Go Back   Tech Support Forum > Security Center > Virus/Trojan/Spyware Help

User Tag List

Windows XP PC unable to access internet or copy files

This is a discussion on Windows XP PC unable to access internet or copy files within the Virus/Trojan/Spyware Help forums, part of the Tech Support Forum category. Hi - I have a Dell slimline PC running Windows XP that is slowly losing all functionality. I cannot load


Closed Thread
 
Thread Tools Search this Thread
Old 05-30-2012, 07:39 AM   #1
Registered Member
 
Join Date: May 2012
Posts: 28
OS: XP



Hi - I have a Dell slimline PC running Windows XP that is slowly losing all functionality. I cannot load IE, Chrome has a message ERR 138 (Access Denied). I am unable to copy files from a USB stick and cannot remove certain programs (er McAfee) using the Add / Remove program utility.

I have run the microsoft mrt.exe which found 4 errors but has made no real difference. Not sure what to do as all advice seems to suggest downloading utilities which is not possible.

Any ideas to help ?

Nick
NDWales is offline  
Sponsored Links
Advertisement
 
Old 05-30-2012, 07:43 AM   #2
Security Team
Analyst
 
Join Date: Nov 2011
Posts: 754
OS: Win7 SP 1



Hi there,
my name is Marius and I will be assisting you with your Malware related problems.

Before we move on, please read the following points carefully.
  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.



Please tell us which infections were detected by MRT!

Also, have a look to the following:

Preparing for the malware removal process

While a description of the trouble you're having is of help, we need more information. A comprehensive set of logs is required to determine the presence of malware.

Please follow our pre-posting process outlined here:

NEW INSTRUCTIONS - Read This Before Posting For Malware Removal Help

To get those programs, use another computer to download them.

After running through all the steps, you shall have a proper set of logs.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.
TB-PsYcHoTiC is offline  
Old 05-30-2012, 08:16 AM   #3
Registered Member
 
Join Date: May 2012
Posts: 28
OS: XP



Hi Marius, thank you for your offer of help. I will certainly follow the guidelines you have outlined.

The MRT utility did not list any infections. It said 4 files were infected and that these had been partially cleaned but I needed to run a proper anti-virus program to complete the task.

Regarding the logs you request, I can download them on another PC but I have no way to copy to infected PC. I cannot copy and paste and cannot drag and drop.

Nick
NDWales is offline  
Sponsored Links
Advertisement
 
Old 05-30-2012, 02:12 PM   #4
Security Team
Analyst
 
Join Date: Nov 2011
Posts: 754
OS: Win7 SP 1



Did you try to start you computer to safe mode and copy the files there?
TB-PsYcHoTiC is offline  
Old 06-03-2012, 12:07 PM   #5
Registered Member
 
Join Date: May 2012
Posts: 28
OS: XP



Hi, I have managed to download and copy both files using safe mode. I have copied the dds log below but the gmer scan kept failing in both normal and safe mode. All data is on the C: drive and it took 4 hours for the gmer scan, beofre it finished it came up with a message saying an error had occurred and the file could not be saved. Any advice on how to overcome this ?

.
DDS (Ver_2011-08-26.01) - NTFSx86 MINIMAL
Internet Explorer: 8.0.6001.18702
Run by Nick at 20:39:56 on 2012-05-31
.
============== Running Processes ===============
.
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\Nick\Desktop\dds.scr
.
============== Pseudo HJT Report ===============
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uStart Page = hxxp://www.google.co.uk/
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: ToolbarURLSearchHook Class: {ca3eb689-8f09-4026-aa10-b9534c691ce0} - c:\program files\hyperionics db toolbar\tbhelper.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: PCCBHO.CPCCBHO: {22fc6ce8-7d47-479f-b74a-bfbb04adb9af} - c:\program files\winferno\pc confidential\PCCBHO.dll
BHO: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - No File
BHO: Babylon toolbar helper: {2eecd738-5844-4a99-b4b6-146bf802613b} - c:\program files\babylontoolbar\babylontoolbar\1.5.3.17\bh\BabylonToolbar.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\DLASHX_W.DLL
BHO: Norton Identity Protection: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton 360\engine\6.0.0.145\coIEPlg.dll
BHO: Norton Vulnerability Protection: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton 360\engine\6.0.0.145\ips\IPSBHO.DLL
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\common files\mcafee\systemcore\ScriptSn.20111226100839.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: IncrediMail MediaBar 4 Toolbar: {90eee664-34b1-422a-a782-779af65cdf6d} - c:\program files\incredimail_mediabar_4\prxtbInc2.dll
BHO: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - c:\progra~1\wi371a~1\datamngr\toolbar\searchqudtx.dll
BHO: DataMngr: {9d717f81-9148-4f12-8568-69135f087db0} - c:\progra~1\wi371a~1\datamngr\BROWSE~1.DLL
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5612.1312\swg.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_B7C5AC242193BB3E.dll
BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\bae\BAE.dll
BHO: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\msn toolbar\platform\5.0.1449.0\npwinext.dll
BHO: Search-Results Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - No File
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: SMTTB2009 Class: {fcbccb87-9224-4b8d-b117-f56d924beb18} - c:\program files\hyperionics db toolbar\tbcore3.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
TB: {5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} - No File
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
TB: @c:\program files\msn toolbar\platform\5.0.1449.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - c:\program files\msn toolbar\platform\5.0.1449.0\npwinext.dll
TB: Hyperionics DB Toolbar: {338b4dfe-2e2c-4338-9e41-e176d497299e} - c:\program files\hyperionics db toolbar\tbcore3.dll
TB: IncrediMail MediaBar 4 Toolbar: {90eee664-34b1-422a-a782-779af65cdf6d} - c:\program files\incredimail_mediabar_4\prxtbInc2.dll
TB: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - c:\progra~1\wi371a~1\datamngr\toolbar\searchqudtx.dll
TB: Search-Results Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
TB: Babylon Toolbar: {98889811-442d-49dd-99d7-dc866be87dbc} - c:\program files\babylontoolbar\babylontoolbar\1.5.3.17\BabylonToolbarTlbr.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton 360\engine\6.0.0.145\coIEPlg.dll
TB: {84938242-5C5B-4A55-B6B9-A1507543B418} - No File
TB: {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
uRun: [kdx] c:\program files\kontiki\KHost.exe -all
uRun: [ANT Agent] c:\program files\garmin\ant agent\ANT Agent.exe
uRun: [OpenDNS Updater] "c:\program files\opendns updater\OpenDNSUpdater.exe" /autostart
mRun: [SigmatelSysTrayApp] stsystra.exe
mRun: [LogitechQuickCamRibbon] "c:\program files\logitech\quickcam\Quickcam.exe" /hide
mRun: [LogitechCommunicationsManager] "c:\program files\common files\logishrd\lcommgr\Communications_Helper.exe"
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup
mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\Iaanotif.exe
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [DLA] c:\windows\system32\dla\DLACTRLW.EXE
mRun: [Corel Photo Downloader] c:\program files\corel\corel snapfire plus\Corel Photo Downloader.exe
mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"
mRun: [AVFX Engine] c:\program files\creative\creative live! cam\videofx\StartFX.exe
mRun: [Auto Run Software for Photo Frame] "c:\program files\philips\auto run software for photo frame\PhotoManager.exe" /autorun
mRun: [ArcSoft Connection Service] c:\program files\common files\arcsoft\connection service\bin\ACDaemon.exe
mRun: [4oD] "c:\program files\kontiki\KHost.exe" -all
mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /installquiet
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [mcui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
mRun: [PC-Checkup] "c:\pc-checkup\PCCheckUp.exe" -mini
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [<NO NAME>]
mRun: [Bing Bar] "c:\program files\msn toolbar\platform\5.0.1449.0\mswinext.exe"
mRun: [Microsoft Default Manager] "c:\program files\microsoft\search enhancement pack\default manager\DefMgr.exe" -resume
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [DATAMNGR] c:\progra~1\wi371a~1\datamngr\DATAMN~1.EXE
mRun: [LogMeIn Hamachi Ui] "c:\program files\logmein hamachi\hamachi-2-ui.exe" --auto-start
mRun: [ApnUpdater] "c:\program files\ask.com\updater\Updater.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
IE: {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - c:\program files\winferno\pc confidential\PCConfidential.exe
IE: {925DAB62-F9AC-4221-806A-057BFB1014AA} - c:\program files\winferno\pc confidential\PCConfidential.exe
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
IE: {B58926D6-CFB0-45d2-9C28-4B5A0F0368AE} - {7A3D6D17-9DD5-4C60-8076-D1784DABAF8C} - c:\program files\clickpotatolite\bin\11.0.16.0\ClickPotatoLiteSABHO.dll
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.3.0/GarminAxControl.CAB
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {1C11B948-582A-433F-A98D-A8C4D5CC64F2} - hxxp://magnet.2020.net/virtualplanner/Core/Player/2020PlayerAX_Win32.cab
DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} - hxxp://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
DPF: {5D6F45B3-9043-443D-A792-115447494D24} - hxxp://messenger.zone.msn.com/EN-GB/a-UNO1/GAME_UNO1.cab
DPF: {7584C670-2274-4EFB-B00B-D6AABA6D3850} - hxxp://remoteaccess.beaconhomeloans.co.uk/msrdp.cab
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - hxxp://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} - hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://www.creative.com/su2/CTL_V02002/ocx/15031/CTPID.cab
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{4D2CA5CD-909D-4B65-9BB5-BF37445189A3} : DhcpNameServer = 192.168.1.254
Filter: application/x-internet-signup - {A173B69A-1F9B-4823-9FDA-412F641E65D6} - c:\program files\tiscali\tiscali internet\dlls\tiscalifilter.dll
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~1\mcafee\msc\McSnIePl.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
AppInit_DLLs: c:\progra~1\wi371a~1\datamngr\datamngr.dll c:\progra~1\wi371a~1\datamngr\iebho.dll c:\progra~1\google\google~1\GOEC62~1.DLL
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\nick\application data\mozilla\firefox\profiles\w4trgjny.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.searchqu.com/406
FF - prefs.js: keyword.URL - hxxp://dts.search-results.com/sr?src=ffb&appid=101&systemid=406&sr=0&q=
FF - component: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordext.dll
FF - component: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordlegacyext.dll
FF - component: c:\program files\mcafee\siteadvisor\components\McFFPlg.dll
FF - component: c:\program files\mozilla firefox\distribution\bundles\{d19ca586-dd6c-4a0a-96f8-14644f340d60}\components\scriptff.dll
FF - component: c:\program files\mozilla firefox\extensions\{82af8dca-6de9-405d-bd5e-43525bdad38a}\components\SkypeFfComponent.dll
FF - component: c:\program files\windows ilivid toolbar\datamngr\firefoxextension\components\DataMngrHlpFF3.dll
FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll
FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\documents and settings\all users\application data\zylom\zylomgamesplayer\npzylomgamesplayer.dll
FF - plugin: c:\progra~1\mcafee\msc\npMcSnFFPl.dll
FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\clickpotatolite\bin\11.0.16.0\firefox\extensions\plugins\npclntax_ClickPotatoLiteSA.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\google updater\2.4.2432.1652\npCIDetect14.dll
FF - plugin: c:\program files\google\update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npclntax_ClickPotatoLiteSA.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npCouponPrinter.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npMozCouponPrinter.dll
FF - plugin: c:\program files\msn toolbar\platform\5.0.1449.0\npwinext.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - Ext: Skype Click to Call: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - c:\program files\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - Ext: Java Quick Starter: [email protected] - c:\program files\java\jre6\lib\deploy\jqs\ff
FF - Ext: McAfee SiteAdvisor: {B7082FAA-CB62-4872-9106-E42DD88EDE45} - c:\program files\mcafee\SiteAdvisor
FF - Ext: ClickPotatoLite Component: [email protected] - c:\program files\clickpotatolite\bin\11.0.16.0\firefox\extensions
FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\Ext
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
.
============= SERVICES / DRIVERS ===============
.
R? 0115431328141478mcinstcleanup;McAfee Application Installer Cleanup (0115431328141478)
R? BHDrvx86;BHDrvx86
R? ccEvtMgr;Symantec Event Manager
R? ccPwdSvc;Symantec Password Validation
R? ccSet_N360;Norton 360 Settings Manager
R? ccSetMgr;Symantec Settings Manager
R? cfwids;McAfee Inc. cfwids
R? CwAltaService20;ContentWatch
R? fssfltr;fssfltr
R? fsssvc;Windows Live Family Safety Service
R? Gonzales;Gonzales
R? GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335
R? gupdate;Google Update Service (gupdate)
R? gupdatem;Google Update Service (gupdatem)
R? Hamachi2Svc;LogMeIn Hamachi Tunneling Engine
R? IDSxpx86;IDSxpx86
R? McAfee SiteAdvisor Service;McAfee SiteAdvisor Service
R? McMPFSvc;McAfee Personal Firewall Service
R? McNaiAnn;McAfee VirusScan Announcer
R? McProxy;McAfee Proxy Service
R? McrdSvc;Media Center Extender Service
R? McShield;McAfee McShield
R? mfeavfk;McAfee Inc. mfeavfk
R? mfebopk;McAfee Inc. mfebopk
R? mfefire;McAfee Firewall Core Service
R? mfefirek;McAfee Inc. mfefirek
R? mfehidk;McAfee Inc. mfehidk
R? mfendisk;McAfee Core NDIS Intermediate Filter
R? mfendiskmp;mfendiskmp
R? mferkdet;McAfee Inc. mferkdet
R? mfetdi2k;McAfee Inc. mfetdi2k
R? mfevtp;McAfee Validation Trust Protection Service
R? N360;Norton 360
R? NAVENG;NAVENG
R? NAVEX15;NAVEX15
R? PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service
R? SASDIFSV;SASDIFSV
R? SASENUM;SASENUM
R? SASKUTIL;SASKUTIL
R? Symantec Core LC;Symantec Core LC
R? SymIRON;Symantec Iron Driver
R? V0230Vfx;V0230Vfx
R? V0230VID;Live! Cam Video IM Pro
R? Viewpoint Manager Service;Viewpoint Manager Service
S? Bonifay;Bonifay
S? SymDS;Symantec Data Store
S? SymEFA;Symantec Extended File Attributes
.
=============== Created Last 30 ================
.
2012-05-30 08:19:34 60872 ----a-w- c:\windows\system32\S32EVNT1.DLL
2012-05-30 08:19:33 141944 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2012-05-30 08:19:19 905336 ----a-r- c:\windows\system32\drivers\n360\0600000.091\SymEFA.sys
2012-05-30 08:19:19 574584 ----a-r- c:\windows\system32\drivers\n360\0600000.091\srtsp.sys
2012-05-30 08:19:19 388216 ----a-r- c:\windows\system32\drivers\n360\0600000.091\symtdi.sys
2012-05-30 08:19:19 345208 ----a-r- c:\windows\system32\drivers\n360\0600000.091\symtdiv.sys
2012-05-30 08:19:19 340088 ----a-r- c:\windows\system32\drivers\n360\0600000.091\SymDS.sys
2012-05-30 08:19:19 32888 ----a-r- c:\windows\system32\drivers\n360\0600000.091\srtspx.sys
2012-05-30 08:19:19 318584 ----a-r- c:\windows\system32\drivers\n360\0600000.091\symnets.sys
2012-05-30 08:19:19 149624 ----a-r- c:\windows\system32\drivers\n360\0600000.091\Ironx86.sys
2012-05-30 08:19:18 132744 ----a-r- c:\windows\system32\drivers\n360\0600000.091\ccSetx86.sys
2012-05-30 08:18:52 4782 ----a-r- c:\windows\system32\drivers\n360\0600000.091\SymVTcer.dat
2012-05-30 08:18:51 -------- d-----w- c:\windows\system32\drivers\n360\0600000.091
2012-05-30 08:18:51 -------- d-----w- c:\windows\system32\drivers\N360
2012-05-30 08:18:49 -------- d-----w- c:\program files\Norton 360
2012-05-30 08:14:04 -------- d-----w- c:\program files\NortonInstaller
.
==================== Find3M ====================
.
.
============= FINISH: 20:40:50.09 ===============
NDWales is offline  
Old 06-03-2012, 03:33 PM   #6
Security Team
Analyst
 
