Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Computer not shutting down, some malware found


  • Please log in to reply
5 replies to this topic

#1 sportsfroma2

sportsfroma2

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:12:25 AM

Posted 24 February 2014 - 09:53 PM

Hello,

 

my friend has a windows XP desktop, biggest proglem is that he was unable to shut the computer down....  After 15minutes or waiting for anything to happen he just holds down the power button to shut it down.

 

First thing I notice is his AV program (MSE) was turned off, and he had some toolbars (Ask toolbar for sure, looks like there was more).

 

I ran some anti-malware scans hoping that would help this problem- while stuff has been located and cleaned, the computer i still a sluggish/slow and it still doesn't shut down.

 

I'm guessing there's soem more malware but I just don't know.

 

Anway, here's what I have done/found so far:

 

mbam full scan result from 2/19:

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2014.02.19.13

Windows XP Service Pack 3 x86 NTFS (Safe Mode/Networking)
Internet Explorer 8.0.6001.18702
Administrator :: NICK [administrator]

2/19/2014 7:51:32 PM
mbam-log-2014-02-19 (19-51-32).txt

Scan type: Full scan (C:\|E:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 352324
Time elapsed: 46 minute(s), 20 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 9
HKCR\CLSID\{1293052B-946D-47F9-8F5D-4652573E59D3} (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1293052B-946D-47F9-8F5D-4652573E59D3} (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{1293052B-946D-47F9-8F5D-4652573E59D3} (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1293052B-946D-47F9-8F5D-4652573E59D3} (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
HKCR\CLSID\{3c471948-f874-49f5-b338-4f214a2ee0b1} (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
HKCU\Software\ConduitSearchScopes (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
HKCU\Software\Conduit\FF (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IECT3315826 (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
HKCU\Software\Conduit\ValueApps (PUP.Optional.ValueApps.A) -> Quarantined and deleted successfully.

Registry Values Detected: 4
HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser|{1293052B-946D-47F9-8F5D-4652573E59D3} (PUP.Optional.Conduit) -> Data: +“m”ùG]FRW>YÓ -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks|{1293052B-946D-47F9-8F5D-4652573E59D3} (PUP.Optional.Conduit) -> Data:  -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{1293052B-946D-47F9-8F5D-4652573E59D3} (PUP.Optional.Conduit) -> Data: InternetHelper3.5 Toolbar -> Quarantined and deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run|APISupport (PUP.Optional.Conduit.A) -> Data: "C:\WINDOWS\system32\Rundll32.exe" "C:\Documents and Settings\Administrator\Local Settings\Application Data\Conduit\APISupport\APISupport.dll",DLLRunAPISupport -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 15
C:\Documents and Settings\All Users\Application Data\Conduit\IE (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Conduit\IE\CT3315826 (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Program Files\IB Updater\Firefox\chrome\content\resources (PUP.Optional.IBUpdater) -> Quarantined and deleted successfully.
C:\Program Files\IB Updater\Firefox\chrome\locale\en-US (PUP.Optional.IBUpdater) -> Quarantined and deleted successfully.
C:\Program Files\IB Updater\Firefox (PUP.Optional.IBUpdater) -> Quarantined and deleted successfully.
C:\Program Files\IB Updater (PUP.Optional.IBUpdater) -> Quarantined and deleted successfully.
C:\Program Files\IB Updater\Firefox\chrome\content\libraries (PUP.Optional.IBUpdater) -> Quarantined and deleted successfully.
C:\Program Files\IB Updater\resources (PUP.Optional.IBUpdater) -> Quarantined and deleted successfully.
C:\Program Files\IB Updater\Firefox\chrome\locale (PUP.Optional.IBUpdater) -> Quarantined and deleted successfully.
C:\Program Files\IB Updater\Firefox\chrome (PUP.Optional.IBUpdater) -> Quarantined and deleted successfully.
C:\Program Files\IB Updater\Firefox\chrome\skin (PUP.Optional.IBUpdater) -> Quarantined and deleted successfully.
C:\Program Files\IB Updater\Firefox\chrome\content (PUP.Optional.IBUpdater) -> Quarantined and deleted successfully.
C:\Program Files\IB Updater\libraries (PUP.Optional.IBUpdater) -> Quarantined and deleted successfully.
C:\Program Files\IB Updater\Firefox\defaults (PUP.Optional.IBUpdater) -> Quarantined and deleted successfully.
C:\Program Files\IB Updater\Firefox\defaults\preferences (PUP.Optional.IBUpdater) -> Quarantined and deleted successfully.

Files Detected: 185
C:\Program Files\InternetHelper3.5\prxtbInte.dll (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Conduit\CT3315826\InternetHelper3.5AutoUpdateHelper.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\InternetHelper3.5\hk64tbInte.dll (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\InternetHelper3.5\hktbInte.dll (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\InternetHelper3.5\ldrtbInte.dll (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\InternetHelper3.5\tbInte.dll (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\My Documents\Downloads\FirstRowSportApp_setup(37).exe (PUP.BundleInstaller.DW) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\My Documents\Downloads\FreeFileViewer2010Setup(2).exe (PUP.Optional.InstallIQ.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\My Documents\Downloads\FreeFileViewer2010Setup.exe (PUP.Optional.InstallIQ.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\My Documents\Downloads\setup(1).exe (PUP.Optional.AirInstaller) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\My Documents\Downloads\SoftonicDownloader_for_grand-theft-auto-san-andreas.exe (PUP.Optional.Softonic) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\My Documents\Downloads\SoftonicDownloader_for_steam(1).exe (PUP.Optional.Softonic.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\My Documents\Downloads\SoftonicDownloader_for_steam.exe (PUP.Optional.Softonic.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\My Documents\Downloads\Softonic_downloader_autodesk-dwg-trueview(1).exe (PUP.Optional.Softonic) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\My Documents\Downloads\Softonic_downloader_autodesk-dwg-trueview.exe (PUP.Optional.Softonic) -> Quarantined and deleted successfully.
C:\Documents and Settings\michelle coe\Local Settings\Application Data\InternetHelper3.5\hk64tbInte.dll (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
C:\Documents and Settings\michelle coe\Local Settings\Application Data\InternetHelper3.5\hktbInte.dll (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
C:\Documents and Settings\michelle coe\Local Settings\Application Data\InternetHelper3.5\ldrtbInte.dll (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
C:\Documents and Settings\michelle coe\Local Settings\Application Data\InternetHelper3.5\tbInte.dll (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
C:\Program Files\Conduit\Community Alerts\Alert.dll (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
C:\Program Files\InternetHelper3.5\hk64tbInte.dll (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
C:\Program Files\InternetHelper3.5\hktbInte.dll (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
C:\Program Files\InternetHelper3.5\InternetHelper3.5ToolbarHelper.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Program Files\InternetHelper3.5\ldrtbInte.dll (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
C:\Program Files\InternetHelper3.5\tbInte.dll (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP819\A0085941.dll (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP819\A0085943.dll (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP819\A0085944.dll (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP819\A0085945.dll (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP819\A0085946.dll (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP819\A0085951.dll (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP819\A0085952.dll (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP819\A0085953.dll (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP819\A0085954.dll (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP819\A0085955.dll (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP819\A0085956.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP819\A0085957.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP819\A0085966.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP819\A0085967.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP819\A0085968.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP819\A0085969.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP819\A0085970.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP819\A0085971.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP819\A0085972.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP819\A0085973.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP819\A0085974.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP819\A0085975.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP819\A0085976.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP819\A0085977.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP819\A0085978.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP819\A0085979.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP819\A0085980.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP819\A0085981.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP819\A0085982.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP819\A0085983.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP819\A0085985.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP820\A0086082.dll (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP820\A0086084.dll (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP820\A0086085.dll (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP820\A0086086.dll (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP820\A0086087.dll (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP820\A0086092.dll (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP820\A0086093.dll (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP820\A0086094.dll (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP820\A0086095.dll (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP820\A0086096.dll (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP820\A0086097.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP820\A0086098.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP820\A0086107.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP820\A0086108.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP820\A0086109.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP820\A0086110.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP820\A0086111.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP820\A0086112.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP820\A0086113.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP820\A0086114.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP820\A0086115.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP820\A0086116.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP820\A0086117.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP820\A0086118.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP820\A0086119.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP820\A0086120.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP820\A0086121.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP820\A0086122.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP820\A0086123.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP820\A0086124.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP820\A0086126.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP821\A0086233.dll (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP821\A0086235.dll (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP821\A0086236.dll (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP821\A0086237.dll (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP821\A0086238.dll (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP821\A0086243.dll (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP821\A0086244.dll (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP821\A0086245.dll (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP821\A0086246.dll (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP821\A0086247.dll (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP821\A0086248.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP821\A0086249.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP821\A0086257.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP821\A0086258.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP821\A0086259.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP821\A0086260.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP821\A0086261.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP821\A0086262.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP821\A0086263.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP821\A0086264.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP821\A0086265.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP821\A0086266.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP821\A0086267.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP821\A0086268.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP821\A0086269.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP821\A0086270.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP821\A0086271.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP821\A0086272.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP821\A0086273.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP821\A0086274.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP821\A0086275.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP822\A0086380.dll (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP822\A0086382.dll (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP822\A0086383.dll (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP822\A0086384.dll (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP822\A0086385.dll (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP822\A0086390.dll (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP822\A0086391.dll (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP822\A0086392.dll (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP822\A0086393.dll (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP822\A0086394.dll (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP825\A0087660.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP822\A0086396.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP822\A0086417.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP822\A0086418.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP822\A0086419.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP822\A0086420.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP822\A0086421.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP822\A0086409.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP822\A0086410.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP822\A0086411.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP822\A0086412.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP822\A0086413.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP822\A0086414.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP822\A0086415.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP822\A0086416.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP825\A0087648.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP825\A0087649.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP825\A0087650.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP825\A0087651.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP825\A0087652.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP822\A0086422.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP825\A0087641.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP825\A0087642.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP825\A0087643.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP825\A0087644.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP825\A0087645.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP825\A0087646.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP825\A0087647.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP825\A0087654.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP825\A0087653.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP825\A0087658.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP825\A0087655.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP825\A0087656.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP825\A0087657.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Conduit\IE\CT3315826\configutaion.json (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Conduit\IE\CT3315826\SetupIcon.ico (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Conduit\IE\CT3315826\UninstallerUI.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Program Files\IB Updater\Firefox\chrome\content\libraries\DataExchangeScript.js (PUP.Optional.IBUpdater) -> Quarantined and deleted successfully.
C:\Program Files\IB Updater\source.crx (PUP.Optional.IBUpdater) -> Quarantined and deleted successfully.
C:\Program Files\IB Updater\unins000.dat (PUP.Optional.IBUpdater) -> Quarantined and deleted successfully.
C:\Program Files\IB Updater\Firefox\install.rdf (PUP.Optional.IBUpdater) -> Quarantined and deleted successfully.
C:\Program Files\IB Updater\resources\localscript.js (PUP.Optional.IBUpdater) -> Quarantined and deleted successfully.
C:\Program Files\IB Updater\Firefox\chrome\content\resources\localscript.js (PUP.Optional.IBUpdater) -> Quarantined and deleted successfully.
C:\Program Files\IB Updater\Firefox\chrome\locale\en-US\overlay.dtd (PUP.Optional.IBUpdater) -> Quarantined and deleted successfully.
C:\Program Files\IB Updater\Firefox\chrome\skin\overlay.css (PUP.Optional.IBUpdater) -> Quarantined and deleted successfully.
C:\Program Files\IB Updater\libraries\DataExchangeScript.js (PUP.Optional.IBUpdater) -> Quarantined and deleted successfully.
C:\Program Files\IB Updater\Firefox\chrome\content\main.js (PUP.Optional.IBUpdater) -> Quarantined and deleted successfully.
C:\Program Files\IB Updater\Firefox\chrome\content\main.xul (PUP.Optional.IBUpdater) -> Quarantined and deleted successfully.
C:\Program Files\IB Updater\Firefox\defaults\preferences\defaults.js (PUP.Optional.IBUpdater) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\My Documents\Downloads\FreeFileViewer2010Setup(2).exe (PUP.Optional.InstallIQ.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\My Documents\Downloads\FreeFileViewer2010Setup.exe (PUP.Optional.InstallIQ.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433} (PUP.Optional.Searchqu.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\My Documents\Downloads\SoftonicDownloader_for_grand-theft-auto-san-andreas.exe (PUP.Optional.Softonic) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\My Documents\Downloads\Softonic_downloader_autodesk-dwg-trueview.exe (PUP.Optional.Softonic) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\My Documents\Downloads\Softonic_downloader_autodesk-dwg-trueview(1).exe (PUP.Optional.Softonic) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\My Documents\Downloads\SoftonicDownloader_for_steam.exe (PUP.Optional.Softonic.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\My Documents\Downloads\SoftonicDownloader_for_steam(1).exe (PUP.Optional.Softonic.A) -> Quarantined and deleted successfully.

