disabled!
 AVG avgwdsvc.exe
 AVG avgrsx.exe
 AVG avgnsx.exe
 AVG avgemc.exe
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:: 2%
````````````````````End of Log``````````````````````
 

Farbar Service Scanner Version: 13-09-2013
Ran by JD (administrator) on 13-09-2013 at 21:51:55
Running from "C:\Documents and Settings\JD\Local Settings\Temporary Internet Files\Content.IE5\QWOKCQ1G"
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.

Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0

System Restore:
============
Srservice Service is not running. Checking service configuration:
The start type of Srservice service is OK.
The ImagePath of Srservice service is OK.
The ServiceDll of Srservice: "C:\WINDOWS\system32\srsvc.dll".

sr Service is not running. Checking service configuration:
The start type of sr service is set to Disabled. The default start type is Boot.
The ImagePath of sr: "\SystemRoot\system32\DRIVERS\sr.sys".

System Restore Disabled Policy:
========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=DWORD:1

Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================

Other Services:
==============

File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
AegisP(9) Avgfwfd(17) Avgtdix(16) Gpc(6) IPSec(4) NetBT(5) PSched(7) s24trans(8) Tcpip(3)
0x11000000040000000100000002000000030000000A0000000B0000000C0000000D0000000E0000000F00000011000000100000000500000006000000070000000800000009000000
IpSec Tag value is correct.

**** End of log ****

 

 

MiniToolBox by Farbar  Version: 13-07-2013
Ran by JD (administrator) on 13-09-2013 at 21:54:15
Running from "C:\Documents and Settings\JD\Desktop"
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.
========================= Hosts content: =================================

127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com

There are 15433 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

Intel® PRO/Wireless 2200BG Network Connection = Wireless Network Connection (Connected)
1394 Net Adapter = 1394 Connection (Connected)
Intel® PRO/100 VE Network Connection = Local Area Connection (Media disconnected)

# ----------------------------------
# Interface IP Configuration        
# ----------------------------------
pushd interface ip

# Interface IP Configuration for "Wireless Network Connection"

set address name="Wireless Network Connection" source=dhcp
set dns name="Wireless Network Connection" source=dhcp register=PRIMARY
set wins name="Wireless Network Connection" source=dhcp

# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp

# Interface IP Configuration for "Network Connect Adapter"

set address name="Network Connect Adapter" source=dhcp
set dns name="Network Connect Adapter" source=dhcp register=PRIMARY
set wins name="Network Connect Adapter" source=dhcp

popd
# End of interface IP configuration

 

Windows IP Configuration

 

        Host Name . . . . . . . . . . . . : 078A6A7107074FC

        Primary Dns Suffix  . . . . . . . :

        Node Type . . . . . . . . . . . . : Unknown

        IP Routing Enabled. . . . . . . . : No

        WINS Proxy Enabled. . . . . . . . : No

        DNS Suffix Search List. . . . . . : carolina.rr.com

 

Ethernet adapter Wireless Network Connection:

 

        Connection-specific DNS Suffix  . : carolina.rr.com

        Description . . . . . . . . . . . : Intel® PRO/Wireless 2200BG Network Connection

        Physical Address. . . . . . . . . : 00-16-6F-82-BB-FB

        Dhcp Enabled. . . . . . . . . . . : Yes

        Autoconfiguration Enabled . . . . : Yes

        IP Address. . . . . . . . . . . . : 192.168.1.110

        Subnet Mask . . . . . . . . . . . : 255.255.255.0

        Default Gateway . . . . . . . . . : 192.168.1.1

        DHCP Server . . . . . . . . . . . : 192.168.1.1

        DNS Servers . . . . . . . . . . . : 209.18.47.61

                                            209.18.47.62

                                            192.168.1.1

        Lease Obtained. . . . . . . . . . : Friday, September 13, 2013 9:19:50 PM

        Lease Expires . . . . . . . . . . : Saturday, September 14, 2013 9:19:50 PM

 

Ethernet adapter Local Area Connection:

 

        Media State . . . . . . . . . . . : Media disconnected

        Description . . . . . . . . . . . : Intel® PRO/100 VE Network Connection

        Physical Address. . . . . . . . . : 00-13-A9-2F-37-CE

 

Ethernet adapter Network Connect Adapter:

 

        Media State . . . . . . . . . . . : Media disconnected