Join Date: Nov 2011
Posts: 754
OS: Win7 SP 1



Instead of gmer, run the following tools:




Scan with aswMBR


Please download aswMBR.exe to your desktop.

  • Double-click the aswMBR.exe to run it
  • When prompted with The application can use the Avast! Free Antivirus for scanning >> select No
  • Now click on the Scan button to start scan
  • On completion of the scan click Save Log, save it to your desktop and post the contents in your next reply

Note: There will also be a file on your desktop named MBR.dat(or similir) do not delete this for now it is a actual backup of the MBR(master boot record).


Please read and follow these instructions carefully. We do not want it to fix anything yet (if found), we need to see a report first.

Download TDSSKiller.exe and save it to your desktop
  • Execute TDSSKiller.exe by doubleclicking on it.
  • Klick Change parameters, check Detect TDLFS file system, click OK.
  • Press Start Scan
  • If Malicious objects are found, do NOT select Cure. Change the action to Skip, and save the log.
  • Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt


Please post the contents of that log in your next reply.
TB-PsYcHoTiC is offline  
Old 06-06-2012, 12:11 AM   #7
Security Team
Analyst
 
Join Date: Nov 2011
Posts: 754
OS: Win7 SP 1



Are you still with me?
TB-PsYcHoTiC is offline  
Old 06-06-2012, 12:58 AM   #8
Registered Member
 
Join Date: May 2012
Posts: 28
OS: XP



Yes, sorry was away for the day yesterday (UK holiday). Will try these new utilities tonight.
NDWales is offline  
Old 06-07-2012, 12:25 AM   #9
Registered Member
 
Join Date: May 2012
Posts: 28
OS: XP



Just about to run these utilities, can they be run in safe mode or do they need full blown Windows startup ?
NDWales is offline  
Old 06-07-2012, 03:30 AM   #10
Security Team
Analyst
 
Join Date: Nov 2011
Posts: 754
OS: Win7 SP 1



Start them in safe mode!
TB-PsYcHoTiC is offline  
Old 06-07-2012, 08:52 AM   #11
Registered Member
 
Join Date: May 2012
Posts: 28
OS: XP



asmMBR
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-06-07 16:15:40
-----------------------------
16:15:40.593 OS Version: Windows 5.1.2600 Service Pack 2
16:15:40.593 Number of processors: 2 586 0xF06
16:15:40.593 ComputerName: DCXZFN2J UserName: Nick
16:15:41.718 Initialize success
16:16:00.437 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
16:16:00.437 Disk 0 Vendor: ST350041 CC3E Size: 476940MB BusType: 3
16:16:00.453 Disk 0 MBR read successfully
16:16:00.468 Disk 0 MBR scan
16:16:00.484 Disk 0 unknown MBR code
16:16:00.484 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 62 MB offset 63
16:16:00.500 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 352912 MB offset 128520
16:16:00.515 Disk 0 Partition - 00 0F Extended LBA 119208 MB offset 722892870
16:16:00.546 Disk 0 Partition 3 00 0C FAT32 LBA MSDOS5.0 4753 MB offset 967032675
16:16:00.578 Disk 0 Partition - 00 05 Extended 119208 MB offset 722892932
16:16:00.578 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 119208 MB offset 722892933
16:16:00.593 Disk 0 scanning sectors +976768065
16:16:00.671 Disk 0 scanning C:\WINDOWS\system32\drivers
16:16:07.796 Service scanning
16:16:11.781 Service BVRPMPR5 E:\INSTAL~E\Core\BVRPMPR5.SYS **LOCKED** 21
16:16:24.078 Modules scanning
16:16:25.468 Module: C:\WINDOWS\System32\drivers\dxgthk.sys **SUSPICIOUS**
16:16:26.015 Disk 0 trace - called modules:
16:16:26.156 ntoskrnl.exe CLASSPNP.SYS disk.sys iastor.sys hal.dll
16:16:26.312 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8b49a4e0]
16:16:26.453 3 CLASSPNP.SYS[f763805b] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x8b482030]
16:16:26.609 Scan finished successfully
16:19:19.140 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Nick\Desktop\MBR.dat"
16:19:19.171 The log file has been saved successfully to "C:\Documents and Settings\Nick\Desktop\aswMBR.txt"
NDWales is offline  
Old 06-07-2012, 08:56 AM   #12
Registered Member
 