(end)
 

 

 

 

_______________

 

mbam scan/result from 2/24 today

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2014.02.24.01

Windows XP Service Pack 3 x86 NTFS (Safe Mode/Networking)
Internet Explorer 8.0.6001.18702
Administrator :: NICK [administrator]

2/24/2014 12:53:44 AM
mbam-log-2014-02-24 (00-53-44).txt

Scan type: Full scan (C:\|E:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 353927
Time elapsed: 2 hour(s), 9 minute(s), 40 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 4
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP822\A0086404.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP822\A0086405.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP822\A0086406.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP825\A0087659.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.

(end)
 

 

____________________________

 

 

ADW from 2/19:

# AdwCleaner v3.019 - Report created 19/02/2014 at 23:50:16
# Updated 17/02/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Administrator - NICK
# Running from : C:\Documents and Settings\Administrator\My Documents\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users\Application Data\boost_interprocess
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Conduit
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Tarma Installer
Folder Deleted : C:\Documents and Settings\All Users\Application Data\ADDICT-THING
Folder Deleted : C:\Program Files\Ask.com
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\FirstRowSportApp.com
Folder Deleted : C:\Program Files\optimizer pro
Folder Deleted : C:\Program Files\Search Results Toolbar
Folder Deleted : C:\Program Files\UtilityChest_49
Folder Deleted : C:\Program Files\Web Assistant
Folder Deleted : C:\Program Files\Yontoo
Folder Deleted : C:\Program Files\InternetHelper3.5
Folder Deleted : C:\WINDOWS\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
Folder Deleted : C:\Documents and Settings\michelle coe\Local Settings\Application Data\AskToolbar
Folder Deleted : C:\Documents and Settings\michelle coe\Local Settings\Application Data\Conduit
Folder Deleted : C:\Documents and Settings\michelle coe\Local Settings\Application Data\visi_coupon
Folder Deleted : C:\Documents and Settings\michelle coe\Local Settings\Application Data\InternetHelper3.5
Folder Deleted : C:\Documents and Settings\Administrator\Local Settings\Application Data\AskToolbar
Folder Deleted : C:\Documents and Settings\Administrator\Local Settings\Application Data\Conduit
Folder Deleted : C:\Documents and Settings\Administrator\Local Settings\Application Data\iLivid
Folder Deleted : C:\Documents and Settings\Administrator\Local Settings\Application Data\NativeMessaging
Folder Deleted : C:\Documents and Settings\Administrator\Local Settings\Application Data\visi_coupon
Folder Deleted : C:\Documents and Settings\Administrator\Local Settings\Application Data\WhiteListing
Folder Deleted : C:\Documents and Settings\Administrator\Local Settings\Application Data\InternetHelper3.5
Folder Deleted : C:\Documents and Settings\Administrator\Application Data\ilividtoolbarguid
Folder Deleted : C:\Documents and Settings\michelle coe\Application Data\Mozilla\Firefox\Profiles\mwxxoi7i.default\ilividtoolbarguid
Folder Deleted : C:\Documents and Settings\michelle coe\Application Data\Mozilla\Firefox\Profiles\mwxxoi7i.default\Extensions\{F34C9277-6577-4DFF-B2D7-7D58092F272F}
Folder Deleted : C:\Documents and Settings\michelle coe\Application Data\Mozilla\Firefox\Profiles\mwxxoi7i.default\Extensions\49ffxtbr@UtilityChest_49.com
File Deleted : C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Search Protection]
Key Deleted : HKCU\Toolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3315826
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{419BBD46-1AE1-4096-B7A3-C5CE80818AED}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{419BBD46-1AE1-4096-B7A3-C5CE80818AED}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0DBDE286-014B-4AAC-BCE3-F5E6BD8838DF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4F81E051-0025-4E4F-B752-208F10566D27}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\AskToolbar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\InternetHelper3.5
Key Deleted : HKCU\Software\AppDataLow\AskBarDis
Key Deleted : HKCU\Software\AppDataLow\AskToolbarInfo
Key Deleted : HKLM\Software\APN
Key Deleted : HKLM\Software\AskToolbar
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\InternetHelper3.5
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Mozilla Firefox v18.0 (en-US)

[ File : C:\Documents and Settings\michelle coe\Application Data\Mozilla\Firefox\Profiles\mwxxoi7i.default\prefs.js ]

Line Deleted : user_pref("browser.search.defaultengine", "Ask.com");
Line Deleted : user_pref("browser.search.defaultenginename", "Ask.com");
Line Deleted : user_pref("browser.search.order.1", "Ask.com");
Line Deleted : user_pref("browser.search.selectedEngine", "Ask.com");
Line Deleted : user_pref("extensions.asktb.ff-original-keyword-url", "");
Line Deleted : user_pref("keyword.URL", "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=F-ET&o=14406&locale=en_US&apn_uid=51178079-39A8-406D-909D-22BC5BED72E2&apn_ptnrs=FU&apn_sauid=26B1E522-7CD2-48ED-BF19-D7[...]

[ File : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\xpnfs4wb.default-1392871144062\prefs.js ]


-\\ Google Chrome v32.0.1700.76

[ File : C:\Documents and Settings\michelle coe\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]

Deleted : homepage

*************************

AdwCleaner[R0].txt - [11735 octets] - [19/02/2014 23:48:21]
AdwCleaner[S0].txt - [11731 octets] - [19/02/2014 23:50:16]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [11792 octets] ##########
 

 

 

______________

 

 

ADW from last night:

 

# AdwCleaner v3.019 - Report created 23/02/2014 at 23:21:45
# Updated 17/02/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Administrator - NICK
# Running from : C:\Documents and Settings\All Users\Documents\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Mozilla Firefox v18.0 (en-US)

[ File : C:\Documents and Settings\michelle coe\Application Data\Mozilla\Firefox\Profiles\mwxxoi7i.default\prefs.js ]


[ File : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\xpnfs4wb.default-1392871144062\prefs.js ]


-\\ Google Chrome v32.0.1700.76

[ File : C:\Documents and Settings\michelle coe\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [11735 octets] - [19/02/2014 23:48:21]
AdwCleaner[R1].txt - [1380 octets] - [23/02/2014 23:06:36]
AdwCleaner[R2].txt - [1239 octets] - [23/02/2014 23:21:45]
AdwCleaner[S0].txt - [11873 octets] - [19/02/2014 23:50:16]

########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [1360 octets] ##########
 

 

 

 

________________________________________

 

ESET's Online scanner from IE:

 

C:\Documents and Settings\Administrator\Desktop\Old Firefox Data\y8lqpqv5.default\extensions\plugin@yontoo.com.xpi    Win32/Adware.Yontoo application    deleted - quarantined
C:\Documents and Settings\Administrator\Local Settings\Application Data\Conduit\APISupport\MiniSP_1.0.1.36\MiniSP.dll    a variant of Win32/Conduit.SearchProtect.H potentially unwanted application    deleted - quarantined
C:\Documents and Settings\Administrator\Local Settings\Application Data\Conduit\APISupport\MiniSP_1.0.2.40\MiniSP.dll    a variant of Win32/Conduit.SearchProtect.H potentially unwanted application    deleted - quarantined
C:\Documents and Settings\Administrator\My Documents\Downloads\DownloadSetup(1).exe    Win32/InstallMate.A potentially unwanted application    deleted - quarantined
C:\Documents and Settings\Administrator\My Documents\Downloads\DownloadSetup(2).exe    Win32/InstallMate.A potentially unwanted application    deleted - quarantined
C:\Documents and Settings\Administrator\My Documents\Downloads\DownloadSetup.exe    Win32/InstallMate.A potentially unwanted application    deleted - quarantined
C:\Qoobox\Quarantine\C\Program Files\Search Results Toolbar\Datamngr\ChromeExtension\lib\default-config.js.vir    JS/Bandoo.A potentially unwanted application    deleted - quarantined
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP822\A0086395.exe    Win32/Toolbar.Conduit.V potentially unwanted application    deleted - quarantined
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP822\A0086407.dll    probably a variant of Win32/Conduit.SearchProtect.C potentially unwanted application    deleted - quarantined
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP822\A0086408.dll    probably a variant of Win32/Conduit.SearchProtect.C potentially unwanted application    deleted - quarantined
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP900\A0098659.dll    a variant of Win32/Conduit.SearchProtect.H potentially unwanted application    deleted - quarantined
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP911\A0118945.dll    a variant of Win32/Conduit.SearchProtect.H potentially unwanted application    deleted - quarantined
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP911\A0127203.dll    Win32/Toolbar.Conduit.X potentially unwanted application    deleted - quarantined
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP911\A0127204.exe    Win32/Toolbar.Conduit.V potentially unwanted application    deleted - quarantined
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP911\A0127205.dll    Win64/Toolbar.Conduit.B potentially unwanted application    deleted - quarantined
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP911\A0127206.dll    Win32/Toolbar.Conduit.X potentially unwanted application    deleted - quarantined
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP911\A0127207.dll    a variant of Win32/Toolbar.Conduit.P potentially unwanted application    deleted - quarantined
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP911\A0127208.dll    a variant of Win32/Toolbar.Conduit.X potentially unwanted application    deleted - quarantined
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP911\A0127209.dll    Win64/Toolbar.Conduit.B potentially unwanted application    deleted - quarantined
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP911\A0127210.dll    Win32/Toolbar.Conduit.X potentially unwanted application    deleted - quarantined
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP911\A0127211.dll    a variant of Win32/Toolbar.Conduit.P potentially unwanted application    deleted - quarantined
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP911\A0127212.dll    a variant of Win32/Toolbar.Conduit.X potentially unwanted application    deleted - quarantined
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP911\A0127213.dll    Win32/Toolbar.Conduit.Y potentially unwanted application    deleted - quarantined
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP911\A0127214.dll    Win64/Toolbar.Conduit.B potentially unwanted application    deleted - quarantined
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP911\A0127215.dll    Win32/Toolbar.Conduit.X potentially unwanted application    deleted - quarantined
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP911\A0127216.exe    Win32/Toolbar.Conduit.V potentially unwanted application    deleted - quarantined
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP911\A0127217.dll    a variant of Win32/Toolbar.Conduit.P potentially unwanted application    deleted - quarantined
C:\System Volume Information\_restore{B99C1D78-A8E0-4692-8153-05AA2E7A526A}\RP911\A0127218.dll    a variant of Win32/Toolbar.Conduit.X potentially unwanted application    deleted - quarantined
 

 

 

 

 

 

_____________________________________

 

 

MSE scans, SuperAntiVirus are both clean.

 

 

Thank you for reading this far and any help/advice will be appreciated!


Edited by sportsfroma2, 24 February 2014 - 09:55 PM.


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,906 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:25 AM

Posted 25 February 2014 - 12:20 PM

Hello sportsfroma

Lets also run these and see how it is after.

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
.

.

thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 sportsfroma2

sportsfroma2
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:12:25 AM

Posted 25 February 2014 - 08:39 PM

Thanks Boopme!

 

Here are the results:

 

from minitoolbox (took 3 tries for this to work, the computer froze the first two tries - I wasn't connected to the internet when I ran this, wasn't sure if I needed to be connected))

 

MiniToolBox by Farbar  Version: 23-01-2014
Ran by Administrator (administrator) on 25-02-2014 at 19:57:19
Running from "C:\Documents and Settings\Administrator\Desktop"
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1       localhost

========================= IP Configuration: ================================

Realtek RTL8168/8111 PCI-E Gigabit Ethernet NIC = Local Area Connection (Media disconnected)


# ----------------------------------
# Interface IP Configuration         
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



        Host Name . . . . . . . . . . . . : nick

        Primary Dns Suffix  . . . . . . . :

        Node Type . . . . . . . . . . . . : Unknown

        IP Routing Enabled. . . . . . . . : No

        WINS Proxy Enabled. . . . . . . . : No



Ethernet adapter Local Area Connection:



        Media State . . . . . . . . . . . : Media disconnected

        Description . . . . . . . . . . . : Realtek RTL8168/8111 PCI-E Gigabit Ethernet NIC

        Physical Address. . . . . . . . . : 00-1F-D0-D1-36-B6

Server:  UnKnown
Address:  127.0.0.1

Ping request could not find host google.com. Please check the name and try again.