        Description . . . . . . . . . . . : Juniper Network Connect Virtual Adapter

        Physical Address. . . . . . . . . : 00-FF-08-B3-EE-86

Server:  dns-cac-lb-01.rr.com
Address:  209.18.47.61

Name:    google.com
Addresses:  74.125.228.65, 74.125.228.66, 74.125.228.67, 74.125.228.68
   74.125.228.69, 74.125.228.70, 74.125.228.71, 74.125.228.72, 74.125.228.73
   74.125.228.78, 74.125.228.64

 

Pinging google.com [74.125.228.67] with 32 bytes of data:

 

Reply from 74.125.228.67: bytes=32 time=78ms TTL=54

Reply from 74.125.228.67: bytes=32 time=50ms TTL=54

 

Ping statistics for 74.125.228.67:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 50ms, Maximum = 78ms, Average = 64ms

Server:  dns-cac-lb-01.rr.com
Address:  209.18.47.61

Name:    yahoo.com
Addresses:  98.139.183.24, 206.190.36.45, 98.138.253.109

 

Pinging yahoo.com [98.139.183.24] with 32 bytes of data:

 

Reply from 98.139.183.24: bytes=32 time=77ms TTL=49

Reply from 98.139.183.24: bytes=32 time=71ms TTL=49

 

Ping statistics for 98.139.183.24:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 71ms, Maximum = 77ms, Average = 74ms

 

Pinging 127.0.0.1 with 32 bytes of data:

 

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

 

Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 16 6f 82 bb fb ...... Intel® PRO/Wireless 2200BG Network Connection - Packet Scheduler Miniport
0x3 ...00 13 a9 2f 37 ce ...... Intel® PRO/100 VE Network Connection - Packet Scheduler Miniport
0x10005 ...00 ff 08 b3 ee 86 ...... Juniper Network Connect Virtual Adapter - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1   192.168.1.110   25
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1   1
      169.254.0.0      255.255.0.0    192.168.1.110   192.168.1.110   20
      192.168.1.0    255.255.255.0    192.168.1.110   192.168.1.110   25
    192.168.1.110  255.255.255.255        127.0.0.1       127.0.0.1   25
    192.168.1.255  255.255.255.255    192.168.1.110   192.168.1.110   25
        224.0.0.0        240.0.0.0    192.168.1.110   192.168.1.110   25
  255.255.255.255  255.255.255.255    192.168.1.110   192.168.1.110   1
  255.255.255.255  255.255.255.255    192.168.1.110               3   1
  255.255.255.255  255.255.255.255    192.168.1.110           10005   1
Default Gateway:       192.168.1.1
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\system32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/13/2013 07:11:22 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9156

Error: (09/13/2013 07:11:22 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9156

Error: (09/13/2013 07:11:22 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/13/2013 07:11:19 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6625

Error: (09/13/2013 07:11:19 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6625

Error: (09/13/2013 07:11:19 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/13/2013 07:11:17 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4672

Error: (09/13/2013 07:11:17 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4672

Error: (09/13/2013 07:11:17 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/13/2013 07:11:15 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2656

System errors:
=============
Error: (09/13/2013 07:09:00 PM) (Source: Schedule) (User: )
Description: The At1.job command failed to start due to the following error:
%%2147942403

Error: (09/13/2013 06:44:47 PM) (Source: Service Control Manager) (User: )
Description: The vToolbarUpdater15.5.0 service failed to start due to the following error:
%%2

Error: (09/13/2013 06:44:47 PM) (Source: Service Control Manager) (User: )
Description: The Spybot-S&D 2 Security Center Service service failed to start due to the following error:
%%1053

Error: (09/13/2013 06:44:47 PM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for the Spybot-S&D 2 Security Center Service service to connect.

Error: (09/13/2013 06:44:47 PM) (Source: Service Control Manager) (User: )
Description: The Spybot-S&D 2 Updating Service service depends on the Secondary Logon service which failed to start because of the following error:
%%1058

Error: (09/13/2013 06:44:47 PM) (Source: Service Control Manager) (User: )
Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error:
%%1053

Error: (09/13/2013 06:44:47 PM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for the Spybot-S&D 2 Scanner Service service to connect.