Join Date: May 2012
Posts: 28
OS: XP



TDSSkiller
16:19:51.0765 1696 TDSS rootkit removing tool 2.7.38.0 May 25 2012 17:35:31
16:19:51.0828 1696 ============================================================
16:19:51.0828 1696 Current date / time: 2012/06/07 16:19:51.0828
16:19:51.0828 1696 SystemInfo:
16:19:51.0828 1696
16:19:51.0828 1696 OS Version: 5.1.2600 ServicePack: 2.0
16:19:51.0828 1696 Product type: Workstation
16:19:51.0828 1696 ComputerName: DCXZFN2J
16:19:51.0828 1696 UserName: Nick
16:19:51.0828 1696 Windows directory: C:\WINDOWS
16:19:51.0828 1696 System windows directory: C:\WINDOWS
16:19:51.0828 1696 Processor architecture: Intel x86
16:19:51.0828 1696 Number of processors: 2
16:19:51.0828 1696 Page size: 0x1000
16:19:51.0828 1696 Boot type: Safe boot
16:19:51.0828 1696 ============================================================
16:19:52.0234 1696 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
16:19:52.0234 1696 Drive \Device\Harddisk1\DR5 - Size: 0x3BA300000 (14.91 Gb), SectorSize: 0x200, Cylinders: 0x79A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
16:19:52.0234 1696 ============================================================
16:19:52.0234 1696 \Device\Harddisk0\DR0:
16:19:52.0250 1696 MBR partitions:
16:19:52.0250 1696 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1F608, BlocksNum 0x2B14823E
16:19:52.0265 1696 \Device\Harddisk0\DR0\Partition1: MBR, Type 0xC, StartLBA 0x39A3BF63, BlocksNum 0x948CDE
16:19:52.0265 1696 \Device\Harddisk1\DR5:
16:19:52.0265 1696 MBR partitions:
16:19:52.0265 1696 \Device\Harddisk1\DR5\Partition0: MBR, Type 0xC, StartLBA 0x20, BlocksNum 0x1DD17E0
16:19:52.0265 1696 ============================================================
16:19:52.0296 1696 C: <-> \Device\Harddisk0\DR0\Partition0
16:19:52.0328 1696 F: <-> \Device\Harddisk0\DR0\Partition1
16:19:52.0359 1696 ============================================================
16:19:52.0359 1696 Initialize success
16:19:52.0359 1696 ============================================================
16:20:41.0437 1716 ============================================================
16:20:41.0437 1716 Scan started
16:20:41.0437 1716 Mode: Manual; TDLFS;
16:20:41.0437 1716 ============================================================
16:20:41.0609 1716 0115431328141478mcinstcleanup - ok
16:20:42.0390 1716 Abiosdsk - ok
16:20:42.0406 1716 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
16:20:42.0406 1716 abp480n5 - ok
16:20:42.0468 1716 ACDaemon (adc420616c501b45d26c0fd3ef1e54e4) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
16:20:42.0468 1716 ACDaemon - ok
16:20:42.0484 1716 ACPI (a10c7534f7223f4a73a948967d00e69b) C:\WINDOWS\system32\DRIVERS\ACPI.sys
16:20:42.0484 1716 ACPI - ok
16:20:42.0515 1716 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
16:20:42.0515 1716 ACPIEC - ok
16:20:42.0531 1716 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
16:20:42.0546 1716 adpu160m - ok
16:20:42.0578 1716 aec (1ee7b434ba961ef845de136224c30fec) C:\WINDOWS\system32\drivers\aec.sys
16:20:42.0578 1716 aec - ok
16:20:42.0578 1716 Afc (a7b8a3a79d35215d798a300df49ed23f) C:\WINDOWS\system32\drivers\Afc.sys
16:20:42.0578 1716 Afc - ok
16:20:42.0609 1716 AFD (55e6e1c51b6d30e54335750955453702) C:\WINDOWS\System32\drivers\afd.sys
16:20:42.0609 1716 AFD - ok
16:20:42.0640 1716 agp440 (2c428fa0c3e3a01ed93c9b2a27d8d4bb) C:\WINDOWS\system32\DRIVERS\agp440.sys
16:20:42.0640 1716 agp440 - ok
16:20:42.0656 1716 agpCPQ (67288b07d6aba6c1267b626e67bc56fd) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
16:20:42.0656 1716 agpCPQ - ok
16:20:42.0671 1716 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
16:20:42.0671 1716 Aha154x - ok
16:20:42.0687 1716 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
16:20:42.0687 1716 aic78u2 - ok
16:20:42.0718 1716 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
16:20:42.0718 1716 aic78xx - ok
16:20:42.0734 1716 Alerter (c7ae0fd3867db0d42b03b73c18f3d671) C:\WINDOWS\system32\alrsvc.dll
16:20:42.0734 1716 Alerter - ok
16:20:42.0750 1716 ALG (f1958fbf86d5c004cf19a5951a9514b7) C:\WINDOWS\System32\alg.exe
16:20:42.0750 1716 ALG - ok
16:20:42.0781 1716 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
16:20:42.0781 1716 AliIde - ok
16:20:42.0796 1716 alim1541 (f312b7cef21eff52fa23056b9d815fad) C:\WINDOWS\system32\DRIVERS\alim1541.sys
16:20:42.0796 1716 alim1541 - ok
16:20:42.0812 1716 amdagp (675c16a3c1f8482f85ee4a97fc0dde3d) C:\WINDOWS\system32\DRIVERS\amdagp.sys
16:20:42.0812 1716 amdagp - ok
16:20:42.0828 1716 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
16:20:42.0828 1716 amsint - ok
16:20:42.0875 1716 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:20:42.0875 1716 Apple Mobile Device - ok
16:20:42.0906 1716 AppMgmt (9c3c12975c97119412802b181fbeeffe) C:\WINDOWS\System32\appmgmts.dll
16:20:42.0906 1716 AppMgmt - ok
16:20:42.0921 1716 Arp1394 (f0d692b0bffb46e30eb3cea168bbc49f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
16:20:42.0921 1716 Arp1394 - ok
16:20:42.0953 1716 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
16:20:42.0953 1716 asc - ok
16:20:42.0968 1716 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
16:20:42.0968 1716 asc3350p - ok
16:20:42.0968 1716 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
16:20:42.0968 1716 asc3550 - ok
16:20:43.0109 1716 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
16:20:43.0140 1716 aspnet_state - ok
16:20:43.0156 1716 AsyncMac (02000abf34af4c218c35d257024807d6) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
16:20:43.0156 1716 AsyncMac - ok
16:20:43.0187 1716 atapi (cdfe4411a69c224bd1d11b2da92dac51) C:\WINDOWS\system32\DRIVERS\atapi.sys
16:20:43.0187 1716 atapi - ok
16:20:43.0187 1716 Atdisk - ok
16:20:43.0234 1716 Atmarpc (ec88da854ab7d7752ec8be11a741bb7f) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
16:20:43.0234 1716 Atmarpc - ok
16:20:43.0265 1716 AudioSrv (db66db626e4882ebef55f136f12c1829) C:\WINDOWS\System32\audiosrv.dll
16:20:43.0265 1716 AudioSrv - ok
16:20:43.0265 1716 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
16:20:43.0265 1716 audstub - ok
16:20:43.0296 1716 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
16:20:43.0296 1716 Beep - ok
16:20:43.0500 1716 BHDrvx86 (e685ba3267c5a4ec4ce9e2b4a1481725) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\BASHDefs\20111201.001\BHDrvx86.sys
16:20:43.0515 1716 BHDrvx86 - ok
16:20:43.0562 1716 BITS (2c69ec7e5a311334d10dd95f338fccea) C:\WINDOWS\system32\qmgr.dll
16:20:43.0703 1716 BITS - ok
16:20:43.0718 1716 Bonifay (c0152e77307de863ebf6c728cf0a771d) C:\WINDOWS\system32\DRIVERS\Bonifay.sys
16:20:43.0718 1716 Bonifay - ok
16:20:43.0812 1716 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
16:20:43.0812 1716 Bonjour Service - ok
16:20:43.0843 1716 Browser (e3cfccdda4edd1d0dc9168b2e18f27b8) C:\WINDOWS\System32\browser.dll
16:20:43.0843 1716 Browser - ok
16:20:43.0859 1716 BVRPMPR5 - ok
16:20:43.0890 1716 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
16:20:43.0890 1716 cbidf - ok
16:20:43.0890 1716 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
16:20:43.0890 1716 cbidf2k - ok
16:20:43.0921 1716 CCDECODE (6163ed60b684bab19d3352ab22fc48b2) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
16:20:43.0921 1716 CCDECODE - ok
16:20:43.0953 1716 ccEvtMgr (69637eb41f3467dda6ccceba7c320e0a) C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
16:20:43.0968 1716 ccEvtMgr - ok
16:20:43.0984 1716 ccPwdSvc (c007b1b36c4803a735b30b5af86d268c) C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
16:20:43.0984 1716 ccPwdSvc - ok
16:20:44.0015 1716 ccSetMgr (bb98479c3135c05291d54debd7b310d5) C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
16:20:44.0015 1716 ccSetMgr - ok
16:20:44.0078 1716 ccSet_N360 (599e7f6259a127c174c49938d2aa6a60) C:\WINDOWS\system32\drivers\N360\0600000.091\ccSetx86.sys
16:20:44.0078 1716 ccSet_N360 - ok
16:20:44.0109 1716 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
16:20:44.0109 1716 cd20xrnt - ok
16:20:44.0125 1716 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
16:20:44.0125 1716 Cdaudio - ok
16:20:44.0156 1716 Cdfs (cd7d5152df32b47f4e36f710b35aae02) C:\WINDOWS\system32\drivers\Cdfs.sys
16:20:44.0156 1716 Cdfs - ok
16:20:44.0171 1716 Cdrom (af9c19b3100fe010496b1a27181fbf72) C:\WINDOWS\system32\DRIVERS\cdrom.sys
16:20:44.0171 1716 Cdrom - ok
16:20:44.0203 1716 cfwids (1dcb5209601a70e36c70fe8d197d62cb) C:\WINDOWS\system32\drivers\cfwids.sys
16:20:44.0203 1716 cfwids - ok
16:20:44.0218 1716 Changer - ok
16:20:44.0250 1716 CiSvc (3192bd04d032a9c4a85a3278c268a13a) C:\WINDOWS\system32\cisvc.exe