Server:  UnKnown
Address:  127.0.0.1

Ping request could not find host yahoo.com. Please check the name and try again.



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 1f d0 d1 36 b6 ...... Realtek PCIe GBE Family Controller - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1      1
  255.255.255.255  255.255.255.255  255.255.255.255               2      1
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\system32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (02/24/2014 06:38:34 AM) (Source: Microsoft Security Client) (User: )
Description: mssecurityclientmsseces.exe4.4.304.00x8007043cupdatecmainwindow__onsignatureupdatestatus0security essentialsNILNILNIL

Error: (02/23/2014 11:47:18 PM) (Source: Application Error) (User: )
Description: Faulting application superantispyware.exe, version 4.41.0.1000, faulting module unknown, version 0.0.0.0, fault address 0x05a99080.
Processing media-specific event for [superantispyware.exe!ws!]

Error: (02/23/2014 11:47:17 PM) (Source: Application Error) (User: )
Description: Faulting application syntpenh.exe, version 7.12.4.0, faulting module unknown, version 0.0.0.0, fault address 0x011a9080.
Processing media-specific event for [syntpenh.exe!ws!]

Error: (02/23/2014 11:47:16 PM) (Source: Application Error) (User: )
Description: Faulting application brctrcen.exe, version 2.0.15.7, faulting module unknown, version 0.0.0.0, fault address 0x01f39080.
Processing media-specific event for [brctrcen.exe!ws!]

Error: (02/23/2014 11:47:15 PM) (Source: Application Error) (User: )
Description: Faulting application rthdcpl.exe, version 2.2.9.0, faulting module unknown, version 0.0.0.0, fault address 0x10078760.
Processing media-specific event for [rthdcpl.exe!ws!]

Error: (02/23/2014 11:25:21 PM) (Source: Application Hang) (User: )
Description: Hanging application notepad.exe, version 5.1.2600.5512, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (02/23/2014 11:25:07 PM) (Source: Application Hang) (User: )
Description: Hanging application AdwCleaner.exe, version 3.0.1.9, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (02/23/2014 11:23:07 PM) (Source: Application Error) (User: )
Description: Faulting application onenotem.exe, version 12.0.6500.5000, faulting module unknown, version 0.0.0.0, fault address 0x10078ca0.
Processing media-specific event for [onenotem.exe!ws!]

Error: (02/23/2014 11:23:00 PM) (Source: Application Error) (User: )
Description: Faulting application msseces.exe, version 4.4.304.0, faulting module unknown, version 0.0.0.0, fault address 0x10078760.
Processing media-specific event for [msseces.exe!ws!]

Error: (02/23/2014 11:22:48 PM) (Source: Application Error) (User: )
Description: Faulting application superantispyware.exe, version 4.41.0.1000, faulting module unknown, version 0.0.0.0, fault address 0x05b89080.
Processing media-specific event for [superantispyware.exe!ws!]


System errors:
=============
Error: (02/25/2014 07:56:14 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

    New Signature Version:

    Previous Signature Version: 1.167.201.0

    Update Source: %NT AUTHORITY51

    Update Stage: 4.4.0304.00

    Source Path: 4.4.0304.01

    Signature Type: %NT AUTHORITY602

    Update Type: %NT AUTHORITY604

    User: NT AUTHORITY\NETWORK SERVICE

    Current Engine Version: %NT AUTHORITY605

    Previous Engine Version: %NT AUTHORITY606

    Error code: %NT AUTHORITY607

    Error description: %NT AUTHORITY608

Error: (02/25/2014 07:56:14 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

    New Signature Version:

    Previous Signature Version: 1.167.201.0

    Update Source: %NT AUTHORITY51

    Update Stage: 4.4.0304.00

    Source Path: 4.4.0304.01

    Signature Type: %NT AUTHORITY602

    Update Type: %NT AUTHORITY604

    User: NT AUTHORITY\NETWORK SERVICE

    Current Engine Version: %NT AUTHORITY605

    Previous Engine Version: %NT AUTHORITY606

    Error code: %NT AUTHORITY607

    Error description: %NT AUTHORITY608

Error: (02/25/2014 07:56:14 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

    New Signature Version:

    Previous Signature Version: 1.167.201.0

    Update Source: %NT AUTHORITY59

    Update Stage: 4.4.0304.00

    Source Path: 4.4.0304.01

    Signature Type: %NT AUTHORITY602

    Update Type: %NT AUTHORITY604

    User: NT AUTHORITY\SYSTEM

    Current Engine Version: %NT AUTHORITY605

    Previous Engine Version: %NT AUTHORITY606

    Error code: %NT AUTHORITY607

    Error description: %NT AUTHORITY608

Error: (02/25/2014 07:56:09 PM) (Source: Service Control Manager) (User: )
Description: The X10 Device Network Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (02/25/2014 07:34:38 PM) (Source: Service Control Manager) (User: )
Description: The X10 Device Network Service service hung on starting.

Error: (02/24/2014 09:31:04 PM) (Source: DCOM) (User: NICK)
Description: The server {4991D34B-80A1-4291-83B6-3328366B9097} did not register with DCOM within the required timeout.

Error: (02/24/2014 09:29:04 PM) (Source: DCOM) (User: NICK)
Description: The server {4991D34B-80A1-4291-83B6-3328366B9097} did not register with DCOM within the required timeout.

Error: (02/24/2014 09:15:09 PM) (Source: Service Control Manager) (User: )
Description: The X10 Device Network Service service hung on starting.

Error: (02/24/2014 08:16:22 PM) (Source: Service Control Manager) (User: )
Description: The X10 Device Network Service service hung on starting.

Error: (02/24/2014 08:14:17 PM) (Source: 0) (User: )
Description: 0xC0000001HarddiskVolume1


Microsoft Office Sessions:
=========================
Error: (01/16/2014 06:48:18 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6680.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 533193 seconds with 540 seconds of active time.  This session ended with a crash.

Error: (05/19/2013 05:27:44 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 688796 seconds with 840 seconds of active time.  This session ended with a crash.

Error: (09/18/2011 11:41:20 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6562.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 3493 seconds with 300 seconds of active time.  This session ended with a crash.

Error: (06/17/2011 05:34:17 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6557.5001, Microsoft Office Version: 12.0.6425.1000. This session lasted 6949 seconds with 360 seconds of active time.  This session ended with a crash.

Error: (01/06/2011 02:46:31 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6548.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 27 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (10/07/2010 03:12:49 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6539.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1243 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (05/11/2010 02:22:29 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 114 seconds with 60 seconds of active time.  This session ended with a crash.

Error: (05/07/2010 00:17:41 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 13, Application Name: Microsoft Office OneNote, Application Version: 12.0.6500.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 4 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (02/11/2010 04:03:46 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 616 seconds with 480 seconds of active time.  This session ended with a crash.


=========================== Installed Programs ============================

ActiveHome Pro
Adobe AIR (Version: 2.0.2.12610)
Adobe Download Manager (Version: 1.6.2.63)
Adobe Flash Player 12 Plugin (Version: 12.0.0.43)
Adobe Reader XI (11.0.06) (Version: 11.0.06)
Adobe Shockwave Player 11.5 (Version: 11.5.1.601)
Amazing Adventures: The Lost Tomb
Brother MFL-Pro Suite (Version: 1.00.000)
Call of Duty® - World at War™ (Version: 1.0)
Call of Duty® 4 - Modern Warfare™ (Version: 1.00.0000)
Call of Duty: Black Ops
Call of Duty: Black Ops - Multiplayer
CCleaner (Version: 4.10)
Click to Call with Skype (Version: 5.6.8153)
Critical Update for Windows Media Player 11 (KB959772)
DWG TrueView 2013 (Version: 19.0.55.0)
ESET Online Scanner v3
Foxit PDF Editor (Version: 2.2.0.0205)
Foxit Reader
Google Chrome (Version: 33.0.1750.117)
Google Earth (Version: 7.1.1.1888)
Google Earth (Version: 7.1.2.2041)
Google Update Helper (Version: 1.3.22.5)
LG USB Modem Drivers (Version: 4.8.1)
Logitech QuickCam for Enterprise (Version: 11.72.1072)
Logitech QuickCam for Enterprise Driver Package
Malwarebytes' Anti-Malware version 1.51.2.1300 (Version: 1.51.2.1300)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB2833941)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Ultimate 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Security Client (Version: 4.3.0215.0)
Microsoft Security Essentials (Version: 4.3.215.0)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft Software Update for Web Folders  (English) 12 (Version: 12.0.6612.1000)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Mozilla Firefox 18.0 (x86 en-US) (Version: 18.0)
Mozilla Maintenance Service (Version: 27.0.1)
NVIDIA Drivers (Version: 1.3)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
PaperPort (Version: 9.02.0814)
PunkBuster Services (Version: 0.986)
RCA Detective™ 2.0.0.98
RCA Digital Voice Manager 5.0.3.1
RealFlight G2 Simulator
RealFlight G3 R/C Simulator
Realtek High Definition Audio Driver
Skype™ 6.0 (Version: 6.0.126)
Steam (Version: 1.0.0.0)
StreamTorrent 1.0
SUPERAntiSpyware (Version: 4.41.1000)
Synaptics Pointing Device Driver (Version: 7.12.4.0)
System Requirements Lab
Unity Web Player (Version: 2.5.5b4_50)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Microsoft Windows (KB971513)
Update for Windows Internet Explorer 8 (KB972636) (Version: 1)
Update for Windows Internet Explorer 8 (KB976662) (Version: 1)
Update for Windows Internet Explorer 8 (KB976749) (Version: 1)
Update for Windows Internet Explorer 8 (KB980182) (Version: 1)
Update for Windows Internet Explorer 8 (KB982632) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2607712) (Version: 1)
Update for Windows XP (KB2616676) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2661254-v2) (Version: 2)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB2736233) (Version: 1)
Update for Windows XP (KB2749655) (Version: 1)
Update for Windows XP (KB2863058) (Version: 1)
Update for Windows XP (KB2904266) (Version: 1)
Update for Windows XP (KB898461) (Version: 1)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB955839) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
VLC media player 1.0.1 (Version: 1.0.1)
WebFldrs XP (Version: 9.50.7523)
Windows Genuine Advantage Notifications (KB905474) (Version: 1.9.0040.0)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Live OneCare safety scanner
Windows Management Framework Core
Windows Media Format 11 runtime
Yahoo! Messenger
Yahoo! Search Protection
Yahoo! Software Update
Yahoo! Toolbar

========================= Memory info: ===================================

Percentage of memory in use: 23%
Total physical RAM: 2046.42 MB
Available physical RAM: 1573.98 MB
Total Pagefile: 3939.27 MB
Available Pagefile: 3634.57 MB
Total Virtual: 2047.88 MB
Available Virtual: 1973.72 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:149 GB) (Free:100.22 GB) NTFS
3 Drive d: (iMemories 163737-336847-1) (CDROM) (Total:2.85 GB) (Free:0 GB) UDF
4 Drive e: (OLD HardDrive) (Fixed) (Total:74.52 GB) (Free:48.04 GB) NTFS

========================= Users: ========================================

User accounts for \\NICK

Administrator            ASPNET                   Guest                    
HelpAssistant            michelle coe             SUPPORT_388945a0         


**** End of log ****
 

 

 

TDS:

 