Error: (09/13/2013 06:44:47 PM) (Source: Service Control Manager) (User: )
Description: The Help and Support service terminated with the following error:
%%126

Error: (09/13/2013 06:09:00 PM) (Source: Schedule) (User: )
Description: The At1.job command failed to start due to the following error:
%%2147942403

Error: (09/13/2013 05:09:00 PM) (Source: Schedule) (User: )
Description: The At1.job command failed to start due to the following error:
%%2147942403

Microsoft Office Sessions:
=========================
Error: (09/13/2013 07:11:22 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9156

Error: (09/13/2013 07:11:22 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9156

Error: (09/13/2013 07:11:22 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/13/2013 07:11:19 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6625

Error: (09/13/2013 07:11:19 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6625

Error: (09/13/2013 07:11:19 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/13/2013 07:11:17 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4672

Error: (09/13/2013 07:11:17 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4672

Error: (09/13/2013 07:11:17 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/13/2013 07:11:15 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2656

=========================== Installed Programs ============================

Adobe Acrobat XI Pro (Version: 11.0.04)
Adobe AIR (Version: 3.8.0.870)
Adobe Download Assistant (Version: 1.2.6)
Adobe Flash Player 11 ActiveX (Version: 11.8.800.94)
Adobe Photoshop Elements 11 (Version: 11.0)
Adobe Premiere Elements 11 (Version: 11.0)
Adobe Reader X (10.1.7) (Version: 10.1.7)
ALDLView v0.0-1
Apple Application Support (Version: 2.3.3)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (Version: 2.1.3.127)
AVG 2013 (Version: 13.0.3222)
AVG 2013 (Version: 13.0.3408)
AVG 2013 (Version: 2013.0.3408)
AVG PC TuneUp (Version: 12.0.4000.108)
AVG PC TuneUp Language Pack (en-US) (Version: 12.0.4000.108)
Bonjour (Version: 3.0.0.10)
CCleaner (Version: 4.05)
Click to DVD 2.0.03 Menu Data (Version: 2.0.03)
Click to DVD 2.5.20 (Version: 2.5.20)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Cricut ™ Driver v2.01 (Version: 2.01)
Cricut Craft Room® (Version: 1.0.179)
Cricut Craft Room® (Version: v1.0 build-179)
DVgate Plus
Elements 11 Organizer (Version: 11.0)
ESET Online Scanner v3
Google Update Helper (Version: 1.3.21.135)
GPL Ghostscript 8.71
HDAUDIO SoftV92 Data Fax Modem with SmartCP
HP Deskjet 3050A J611 series Basic Device Software (Version: 28.0.1315.0)
HP Deskjet 3050A J611 series Help (Version: 140.0.2.2)
HP Deskjet 3050A J611 series Product Improvement Study (Version: 28.0.1315.0)
HP Update (Version: 5.003.003.001)
HPDiagnosticCoreDll (Version: 1.0.3.0)
Image Converter 2 Plus (Version: 2.2.04)
Intel® Graphics Media Accelerator Driver for Mobile (Version: 6.14.10.4363)
Intel® PRO Network Connections Drivers
Intel® PROSet/Wireless Software
InterVideo WinDVD for VAIO (Version: 5.0-B11.739)
ISScript (Version: 3.00.185)
iTunes (Version: 11.0.2.26)
J2SE Runtime Environment 5.0 Update 6 (Version: 1.5.0.60)
Java 7 Update 25 (Version: 7.0.250)
Java Auto Updater (Version: 2.1.9.5)
Juniper Networks Network Connect 7.1.0 (Version: 7.1.0.18193)
Juniper Networks, Inc. Setup Client (Version: 7.1.2.10059)
LAN-Express AS IEEE 802.11 Wireless LAN
Macromedia Flash Player 8 (Version: 8.0.22.0)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
mCore (Version: 1.40.0000)
mDriver (Version: 1.40.0000)
Memory Stick Formatter
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB2833941)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Data Access Components KB870669
Microsoft Download Manager (Version: 1.2.1)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0)
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Professional Edition 2003 (Version: 11.0.8173.0)
Microsoft Office Word Viewer 2003 (Version: 11.0.8173.0)
Microsoft SQL Server Desktop Engine (VAIO_VEDB) (Version: 8.00.761)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
mMHouse (Version: 1.40.0000)
mPfMgr (Version: 1.40.0000)
mProSafe (Version: 9.00.0000)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 6.0 Parser (Version: 6.00.3883.8)
mWlsSafe (Version: 9.00.0000)
mXML (Version: 1.40.0000)
Office 2003 Trial Assistant (Version: 1.0.0)
OpenMG Secure Module 4.4.00 (Version: 4.4.00.11241)
PRE11 STI Installer (Version: 11.0)
PSE11 STI Installer (Version: 11.0)
Realtek High Definition Audio Driver (Version: 1.92)
Recuva (Version: 1.42)
Roxio DigitalMedia Audio (Version: 2.0.4)