16:20:44.0250 1716 CiSvc - ok
16:20:44.0265 1716 ClipSrv (c8dec22c4137d7a90f8bdf41ca4b82ae) C:\WINDOWS\system32\clipsrv.exe
16:20:44.0265 1716 ClipSrv - ok
16:20:44.0359 1716 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:20:44.0406 1716 clr_optimization_v2.0.50727_32 - ok
16:20:44.0468 1716 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
16:20:44.0468 1716 CmdIde - ok
16:20:44.0484 1716 COMSysApp - ok
16:20:44.0531 1716 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
16:20:44.0531 1716 Cpqarray - ok
16:20:44.0546 1716 CryptSvc (10654f9ddcea9c46cfb77554231be73b) C:\WINDOWS\System32\cryptsvc.dll
16:20:44.0546 1716 CryptSvc - ok
16:20:44.0640 1716 CwAltaService20 (7c012f381b7b43024b942fa85b352d2d) C:\Program Files\ContentWatch\Internet Protection\cwsvc.exe
16:20:44.0656 1716 CwAltaService20 - ok
16:20:44.0687 1716 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
16:20:44.0687 1716 dac2w2k - ok
16:20:44.0703 1716 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
16:20:44.0703 1716 dac960nt - ok
16:20:44.0734 1716 DCamUSBSQTECH (100ff3d9e16afb3163bd6f9aaaab7c55) C:\WINDOWS\system32\Drivers\SQcaptur.sys
16:20:44.0734 1716 DCamUSBSQTECH - ok
16:20:44.0781 1716 DcomLaunch (24b5d53b9accc1e2edcf0a878d6659d4) C:\WINDOWS\system32\rpcss.dll
16:20:44.0796 1716 DcomLaunch - ok
16:20:44.0812 1716 Dhcp (ef545e1a4b043da4c84e230dd471c55f) C:\WINDOWS\System32\dhcpcsvc.dll
16:20:44.0812 1716 Dhcp - ok
16:20:44.0843 1716 Disk (00ca44e4534865f8a3b64f7c0984bff0) C:\WINDOWS\system32\DRIVERS\disk.sys
16:20:44.0843 1716 Disk - ok
16:20:44.0859 1716 DLABOIOM (e2d0de31442390c35e3163c87cb6a9eb) C:\WINDOWS\system32\DLA\DLABOIOM.SYS
16:20:44.0859 1716 DLABOIOM - ok
16:20:44.0890 1716 DLACDBHM (d979bebcf7edcc9c9ee1857d1a68c67b) C:\WINDOWS\system32\Drivers\DLACDBHM.SYS
16:20:44.0890 1716 DLACDBHM - ok
16:20:44.0906 1716 DLADResN (83545593e297f50a8e2524b4c071a153) C:\WINDOWS\system32\DLA\DLADResN.SYS
16:20:44.0906 1716 DLADResN - ok
16:20:44.0921 1716 DLAIFS_M (96e01d901cdc98c7817155cc057001bf) C:\WINDOWS\system32\DLA\DLAIFS_M.SYS
16:20:44.0921 1716 DLAIFS_M - ok
16:20:44.0937 1716 DLAOPIOM (0a60a39cc5e767980a31ca5d7238dfa9) C:\WINDOWS\system32\DLA\DLAOPIOM.SYS
16:20:44.0937 1716 DLAOPIOM - ok
16:20:44.0953 1716 DLAPoolM (9fe2b72558fc808357f427fd83314375) C:\WINDOWS\system32\DLA\DLAPoolM.SYS
16:20:44.0953 1716 DLAPoolM - ok
16:20:44.0968 1716 DLARTL_N (7ee0852ae8907689df25049dcd2342e8) C:\WINDOWS\system32\Drivers\DLARTL_N.SYS
16:20:44.0968 1716 DLARTL_N - ok
16:20:44.0984 1716 DLAUDFAM (f08e1dafac457893399e03430a6a1397) C:\WINDOWS\system32\DLA\DLAUDFAM.SYS
16:20:44.0984 1716 DLAUDFAM - ok
16:20:45.0000 1716 DLAUDF_M (e7d105ed1e694449d444a9933df8e060) C:\WINDOWS\system32\DLA\DLAUDF_M.SYS
16:20:45.0000 1716 DLAUDF_M - ok
16:20:45.0015 1716 dmadmin - ok
16:20:45.0078 1716 dmboot (c0fbb516e06e243f0cf31f597e7ebf7d) C:\WINDOWS\system32\drivers\dmboot.sys
16:20:45.0078 1716 dmboot - ok
16:20:45.0093 1716 dmio (f5e7b358a732d09f4bcf2824b88b9e28) C:\WINDOWS\system32\drivers\dmio.sys
16:20:45.0093 1716 dmio - ok
16:20:45.0109 1716 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
16:20:45.0109 1716 dmload - ok
16:20:45.0140 1716 dmserver (1639d9964c9e1b2ecca95c8217d3e70d) C:\WINDOWS\System32\dmserver.dll
16:20:45.0140 1716 dmserver - ok
16:20:45.0171 1716 DMusic (a6f881284ac1150e37d9ae47ff601267) C:\WINDOWS\system32\drivers\DMusic.sys
16:20:45.0171 1716 DMusic - ok
16:20:45.0203 1716 Dnscache (aac8ffbfd61e784fa3bac851d4a0bd5f) C:\WINDOWS\System32\dnsrslvr.dll
16:20:45.0203 1716 Dnscache - ok
16:20:45.0218 1716 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
16:20:45.0218 1716 dpti2o - ok
16:20:45.0250 1716 drmkaud (1ed4dbbae9f5d558dbba4cc450e3eb2e) C:\WINDOWS\system32\drivers\drmkaud.sys
16:20:45.0250 1716 drmkaud - ok
16:20:45.0250 1716 DRVMCDB (fd0f95981fef9073659d8ec58e40aa3c) C:\WINDOWS\system32\Drivers\DRVMCDB.SYS
16:20:45.0250 1716 DRVMCDB - ok
16:20:45.0265 1716 DRVNDDM (b4869d320428cdc5ec4d7f5e808e99b5) C:\WINDOWS\system32\Drivers\DRVNDDM.SYS
16:20:45.0265 1716 DRVNDDM - ok
16:20:45.0312 1716 DSI_SiUSBXp_3_1 (bc9c2ef22ee0320c079e3ff9b4d29951) C:\WINDOWS\system32\drivers\DSI_SiUSBXp_3_1.sys
16:20:45.0312 1716 DSI_SiUSBXp_3_1 - ok
16:20:45.0375 1716 DSproct (2ac2372ffad9adc85672cc8e8ae14be9) C:\Program Files\Dell Support\GTAction\triggers\DSproct.sys
16:20:45.0375 1716 DSproct - ok
16:20:45.0406 1716 E100B (3fca03cbca11269f973b70fa483c88ef) C:\WINDOWS\system32\DRIVERS\e100b325.sys
16:20:45.0406 1716 E100B - ok
16:20:45.0437 1716 e1express (00192f0c612591d585594e9467e6ca8b) C:\WINDOWS\system32\DRIVERS\e1e5132.sys
16:20:45.0437 1716 e1express - ok
16:20:45.0484 1716 ehRecvr (d039a0c347632622934906bd59a4e1ea) C:\WINDOWS\eHome\ehRecvr.exe
16:20:45.0484 1716 ehRecvr - ok
16:20:45.0500 1716 ehSched (a53243709439ac2a4c216b817f8d7411) C:\WINDOWS\eHome\ehSched.exe
16:20:45.0500 1716 ehSched - ok
16:20:45.0531 1716 ERSvc (67dff7bbbd0e80aab7b3cf061448db8a) C:\WINDOWS\System32\ersvc.dll
16:20:45.0546 1716 ERSvc - ok
16:20:45.0562 1716 Eventlog (4712531ab7a01b7ee059853ca17d39bd) C:\WINDOWS\system32\services.exe
16:20:45.0578 1716 Eventlog - ok
16:20:45.0593 1716 EventSystem (60d1a6342238378bfb7545c81ee3606c) C:\WINDOWS\system32\es.dll
16:20:45.0609 1716 EventSystem - ok
16:20:45.0625 1716 Fastfat (3117f595e9615e04f05a54fc15a03b20) C:\WINDOWS\system32\drivers\Fastfat.sys
16:20:45.0640 1716 Fastfat - ok
16:20:45.0656 1716 FastUserSwitchingCompatibility (6815def9b810aefac107eeaf72da6f82) C:\WINDOWS\System32\shsvcs.dll
16:20:45.0656 1716 FastUserSwitchingCompatibility - ok
16:20:45.0703 1716 Fax (fcbd571fa0ee8dc238944ae5fab74461) C:\WINDOWS\system32\fxssvc.exe
16:20:45.0703 1716 Fax - ok
16:20:45.0718 1716 Fdc (ced2e8396a8838e59d8fd529c680e02c) C:\WINDOWS\system32\DRIVERS\fdc.sys
16:20:45.0718 1716 Fdc - ok
16:20:45.0765 1716 Fips (e153ab8a11de5452bcf5ac7652dbf3ed) C:\WINDOWS\system32\drivers\Fips.sys
16:20:45.0765 1716 Fips - ok
16:20:45.0781 1716 Flpydisk (0dd1de43115b93f4d85e889d7a86f548) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
16:20:45.0781 1716 Flpydisk - ok
16:20:45.0796 1716 FltMgr (3d234fb6d6ee875eb009864a299bea29) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
16:20:45.0796 1716 FltMgr - ok
16:20:45.0875 1716 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
16:20:45.0875 1716 FontCache3.0.0.0 - ok
16:20:45.0890 1716 fssfltr (c6ee3a87fe609d3e1db9dbd072a248de) C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys
16:20:45.0890 1716 fssfltr - ok
16:20:45.0984 1716 fsssvc (206ad9a89bf05dfa1621f1fc7b82592d) C:\Program Files\Windows Live\Family Safety\fsssvc.exe
16:20:45.0984 1716 fsssvc - ok
16:20:46.0000 1716 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
16:20:46.0000 1716 Fs_Rec - ok
16:20:46.0046 1716 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
16:20:46.0046 1716 Ftdisk - ok
16:20:46.0078 1716 GearAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
16:20:46.0078 1716 GearAspiWDM - ok
16:20:46.0109 1716 GEARSecurity (b6e01969246fcb67470e87e6957ee147) C:\WINDOWS\System32\GEARSec.exe
16:20:46.0109 1716 GEARSecurity - ok
16:20:46.0125 1716 Gonzales (673d63add112dce1ea58a4e418eddb86) C:\WINDOWS\system32\DRIVERS\Gonzales.sys
16:20:46.0125 1716 Gonzales - ok
16:20:46.0187 1716 GoogleDesktopManager-051210-111108 (9f5f2f0fb0a7f5aa9f16b9a7b6dad89f) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
16:20:46.0187 1716 GoogleDesktopManager-051210-111108 - ok
16:20:46.0203 1716 Gpc (c0f1d4a21de5a415df8170616703debf) C:\WINDOWS\system32\DRIVERS\msgpc.sys
16:20:46.0203 1716 Gpc - ok
16:20:46.0218 1716 grmnusb (6003bc70f1a8307262bd3c941bda0b7e) C:\WINDOWS\system32\drivers\grmnusb.sys
16:20:46.0218 1716 grmnusb - ok
16:20:46.0250 1716 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
16:20:46.0250 1716 gupdate - ok
16:20:46.0265 1716 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
16:20:46.0265 1716 gupdatem - ok
16:20:46.0312 1716 gusvc (408ddd80eede47175f6844817b90213e) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
16:20:46.0312 1716 gusvc - ok
16:20:46.0328 1716 hamachi (833051c6c6c42117191935f734cfbd97) C:\WINDOWS\system32\DRIVERS\hamachi.sys
16:20:46.0328 1716 hamachi - ok
16:20:46.0375 1716 Hamachi2Svc (2b2917d15d14ad1e7c5cc10cdc481cb5) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
16:20:46.0406 1716 Hamachi2Svc - ok
16:20:46.0484 1716 HDAudBus (e31363d186b3e1d7c4e9117884a6aee5) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
16:20:46.0484 1716 HDAudBus - ok
16:20:46.0515 1716 helpsvc (8827911a8c37e40c027cbfc88e69d967) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
16:20:46.0515 1716 helpsvc - ok