19:58:23.0968 0x0174  TDSS rootkit removing tool 3.0.0.23 Feb 10 2014 23:32:41
19:58:26.0781 0x0174  ============================================================
19:58:26.0781 0x0174  Current date / time: 2014/02/25 19:58:26.0781
19:58:26.0781 0x0174  SystemInfo:
19:58:26.0781 0x0174  
19:58:26.0781 0x0174  OS Version: 5.1.2600 ServicePack: 3.0
19:58:26.0781 0x0174  Product type: Workstation
19:58:26.0781 0x0174  ComputerName: NICK
19:58:26.0781 0x0174  UserName: Administrator
19:58:26.0781 0x0174  Windows directory: C:\WINDOWS
19:58:26.0781 0x0174  System windows directory: C:\WINDOWS
19:58:26.0781 0x0174  Processor architecture: Intel x86
19:58:26.0781 0x0174  Number of processors: 2
19:58:26.0781 0x0174  Page size: 0x1000
19:58:26.0781 0x0174  Boot type: Normal boot
19:58:26.0781 0x0174  ============================================================
19:58:29.0875 0x0174  KLMD registered as C:\WINDOWS\system32\drivers\16219939.sys
19:58:30.0078 0x0174  System UUID: {4A3EDB1F-D0D0-5DD0-770D-39DDC951F05F}
19:58:30.0671 0x0174  Drive \Device\Harddisk0\DR0 - Size: 0x2540ADBE00 (149.01 Gb), SectorSize: 0x200, Cylinders: 0x4BFC, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
19:58:30.0671 0x0174  Drive \Device\Harddisk1\DR1 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
19:58:30.0671 0x0174  ============================================================
19:58:30.0671 0x0174  \Device\Harddisk0\DR0:
19:58:30.0671 0x0174  MBR partitions:
19:58:30.0671 0x0174  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x12A011FC
19:58:30.0671 0x0174  \Device\Harddisk1\DR1:
19:58:30.0671 0x0174  MBR partitions:
19:58:30.0671 0x0174  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x950A5C1
19:58:30.0671 0x0174  ============================================================
19:58:30.0718 0x0174  C: <-> \Device\Harddisk0\DR0\Partition1
19:58:30.0750 0x0174  E: <-> \Device\Harddisk1\DR1\Partition1
19:58:30.0750 0x0174  ============================================================
19:58:30.0750 0x0174  Initialize success
19:58:30.0750 0x0174  ============================================================
19:58:37.0656 0x03f0  ============================================================
19:58:37.0656 0x03f0  Scan started
19:58:37.0656 0x03f0  Mode: Manual;
19:58:37.0656 0x03f0  ============================================================
19:58:37.0656 0x03f0  KSN ping started
19:58:37.0671 0x03f0  KSN ping finished: false
19:58:38.0218 0x03f0  ================ Scan system memory ========================
19:58:38.0218 0x03f0  System memory - ok
19:58:38.0218 0x03f0  ================ Scan services =============================
19:58:38.0328 0x03f0  Abiosdsk - ok
19:58:38.0328 0x03f0  abp480n5 - ok
19:58:38.0375 0x03f0  [ 8FD99680A539792A30E97944FDAECF17, 594F8E0C3695400B0C09A797AF6BDFAC6F750ECD67D0EE803914C572B1DCC43C ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
19:58:38.0375 0x03f0  ACPI - ok
19:58:38.0484 0x03f0  [ 9859C0F6936E723E4892D7141B1327D5, 5E8F6A2FC4DF2E5E92A1D66ECC2810E08B42B64E9CD0DF4AD3F78EA8558B90AF ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
19:58:38.0484 0x03f0  ACPIEC - ok
19:58:38.0484 0x03f0  adpu160m - ok
19:58:38.0531 0x03f0  [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec             C:\WINDOWS\system32\drivers\aec.sys
19:58:38.0531 0x03f0  aec - ok
19:58:38.0578 0x03f0  [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
19:58:38.0578 0x03f0  AFD - ok
19:58:38.0578 0x03f0  Aha154x - ok
19:58:38.0593 0x03f0  aic78u2 - ok
19:58:38.0593 0x03f0  aic78xx - ok
19:58:38.0640 0x03f0  [ A9A3DAA780CA6C9671A19D52456705B4, 67C959144B57AE0BBF1D82DBED197F32CDB06FECD883A80C441A0202FE83FAB4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
19:58:38.0640 0x03f0  Alerter - ok
19:58:38.0656 0x03f0  [ 8C515081584A38AA007909CD02020B3D, A5E13CA10F702928E0DE84C74D0EA8ACCB117FD76FBABC55220C75C4FFD596DC ] ALG             C:\WINDOWS\System32\alg.exe
19:58:38.0656 0x03f0  ALG - ok
19:58:38.0656 0x03f0  AliIde - ok
19:58:38.0734 0x03f0  [ F6AF59D6EEE5E1C304F7F73706AD11D8, F5D39EF40CDB5102A84C8594CFC54DDBD5060E193E6D07421A9003D2ABC63E30 ] Ambfilt         C:\WINDOWS\system32\drivers\Ambfilt.sys
19:58:38.0781 0x03f0  Ambfilt - ok
19:58:38.0781 0x03f0  amsint - ok
19:58:38.0812 0x03f0  [ D8849F77C0B66226335A59D26CB4EDC6, 4990031453204C57E36E850252A39B05D6ECDAB9E71A8136FB4900F17E59C9CA ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
19:58:38.0812 0x03f0  AppMgmt - ok
19:58:38.0812 0x03f0  asc - ok
19:58:38.0812 0x03f0  asc3350p - ok
19:58:38.0828 0x03f0  asc3550 - ok
19:58:38.0968 0x03f0  [ 776ACEFA0CA9DF0FAA51A5FB2F435705, 72DF7ED6B085BC468994F5B3189506FD726A9A17A9C42ACA1E420D787691361D ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
19:58:38.0984 0x03f0  aspnet_state - ok
19:58:39.0015 0x03f0  [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
19:58:39.0015 0x03f0  AsyncMac - ok
19:58:39.0062 0x03f0  [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
19:58:39.0062 0x03f0  atapi - ok
19:58:39.0078 0x03f0  Atdisk - ok
19:58:39.0093 0x03f0  [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
19:58:39.0093 0x03f0  Atmarpc - ok
19:58:39.0125 0x03f0  [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7EB43D49E3276F8 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
19:58:39.0125 0x03f0  AudioSrv - ok
19:58:39.0140 0x03f0  [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
19:58:39.0140 0x03f0  audstub - ok
19:58:39.0187 0x03f0  [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
19:58:39.0187 0x03f0  Beep - ok
19:58:39.0265 0x03f0  [ 574738F61FCA2935F5265DC4E5691314, 3C7CCF064397186C3A3863DD2370AB6414A61B330097DCA4F299CA7BBAA3D1B4 ] BITS            C:\WINDOWS\system32\qmgr.dll
19:58:39.0328 0x03f0  BITS - ok
19:58:39.0375 0x03f0  [ CFD4E51402DA9838B5A04AE680AF54A0, 5378F42B195B5832B00A05AD64E00473A45FFB86AC25C57241F26EA82B149FE1 ] Browser         C:\WINDOWS\System32\browser.dll
19:58:39.0390 0x03f0  Browser - ok
19:58:39.0421 0x03f0  [ 92A964547B96D697E5E9ED43B4297F5A, 01A84802B68253FF093EAFED5B85DE716BB85EBD080D92D4814B6FB39286CD24 ] BrScnUsb        C:\WINDOWS\system32\Drivers\BrScnUsb.sys
19:58:39.0421 0x03f0  BrScnUsb - ok
19:58:39.0484 0x03f0  [ D48C13F4A409AEE8DAFADDAC81E34557, 111F686E529AD7AB622C50B60C19586EA0E8AD1DA5F53609FD6286E103AFF33F ] BrSerIf         C:\WINDOWS\system32\Drivers\BrSerIf.sys
19:58:39.0484 0x03f0  BrSerIf - ok
19:58:39.0515 0x03f0  [ 8FA0AC830A8312912A3AA0C0431CBA0D, C340D871AE68B035603A2CB7C2A2A56E989A91F93722F16157449FF96FD9FB3B ] BrUsbSer        C:\WINDOWS\system32\Drivers\BrUsbSer.sys
19:58:39.0515 0x03f0  BrUsbSer - ok
19:58:39.0609 0x03f0  catchme - ok
19:58:39.0640 0x03f0  [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
19:58:39.0640 0x03f0  cbidf2k - ok
19:58:39.0640 0x03f0  [ 0BE5AEF125BE881C4F854C554F2B025C, 1770DD70B3F115A0EF460907DEDC1E4B7241C08615A98F194D61A49C3E2BAA54 ] CCDECODE        C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
19:58:39.0640 0x03f0  CCDECODE - ok
19:58:39.0656 0x03f0  cd20xrnt - ok
19:58:39.0687 0x03f0  [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
19:58:39.0687 0x03f0  Cdaudio - ok
19:58:39.0750 0x03f0  [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
19:58:39.0750 0x03f0  Cdfs - ok
19:58:39.0750 0x03f0  [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
19:58:39.0765 0x03f0  Cdrom - ok
19:58:39.0765 0x03f0  Changer - ok
19:58:39.0781 0x03f0  [ 1CFE720EB8D93A7158A4EBC3AB178BDE, 65D2A9D9A88F38D4AF323134C151BA0F4B3CD0F6A134AF86E7AC9D07319F1726 ] CiSvc           C:\WINDOWS\system32\cisvc.exe
19:58:39.0781 0x03f0  CiSvc - ok
19:58:39.0796 0x03f0  [ 34CBE729F38138217F9C80212A2A0C82, A9FD7A758D12E0818A11BEEF1CE772FEFA8373E92EF6C0DA8628CD4572CC9A43 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
19:58:39.0796 0x03f0  ClipSrv - ok
19:58:39.0890 0x03f0  [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:58:39.0890 0x03f0  clr_optimization_v2.0.50727_32 - ok
19:58:39.0937 0x03f0  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:58:39.0968 0x03f0  clr_optimization_v4.0.30319_32 - ok
19:58:39.0968 0x03f0  CmdIde - ok
19:58:39.0984 0x03f0  COMSysApp - ok
19:58:39.0984 0x03f0  Cpqarray - ok
19:58:39.0984 0x03f0  Crypkey License - ok
19:58:40.0031 0x03f0  [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
19:58:40.0031 0x03f0  CryptSvc - ok
19:58:40.0031 0x03f0  dac2w2k - ok
19:58:40.0031 0x03f0  dac960nt - ok
19:58:40.0109 0x03f0  [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
19:58:40.0125 0x03f0  DcomLaunch - ok
19:58:40.0140 0x03f0  [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
19:58:40.0140 0x03f0  Dhcp - ok
19:58:40.0187 0x03f0  [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
19:58:40.0187 0x03f0  Disk - ok
19:58:40.0187 0x03f0  dmadmin - ok
19:58:40.0234 0x03f0  [ D992FE1274BDE0F84AD826ACAE022A41, C82BD6561A14F2932A761F5883A787B99031250EE5E9B7B5714AA045545C9B99 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
19:58:40.0265 0x03f0  dmboot - ok
19:58:40.0265 0x03f0  [ 7C824CF7BBDE77D95C08005717A95F6F, A73CB323B7A6410C3D3F258BF204E716ADF8C84C9E4F6562C57AB73DAED8CCDE ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
19:58:40.0281 0x03f0  dmio - ok
19:58:40.0281 0x03f0  [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
19:58:40.0281 0x03f0  dmload - ok
19:58:40.0312 0x03f0  [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] dmserver        C:\WINDOWS\System32\dmserver.dll
19:58:40.0312 0x03f0  dmserver - ok
19:58:40.0375 0x03f0  [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
19:58:40.0375 0x03f0  DMusic - ok
19:58:40.0421 0x03f0  [ 5F7E24FA9EAB896051FFB87F840730D2, 356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
19:58:40.0421 0x03f0  Dnscache - ok
19:58:40.0453 0x03f0  [ 0F0F6E687E5E15579EF4DA8DD6945814, 5C32D88119EB1465B2D719BEE2E05888D1A73454B5E33F2D4928DA710F8BFBA3 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
19:58:40.0453 0x03f0  Dot3svc - ok
19:58:40.0453 0x03f0  dpti2o - ok
19:58:40.0500 0x03f0  [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
19:58:40.0500 0x03f0  drmkaud - ok
19:58:40.0531 0x03f0  [ 2187855A7703ADEF0CEF9EE4285182CC, 8233CC11F637866C0074043835A785EA2B616739B6B1181B143A253CF2508CFD ] EapHost         C:\WINDOWS\System32\eapsvc.dll
19:58:40.0531 0x03f0  EapHost - ok
19:58:40.0562 0x03f0  [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D579D9507F4B1C23 ] ERSvc           C:\WINDOWS\System32\ersvc.dll
19:58:40.0562 0x03f0  ERSvc - ok
19:58:40.0609 0x03f0  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] Eventlog        C:\WINDOWS\system32\services.exe
19:58:40.0609 0x03f0  Eventlog - ok
19:58:40.0671 0x03f0  [ D4991D98F2DB73C60D042F1AEF79EFAE, 58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ] EventSystem     C:\WINDOWS\system32\es.dll
19:58:40.0671 0x03f0  EventSystem - ok
19:58:40.0687 0x03f0  [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
19:58:40.0687 0x03f0  Fastfat - ok
19:58:40.0734 0x03f0  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
19:58:40.0734 0x03f0  FastUserSwitchingCompatibility - ok
19:58:40.0750 0x03f0  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc             C:\WINDOWS\system32\DRIVERS\fdc.sys
19:58:40.0750 0x03f0  Fdc - ok
19:58:40.0796 0x03f0  [ C9993169E75E75E8F2F450B172DDF814, 1A709A70EEEDF534D570B264032AF4A99CC37F4A42FC1ED24EA43163629087F3 ] FilterService   C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys
19:58:40.0796 0x03f0  FilterService - ok
19:58:40.0843 0x03f0  [ D45926117EB9FA946A6AF572FBE1CAA3, 4C94EF009D778BE0BDF8F812F026B96F91F641BE30AA2531427A5E63DBD280DA ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
19:58:40.0859 0x03f0  Fips - ok
19:58:40.0859 0x03f0  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk        C:\WINDOWS\system32\DRIVERS\flpydisk.sys
19:58:40.0859 0x03f0  Flpydisk - ok
19:58:40.0906 0x03f0  [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr          C:\WINDOWS\system32\DRIVERS\fltMgr.sys
19:58:40.0906 0x03f0  FltMgr - ok
19:58:41.0000 0x03f0  [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