Roxio DigitalMedia Copy (Version: 2.0.4)
Roxio DigitalMedia Data (Version: 2.0.4)
Setting Utility Series
Sony Certificate PCH
Sony MP4 Shared Library (Version: 2.0)
Sony Utilities DLL
Spybot - Search & Destroy (Version: 2.1.20)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Windows Internet Explorer 8 (KB2598845) (Version: 1)
Update for Windows Internet Explorer 8 (KB2632503) (Version: 1)
Update for Windows Internet Explorer 8 (KB976662) (Version: 1)
VAIO Breeze Wallpaper
VAIO Central (Version: 1.1.02.071205)
VAIO Entertainment Platform (Version: 1.3.30.11290)
VAIO Event Service (Version: 2.2.00.06130)
VAIO Light Flo Wallpaper
VAIO Media 5.0 (Version: 5.0.10)
VAIO Media AC3 Decoder 1.0
VAIO Media Integrated Server 5.0
VAIO Media Redistribution 5.0 (Version: 5.0.10)
VAIO Original Screen Saver
VAIO Original Screen Saver VAIO Cozy Screen SD Wide Contents
VAIO Power Management (Version: 1.7.01.10190)
VAIO Registration (Version: 16.1.0)
VAIO Security Center (Version: 2.01.0222)
VAIO Support Central (Version: 1.1.0.051121)
VAIO Update 2
VAIO Wireless LAN Setup Utility
VAIOSurveySA (Version: 4.02)
WebFldrs XP (Version: 9.50.7523)
WinALDL
Windows Backup Utility (Version: 5.1)
Windows Media Format 11 runtime
Windows Media Player 11

========================= Devices: ================================

========================= Memory info: ===================================

Percentage of memory in use: 74%
Total physical RAM: 1014.42 MB
Available physical RAM: 261.71 MB
Total Pagefile: 2441.76 MB
Available Pagefile: 1701.14 MB
Total Virtual: 2047.88 MB
Available Virtual: 1971.6 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:68.52 GB) (Free:47.05 GB) NTFS

========================= Users: ========================================

User accounts for \\078A6A7107074FC

Administrator            ASPNET                   Guest                   
HelpAssistant            JD                       SUPPORT_388945a0        

**** End of log ****

 

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.09.13.11

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
JD :: 078A6A7107074FC [administrator]

9/13/2013 10:03:14 PM
mbam-log-2013-09-13 (22-03-14).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 242948
Time elapsed: 9 minute(s), 30 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

 

 

Malwarebytes Anti-Rootkit BETA 1.07.0.1005
www.malwarebytes.org

Database version: v2013.09.13.11

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
JD :: 078A6A7107074FC [administrator]

9/13/2013 10:18:22 PM
mbar-log-2013-09-13 (22-18-22).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 245003
Time elapsed: 8 minute(s), 52 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

 

 

 

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1005

© Malwarebytes Corporation 2011-2012

OS version: 5.1.2600 Windows XP Service Pack 3 x86

Account is Administrative

Internet Explorer version: 8.0.6001.18702

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 1.729000 GHz
Memory total: 1063698432, free: 218996736

Downloaded database version: v2013.09.13.11
Downloaded database version: v2013.08.06.01
=======================================
Initializing...
------------ Kernel report ------------
     09/13/2013 22:18:07
------------ Loaded modules -----------
\WINDOWS\system32\ntkrnlpa.exe
\WINDOWS\system32\hal.dll
\WINDOWS\system32\KDCOM.DLL
\WINDOWS\system32\BOOTVID.dll
ACPI.sys
\WINDOWS\system32\DRIVERS\WMILIB.SYS
pci.sys
isapnp.sys
ohci1394.sys
\WINDOWS\system32\DRIVERS\1394BUS.SYS
compbatt.sys
\WINDOWS\system32\DRIVERS\BATTC.SYS
pciide.sys
\WINDOWS\system32\DRIVERS\PCIIDEX.SYS
intelide.sys
pcmcia.sys
MountMgr.sys
ftdisk.sys
ACPIEC.sys
\WINDOWS\system32\DRIVERS\OPRGHDLR.SYS
PartMgr.sys
VolSnap.sys
atapi.sys
disk.sys
\WINDOWS\system32\DRIVERS\CLASSPNP.SYS
fltmgr.sys
PxHelp20.sys
KSecDD.sys
Ntfs.sys
NDIS.sys
Mup.sys
avgrkx86.sys
avglogx.sys
avgmfx86.sys
avgidshx.sys
\SystemRoot\system32\DRIVERS\nic1394.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\CmBatt.sys
\SystemRoot\system32\DRIVERS\ialmnt5.sys
\SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\usbuhci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\drivers\tifmsony.sys
\SystemRoot\system32\DRIVERS\w29n51.sys
\SystemRoot\system32\DRIVERS\e100b325.sys
\SystemRoot\System32\Drivers\SonyNC.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\Apfiltr.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\imapi.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\DRIVERS\redbook.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
\SystemRoot\system32\DRIVERS\dsNcAdpt.sys