16:20:46.0562 1716 HidIr (07577916997e89563ed508c2ab6ff415) C:\WINDOWS\system32\DRIVERS\hidir.sys
16:20:46.0562 1716 HidIr - ok
16:20:46.0578 1716 HidServ (9376e6893e52b368abc6255bf54f0b28) C:\WINDOWS\System32\hidserv.dll
16:20:46.0593 1716 HidServ - ok
16:20:46.0625 1716 HidUsb (1de6783b918f540149aa69943bdfeba8) C:\WINDOWS\system32\DRIVERS\hidusb.sys
16:20:46.0625 1716 HidUsb - ok
16:20:46.0687 1716 hnmsvc (4b448655e25de1f59a92f1a1a10c5099) C:\Program Files\Dell Network Assistant\hnm_svc.exe
16:20:46.0703 1716 hnmsvc - ok
16:20:46.0718 1716 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
16:20:46.0718 1716 hpn - ok
16:20:46.0750 1716 HSFHWAZL (14b15d0d803ef4ab9b525b7e2da303ef) C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
16:20:46.0750 1716 HSFHWAZL - ok
16:20:46.0765 1716 HSF_DPV (cbf6831420a97e8fbb91e5f52b707ef7) C:\WINDOWS\system32\DRIVERS\HSF_DPV.SYS
16:20:46.0781 1716 HSF_DPV - ok
16:20:46.0828 1716 HTTP (9f8b0f4276f618964fd118be4289b7cd) C:\WINDOWS\system32\Drivers\HTTP.sys
16:20:46.0828 1716 HTTP - ok
16:20:46.0843 1716 HTTPFilter (064d8581adf77c25133e7d751d917d83) C:\WINDOWS\System32\w3ssl.dll
16:20:46.0859 1716 HTTPFilter - ok
16:20:46.0875 1716 i2omgmt (8f09f91b5c91363b77bcd15599570f2c) C:\WINDOWS\system32\drivers\i2omgmt.sys
16:20:46.0875 1716 i2omgmt - ok
16:20:46.0890 1716 i2omp (ed6bf9e441fdea13292a6d30a64a24c3) C:\WINDOWS\system32\DRIVERS\i2omp.sys
16:20:46.0890 1716 i2omp - ok
16:20:46.0906 1716 i8042prt (5502b58eef7486ee6f93f3f164dcb808) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
16:20:46.0906 1716 i8042prt - ok
16:20:46.0953 1716 IAANTMON (b122be74e283a2bc7febc180bfd2efd5) C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
16:20:46.0968 1716 IAANTMON - ok
16:20:46.0984 1716 iastor (019cf5f31c67030841233c545a0e217a) C:\WINDOWS\system32\drivers\iastor.sys
16:20:46.0984 1716 iastor - ok
16:20:47.0031 1716 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
16:20:47.0031 1716 IDriverT - ok
16:20:47.0125 1716 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
16:20:47.0140 1716 idsvc - ok
16:20:47.0312 1716 IDSxpx86 (cfbc1ce72e5353d428704659199147b1) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\IPSDefs\20111130.012\IDSxpx86.sys
16:20:47.0312 1716 IDSxpx86 - ok
16:20:47.0375 1716 Imapi (f8aa320c6a0409c0380e5d8a99d76ec6) C:\WINDOWS\system32\DRIVERS\imapi.sys
16:20:47.0375 1716 Imapi - ok
16:20:47.0406 1716 ImapiService (fa788520bcac0f5d9d5cde5615c0d931) C:\WINDOWS\system32\imapi.exe
16:20:47.0406 1716 ImapiService - ok
16:20:47.0437 1716 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
16:20:47.0437 1716 ini910u - ok
16:20:47.0468 1716 IntelIde (2d722b2b54ab55b2fa475eb58d7b2aad) C:\WINDOWS\system32\DRIVERS\intelide.sys
16:20:47.0468 1716 IntelIde - ok
16:20:47.0515 1716 intelppm (279fb78702454dff2bb445f238c048d2) C:\WINDOWS\system32\DRIVERS\intelppm.sys
16:20:47.0515 1716 intelppm - ok
16:20:47.0546 1716 Ip6Fw (4448006b6bc60e6c027932cfc38d6855) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
16:20:47.0546 1716 Ip6Fw - ok
16:20:47.0562 1716 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
16:20:47.0562 1716 IpFilterDriver - ok
16:20:47.0593 1716 IpInIp (e1ec7f5da720b640cd8fb8424f1b14bb) C:\WINDOWS\system32\DRIVERS\ipinip.sys
16:20:47.0593 1716 IpInIp - ok
16:20:47.0625 1716 IpNat (e2168cbc7098ffe963c6f23f472a3593) C:\WINDOWS\system32\DRIVERS\ipnat.sys
16:20:47.0625 1716 IpNat - ok
16:20:47.0703 1716 iPod Service (ca1972397b845b2f53f5dc63c22fd98a) C:\Program Files\iPod\bin\iPodService.exe
16:20:47.0703 1716 iPod Service - ok
16:20:47.0750 1716 IPSec (64537aa5c003a6afeee1df819062d0d1) C:\WINDOWS\system32\DRIVERS\ipsec.sys
16:20:47.0750 1716 IPSec - ok
16:20:47.0781 1716 IrBus (0461e205fa8870f9020ffe7c64721e75) C:\WINDOWS\system32\DRIVERS\IrBus.sys
16:20:47.0781 1716 IrBus - ok
16:20:47.0812 1716 IRENUM (50708daa1b1cbb7d6ac1cf8f56a24410) C:\WINDOWS\system32\DRIVERS\irenum.sys
16:20:47.0812 1716 IRENUM - ok
16:20:47.0828 1716 isapnp (e504f706ccb699c2596e9a3da1596e87) C:\WINDOWS\system32\DRIVERS\isapnp.sys
16:20:47.0828 1716 isapnp - ok
16:20:47.0890 1716 JavaQuickStarterService (44ffba62f0f426b581759c49aafec2e2) C:\Program Files\Java\jre6\bin\jqs.exe
16:20:47.0890 1716 JavaQuickStarterService - ok
16:20:47.0921 1716 Kbdclass (ebdee8a2ee5393890a1acee971c4c246) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
16:20:47.0921 1716 Kbdclass - ok
16:20:47.0953 1716 kbdhid (e182fa8e49e8ee41b4adc53093f3c7e6) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
16:20:47.0953 1716 kbdhid - ok
16:20:47.0984 1716 kmixer (ba5deda4d934e6288c2f66caf58d2562) C:\WINDOWS\system32\drivers\kmixer.sys
16:20:47.0984 1716 kmixer - ok
16:20:48.0000 1716 KSecDD (1be7cc2535d760ae4d481576eb789f24) C:\WINDOWS\system32\drivers\KSecDD.sys
16:20:48.0000 1716 KSecDD - ok
16:20:48.0093 1716 KService (62cef3ca80ff1e3af738dd11e3505db1) C:\Program Files\Kontiki\KService.exe
16:20:48.0156 1716 KService - ok
16:20:48.0234 1716 lanmanserver (0cb3af149a0bac0836022ca307c7a0f8) C:\WINDOWS\System32\srvsvc.dll
16:20:48.0234 1716 lanmanserver - ok
16:20:48.0250 1716 lanmanworkstation (e1f27cfcd114ec9f1e1f44674b2ff9f0) C:\WINDOWS\System32\wkssvc.dll
16:20:48.0265 1716 lanmanworkstation - ok
16:20:48.0281 1716 lbrtfdc - ok
16:20:48.0343 1716 LmHosts (b3eff6d938c572e90a07b3d87a3c7657) C:\WINDOWS\System32\lmhsvc.dll
16:20:48.0343 1716 LmHosts - ok
16:20:48.0406 1716 LVcKap (fb548ff809634bfa866312b37d8a18ae) C:\WINDOWS\system32\DRIVERS\LVcKap.sys
16:20:48.0437 1716 LVcKap - ok
16:20:48.0500 1716 LVCOMSer (14e4cc4d46169759d874f57604ea6be5) C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
16:20:48.0500 1716 LVCOMSer - ok
16:20:48.0625 1716 LVMVDrv (fe3fb994f8702d9e37648927819b74b8) C:\WINDOWS\system32\DRIVERS\LVMVDrv.sys
16:20:48.0656 1716 LVMVDrv - ok
16:20:48.0703 1716 LVPr2Mon (c7ea51f1ab10b0b2b443f4d5589fc1a5) C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys
16:20:48.0703 1716 LVPr2Mon - ok
16:20:48.0718 1716 LVPrcSrv (b2d04e813ba12ab179daf0b9fdecba3d) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
16:20:48.0718 1716 LVPrcSrv - ok
16:20:48.0734 1716 LVSrvLauncher (a7a2ef5000007ca361da1e2b99df8c57) C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
16:20:48.0734 1716 LVSrvLauncher - ok
16:20:48.0765 1716 LVUSBSta (f7e15f2fe7790733df86e95a76556389) C:\WINDOWS\system32\drivers\LVUSBSta.sys
16:20:48.0765 1716 LVUSBSta - ok
16:20:48.0875 1716 LVUVC (92d03dc19eae9d0a86735705e374fdad) C:\WINDOWS\system32\DRIVERS\lvuvc.sys
16:20:48.0921 1716 LVUVC - ok
16:20:49.0015 1716 MBAMSwissArmy (0db7527db188c7d967a37bb51bbf3963) C:\WINDOWS\system32\drivers\mbamswissarmy.sys
16:20:49.0015 1716 MBAMSwissArmy - ok
16:20:49.0078 1716 McAfee SiteAdvisor Service (2ed44415685945d691f5089cc33dd237) C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
16:20:49.0078 1716 McAfee SiteAdvisor Service - ok
16:20:49.0125 1716 McMPFSvc (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
16:20:49.0125 1716 McMPFSvc - ok
16:20:49.0140 1716 mcmscsvc (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
16:20:49.0140 1716 mcmscsvc - ok
16:20:49.0156 1716 McNaiAnn (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
16:20:49.0156 1716 McNaiAnn - ok
16:20:49.0171 1716 McNASvc (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
16:20:49.0171 1716 McNASvc - ok
16:20:49.0234 1716 McODS (1d97a89e4c1917d7c7ac3a27a45ef87e) C:\Program Files\McAfee\VirusScan\mcods.exe
16:20:49.0234 1716 McODS - ok
16:20:49.0250 1716 McProxy (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
16:20:49.0250 1716 McProxy - ok
16:20:49.0281 1716 McrdSvc (df0a511f38f16016bf658fca0090cb87) C:\WINDOWS\ehome\mcrdsvc.exe
16:20:49.0281 1716 McrdSvc - ok
16:20:49.0312 1716 McShield (16767b4cb7ae8f388e091717db34ff6c) C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
16:20:49.0312 1716 McShield - ok
16:20:49.0343 1716 mdmxsdk (3c318b9cd391371bed62126581ee9961) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
16:20:49.0343 1716 mdmxsdk - ok
16:20:49.0359 1716 Messenger (95fd808e4ac22aba025a7b3eac0375d2) C:\WINDOWS\System32\msgsvc.dll
16:20:49.0359 1716 Messenger - ok
16:20:49.0390 1716 mfeapfk (36b47b1e9c537f8f2b4481084b8f7d22) C:\WINDOWS\system32\drivers\mfeapfk.sys
16:20:49.0390 1716 mfeapfk - ok
16:20:49.0406 1716 mfeavfk (cde41293db871a75cd99eb0ce781356b) C:\WINDOWS\system32\drivers\mfeavfk.sys
16:20:49.0406 1716 mfeavfk - ok
16:20:49.0421 1716 mfebopk (e22385f64bdf0ad81157479496e33c4a) C:\WINDOWS\system32\drivers\mfebopk.sys
16:20:49.0421 1716 mfebopk - ok
16:20:49.0437 1716 mfefire (3f17534b8867854113df2b45fff3acf5) C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