19:58:41.0000 0x03f0  FontCache3.0.0.0 - ok
19:58:41.0046 0x03f0  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:58:41.0046 0x03f0  Fs_Rec - ok
19:58:41.0062 0x03f0  [ 6AC26732762483366C3969C9E4D2259D, FF2C9A23CC17F380093F0BEA955B1925794271C2FEA16B9B7639668E6999BAE3 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
19:58:41.0062 0x03f0  Ftdisk - ok
19:58:41.0156 0x03f0  [ 0879DC7444A201DF84E69C5DD5083D61, 04DA6A5BED342A7C6CBF52DF784C17AF8A53D73F179BF70A80B556F884BEC98B ] getPlusHelper   C:\Program Files\NOS\bin\getPlus_Helper.dll
19:58:41.0156 0x03f0  getPlusHelper - ok
19:58:41.0187 0x03f0  [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
19:58:41.0187 0x03f0  Gpc - ok
19:58:41.0281 0x03f0  [ 8F0DE4FEF8201E306F9938B0905AC96A, CA7153FE0C037D79FBF7CE0E090D741FB52BCCBBBD4CA505EF4849A0C4199F72 ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
19:58:41.0296 0x03f0  gupdate - ok
19:58:41.0296 0x03f0  [ 8F0DE4FEF8201E306F9938B0905AC96A, CA7153FE0C037D79FBF7CE0E090D741FB52BCCBBBD4CA505EF4849A0C4199F72 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
19:58:41.0296 0x03f0  gupdatem - ok
19:58:41.0328 0x03f0  [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
19:58:41.0328 0x03f0  HDAudBus - ok
19:58:41.0359 0x03f0  [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
19:58:41.0359 0x03f0  helpsvc - ok
19:58:41.0406 0x03f0  [ DEB04DA35CC871B6D309B77E1443C796, F66A15C9528D661940F1F4CA453B3E95036D68C74C3B8AB53644211DBD3D2F32 ] HidServ         C:\WINDOWS\System32\hidserv.dll
19:58:41.0406 0x03f0  HidServ - ok
19:58:41.0468 0x03f0  [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] hidusb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
19:58:41.0468 0x03f0  hidusb - ok
19:58:41.0500 0x03f0  [ 8878BD685E490239777BFE51320B88E9, C5C3ECF6B049B6736E35B39518A8F830B45C45A88FFE8E3A6B7922AD946597E2 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
19:58:41.0500 0x03f0  hkmsvc - ok
19:58:41.0500 0x03f0  hpn - ok
19:58:41.0531 0x03f0  [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
19:58:41.0546 0x03f0  HTTP - ok
19:58:41.0578 0x03f0  [ 6100A808600F44D999CEBDEF8841C7A3, 61A75118C327812C60622010985A2E80E79B6FD9030A5732390EE5426E4AF6C9 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
19:58:41.0578 0x03f0  HTTPFilter - ok
19:58:41.0578 0x03f0  i2omgmt - ok
19:58:41.0578 0x03f0  i2omp - ok
19:58:41.0625 0x03f0  [ 4A0B06AA8943C1E332520F7440C0AA30, DB2452390CCFE67E0C5FEB4FD42CA24ABE2DDD40D0B22DD5F5B8F70416863918 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
19:58:41.0625 0x03f0  i8042prt - ok
19:58:41.0687 0x03f0  [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc           c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:58:41.0734 0x03f0  idsvc - ok
19:58:41.0734 0x03f0  [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
19:58:41.0734 0x03f0  Imapi - ok
19:58:41.0765 0x03f0  [ 30DEAF54A9755BB8546168CFE8A6B5E1, 3936228CD3125C763ABFCB93E86E4B43838202BCC0913A28E84AC0263B43EE0D ] ImapiService    C:\WINDOWS\system32\imapi.exe
19:58:41.0765 0x03f0  ImapiService - ok
19:58:41.0781 0x03f0  ini910u - ok
19:58:41.0937 0x03f0  [ 0C5A04F0FFAEBC25AC815EE14441A8CB, 1A140EFBAC42370180830543F765780508176CAD342541843F54F2B2BCFBD102 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
19:58:42.0015 0x03f0  IntcAzAudAddService - ok
19:58:42.0078 0x03f0  [ B5466A9250342A7AA0CD1FBA13420678, 87E735C4E8924A883AB692D387A83BCBFAE6E165688336AE7AB488F7CA8D339E ] IntelIde        C:\WINDOWS\system32\DRIVERS\intelide.sys
19:58:42.0078 0x03f0  IntelIde - ok
19:58:42.0093 0x03f0  [ 8C953733D8F36EB2133F5BB58808B66B, 555868F246D73652E998B0B1296476E42FCEDED30D646CC000F31ECE4EBC25E6 ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
19:58:42.0093 0x03f0  intelppm - ok
19:58:42.0109 0x03f0  [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw           C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
19:58:42.0109 0x03f0  Ip6Fw - ok
19:58:42.0125 0x03f0  [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:58:42.0125 0x03f0  IpFilterDriver - ok
19:58:42.0125 0x03f0  [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
19:58:42.0125 0x03f0  IpInIp - ok
19:58:42.0156 0x03f0  [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
19:58:42.0171 0x03f0  IpNat - ok
19:58:42.0171 0x03f0  [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
19:58:42.0171 0x03f0  IPSec - ok
19:58:42.0203 0x03f0  [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
19:58:42.0203 0x03f0  IRENUM - ok
19:58:42.0218 0x03f0  [ 05A299EC56E52649B1CF2FC52D20F2D7, 2654619DB3E6D6C385B63AB02F87D4241C4F0250CC31383D1B3586917166C2DC ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
19:58:42.0218 0x03f0  isapnp - ok
19:58:42.0250 0x03f0  [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
19:58:42.0250 0x03f0  Kbdclass - ok
19:58:42.0265 0x03f0  [ 9EF487A186DEA361AA06913A75B3FA99, B94EBA4EC6D85E11C81AF9927E9EF0AF2E6FE134CFF1FDB0535B7C5A794B4261 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
19:58:42.0265 0x03f0  kbdhid - ok
19:58:42.0296 0x03f0  [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
19:58:42.0296 0x03f0  kmixer - ok
19:58:42.0328 0x03f0  [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
19:58:42.0328 0x03f0  KSecDD - ok
19:58:42.0359 0x03f0  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527, 0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F79D4DC40ACD6EE0 ] LanmanServer    C:\WINDOWS\System32\srvsvc.dll
19:58:42.0359 0x03f0  LanmanServer - ok
19:58:42.0421 0x03f0  [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
19:58:42.0421 0x03f0  lanmanworkstation - ok
19:58:42.0421 0x03f0  lbrtfdc - ok
19:58:42.0484 0x03f0  [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
19:58:42.0484 0x03f0  LmHosts - ok
19:58:42.0546 0x03f0  [ 2FCE92CD8D9EB80E60CA420DF96516CE, C510C28D4149EA669530E130B2BE5DE8B83269C643BF9E6EDDE8893C124C8A86 ] LVCOMSer        C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
19:58:42.0546 0x03f0  LVCOMSer - ok
19:58:42.0593 0x03f0  [ 9AF4D60B777832834E6FE424EDE60FCD, 87003411C0F2E6B7A9640A6D198B3BF8DEBACE9971FBCF9ED30BD37D3DC1870D ] LVPr2Mon        C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys
19:58:42.0593 0x03f0  LVPr2Mon - ok
19:58:42.0609 0x03f0  [ 7DB57D73F241F67AE8155E7729A9EC41, 7E91A4729646F5BD5AA3A71A8B2FE673C8F8F4F055735B6E4DB817B5DD28DC78 ] LVPrcSrv        C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
19:58:42.0609 0x03f0  LVPrcSrv - ok
19:58:42.0687 0x03f0  [ C0BB2A314DBF04CFDE45868DDEEE204D, 470968AD90BF4B019489EC4113A41357B9B303B2FCF514190B8ED5DD5F8505D4 ] LVRS            C:\WINDOWS\system32\DRIVERS\lvrs.sys
19:58:42.0703 0x03f0  LVRS - ok
19:58:42.0765 0x03f0  [ C77ADB4C1C0767E2E7B2C54375CD7A09, 1B5DCA75505A78FD32995322249CF0E4AB28D07E73587F52C543958BFA0692EB ] LVUSBSta        C:\WINDOWS\system32\drivers\LVUSBSta.sys
19:58:42.0765 0x03f0  LVUSBSta - ok
19:58:42.0921 0x03f0  [ CB971E3CBA88339E43625F16D1CB9F1B, 05F54010F94516B96619ACF5C40FEF7C47F3E016562805E35BF9B065C5AF743F ] LVUVC           C:\WINDOWS\system32\DRIVERS\lvuvc.sys
19:58:43.0062 0x03f0  LVUVC - ok
19:58:43.0093 0x03f0  [ 986B1FF5814366D71E0AC5755C88F2D3, E6AF051174531C24B38E73987755D366ABEC595476C6D17793E8DCCC73F55340 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
19:58:43.0093 0x03f0  Messenger - ok
19:58:43.0203 0x03f0  [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
19:58:43.0203 0x03f0  Microsoft Office Groove Audit Service - ok
19:58:43.0218 0x03f0  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1, B342CC9EC3729AB1AB4B5E2E99F890C1E0CA649162DE91F6768AB857B719E97B ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
19:58:43.0234 0x03f0  Modem - ok
19:58:43.0281 0x03f0  [ 9FA7207D1B1ADEAD88AE8EED9CDBBAA5, 2AC3875B2E7D9B0692253A9867B940CF214DE03574808B42C3702843BC1D5696 ] Monfilt         C:\WINDOWS\system32\drivers\Monfilt.sys
19:58:43.0312 0x03f0  Monfilt - ok
19:58:43.0359 0x03f0  [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
19:58:43.0359 0x03f0  Mouclass - ok
19:58:43.0359 0x03f0  [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
19:58:43.0359 0x03f0  mouhid - ok
19:58:43.0375 0x03f0  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
19:58:43.0375 0x03f0  MountMgr - ok
19:58:43.0437 0x03f0  [ 338037EFA0E8E8699B2667D57B751574, 59E0D39806D0C4EB57913AA013242837FD39AD378726AEE42D250CBA87C1C3BF ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
19:58:43.0578 0x03f0  MozillaMaintenance - ok
19:58:43.0625 0x03f0  [ E77DC03DD3C8E5A388BF9EED2A28F3D1, ED0DAA975D1EC35CE036F02596218E15CC6A054167628D12A0A5AD91B841F422 ] MpFilter        C:\WINDOWS\system32\DRIVERS\MpFilter.sys
19:58:43.0640 0x03f0  MpFilter - ok
19:58:43.0781 0x03f0  [ 65C34426C83EFA32D48380A97717997B, CD7EB6BFBB0BE382BA21055460D9A72323F09AF3194A22D8EDB28D5DB3BAE8E7 ] MpKsl5b7a0ed0   c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{F23C8AE3-5634-4907-93BE-AF064E666E83}\MpKsl5b7a0ed0.sys
19:58:43.0781 0x03f0  MpKsl5b7a0ed0 - ok
19:58:43.0781 0x03f0  mraid35x - ok
19:58:43.0781 0x03f0  [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
19:58:43.0796 0x03f0  MRxDAV - ok
19:58:43.0843 0x03f0  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:58:43.0859 0x03f0  MRxSmb - ok
19:58:43.0890 0x03f0  [ A137F1470499A205ABBB9AAFB3B6F2B1, FB4951727543030D9E6ED74149C3FAACE2CA9DA8C1B5F616301B30B858C724E8 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
19:58:43.0906 0x03f0  MSDTC - ok
19:58:43.0921 0x03f0  [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
19:58:43.0921 0x03f0  Msfs - ok
19:58:43.0921 0x03f0  MSIServer - ok
19:58:43.0937 0x03f0  [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
19:58:43.0937 0x03f0  MSKSSRV - ok
19:58:44.0000 0x03f0  [ B0F49DA36F30922F5DDC3B623B778FCE, EE025AEFA4A2095AFEABFB3A49639DA77D78068A3F5EEDA6C15D34853AFD5609 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
19:58:44.0015 0x03f0  MsMpSvc - ok
19:58:44.0015 0x03f0  [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
19:58:44.0015 0x03f0  MSPCLOCK - ok
19:58:44.0015 0x03f0  [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
19:58:44.0031 0x03f0  MSPQM - ok
19:58:44.0046 0x03f0  [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
19:58:44.0046 0x03f0  mssmbios - ok
19:58:44.0093 0x03f0  [ E53736A9E30C45FA9E7B5EAC55056D1D, 38602F280BF69EBA3706AD175AFC1AEB561A8302B4B61E3FECB3C27D7A9BDB41 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
19:58:44.0093 0x03f0  MSTEE - ok
19:58:44.0125 0x03f0  [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
19:58:44.0125 0x03f0  Mup - ok
19:58:44.0140 0x03f0  [ 5B50F1B2A2ED47D560577B221DA734DB, C16A554B6E1A7F5F98C94DFA88163E0F7426506BF2F51FD351B1A05FC0DB3BC5 ] NABTSFEC        C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
19:58:44.0140 0x03f0  NABTSFEC - ok
19:58:44.0171 0x03f0  [ 0102140028FAD045756796E1C685D695, 5335B8278418CA200E2772124F0602C3E15A5CAF2D5CC59F6785DFAABF339B09 ] napagent        C:\WINDOWS\System32\qagentrt.dll
19:58:44.0187 0x03f0  napagent - ok
19:58:44.0218 0x03f0  [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
19:58:44.0234 0x03f0  NDIS - ok
19:58:44.0265 0x03f0  [ 7FF1F1FD8609C149AA432F95A8163D97, 18CD1FF5AC1EF8A38D1EC53014F2BADD28D9CDF4ECE2EBC2313D08903776F323 ] NdisIP          C:\WINDOWS\system32\DRIVERS\NdisIP.sys
19:58:44.0265 0x03f0  NdisIP - ok
19:58:44.0296 0x03f0  [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:58:44.0296 0x03f0  NdisTapi - ok
19:58:44.0312 0x03f0  [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
19:58:44.0312 0x03f0  Ndisuio - ok
19:58:44.0343 0x03f0  [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:58:44.0343 0x03f0  NdisWan - ok
19:58:44.0390 0x03f0  [ 2F597BB467E05B1FE3830EABD821B8E0, 141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC006652E21FE02AC ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
19:58:44.0390 0x03f0  NDProxy - ok
19:58:44.0406 0x03f0  [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
19:58:44.0406 0x03f0  NetBIOS - ok
19:58:44.0406 0x03f0  [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
19:58:44.0421 0x03f0  NetBT - ok