\SystemRoot\system32\DRIVERS\avgfwdx.sys
\SystemRoot\system32\DRIVERS\audstub.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\DRIVERS\psched.sys
\SystemRoot\system32\DRIVERS\msgpc.sys
\SystemRoot\system32\DRIVERS\ptilink.sys
\SystemRoot\system32\DRIVERS\raspti.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\update.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\RtkHDAud.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\DRIVERS\HSFHWAZL.sys
\SystemRoot\system32\DRIVERS\HSF_DPV.sys
\SystemRoot\system32\DRIVERS\HSF_CNXT.sys
\SystemRoot\System32\Drivers\Modem.SYS
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\System32\Drivers\Fs_Rec.SYS
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\??\C:\WINDOWS\system32\drivers\avgtpx86.sys
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\Drivers\mnmdd.SYS
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\rasacd.sys
\SystemRoot\system32\DRIVERS\ipsec.sys
\SystemRoot\system32\DRIVERS\tcpip.sys
\SystemRoot\system32\DRIVERS\avgtdix.sys
\SystemRoot\system32\DRIVERS\ipnat.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\netbt.sys
\SystemRoot\System32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\System32\Drivers\Fips.SYS
\SystemRoot\system32\DRIVERS\DMICall.sys
\SystemRoot\system32\DRIVERS\avgldx86.sys
\SystemRoot\system32\DRIVERS\arp1394.sys
\SystemRoot\system32\DRIVERS\avgidsshimx.sys
\SystemRoot\system32\DRIVERS\avgidsdriverx.sys
\SystemRoot\System32\Drivers\Cdfs.SYS
\SystemRoot\System32\Drivers\dump_atapi.sys
\SystemRoot\System32\Drivers\dump_WMILIB.SYS
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\watchdog.sys
\SystemRoot\System32\drivers\dxg.sys
\SystemRoot\System32\drivers\dxgthk.sys
\SystemRoot\System32\ialmdnt5.dll
\SystemRoot\System32\ialmrnt5.dll
\SystemRoot\System32\ialmdev5.DLL
\SystemRoot\System32\ialmdd5.DLL
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\DRIVERS\AegisP.sys
\SystemRoot\system32\DRIVERS\s24trans.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\drivers\wdmaud.sys
\SystemRoot\system32\drivers\sysaudio.sys
\SystemRoot\System32\Drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\mdmxsdk.sys
\SystemRoot\system32\DRIVERS\srv.sys
\??\C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver32.sys
\SystemRoot\system32\drivers\kmixer.sys
\??\C:\WINDOWS\system32\drivers\mbamchameleon.sys
\??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
\WINDOWS\system32\ntdll.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk1\DR3
Upper Device Object: 0xffffffff86424ab8
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\0000007e\
Lower Device Object: 0xffffffff86424030
Lower Device Driver Name: \Driver\tifmsony\
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xffffffff87192ab8
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IdeDeviceP0T0L0-4\
Lower Device Object: 0xffffffff871a7d98
Lower Device Driver Name: \Driver\atapi\
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffffff87192ab8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff87191e08, DeviceName: Unknown, DriverName: \Driver\PartMgr\
DevicePointer: 0xffffffff87192ab8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff871a8358, DeviceName: \Device\00000076\, DriverName: \Driver\ACPI\
DevicePointer: 0xffffffff871a7d98, DeviceName: \Device\Ide\IdeDeviceP0T0L0-4\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
The directory C:\WINDOWS\SYSTEM32\drivers seems inaccessible or encrypted.
Drivers scan is aborted.
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 2226EB33

Partition information:

    Partition 0 type is Other (0x12)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 63  Numsec = 12594897

    Partition 1 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 12594960  Numsec = 143701425
    Partition is not bootable

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

Disk Size: 80026361856 bytes
Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-62-156281488-156301488)...
Done!
Physical Sector Size: 0
Drive: 1, DevicePointer: 0xffffffff86424ab8, DeviceName: \Device\Harddisk1\DR3\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff86e9b678, DeviceName: Unknown, DriverName: \Driver\PartMgr\
DevicePointer: 0xffffffff86424ab8, DeviceName: \Device\Harddisk1\DR3\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff86424030, DeviceName: \Device\0000007e\, DriverName: \Driver\tifmsony\
------------ End ----------
Scan finished
=======================================

Removal queue found; removal started
Removing C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)\MBR_0_i.mbam...