16:20:49.0437 1716 mfefire - ok
16:20:49.0468 1716 mfefirek (215666a8a85023ef019b510cbb67f678) C:\WINDOWS\system32\drivers\mfefirek.sys
16:20:49.0468 1716 mfefirek - ok
16:20:49.0500 1716 mfehidk (56d330981866a72f061dd16cc5004513) C:\WINDOWS\system32\drivers\mfehidk.sys
16:20:49.0500 1716 mfehidk - ok
16:20:49.0515 1716 mfendisk (62acda4e958e2a392557ba3c6c754a58) C:\WINDOWS\system32\DRIVERS\mfendisk.sys
16:20:49.0515 1716 mfendisk - ok
16:20:49.0531 1716 mfendiskmp (62acda4e958e2a392557ba3c6c754a58) C:\WINDOWS\system32\DRIVERS\mfendisk.sys
16:20:49.0531 1716 mfendiskmp - ok
16:20:49.0562 1716 mferkdet (89b564d63c53fc0c6782ab07eea63acf) C:\WINDOWS\system32\drivers\mferkdet.sys
16:20:49.0562 1716 mferkdet - ok
16:20:49.0593 1716 mfetdi2k (922e64ca38e38106498fb3435a8e399d) C:\WINDOWS\system32\drivers\mfetdi2k.sys
16:20:49.0593 1716 mfetdi2k - ok
16:20:49.0625 1716 mfevtp (ad52269897626d614b31e153f5c5d65c) C:\WINDOWS\system32\mfevtps.exe
16:20:49.0625 1716 mfevtp - ok
16:20:49.0656 1716 MHN (b7521f69c0a9b29d356157229376fb21) C:\WINDOWS\System32\mhn.dll
16:20:49.0656 1716 MHN - ok
16:20:49.0671 1716 MHNDRV (7f2f1d2815a6449d346fcccbc569fbd6) C:\WINDOWS\system32\DRIVERS\mhndrv.sys
16:20:49.0671 1716 MHNDRV - ok
16:20:49.0703 1716 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
16:20:49.0703 1716 mnmdd - ok
16:20:49.0718 1716 mnmsrvc (f6415361201915b9fe3896b0e4e724ff) C:\WINDOWS\system32\mnmsrvc.exe
16:20:49.0718 1716 mnmsrvc - ok
16:20:49.0750 1716 Modem (6fc6f9d7acc36dca9b914565a3aeda05) C:\WINDOWS\system32\drivers\Modem.sys
16:20:49.0750 1716 Modem - ok
16:20:49.0765 1716 Mouclass (34e1f0031153e491910e12551400192c) C:\WINDOWS\system32\DRIVERS\mouclass.sys
16:20:49.0765 1716 Mouclass - ok
16:20:49.0781 1716 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
16:20:49.0781 1716 mouhid - ok
16:20:49.0796 1716 MountMgr (65653f3b4477f3c63e68a9659f85ee2e) C:\WINDOWS\system32\drivers\MountMgr.sys
16:20:49.0796 1716 MountMgr - ok
16:20:49.0812 1716 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
16:20:49.0812 1716 mraid35x - ok
16:20:49.0843 1716 MRxDAV (29414447eb5bde2f8397dc965dbb3156) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
16:20:49.0843 1716 MRxDAV - ok
16:20:49.0875 1716 MRxSmb (fb6c89bb3ce282b08bdb1e3c179e1c39) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
16:20:49.0875 1716 MRxSmb - ok
16:20:49.0890 1716 MSDTC (c7c3d89eb0a6f3dba622ea737fa335b1) C:\WINDOWS\system32\msdtc.exe
16:20:49.0906 1716 MSDTC - ok
16:20:49.0921 1716 Msfs (561b3a4333ca2dbdba28b5b956822519) C:\WINDOWS\system32\drivers\Msfs.sys
16:20:49.0921 1716 Msfs - ok
16:20:49.0921 1716 MSIServer - ok
16:20:50.0015 1716 MSK80Service (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
16:20:50.0015 1716 MSK80Service - ok
16:20:50.0031 1716 MSKSSRV (ae431a8dd3c1d0d0610cdbac16057ad0) C:\WINDOWS\system32\drivers\MSKSSRV.sys
16:20:50.0031 1716 MSKSSRV - ok
16:20:50.0062 1716 MSPCLOCK (13e75fef9dfeb08eeded9d0246e1f448) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
16:20:50.0062 1716 MSPCLOCK - ok
16:20:50.0062 1716 MSPQM (1988a33ff19242576c3d0ef9ce785da7) C:\WINDOWS\system32\drivers\MSPQM.sys
16:20:50.0062 1716 MSPQM - ok
16:20:50.0093 1716 mssmbios (469541f8bfd2b32659d5d463a6714bce) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
16:20:50.0093 1716 mssmbios - ok
16:20:50.0125 1716 MSTEE (bf13612142995096ab084f2db7f40f77) C:\WINDOWS\system32\drivers\MSTEE.sys
16:20:50.0125 1716 MSTEE - ok
16:20:50.0140 1716 Mup (82035e0f41c2dd05ae41d27fe6cf7de1) C:\WINDOWS\system32\drivers\Mup.sys
16:20:50.0140 1716 Mup - ok
16:20:50.0265 1716 N360 (9d0f43b1d0434b44183d4795e89f6c14) C:\Program Files\Norton 360\Engine\6.0.0.145\ccSvcHst.exe
16:20:50.0265 1716 N360 - ok
16:20:50.0296 1716 NABTSFEC (5c8dc6429c43dc6177c1fa5b76290d1a) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
16:20:50.0296 1716 NABTSFEC - ok
16:20:50.0312 1716 NAL (1e59aaed42a5e3a5ed86ec403f9c0776) C:\WINDOWS\system32\Drivers\iqvw32.sys
16:20:50.0312 1716 NAL - ok
16:20:50.0468 1716 NAVENG (862f55824ac81295837b0ab63f91071f) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20111203.009\NAVENG.SYS
16:20:50.0468 1716 NAVENG - ok
16:20:50.0562 1716 NAVEX15 (529d571b551cb9da44237389b936f1ae) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20111203.009\NAVEX15.SYS
16:20:50.0593 1716 NAVEX15 - ok
16:20:50.0656 1716 NDIS (558635d3af1c7546d26067d5d9b6959e) C:\WINDOWS\system32\drivers\NDIS.sys
16:20:50.0671 1716 NDIS - ok
16:20:50.0703 1716 NdisIP (520ce427a8b298f54112857bcf6bde15) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
16:20:50.0703 1716 NdisIP - ok
16:20:50.0718 1716 NdisTapi (08d43bbdacdf23f34d79e44ed35c1b4c) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
16:20:50.0718 1716 NdisTapi - ok
16:20:50.0734 1716 Ndisuio (eefa1ce63805d2145978621be5c6d955) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
16:20:50.0734 1716 Ndisuio - ok
16:20:50.0750 1716 NdisWan (0b90e255a9490166ab368cd55a529893) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
16:20:50.0750 1716 NdisWan - ok
16:20:50.0781 1716 NDProxy (59fc3fb44d2669bc144fd87826bb571f) C:\WINDOWS\system32\drivers\NDProxy.sys
16:20:50.0781 1716 NDProxy - ok
16:20:50.0796 1716 NetBIOS (3a2aca8fc1d7786902ca434998d7ceb4) C:\WINDOWS\system32\DRIVERS\netbios.sys
16:20:50.0796 1716 NetBIOS - ok
16:20:50.0828 1716 NetBT (0c80e410cd2f47134407ee7dd19cc86b) C:\WINDOWS\system32\DRIVERS\netbt.sys
16:20:50.0828 1716 NetBT - ok
16:20:50.0843 1716 NetDDE (05afb5ad06462257bea7495283c86d50) C:\WINDOWS\system32\netdde.exe
16:20:50.0843 1716 NetDDE - ok
16:20:50.0859 1716 NetDDEdsdm (05afb5ad06462257bea7495283c86d50) C:\WINDOWS\system32\netdde.exe
16:20:50.0859 1716 NetDDEdsdm - ok
16:20:50.0890 1716 Netlogon (84885f9b82f4d55c6146ebf6065d75d2) C:\WINDOWS\system32\lsass.exe
16:20:50.0906 1716 Netlogon - ok
16:20:50.0937 1716 Netman (36739b39267914ba69ad0610a0299732) C:\WINDOWS\System32\netman.dll
16:20:50.0937 1716 Netman - ok
16:20:51.0015 1716 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:20:51.0031 1716 NetTcpPortSharing - ok
16:20:51.0046 1716 NIC1394 (5c5c53db4fef16cf87b9911c7e8c6fbc) C:\WINDOWS\system32\DRIVERS\nic1394.sys
16:20:51.0046 1716 NIC1394 - ok
16:20:51.0078 1716 Nla (097722f235a1fb698bf9234e01b52637) C:\WINDOWS\System32\mswsock.dll
16:20:51.0093 1716 Nla - ok
16:20:51.0203 1716 Norton Ghost (81a8f8a61b5cc7d0a6416db9af1bbe85) C:\Program Files\Norton Ghost\Agent\VProSvc.exe
16:20:51.0234 1716 Norton Ghost - ok
16:20:51.0296 1716 Npfs (4f601bcb8f64ea3ac0994f98fed03f8e) C:\WINDOWS\system32\drivers\Npfs.sys
16:20:51.0296 1716 Npfs - ok
16:20:51.0343 1716 Ntfs (19a811ef5f1ed5c926a028ce107ff1af) C:\WINDOWS\system32\drivers\Ntfs.sys
16:20:51.0359 1716 Ntfs - ok
16:20:51.0375 1716 NtLmSsp (84885f9b82f4d55c6146ebf6065d75d2) C:\WINDOWS\system32\lsass.exe
16:20:51.0375 1716 NtLmSsp - ok
16:20:51.0421 1716 NtmsSvc (b62f29c00ac55a761b2e45877d85ea0f) C:\WINDOWS\system32\ntmssvc.dll
16:20:51.0421 1716 NtmsSvc - ok
16:20:51.0437 1716 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
16:20:51.0437 1716 Null - ok
16:20:51.0687 1716 nv (ed9816dbaf6689542ea7d022631906a1) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
16:20:51.0843 1716 nv - ok
16:20:51.0906 1716 nvsvc (a2322c6207ebb0761a6c8cc9003ebacf) C:\WINDOWS\system32\nvsvc32.exe
16:20:51.0906 1716 nvsvc - ok
16:20:51.0937 1716 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
16:20:51.0937 1716 NwlnkFlt - ok
16:20:51.0953 1716 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
16:20:51.0953 1716 NwlnkFwd - ok
16:20:52.0046 1716 odserv (1f0e05dff4f5a833168e49be1256f002) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
16:20:52.0062 1716 odserv - ok
16:20:52.0078 1716 ohci1394 (0951db8e5823ea366b0e408d71e1ba2a) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
16:20:52.0078 1716 ohci1394 - ok
16:20:52.0109 1716 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:20:52.0109 1716 ose - ok
16:20:52.0125 1716 Packet (8f856dae19383bd69db444004d5d4f50) C:\WINDOWS\system32\DRIVERS\packet.sys
16:20:52.0125 1716 Packet - ok
16:20:52.0171 1716 Parport (29744eb4ce659dfe3b4122deb45bc478) C:\WINDOWS\system32\DRIVERS\parport.sys
16:20:52.0171 1716 Parport - ok
16:20:52.0187 1716 PartMgr (3334430c29dc338092f79c38ef7b4cd0) C:\WINDOWS\system32\drivers\PartMgr.sys
16:20:52.0187 1716 PartMgr - ok
16:20:52.0218 1716 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
16:20:52.0218 1716 ParVdm - ok
16:20:52.0218 1716 PCI (8086d9979234b603ad5bc2f5d890b234) C:\WINDOWS\system32\DRIVERS\pci.sys
16:20:52.0218 1716 PCI - ok
16:20:52.0234 1716 PCIDump - ok