19:58:44.0437 0x03f0  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDE          C:\WINDOWS\system32\netdde.exe
19:58:44.0453 0x03f0  NetDDE - ok
19:58:44.0453 0x03f0  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
19:58:44.0453 0x03f0  NetDDEdsdm - ok
19:58:44.0500 0x03f0  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] Netlogon        C:\WINDOWS\system32\lsass.exe
19:58:44.0500 0x03f0  Netlogon - ok
19:58:44.0515 0x03f0  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] Netman          C:\WINDOWS\System32\netman.dll
19:58:44.0515 0x03f0  Netman - ok
19:58:44.0562 0x03f0  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:58:44.0578 0x03f0  NetTcpPortSharing - ok
19:58:44.0593 0x03f0  [ 5EF7DD401771693245D46F4B0B69FE2B, F0B93679D26408F2D570098A2DD5F2A1F63B467337B86B43C405132D54BF6220 ] NetworkX        C:\WINDOWS\system32\ckldrv.sys
19:58:44.0640 0x03f0  NetworkX - ok
19:58:44.0703 0x03f0  [ 943337D786A56729263071623BBB9DE5, B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ] Nla             C:\WINDOWS\System32\mswsock.dll
19:58:44.0718 0x03f0  Nla - ok
19:58:44.0718 0x03f0  [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
19:58:44.0718 0x03f0  Npfs - ok
19:58:44.0734 0x03f0  [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
19:58:44.0765 0x03f0  Ntfs - ok
19:58:44.0765 0x03f0  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
19:58:44.0765 0x03f0  NtLmSsp - ok
19:58:44.0796 0x03f0  [ 156F64A3345BD23C600655FB4D10BC08, 9611BE411586E068D9297D77102DB3BE48AA67F1BAD6F61A84F83FC3043FA9CD ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
19:58:44.0812 0x03f0  NtmsSvc - ok
19:58:44.0859 0x03f0  [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null            C:\WINDOWS\system32\drivers\Null.sys
19:58:44.0859 0x03f0  Null - ok
19:58:45.0093 0x03f0  [ 23B95A09677E62EC8D1641ECF39B9BFB, C690B047950FE0B22A3176031C229EB3DA8C756C613545FA23B25C906D3074EA ] nv              C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
19:58:45.0281 0x03f0  nv - ok
19:58:45.0312 0x03f0  [ C501206816F35D20422B4C3F88D62860, BF815B59B3C6F26108AB349FA354236FE3782C18C43F9DDCD3574664F4E2F20F ] NVSvc           C:\WINDOWS\system32\nvsvc32.exe
19:58:45.0312 0x03f0  NVSvc - ok
19:58:45.0343 0x03f0  [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
19:58:45.0343 0x03f0  NwlnkFlt - ok
19:58:45.0343 0x03f0  [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
19:58:45.0343 0x03f0  NwlnkFwd - ok
19:58:45.0468 0x03f0  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:58:45.0484 0x03f0  odserv - ok
19:58:45.0531 0x03f0  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:58:45.0531 0x03f0  ose - ok
19:58:45.0578 0x03f0  [ 5575FAF8F97CE5E713D108C2A58D7C7C, 96D4595D19A78CCBE8B325A08780AC077AE5CC99642ACD72FB47AEAE8D344D3B ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys
19:58:45.0578 0x03f0  Parport - ok
19:58:45.0578 0x03f0  [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
19:58:45.0578 0x03f0  PartMgr - ok
19:58:45.0640 0x03f0  [ 70E98B3FD8E963A6A46A2E6247E0BEA1, 6771313EC41B3B5BFD398F60706E40BE71617046880CC352DD110B001AFC22A1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
19:58:45.0640 0x03f0  ParVdm - ok
19:58:45.0640 0x03f0  [ A219903CCF74233761D92BEF471A07B1, D4E6C360A1D2FCA4D17C991B834D68BF20F5111DD06B1FAB8B22984804CEC269 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
19:58:45.0656 0x03f0  PCI - ok
19:58:45.0656 0x03f0  PCIDump - ok
19:58:45.0656 0x03f0  [ CCF5F451BB1A5A2A522A76E670000FF0, D63F7E5A39653EC9CCE94B7D84B2D3EBD4F54533BD65701020198724042C9257 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
19:58:45.0656 0x03f0  PCIIde - ok
19:58:45.0687 0x03f0  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1, 0BA3DB21DC7C641C181E2635B5C9B73965FDCDCD3EBBBE48FCFEC1C8C987F617 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
19:58:45.0687 0x03f0  Pcmcia - ok
19:58:45.0687 0x03f0  PDCOMP - ok
19:58:45.0687 0x03f0  PDFRAME - ok
19:58:45.0687 0x03f0  PDRELI - ok
19:58:45.0703 0x03f0  PDRFRAME - ok
19:58:45.0703 0x03f0  perc2 - ok
19:58:45.0703 0x03f0  perc2hib - ok
19:58:45.0734 0x03f0  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] PlugPlay        C:\WINDOWS\system32\services.exe
19:58:45.0734 0x03f0  PlugPlay - ok
19:58:45.0781 0x03f0  [ 831883B107684301F48ACE752C963984, EAF383C4ACC17DBB060BB8398225222175E028E1E332E2CE0548C97DAED3620E ] PnkBstrA        C:\WINDOWS\system32\PnkBstrA.exe
19:58:45.0781 0x03f0  PnkBstrA - ok
19:58:45.0781 0x03f0  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
19:58:45.0796 0x03f0  PolicyAgent - ok
19:58:45.0812 0x03f0  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
19:58:45.0812 0x03f0  PptpMiniport - ok
19:58:45.0828 0x03f0  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
19:58:45.0828 0x03f0  ProtectedStorage - ok
19:58:45.0843 0x03f0  [ 390C204CED3785609AB24E9C52054A84, D997A9EAAE4A7FED9C2FEBD1AA7D1171431B9C9D56F8BFB587DCAE26203FF4D2 ] Ps2             C:\WINDOWS\system32\DRIVERS\PS2.sys
19:58:45.0843 0x03f0  Ps2 - ok
19:58:45.0875 0x03f0  [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
19:58:45.0875 0x03f0  PSched - ok
19:58:45.0890 0x03f0  [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
19:58:45.0890 0x03f0  Ptilink - ok
19:58:45.0890 0x03f0  ql1080 - ok
19:58:45.0906 0x03f0  Ql10wnt - ok
19:58:45.0906 0x03f0  ql12160 - ok
19:58:45.0906 0x03f0  ql1240 - ok
19:58:45.0906 0x03f0  ql1280 - ok
19:58:45.0906 0x03f0  [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:58:45.0906 0x03f0  RasAcd - ok
19:58:45.0937 0x03f0  [ AD188BE7BDF94E8DF4CA0A55C00A5073, C7D76CB579FAEBCCC2873499441BACDD6BD6668ACF5ED7F31862656E96E2B20C ] RasAuto         C:\WINDOWS\System32\rasauto.dll
19:58:45.0937 0x03f0  RasAuto - ok
19:58:45.0937 0x03f0  [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
19:58:45.0953 0x03f0  Rasl2tp - ok
19:58:45.0968 0x03f0  [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] RasMan          C:\WINDOWS\System32\rasmans.dll
19:58:45.0984 0x03f0  RasMan - ok
19:58:45.0984 0x03f0  [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
19:58:45.0984 0x03f0  RasPppoe - ok
19:58:45.0984 0x03f0  [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
19:58:45.0984 0x03f0  Raspti - ok
19:58:46.0000 0x03f0  [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:58:46.0000 0x03f0  Rdbss - ok
19:58:46.0000 0x03f0  [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
19:58:46.0000 0x03f0  RDPCDD - ok
19:58:46.0046 0x03f0  [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys
19:58:46.0062 0x03f0  rdpdr - ok
19:58:46.0109 0x03f0  [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
19:58:46.0109 0x03f0  RDPWD - ok
19:58:46.0156 0x03f0  [ 3C37BF86641BDA977C3BF8A840F3B7FA, AB9A6E54DBA3F4561CD4837372BECCE0D73943D02E3288F944333039375AC08C ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
19:58:46.0171 0x03f0  RDSessMgr - ok
19:58:46.0203 0x03f0  [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
19:58:46.0203 0x03f0  redbook - ok
19:58:46.0250 0x03f0  [ 7E699FF5F59B5D9DE5390E3C34C67CF5, 3FCF0442D80AB181FED4303E570378736AA1F8718C0B8B70F689A1E45200FFE4 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
19:58:46.0250 0x03f0  RemoteAccess - ok
19:58:46.0281 0x03f0  [ 5B19B557B0C188210A56A6B699D90B8F, 0FA880B81AE615206FD1738B83428AAA491D54B24168339DE6E87FDE8C6C14B0 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
19:58:46.0281 0x03f0  RemoteRegistry - ok
19:58:46.0312 0x03f0  [ AAED593F84AFA419BBAE8572AF87CF6A, CC0FFC5A69394C8830DC66320DA01A820BBF41AD7E57D0FC343561DC5EF9A360 ] RpcLocator      C:\WINDOWS\system32\locator.exe
19:58:46.0312 0x03f0  RpcLocator - ok
19:58:46.0343 0x03f0  [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] RpcSs           C:\WINDOWS\System32\rpcss.dll
19:58:46.0343 0x03f0  RpcSs - ok
19:58:46.0375 0x03f0  [ 471B3F9741D762ABE75E9DEEA4787E47, D9ADE42965EC22AEB4B2AD21D429C3C8232A60AA9853DEFDA7AED86A13FE8623 ] RSVP            C:\WINDOWS\system32\rsvp.exe
19:58:46.0390 0x03f0  RSVP - ok
19:58:46.0390 0x03f0  rt2870 - ok
19:58:46.0390 0x03f0  [ 6EBFBBF24FED8285928B825A46618F8A, 6FC89D28D7B4A630412BB574782E3832694A995D037C5B21138DF1ECA9591AE7 ] RTLE8023xp      C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
19:58:46.0406 0x03f0  RTLE8023xp - ok
19:58:46.0437 0x03f0  SABKUTIL - ok
19:58:46.0437 0x03f0  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] SamSs           C:\WINDOWS\system32\lsass.exe
19:58:46.0437 0x03f0  SamSs - ok
19:58:46.0453 0x03f0  [ A3281AEC37E0720A2BC28034C2DF2A56, E8C122D17DD695D4EEAD115A5E1A388605EB77E5F2E8DA98C7BD93E0FDCFD01A ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
19:58:46.0468 0x03f0  SASDIFSV - ok
19:58:46.0484 0x03f0  [ 61DB0D0756A99506207FD724E3692B25, 90A43A650B8FDC2DC15172CD43357ED622CBFC6124BA14C63EAC63898125EADA ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
19:58:46.0484 0x03f0  SASKUTIL - ok
19:58:46.0515 0x03f0  [ 86D007E7A654B9A71D1D7D856B104353, 7B1DE53D637A5FC9619D5D07C48927AFEC89D959207F6F2E2F45DD054EEA04C7 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
19:58:46.0515 0x03f0  SCardSvr - ok
19:58:46.0546 0x03f0  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA, 0B582F47BD70732BAC48B8B86E5D06CE7F299A20E8177F3F2E6F28217C3FB605 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
19:58:46.0562 0x03f0  Schedule - ok
19:58:46.0578 0x03f0  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
19:58:46.0578 0x03f0  Secdrv - ok
19:58:46.0609 0x03f0  [ CBE612E2BB6A10E3563336191EDA1250, C331797DC3569F0E715766561DE2562F60B924378842246C35D2B1CF867E9D96 ] seclogon        C:\WINDOWS\System32\seclogon.dll
19:58:46.0609 0x03f0  seclogon - ok
19:58:46.0625 0x03f0  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] SENS            C:\WINDOWS\system32\sens.dll
19:58:46.0625 0x03f0  SENS - ok
19:58:46.0625 0x03f0  [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
19:58:46.0640 0x03f0  serenum - ok
19:58:46.0640 0x03f0  [ CCA207A8896D4C6A0C9CE29A4AE411A7, 5999B39242283CD803319AADCA171CCCC6E2A40FB2FAFA51B1D29F3FF2DD8D6C ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
19:58:46.0640 0x03f0  Serial - ok
19:58:46.0640 0x03f0  [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
19:58:46.0640 0x03f0  Sfloppy - ok
19:58:46.0703 0x03f0  [ 83F41D0D89645D7235C051AB1D9523AC, B681F33EEAA511D6A2DCB9FBAA407B739184C9FF6067C6B7E51F1FC37E9D4DD7 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
19:58:46.0718 0x03f0  SharedAccess - ok
19:58:46.0765 0x03f0  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
19:58:46.0765 0x03f0  ShellHWDetection - ok
19:58:46.0765 0x03f0  Simbad - ok
19:58:46.0859 0x03f0  [ A4FAB5F7818A69DA6E740943CB8F7CA9, 6FA24FD46AD6642B21EF3BE4212FF22F3645EC7B0056859FCA184177F5C85AA2 ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
19:58:46.0859 0x03f0  SkypeUpdate - ok
19:58:46.0890 0x03f0  [ 866D538EBE33709A5C9F5C62B73B7D14, BC94BEB7C17B4FCAC8B5D0D5006A203BC209E0504EECE149651D8691935696CD ] SLIP            C:\WINDOWS\system32\DRIVERS\SLIP.sys
19:58:46.0890 0x03f0  SLIP - ok
19:58:46.0906 0x03f0  Sparrow - ok
19:58:46.0921 0x03f0  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
19:58:46.0921 0x03f0  splitter - ok
19:58:46.0984 0x03f0  [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
19:58:46.0984 0x03f0  Spooler - ok
19:58:46.0984 0x03f0  [ 76BB022C2FB6902FD5BDD4F78FC13A5D, 6031CB2344D7277FC703480EB43CF856A0F8F818EA98FF26A2CA532336CD2DFA ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
19:58:47.0000 0x03f0  sr - ok
19:58:47.0046 0x03f0  [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] srservice       C:\WINDOWS\system32\srsvc.dll
19:58:47.0046 0x03f0  srservice - ok
19:58:47.0109 0x03f0  [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
19:58:47.0125 0x03f0  Srv - ok
19:58:47.0125 0x03f0  [ 0A5679B3714EDAB99E357057EE88FCA6, 01E1A101FFF48402C77E385A78FEF27876E04533B60EB1C18558A737E57E5FA8 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
19:58:47.0125 0x03f0  SSDPSRV - ok
19:58:47.0140 0x03f0  [ 8BAD69CBAC032D4BBACFCE0306174C30, 2AA0DA710FCBFF38FE8DA91EE02E7A4503269347E61F8D3246FCA3384BBA2305 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