Removing C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)\Bootstrap_0_1_12594960_i.mbam...
Removing C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)\MBR_0_r.mbam...
Removal finished

 

 

 

Rkill 2.6.1 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 09/13/2013 10:30:36 PM in x86 mode.
Windows Version: Microsoft Windows XP Service Pack 3

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * System Restore Disabled

   [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
   "DisableSR" = dword:00000001

 * Windows Firewall Disabled

   [HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
   "EnableFirewall" = dword:00000000

 * Reparse Point/Junctions Found (Most likely legitimate)!

     * C:\WINDOWS\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a => C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_4.0.0.0_x-ww_29b51492 [Dir]

Checking Windows Service Integrity:

 * System Restore Service (srservice) is not Running.
   Startup Type set to: Automatic

 * System Restore Filter Driver (sr) is not Running.
   Startup Type set to: Disabled

 * helpsvc => %SystemRoot%\PCHealth\HelpCtr\Binaries\pchsvc.dlles\pchsvc.dll [Incorrect ServiceDLL]

Searching for Missing Digital Signatures:

 * C:\WINDOWS\System32\drivers\stream.sys : 48,768 : 11/04/2005 08:55 PM : d5dbd4bdb329c8ca55b925d721c1b42e [NoSig]
 +-> C:\WINDOWS\ServicePackFiles\i386\stream.sys : 49,408 : 04/13/2008 02:45 PM : 3e5d89099ded9e86e5639f411693218f [Pos Repl]

Checking HOSTS File:

 * Cannot edit the HOSTS file.
 * Permissions Fixed. Administrators can now edit the HOSTS file.

 * HOSTS file entries found:

  127.0.0.1 localhost
  127.0.0.1 www.007guard.com
  127.0.0.1 007guard.com
  127.0.0.1 008i.com
  127.0.0.1 www.008k.com
  127.0.0.1 008k.com
  127.0.0.1 www.00hq.com
  127.0.0.1 00hq.com
  127.0.0.1 010402.com
  127.0.0.1 www.032439.com
  127.0.0.1 032439.com
  127.0.0.1 www.0scan.com
  127.0.0.1 0scan.com
  127.0.0.1 1000gratisproben.com
  127.0.0.1 www.1000gratisproben.com
  127.0.0.1 1001namen.com
  127.0.0.1 www.1001namen.com
  127.0.0.1 100888290cs.com
  127.0.0.1 www.100888290cs.com
  127.0.0.1 www.100sexlinks.com

  20 out of 15453 HOSTS entries shown.
  Please review HOSTS file for further entries.

Program finished at: 09/13/2013 10:31:50 PM
Execution time: 0 hours(s), 1 minute(s), and 13 seconds(s)

 

 

Thanks for the help.



#6 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,716 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:08:04 AM

Posted 13 September 2013 - 10:10 PM

Looks clean.

There are some registry issues but we''ll get to it later.

 

p22002970.gif Download Temp File Cleaner (TFC)
Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe
Double click on TFC.exe to run the program.
Click on Start button to begin cleaning process.
TFC will close all running programs, and it may ask you to restart computer.

=============================================================================

p22002970.gif Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.


=============================================================================

p22002970.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.


=======================================

p22002970.gif Please run a free online scan with the ESET Online Scanner

  • Disable your antivirus program
  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • Accept any security warnings from your browser.
  • Check Scan archives
  • Click Start
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click on List of found threats
  • Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
    NOTE. If Eset doesn't find any threats it'll NOT produce any log.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#7 Shawnee2

Shawnee2
  • Topic Starter

  • Members
  • 56 posts
  • OFFLINE
  •  
  • Local time:10:04 AM

Posted 14 September 2013 - 12:46 PM

Running better so far.  Here are the logs:

 

# AdwCleaner v3.003 - Report created 14/09/2013 at 11:15:38
# Updated 07/09/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : JD - 078A6A7107074FC
# Running from : C:\Documents and Settings\JD\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\JD\IECompatCache

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\Software\Description

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

*************************

AdwCleaner[R0].txt - [6449 octets] - [13/09/2013 12:03:00]
AdwCleaner[R1].txt - [867 octets] - [14/09/2013 11:14:02]
AdwCleaner[S0].txt - [6666 octets] - [13/09/2013 12:14:49]
AdwCleaner[S1].txt - [795 octets] - [14/09/2013 11:15:38]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [854 octets] ##########

 

# AdwCleaner v3.003 - Report created 14/09/2013 at 11:14:02
# Updated 07/09/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : JD - 078A6A7107074FC
# Running from : C:\Documents and Settings\JD\Desktop\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Found C:\Documents and Settings\JD\IECompatCache

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Found : HKLM\Software\Description

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

*************************

AdwCleaner[R0].txt - [6449 octets] - [13/09/2013 12:03:00]
AdwCleaner[R1].txt - [669 octets] - [14/09/2013 11:14:02]
AdwCleaner[S0].txt - [6666 octets] - [13/09/2013 12:14:49]

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [788 octets] ##########

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.0 (09.12.2013:1)
OS: Microsoft Windows XP x86
Ran by JD on Sat 09/14/2013 at 11:26:21.73
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

~~~ Services

 

~~~ Registry Values

 

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2469503557-1655231335-3323507706-1006\Software\SweetIM

 

~~~ Files

 

~~~ Folders

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 09/14/2013 at 11:30:32.00
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

No issues found with ESET

 

What next?  Thanks for your help.