16:20:52.0265 1716 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
16:20:52.0265 1716 PCIIde - ok
16:20:52.0281 1716 Pcmcia (82a087207decec8456fbe8537947d579) C:\WINDOWS\system32\drivers\Pcmcia.sys
16:20:52.0281 1716 Pcmcia - ok
16:20:52.0312 1716 PCToolsSSDMonitorSvc (afaf3349029de488c0a45c79a630bf94) C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
16:20:52.0328 1716 PCToolsSSDMonitorSvc - ok
16:20:52.0328 1716 PDCOMP - ok
16:20:52.0343 1716 PDFRAME - ok
16:20:52.0359 1716 PDRELI - ok
16:20:52.0375 1716 PDRFRAME - ok
16:20:52.0390 1716 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
16:20:52.0390 1716 perc2 - ok
16:20:52.0421 1716 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
16:20:52.0421 1716 perc2hib - ok
16:20:52.0484 1716 PlugPlay (4712531ab7a01b7ee059853ca17d39bd) C:\WINDOWS\system32\services.exe
16:20:52.0484 1716 PlugPlay - ok
16:20:52.0484 1716 PolicyAgent (84885f9b82f4d55c6146ebf6065d75d2) C:\WINDOWS\system32\lsass.exe
16:20:52.0484 1716 PolicyAgent - ok
16:20:52.0515 1716 PptpMiniport (1c5cc65aac0783c344f16353e60b72ac) C:\WINDOWS\system32\DRIVERS\raspptp.sys
16:20:52.0515 1716 PptpMiniport - ok
16:20:52.0515 1716 ProtectedStorage (84885f9b82f4d55c6146ebf6065d75d2) C:\WINDOWS\system32\lsass.exe
16:20:52.0531 1716 ProtectedStorage - ok
16:20:52.0531 1716 PSched (48671f327553dcf1d27f6197f622a668) C:\WINDOWS\system32\DRIVERS\psched.sys
16:20:52.0546 1716 PSched - ok
16:20:52.0546 1716 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
16:20:52.0546 1716 Ptilink - ok
16:20:52.0578 1716 PxHelp20 (7c81ae3c9b82ba2da437ed4d31bc56cf) C:\WINDOWS\system32\Drivers\PxHelp20.sys
16:20:52.0578 1716 PxHelp20 - ok
16:20:52.0593 1716 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
16:20:52.0593 1716 ql1080 - ok
16:20:52.0609 1716 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
16:20:52.0609 1716 Ql10wnt - ok
16:20:52.0625 1716 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
16:20:52.0625 1716 ql12160 - ok
16:20:52.0640 1716 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
16:20:52.0640 1716 ql1240 - ok
16:20:52.0671 1716 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
16:20:52.0671 1716 ql1280 - ok
16:20:52.0687 1716 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
16:20:52.0687 1716 RasAcd - ok
16:20:52.0718 1716 RasAuto (44db7a9bdd2fb58747d123fbf1d35adb) C:\WINDOWS\System32\rasauto.dll
16:20:52.0718 1716 RasAuto - ok
16:20:52.0734 1716 Rasl2tp (98faeb4a4dcf812ba1c6fca4aa3e115c) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
16:20:52.0734 1716 Rasl2tp - ok
16:20:52.0765 1716 RasMan (49b5eed5fb89d39456a2f616ccd8ba5d) C:\WINDOWS\System32\rasmans.dll
16:20:52.0781 1716 RasMan - ok
16:20:52.0781 1716 RasPppoe (7306eeed8895454cbed4669be9f79faa) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
16:20:52.0781 1716 RasPppoe - ok
16:20:52.0796 1716 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
16:20:52.0796 1716 Raspti - ok
16:20:52.0843 1716 Rdbss (03b965b1ca47f6ef60eb5e51cb50e0af) C:\WINDOWS\system32\DRIVERS\rdbss.sys
16:20:52.0843 1716 Rdbss - ok
16:20:52.0843 1716 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
16:20:52.0843 1716 RDPCDD - ok
16:20:52.0875 1716 rdpdr (a2cae2c60bc37e0751ef9dda7ceaf4ad) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
16:20:52.0890 1716 rdpdr - ok
16:20:52.0968 1716 RDPWD (b54cd38a9ebfbf2b3561426e3fe26f62) C:\WINDOWS\system32\drivers\RDPWD.sys
16:20:52.0968 1716 RDPWD - ok
16:20:53.0000 1716 RDSessMgr (729798e0933076b8fcfcd9934698f164) C:\WINDOWS\system32\sessmgr.exe
16:20:53.0000 1716 RDSessMgr - ok
16:20:53.0015 1716 redbook (b31b4588e4086d8d84adbf9845c2402b) C:\WINDOWS\system32\DRIVERS\redbook.sys
16:20:53.0015 1716 redbook - ok
16:20:53.0046 1716 RemoteAccess (3046db917e3cfa040632799dd9b14865) C:\WINDOWS\System32\mprdim.dll
16:20:53.0046 1716 RemoteAccess - ok
16:20:53.0062 1716 RemoteRegistry (3151427db7d87107d1c5be58fac53960) C:\WINDOWS\system32\regsvc.dll
16:20:53.0062 1716 RemoteRegistry - ok
16:20:53.0093 1716 RpcLocator (793f04a09b15e7c6c11dbdffaf06c0ab) C:\WINDOWS\system32\locator.exe
16:20:53.0093 1716 RpcLocator - ok
16:20:53.0125 1716 RpcSs (24b5d53b9accc1e2edcf0a878d6659d4) C:\WINDOWS\system32\rpcss.dll
16:20:53.0125 1716 RpcSs - ok
16:20:53.0140 1716 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
16:20:53.0156 1716 RSVP - ok
16:20:53.0171 1716 SamSs (84885f9b82f4d55c6146ebf6065d75d2) C:\WINDOWS\system32\lsass.exe
16:20:53.0171 1716 SamSs - ok
16:20:53.0250 1716 SASDIFSV (bfbc4be8d6ac6d33ad93f3f5f2e11499) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
16:20:53.0250 1716 SASDIFSV - ok
16:20:53.0281 1716 SASENUM (e9c2d75c748c3f0a4c34d6cf2ae1d754) C:\Program Files\SUPERAntiSpyware\SASENUM.SYS
16:20:53.0281 1716 SASENUM - ok
16:20:53.0296 1716 SASKUTIL (64c100dbf57c6cb6e7d5d24153f5e444) C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys
16:20:53.0296 1716 SASKUTIL - ok
16:20:53.0328 1716 SCardSvr (25d8de134df108e3dbc8d7d23b1aa58e) C:\WINDOWS\System32\SCardSvr.exe
16:20:53.0328 1716 SCardSvr - ok
16:20:53.0359 1716 Schedule (92360854316611f6cc471612213c3d92) C:\WINDOWS\system32\schedsvc.dll
16:20:53.0359 1716 Schedule - ok
16:20:53.0390 1716 SeaPort (4a5809a1d796e2675ac0332bf7b0cb11) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
16:20:53.0390 1716 SeaPort - ok
16:20:53.0468 1716 Secdrv (c71394d99a04ca76484492f590c9cba5) C:\WINDOWS\system32\DRIVERS\secdrv.sys
16:20:53.0468 1716 Secdrv - ok
16:20:53.0484 1716 seclogon (b1e0ce09895376871746f36dc5773b4f) C:\WINDOWS\System32\seclogon.dll
16:20:53.0484 1716 seclogon - ok
16:20:53.0500 1716 SENS (dfd9870cf39c791d86c4c209da9fa919) C:\WINDOWS\system32\sens.dll
16:20:53.0500 1716 SENS - ok
16:20:53.0531 1716 serenum (a2d868aeeff612e70e213c451a70cafb) C:\WINDOWS\system32\DRIVERS\serenum.sys
16:20:53.0531 1716 serenum - ok
16:20:53.0546 1716 Serial (cd9404d115a00d249f70a371b46d5a26) C:\WINDOWS\system32\DRIVERS\serial.sys
16:20:53.0546 1716 Serial - ok
16:20:53.0593 1716 Sfloppy (0d13b6df6e9e101013a7afb0ce629fe0) C:\WINDOWS\system32\drivers\Sfloppy.sys
16:20:53.0593 1716 Sfloppy - ok
16:20:53.0625 1716 SharedAccess (4ac3902bf0d21a3f49a12fbd1604690a) C:\WINDOWS\System32\ipnathlp.dll
16:20:53.0640 1716 SharedAccess - ok
16:20:53.0656 1716 ShellHWDetection (6815def9b810aefac107eeaf72da6f82) C:\WINDOWS\System32\shsvcs.dll
16:20:53.0656 1716 ShellHWDetection - ok
16:20:53.0671 1716 Simbad - ok
16:20:53.0703 1716 sisagp (732d859b286da692119f286b21a2a114) C:\WINDOWS\system32\DRIVERS\sisagp.sys
16:20:53.0703 1716 sisagp - ok
16:20:53.0734 1716 SLIP (5caeed86821fa2c6139e32e9e05ccdc9) C:\WINDOWS\system32\DRIVERS\SLIP.sys
16:20:53.0734 1716 SLIP - ok
16:20:53.0765 1716 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
16:20:53.0765 1716 Sparrow - ok
16:20:53.0781 1716 splitter (0ce218578fff5f4f7e4201539c45c78f) C:\WINDOWS\system32\drivers\splitter.sys
16:20:53.0781 1716 splitter - ok
16:20:53.0812 1716 Spooler (da81ec57acd4cdc3d4c51cf3d409af9f) C:\WINDOWS\system32\spoolsv.exe
16:20:53.0812 1716 Spooler - ok
16:20:53.0828 1716 sr (e41b6d037d6cd08461470af04500dc24) C:\WINDOWS\system32\DRIVERS\sr.sys
16:20:53.0828 1716 sr - ok
16:20:53.0859 1716 srservice (92bdf74f12d6cbec43c94d4b7f804838) C:\WINDOWS\system32\srsvc.dll
16:20:53.0859 1716 srservice - ok
16:20:53.0953 1716 SRTSP (c16d048faf2978d2121f9f40594a6bdc) C:\WINDOWS\system32\drivers\N360\0600000.091\SRTSP.SYS
16:20:53.0968 1716 SRTSP - ok
16:20:53.0984 1716 SRTSPX (f0d02c2e25970c9c72a5cd278c17cdb6) C:\WINDOWS\system32\drivers\N360\0600000.091\SRTSPX.SYS
16:20:53.0984 1716 SRTSPX - ok
16:20:54.0031 1716 Srv (7a4f147cc6b133f905f6e65e2f8669fb) C:\WINDOWS\system32\DRIVERS\srv.sys
16:20:54.0031 1716 Srv - ok
16:20:54.0062 1716 SSDPSRV (4b8d61792f7175bed48859cc18ce4e38) C:\WINDOWS\System32\ssdpsrv.dll
16:20:54.0062 1716 SSDPSRV - ok
16:20:54.0109 1716 STHDA (797fcc1d859b203958e915bb82528da9) C:\WINDOWS\system32\drivers\sthda.sys
16:20:54.0125 1716 STHDA - ok
16:20:54.0156 1716 StillCam (a9573045baa16eab9b1085205b82f1ed) C:\WINDOWS\system32\DRIVERS\serscan.sys
16:20:54.0156 1716 StillCam - ok
16:20:54.0187 1716 stisvc (b6763f8534ac547cf1af98afdff2edc8) C:\WINDOWS\system32\wiaservc.dll
16:20:54.0203 1716 stisvc - ok
16:20:54.0234 1716 streamip (284c57df5dc7abca656bc2b96a667afb) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
16:20:54.0234 1716 streamip - ok
16:20:54.0250 1716 swenum (03c1bae4766e2450219d20b993d6e046) C:\WINDOWS\system32\DRIVERS\swenum.sys
16:20:54.0250 1716 swenum - ok
16:20:54.0281 1716 swmidi (94abc808fc4b6d7d2bbf42b85e25bb4d) C:\WINDOWS\system32\drivers\swmidi.sys
16:20:54.0281 1716 swmidi - ok
16:20:54.0296 1716 SwPrv - ok