19:58:47.0156 0x03f0  stisvc - ok
19:58:47.0187 0x03f0  [ 77813007BA6265C4B6098187E6ED79D2, 93939120E803C46FBFD577C8FC2E6C7E71C0460E01D25CB29579490640AB50C7 ] streamip        C:\WINDOWS\system32\DRIVERS\StreamIP.sys
19:58:47.0187 0x03f0  streamip - ok
19:58:47.0218 0x03f0  [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
19:58:47.0218 0x03f0  swenum - ok
19:58:47.0218 0x03f0  [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
19:58:47.0218 0x03f0  swmidi - ok
19:58:47.0234 0x03f0  SwPrv - ok
19:58:47.0234 0x03f0  symc810 - ok
19:58:47.0234 0x03f0  symc8xx - ok
19:58:47.0234 0x03f0  sym_hi - ok
19:58:47.0234 0x03f0  sym_u3 - ok
19:58:47.0265 0x03f0  [ F6770219B73BD989D5613D2E9C78A227, 1899FADCBA10B4AABA240266A111F431BAB32D10DD8EA57DD92CE22B6D6CA23D ] SynTP           C:\WINDOWS\system32\DRIVERS\SynTP.sys
19:58:47.0281 0x03f0  SynTP - ok
19:58:47.0296 0x03f0  [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
19:58:47.0296 0x03f0  sysaudio - ok
19:58:47.0328 0x03f0  [ C7ABBC59B43274B1109DF6B24D617051, 4384CA0AA6CE9B603CF7DB775A3C721E46715D5B120B94FB57DEADAADE18535B ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
19:58:47.0328 0x03f0  SysmonLog - ok
19:58:47.0359 0x03f0  [ 3CB78C17BB664637787C9A1C98F79C38, F35C31F6B7F366CB949D1044B357C76DEC9170441C5E559802794F62B72FD255 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
19:58:47.0359 0x03f0  TapiSrv - ok
19:58:47.0421 0x03f0  [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
19:58:47.0421 0x03f0  Tcpip - ok
19:58:47.0468 0x03f0  [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
19:58:47.0468 0x03f0  TDPIPE - ok
19:58:47.0484 0x03f0  [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
19:58:47.0484 0x03f0  TDTCP - ok
19:58:47.0500 0x03f0  [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
19:58:47.0500 0x03f0  TermDD - ok
19:58:47.0562 0x03f0  [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A248C43A1CE5202 ] TermService     C:\WINDOWS\System32\termsrv.dll
19:58:47.0562 0x03f0  TermService - ok
19:58:47.0578 0x03f0  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] Themes          C:\WINDOWS\System32\shsvcs.dll
19:58:47.0578 0x03f0  Themes - ok
19:58:47.0593 0x03f0  [ DB7205804759FF62C34E3EFD8A4CC76A, 13A4248F528CE98ACA66898E56822E4FC49B11F491FF1F61A687BA601BF0A802 ] TlntSvr         C:\WINDOWS\system32\tlntsvr.exe
19:58:47.0593 0x03f0  TlntSvr - ok
19:58:47.0609 0x03f0  TosIde - ok
19:58:47.0625 0x03f0  [ 55BCA12F7F523D35CA3CB833C725F54E, 849FB1AE31B143B14B298BBC0D91230693D41DEB95F46516878F53A7F4186C38 ] TrkWks          C:\WINDOWS\system32\trkwks.dll
19:58:47.0625 0x03f0  TrkWks - ok
19:58:47.0625 0x03f0  TrueSight - ok
19:58:47.0640 0x03f0  [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
19:58:47.0640 0x03f0  Udfs - ok
19:58:47.0640 0x03f0  ultra - ok
19:58:47.0703 0x03f0  [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
19:58:47.0703 0x03f0  Update - ok
19:58:47.0765 0x03f0  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91, 7746916DB48E3F5B243B63C066596AD9037A494BF1AD935946DD04AC85D983DF ] upnphost        C:\WINDOWS\System32\upnphost.dll
19:58:47.0765 0x03f0  upnphost - ok
19:58:47.0796 0x03f0  [ 05365FB38FCA1E98F7A566AAAF5D1815, 16843048CEEC3DAA3B953A12FF1EE339E86783A08F2A56DA7F94AD9F9717D77D ] UPS             C:\WINDOWS\System32\ups.exe
19:58:47.0796 0x03f0  UPS - ok
19:58:47.0843 0x03f0  [ 65898A183FBF1D1F7759D5CCB364DCD4, 85E823123FDB4CA5F8255064E22A444627999055EC3419DFD001371893F36AB9 ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys
19:58:47.0843 0x03f0  usbaudio - ok
19:58:47.0875 0x03f0  [ 5AADC9297C39AA249CD994ACDBA19034, 42CD7BA4AC917A1EB9EA24E47A3316B75A0285BCD359A75F82A65580653F14C6 ] usbbus          C:\WINDOWS\system32\DRIVERS\lgusbbus.sys
19:58:47.0875 0x03f0  usbbus - ok
19:58:47.0906 0x03f0  [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
19:58:47.0906 0x03f0  usbccgp - ok
19:58:47.0937 0x03f0  [ 4650FFE04E5922399B0E932319E6B215, 916861D565D54BCCC35FCB7E7488450E38182D9834E9383F2D9CEA931571BF13 ] UsbDiag         C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys
19:58:47.0937 0x03f0  UsbDiag - ok
19:58:47.0968 0x03f0  [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
19:58:47.0968 0x03f0  usbehci - ok
19:58:47.0984 0x03f0  [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
19:58:48.0000 0x03f0  usbhub - ok
19:58:48.0015 0x03f0  [ 2666FE171E0C2E7085CCD5FE0BAC09E3, 5147E8645F72C933CFD9B6DD82CF3A84821E85E7A3F51BE73D1C3FD6806A17E6 ] USBModem        C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys
19:58:48.0015 0x03f0  USBModem - ok
19:58:48.0046 0x03f0  [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys
19:58:48.0046 0x03f0  usbprint - ok
19:58:48.0093 0x03f0  [ F8EDE2B6928970DCE3D5614C27D9E7F6, 6E5EBBC8B70C1D593634DAF0C190DEADFDA18C3CBC8F552A76F156F3869EF05B ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
19:58:48.0093 0x03f0  usbscan - ok
19:58:48.0140 0x03f0  [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
19:58:48.0140 0x03f0  USBSTOR - ok
19:58:48.0187 0x03f0  [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
19:58:48.0187 0x03f0  usbuhci - ok
19:58:48.0250 0x03f0  [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
19:58:48.0250 0x03f0  VgaSave - ok
19:58:48.0250 0x03f0  ViaIde - ok
19:58:48.0250 0x03f0  [ 4C8FCB5CC53AAB716D810740FE59D025, 010EAC43DBED700B73E4FC908FAAF9F6A0168EBBD5D86751E49BC33AAA18BFA4 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
19:58:48.0265 0x03f0  VolSnap - ok
19:58:48.0265 0x03f0  [ 7A9DB3A67C333BF0BD42E42B8596854B, D31A9A3B1AAAB373EDD73B674102395212FCB616F829E938B7B2B7BE7D4752C5 ] VSS             C:\WINDOWS\System32\vssvc.exe
19:58:48.0281 0x03f0  VSS - ok
19:58:48.0312 0x03f0  [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] W32Time         C:\WINDOWS\system32\w32time.dll
19:58:48.0328 0x03f0  W32Time - ok
19:58:48.0328 0x03f0  [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:58:48.0328 0x03f0  Wanarp - ok
19:58:48.0328 0x03f0  WDICA - ok
19:58:48.0375 0x03f0  [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
19:58:48.0375 0x03f0  wdmaud - ok
19:58:48.0390 0x03f0  [ 77A354E28153AD2D5E120A5A8687BC06, 8B2D37A4443501C0A8E70BC2079BE27F0A36FD07B561E6F68B40A72EABBC2DFE ] WebClient       C:\WINDOWS\System32\webclnt.dll
19:58:48.0390 0x03f0  WebClient - ok
19:58:48.0453 0x03f0  [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
19:58:48.0453 0x03f0  winmgmt - ok
19:58:48.0515 0x03f0  [ 18F347402DA544A780949B8FDF83351B, D1AD972D438A51A4998FEF68670395DAE3353240AD2A17F35794287AF0826FFB ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
19:58:48.0578 0x03f0  WinRM - ok
19:58:48.0625 0x03f0  [ C51B4A5C05A5475708E3C81C7765B71D, F776D2680BD3407307B7072626F78460361FC5BC38623C9E16F394D300AB25DE ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
19:58:48.0640 0x03f0  WmdmPmSN - ok
19:58:48.0687 0x03f0  [ E76F8807070ED04E7408A86D6D3A6137, BFCF5361B7335760A7AE4B6958DE516A27AC60AA09135A46F0B49F588FAFE3A0 ] Wmi             C:\WINDOWS\System32\advapi32.dll
19:58:48.0703 0x03f0  Wmi - ok
19:58:48.0718 0x03f0  [ E0673F1106E62A68D2257E376079F821, 12992F18C9653050B10DC61D12988067933FCFDF02123D3A7EF5DE607A785DDC ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
19:58:48.0734 0x03f0  WmiApSrv - ok
19:58:48.0828 0x03f0  [ F74E3D9A7FA9556C3BBB14D4E5E63D3B, C71FAAC752F6D58BF8556661252DBF8C5DDD090CAE002A2C7E09C9A014526066 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\WMPNetwk.exe
19:58:48.0859 0x03f0  WMPNetworkSvc - ok
19:58:48.0968 0x03f0  [ 15673BD0B86150CB8E27766059C72A9B, 56C23289A8BFF4945EE532CF6D62D3EC81B827CA15A359F30A327789F9FE9CAF ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
19:58:48.0984 0x03f0  WPFFontCache_v0400 - ok
19:58:49.0031 0x03f0  [ 6ABE6E225ADB5A751622A9CC3BC19CE8, 4061C5D0F051DFF1730E2A3BFC1CCA97B29602FC50F10F6B44D93B0D28F42024 ] WS2IFSL         C:\WINDOWS\System32\drivers\ws2ifsl.sys
19:58:49.0031 0x03f0  WS2IFSL - ok
19:58:49.0062 0x03f0  [ 7C278E6408D1DCE642230C0585A854D5, DA46079A04F6E8E3441E4AE454AEAC02B3E935DE29CE7F6D4476F57867FCC12A ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
19:58:49.0062 0x03f0  wscsvc - ok
19:58:49.0093 0x03f0  [ C98B39829C2BBD34E454150633C62C78, 71B60EA3AD0E2637917D528C6A9E7ECF2949E3E5E91036AA5BBADA95BD725511 ] WSTCODEC        C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
19:58:49.0093 0x03f0  WSTCODEC - ok
19:58:49.0125 0x03f0  [ 35321FB577CDC98CE3EB3A3EB9E4610A, C9A6F5CF282D8FCB3CDFCC4B306013480E78E1B664E1A60A4E27B161F9FFD4CD ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
19:58:49.0156 0x03f0  wuauserv - ok
19:58:49.0171 0x03f0  [ F15FEAFFFBB3644CCC80C5DA584E6311, 79B3E9AF35976CE49921E9BEA3BA3B4A8AF762FD3F284B62954038B5FFB32471 ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys
19:58:49.0187 0x03f0  WudfPf - ok
19:58:49.0187 0x03f0  [ 28B524262BCE6DE1F7EF9F510BA3985B, AEFF02B899801A63CBB262757C3D4369E38BFF0690BD085DE60E873DFBE3C3F4 ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys
19:58:49.0187 0x03f0  WudfRd - ok
19:58:49.0203 0x03f0  [ 05231C04253C5BC30B26CBAAE680ED89, 5C03C2D7E0B573646D32F4093E2FF2C3BA391C39F5BA37D67F69D38E357FCC3D ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll
19:58:49.0203 0x03f0  WudfSvc - ok
19:58:49.0250 0x03f0  [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
19:58:49.0265 0x03f0  WZCSVC - ok
19:58:49.0328 0x03f0  [ 5A0C788C5BC5F2C993CB60940ADCF95E, FEEC158466040A6528E7FC8D33706B50D2F03479E0B62DF8F06B69A1A850A9FB ] x10nets         C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
19:58:49.0328 0x03f0  x10nets - ok
19:58:49.0359 0x03f0  [ 295D21F14C335B53CB8154E5B1F892B9, 9418477C2E3EA93E93D931A4EDD4500DA568FAD6040204B5201D1080203B0BBC ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
19:58:49.0390 0x03f0  xmlprov - ok
19:58:49.0421 0x03f0  [ 41CF36A3CC7786575247ED456918E112, 743EF375EC532C0506DFBB1193506CD9B65D09580E34A7377E61E55A949077E9 ] XUIF            C:\WINDOWS\system32\Drivers\x10ufx2.sys
19:58:49.0421 0x03f0  XUIF - ok
19:58:49.0484 0x03f0  [ DD0042F0C3B606A6A8B92D49AFB18AD6, 8D3BE4C93D02AF5F42EC46AF598D6DA40C61D467CB2FEE5E222F9C1E7A84B852 ] YahooAUService  C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
19:58:49.0515 0x03f0  YahooAUService - ok
19:58:49.0515 0x03f0  ================ Scan global ===============================
19:58:49.0578 0x03f0  [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll
19:58:49.0625 0x03f0  [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
19:58:49.0640 0x03f0  [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
19:58:49.0656 0x03f0  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] C:\WINDOWS\system32\services.exe
19:58:49.0671 0x03f0  [ Global ] - ok
19:58:49.0671 0x03f0  ================ Scan MBR ==================================
19:58:49.0687 0x03f0  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
19:58:49.0843 0x03f0  \Device\Harddisk0\DR0 - ok
19:58:49.0843 0x03f0  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
19:58:49.0953 0x03f0  \Device\Harddisk1\DR1 - ok
19:58:49.0953 0x03f0  ================ Scan VBR ==================================
19:58:49.0953 0x03f0  [ A8453E4DB9A54063D58B50B0B69BFAE8 ] \Device\Harddisk0\DR0\Partition1
19:58:49.0984 0x03f0  \Device\Harddisk0\DR0\Partition1 - ok
19:58:49.0984 0x03f0  [ 72A5CA510018D9DDAD6277F617482450 ] \Device\Harddisk1\DR1\Partition1
19:58:49.0984 0x03f0  \Device\Harddisk1\DR1\Partition1 - ok
19:58:50.0031 0x03f0  AV detected via SS1: Microsoft Security Essentials, 4.4.0304.0, disabled, updated
19:58:50.0031 0x03f0  AV detected via SS1: Microsoft Security Essentials, 2.1.6805.0, disabled, updated
19:58:50.0031 0x03f0  Win FW state via NFM: enabled
19:58:50.0031 0x03f0  ============================================================
19:58:50.0031 0x03f0  Scan finished
19:58:50.0031 0x03f0  ============================================================
19:58:50.0031 0x07f0  Detected object count: 0
19:58:50.0031 0x07f0  Actual detected object count: 0
19:59:05.0781 0x02b4  Deinitialize success
 