#8 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,716 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:08:04 AM

Posted 14 September 2013 - 03:52 PM

Download Windows Repair (All in One) from this site

Install the program then run it.

NOTE 1. In Windows Vista, 7 and 8 right click on the program, click "Run As Administrator".
NOTE 2. Disable your antivirus program before running Windows Repair.


Go to Step 2 and allow it to run CheckDisk by clicking on Do It button:

p22002979.gif



Once that is done then go to Step 3 and allow it to run System File Check by clicking on Do It button:

p22002980.gif


Go to Step 4 and under "System Restore" click on Create button:

p22002982.gif


Go to Start Repairs tab and click Start button.

Leave all checkmarks as they're.
NOTE for Windows 8 users. Reset Registry Permissions is NOT checked by design.

Click on Start button.

p22003030.gif

Post Windows Repair log (_windows_repair_log.txt) which is located in the following folder:
64-bit systems - C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\Logs
32-bit systems - C:\Program Files\Tweaking.com\Windows Repair (All in One)\Logs

 

Post fresh FSS log as well.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#9 Shawnee2

Shawnee2
  • Topic Starter

  • Members
  • 56 posts
  • OFFLINE
  •  
  • Local time:10:04 AM

Posted 14 September 2013 - 05:25 PM

Cannot run step 3 as it is requesting a CD that I do not have.  Skip step 3 and continue?



#10 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,716 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:08:04 AM

Posted 14 September 2013 - 05:48 PM

It clearly means there are some problems with system files and we have to fix it.

Ask around. Someone may have XP CD.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#11 Shawnee2

Shawnee2
  • Topic Starter

  • Members
  • 56 posts
  • OFFLINE
  •  
  • Local time:10:04 AM

Posted 16 September 2013 - 09:55 AM

Could not find XP discs that would work.  Found a set for an HP computer but they did not work for step 3.  These are the messages I get when trying to run:

Note from Tweaking.com:  For Windows XP and 2003 you will need Windows CD.

Files that are required for Windows to run properly must be copied to the DLL Cache

 

Here are the log file for the repair (there a 11 files so not sure I got the correct one) and FSS:

Starting Repairs...
   Start (9/16/2013 9:50:28 AM)

01 - Reset Registry Permissions 01/03
   HKEY_CURRENT_USER & Sub Keys
   Start (9/16/2013 9:50:28 AM)
   Running Repair Under Current User Account
   Done (9/16/2013 9:50:50 AM)

01 - Reset Registry Permissions 02/03
   HKEY_LOCAL_MACHINE & Sub Keys
   Start (9/16/2013 9:50:50 AM)
   Running Repair Under System Account
   Done (9/16/2013 9:52:17 AM)

01 - Reset Registry Permissions 03/03
   HKEY_CLASSES_ROOT & Sub Keys
   Start (9/16/2013 9:52:17 AM)
   Running Repair Under System Account
   Done (9/16/2013 9:52:53 AM)

03 - Register System Files
   Start (9/16/2013 9:52:53 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (9/16/2013 9:58:43 AM)

04 - Repair WMI
   Start (9/16/2013 9:58:43 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (9/16/2013 10:04:22 AM)

05 - Repair Windows Firewall
   Start (9/16/2013 10:04:22 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (9/16/2013 10:04:37 AM)

06 - Repair Internet Explorer
   Start (9/16/2013 10:04:37 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (9/16/2013 10:08:29 AM)

07 - Repair MDAC/MS Jet
   Start (9/16/2013 10:08:29 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (9/16/2013 10:08:48 AM)

08 - Repair Hosts File
   Start (9/16/2013 10:08:48 AM)
   Running Repair Under System Account
   Done (9/16/2013 10:08:50 AM)

09 - Remove Policies Set By Infections
   Start (9/16/2013 10:08:50 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (9/16/2013 10:08:55 AM)

11 - Repair Icons
   Start (9/16/2013 10:08:55 AM)
   Running Repair Under System Account
   Done (9/16/2013 10:08:57 AM)

12 - Repair Winsock & DNS Cache
   Start (9/16/2013 10:08:57 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (9/16/2013 10:09:10 AM)

14 - Repair Proxy Settings
   Start (9/16/2013 10:09:10 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (9/16/2013 10:09:14 AM)