 

 

__________

 

JRT:

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Microsoft Windows XP x86
Ran by Administrator on Tue 02/25/2014 at 19:59:27.06
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\ticno multibar
Successfully deleted: [Registry Key] "hkey_current_user\software\microsoft\internet explorer\low rights\elevationpolicy\{a5aa24ea-11b8-4113-95ae-9ed71deaf12a}"



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Documents and Settings\Administrator\Local Settings\Application Data\cre"





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 02/25/2014 at 20:03:12.39
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 


Edited by sportsfroma2, 25 February 2014 - 08:41 PM.


#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,906 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:25 AM

Posted 25 February 2014 - 10:01 PM

Ok looking clean,
Both the installed versions show outdared
Malwarebytes' Anti-Malware version 1.51.2.1300 (Version: 1.51.2.1300)
SUPERAntiSpyware (Version: 4.41.1000)


Please run SFC (System File Checker)
Please run System File Checker sfc /scannow... For more information on this tool see How To Use Sfc.exe To Repair System Files

NOTE for Vista/WIN 7 users..The command needs to be run from an Elevated Command Prompt.Click Start, type cmd into the Start/Search box,
right-click cmd.exe in the list above and select 'Run as Administrator'


You will need your operating system CD handy.

Open Windows Task Manager....by pressing CTRL+SHIFT+ESC

Then click File.. then New Task(Run)

In the box that opens type sfc /scannow ......There is a space between c and /

Click OK
Let it run and insert the CD when asked.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 sportsfroma2

sportsfroma2
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:12:25 AM

Posted 26 February 2014 - 11:39 PM

Hello again boopme! thanks again for all your help and sorry for  the delay, I had to find the Windows XP disk.

 

I updated MBAM and uninstalled SAS (since I have MSE installed and running also).

 

 

Anyway, I have run sfc, it took about 45minutes or so, prompted me for the disk and everything, but after that completed I have not found any difference in the computer.

 

It is still running slowly, and doesn't shut down.

 

When it boots up, I have noticed the windows firewall seems to turn off (I get an alert in the system tray for a few seconds warning me my computer might be at risk because I have no firewall turned on) - when I go to the control panel it does say the firewall is on so not sure if it's a false-alarm while the computer is still booting up or what.

 

Also I should note, using firefox seems to bring the computer to a crawl. no error messages or anything like that though. and I can't end firefox through the task manager either, i have to do a hard restart on the whole computer....

 

after I rebooted I noticed in task manager that there seemed be be a lot of stuff running, so i took a screencap of tsk mgr to see if any of that helps...

 

edit: I  couldn't attach the picture in this post so I posted it here: https://i.imgur.com/dUu1Aa9.png

dUu1Aa9.png

 

 

edit again: firefox and the rest of the computer works fine in safe mode with networking


Edited by sportsfroma2, 26 February 2014 - 11:48 PM.


#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,906 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:25 AM

Posted 27 February 2014 - 11:02 AM

Ok, something is running, maybe a rootkit and we cannot see it. We should get a deeper look. Please follow this Preparation Guide, do steps 6,7 and 8 and post in a new topic.
Let me know if all went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users