16 - Repair Windows Updates
   Start (9/16/2013 10:09:14 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (9/16/2013 10:10:56 AM)

17 - Repair CD/DVD Missing/Not Working
   Start (9/16/2013 10:10:56 AM)
   Done (9/16/2013 10:10:56 AM)

18 - Repair Volume Shadow Copy Service
   Start (9/16/2013 10:10:56 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (9/16/2013 10:11:21 AM)

20 - Repair MSI (Windows Installer)
   Start (9/16/2013 10:11:21 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (9/16/2013 10:11:34 AM)

22.01 - Repair bat Association
   Start (9/16/2013 10:11:34 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (9/16/2013 10:11:38 AM)

22.02 - Repair cmd Association
   Start (9/16/2013 10:11:38 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (9/16/2013 10:11:43 AM)

22.03 - Repair com Association
   Start (9/16/2013 10:11:43 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (9/16/2013 10:11:48 AM)

22.04 - Repair Directory Association
   Start (9/16/2013 10:11:48 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (9/16/2013 10:11:52 AM)

22.05 - Repair Drive Association
   Start (9/16/2013 10:11:52 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (9/16/2013 10:11:57 AM)

22.06 - Repair exe Association
   Start (9/16/2013 10:11:57 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (9/16/2013 10:12:02 AM)

22.07 - Repair Folder Association
   Start (9/16/2013 10:12:02 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (9/16/2013 10:12:08 AM)

22.08 - Repair inf Association
   Start (9/16/2013 10:12:08 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (9/16/2013 10:12:13 AM)

22.09 - Repair lnk (Shortcuts) Association
   Start (9/16/2013 10:12:13 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (9/16/2013 10:12:17 AM)

22.10 - Repair msc Association
   Start (9/16/2013 10:12:17 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (9/16/2013 10:12:22 AM)

22.11 - Repair reg Association
   Start (9/16/2013 10:12:22 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (9/16/2013 10:12:27 AM)

22.12 - Repair scr Association
   Start (9/16/2013 10:12:27 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (9/16/2013 10:12:31 AM)

23 - Repair Windows Safe Mode
   Start (9/16/2013 10:12:31 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (9/16/2013 10:12:36 AM)

24 - Repair Print Spooler
   Start (9/16/2013 10:12:36 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (9/16/2013 10:12:45 AM)

25 - Restore Important Windows Services
   Start (9/16/2013 10:12:45 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (9/16/2013 10:12:51 AM)

26 - Set Windows Services To Default Startup
   Start (9/16/2013 10:12:51 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (9/16/2013 10:13:33 AM)

Cleaning up empty logs...

All Selected Repairs Done.
   Done (9/16/2013 10:13:33 AM)
   Total Repair Time: 00:23:05

...YOU MUST RESTART YOUR SYSTEM...
   Running Repair Under Current User Account

 

 

Farbar Service Scanner Version: 13-09-2013
Ran by JD (administrator) on 16-09-2013 at 10:43:30
Running from "C:\Documents and Settings\JD\Local Settings\Temporary Internet Files\Content.IE5\5QCGO1X9"
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.

Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0

System Restore:
============

System Restore Disabled Policy:
========================

Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================

Other Services:
==============

File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
AegisP(9) Avgfwfd(17) Avgtdix(16) Gpc(6) IPSec(4) NetBT(5) PSched(7) s24trans(8) Tcpip(3)
0x11000000040000000100000002000000030000000A0000000B0000000C0000000D0000000E0000000F00000011000000100000000500000006000000070000000800000009000000
IpSec Tag value is correct.

**** End of log ****

 

 

Let me know what else needs to be done.  Thanks for your help.



#12 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,716 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:08:04 AM

Posted 16 September 2013 - 06:18 PM

Unfortunately there is no way around if some system files are corrupted or missing.

You need to find XP CD.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users