16:20:54.0359 1716 Symantec Core LC (b6bf7dd619d045d0f999310882551b7d) C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
16:20:54.0375 1716 Symantec Core LC - ok
16:20:54.0390 1716 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
16:20:54.0390 1716 symc810 - ok
16:20:54.0406 1716 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
16:20:54.0406 1716 symc8xx - ok
16:20:54.0484 1716 SymDS (690fa0e61b90084c4d9a721bd4f3d779) C:\WINDOWS\system32\drivers\N360\0600000.091\SYMDS.SYS
16:20:54.0500 1716 SymDS - ok
16:20:54.0578 1716 SymEFA (4e55148a2e044d02245cbcdbb266b98c) C:\WINDOWS\system32\drivers\N360\0600000.091\SYMEFA.SYS
16:20:54.0578 1716 SymEFA - ok
16:20:54.0625 1716 SymEvent (74e2521e96176a4449570e50be91954d) C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
16:20:54.0625 1716 SymEvent - ok
16:20:54.0671 1716 SymIRON (2c356cca706505cf63cbe39d532b9236) C:\WINDOWS\system32\drivers\N360\0600000.091\Ironx86.SYS
16:20:54.0671 1716 SymIRON - ok
16:20:54.0718 1716 symlcbrd (5220576ee29bea7c18dff9ecabf18bbc) C:\WINDOWS\system32\drivers\symlcbrd.sys
16:20:54.0718 1716 symlcbrd - ok
16:20:54.0750 1716 SymSnap (3ce7bf283c3e43d6be0191423482069d) C:\WINDOWS\system32\drivers\SymSnap.sys
16:20:54.0750 1716 SymSnap - ok
16:20:54.0796 1716 SYMTDI (508bd882040f9cb12319e3a4fc78edb9) C:\WINDOWS\system32\drivers\N360\0600000.091\SYMTDI.SYS
16:20:54.0796 1716 SYMTDI - ok
16:20:54.0828 1716 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
16:20:54.0828 1716 sym_hi - ok
16:20:54.0843 1716 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
16:20:54.0843 1716 sym_u3 - ok
16:20:54.0875 1716 sysaudio (650ad082d46bac0e64c9c0e0928492fd) C:\WINDOWS\system32\drivers\sysaudio.sys
16:20:54.0875 1716 sysaudio - ok
16:20:54.0906 1716 SysmonLog (8b54aa346d1b1b113ffaa75501b8b1b2) C:\WINDOWS\system32\smlogsvc.exe
16:20:54.0906 1716 SysmonLog - ok
16:20:54.0937 1716 TapiSrv (fb78839b36025aa286a51289ed28b73e) C:\WINDOWS\System32\tapisrv.dll
16:20:54.0953 1716 TapiSrv - ok
16:20:54.0968 1716 Tcpip (2a5554fc5b1e04e131230e3ce035c3f9) C:\WINDOWS\system32\DRIVERS\tcpip.sys
16:20:54.0984 1716 Tcpip - ok
16:20:55.0000 1716 TDPIPE (38d437cf2d98965f239b0abcd66dcb0f) C:\WINDOWS\system32\drivers\TDPIPE.sys
16:20:55.0000 1716 TDPIPE - ok
16:20:55.0015 1716 TDTCP (ed0580af02502d00ad8c4c066b156be9) C:\WINDOWS\system32\drivers\TDTCP.sys
16:20:55.0015 1716 TDTCP - ok
16:20:55.0031 1716 TermDD (a540a99c281d933f3d69d55e48727f47) C:\WINDOWS\system32\DRIVERS\termdd.sys
16:20:55.0031 1716 TermDD - ok
16:20:55.0078 1716 TermService (c29a5286e64d97385178452d5f307b98) C:\WINDOWS\System32\termsrv.dll
16:20:55.0078 1716 TermService - ok
16:20:55.0125 1716 Themes (6815def9b810aefac107eeaf72da6f82) C:\WINDOWS\System32\shsvcs.dll
16:20:55.0125 1716 Themes - ok
16:20:55.0140 1716 TlntSvr (37db0a7d097310e8b4de803fc3119c78) C:\WINDOWS\system32\tlntsvr.exe
16:20:55.0140 1716 TlntSvr - ok
16:20:55.0156 1716 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
16:20:55.0156 1716 TosIde - ok
16:20:55.0187 1716 TrkWks (6d9ac544b30f96c57f8206566c1fb6a1) C:\WINDOWS\system32\trkwks.dll
16:20:55.0187 1716 TrkWks - ok
16:20:55.0218 1716 Udfs (12f70256f140cd7d52c58c7048fde657) C:\WINDOWS\system32\drivers\Udfs.sys
16:20:55.0218 1716 Udfs - ok
16:20:55.0250 1716 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
16:20:55.0250 1716 ultra - ok
16:20:55.0265 1716 UMWdf (9651e5d850b6f6bd7c77c70aa06f02bf) C:\WINDOWS\system32\wdfmgr.exe
16:20:55.0265 1716 UMWdf - ok
16:20:55.0296 1716 Update (ced744117e91bdc0beb810f7d8608183) C:\WINDOWS\system32\DRIVERS\update.sys
16:20:55.0296 1716 Update - ok
16:20:55.0343 1716 upnphost (aca5d98663d879c6baafcea7e2f1b710) C:\WINDOWS\System32\upnphost.dll
16:20:55.0343 1716 upnphost - ok
16:20:55.0359 1716 UPS (3f5df65b0758675f95a2d43918a740a3) C:\WINDOWS\System32\ups.exe
16:20:55.0359 1716 UPS - ok
16:20:55.0406 1716 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\WINDOWS\system32\Drivers\usbaapl.sys
16:20:55.0406 1716 USBAAPL - ok
16:20:55.0453 1716 usbaudio (45a0d14b26c35497ad93bce7e15c9941) C:\WINDOWS\system32\drivers\usbaudio.sys
16:20:55.0453 1716 usbaudio - ok
16:20:55.0468 1716 usbbus (5353218b3265e3b8190335059f697a11) C:\WINDOWS\system32\DRIVERS\lgusbbus.sys
16:20:55.0468 1716 usbbus - ok
16:20:55.0484 1716 usbccgp (bffd9f120cc63bcbaa3d840f3eef9f79) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
16:20:55.0484 1716 usbccgp - ok
16:20:55.0500 1716 UsbDiag (7dd3eefc62a1ef44e5f940fa651ed9ed) C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys
16:20:55.0500 1716 UsbDiag - ok
16:20:55.0531 1716 usbehci (708579b01fed227aadb393cb0c3b4a2c) C:\WINDOWS\system32\DRIVERS\usbehci.sys
16:20:55.0531 1716 usbehci - ok
16:20:55.0546 1716 usbhub (c72f40947f92cea56a8fb532edf025f1) C:\WINDOWS\system32\DRIVERS\usbhub.sys
16:20:55.0546 1716 usbhub - ok
16:20:55.0578 1716 USBModem (083031a78822eccbd7510bccd3e20d4c) C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys
16:20:55.0578 1716 USBModem - ok
16:20:55.0593 1716 usbprint (a42369b7cd8886cd7c70f33da6fcbcf5) C:\WINDOWS\system32\DRIVERS\usbprint.sys
16:20:55.0609 1716 usbprint - ok
16:20:55.0640 1716 usbscan (a6bc71402f4f7dd5b77fd7f4a8ddba85) C:\WINDOWS\system32\DRIVERS\usbscan.sys
16:20:55.0640 1716 usbscan - ok
16:20:55.0671 1716 USBSTOR (6cd7b22193718f1d17a47a1cd6d37e75) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
16:20:55.0671 1716 USBSTOR - ok
16:20:55.0687 1716 usbuhci (f8fd1400092e23c8f2f31406ef06167b) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
16:20:55.0687 1716 usbuhci - ok
16:20:55.0718 1716 V0230Vfx (a0c643d5f8c60f12faa6e3454dfe9c32) C:\WINDOWS\system32\DRIVERS\V0230Vfx.sys
16:20:55.0734 1716 V0230Vfx - ok
16:20:55.0765 1716 V0230VID (4dda6f6d396cb34171aa36ad025fdc76) C:\WINDOWS\system32\DRIVERS\V0230VID.sys
16:20:55.0781 1716 V0230VID - ok
16:20:55.0812 1716 V2IMount (618796b1d9a98da9cf71b2894ae18ef2) C:\WINDOWS\system32\drivers\V2IMount.sys
16:20:55.0812 1716 V2IMount - ok
16:20:55.0828 1716 VgaSave (8a60edd72b4ea5aea8202daf0e427925) C:\WINDOWS\System32\drivers\vga.sys
16:20:55.0828 1716 VgaSave - ok
16:20:55.0843 1716 viaagp (d92e7c8a30cfd14d8e15b5f7f032151b) C:\WINDOWS\system32\DRIVERS\viaagp.sys
16:20:55.0843 1716 viaagp - ok
16:20:55.0859 1716 ViaIde (59cb1338ad3654417bea49636457f65d) C:\WINDOWS\system32\DRIVERS\viaide.sys
16:20:55.0859 1716 ViaIde - ok
16:20:55.0937 1716 Viewpoint Manager Service (5f974fde801c73952770736becde11e7) C:\Program Files\Viewpoint\Common\ViewpointService.exe
16:20:55.0937 1716 Viewpoint Manager Service - ok
16:20:55.0953 1716 VolSnap (ee4660083deba849ff6c485d944b379b) C:\WINDOWS\system32\drivers\VolSnap.sys
16:20:55.0953 1716 VolSnap - ok
16:20:55.0984 1716 VSS (3ee00364ae0fd8d604f46cbaf512838a) C:\WINDOWS\System32\vssvc.exe
16:20:55.0984 1716 VSS - ok
16:20:56.0015 1716 w32time (2b281958f5d0cf99ed626e3ef39d5c8d) C:\WINDOWS\system32\w32time.dll
16:20:56.0015 1716 w32time - ok
16:20:56.0031 1716 Wanarp (984ef0b9788abf89974cfed4bfbaacbc) C:\WINDOWS\system32\DRIVERS\wanarp.sys
16:20:56.0031 1716 Wanarp - ok
16:20:56.0062 1716 wanatw (0a716c08cb13c3a8f4f51e882dbf7416) C:\WINDOWS\system32\DRIVERS\wanatw4.sys
16:20:56.0062 1716 wanatw - ok
16:20:56.0078 1716 WDICA - ok
16:20:56.0109 1716 wdmaud (efd235ca22b57c81118c1aeb4798f1c1) C:\WINDOWS\system32\drivers\wdmaud.sys
16:20:56.0109 1716 wdmaud - ok
16:20:56.0156 1716 WebClient (265f534ef76832435afbf771ec97176d) C:\WINDOWS\System32\webclnt.dll
16:20:56.0156 1716 WebClient - ok
16:20:56.0187 1716 winachsf (59d043485a6eda2ed2685c81489ae5bd) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
16:20:56.0203 1716 winachsf - ok
16:20:56.0250 1716 winmgmt (f399242a80c4066fd155efa4cf96658e) C:\WINDOWS\system32\wbem\WMIsvc.dll
16:20:56.0250 1716 winmgmt - ok
16:20:56.0359 1716 wlidsvc (5144ae67d60ec653f97ddf3feed29e77) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:20:56.0390 1716 wlidsvc - ok
16:20:56.0468 1716 WmdmPmSN (b9715b9c18bc6c8f4b66733d208cc9f7) C:\WINDOWS\system32\MsPMSNSv.dll
16:20:56.0468 1716 WmdmPmSN - ok
16:20:56.0500 1716 Wmi (e8e57b0f9eb03d1aabec28d550c75116) C:\WINDOWS\System32\advapi32.dll
16:20:56.0500 1716 Wmi - ok
16:20:56.0546 1716 WmiApSrv (ba8cecc3e813e1f7c441b20393d4f86c) C:\WINDOWS\system32\wbem\wmiapsrv.exe
16:20:56.0562 1716 WmiApSrv - ok
16:20:56.0625 1716 WpdUsb (bbaeaca1ffa3c86361cf0998474f6c3a) C:\WINDOWS\system32\Drivers\wpdusb.sys
16:20:56.0625 1716 WpdUsb - ok
16:20:56.0656 1716 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
16:20:56.0656 1716 WS2IFSL - ok
16:20:56.0687 1716 wscsvc (4d59daa66c60858cdf4f67a900f42d4a) C:\WINDOWS\system32\wscsvc.dll
16:20:56.0687 1716 wscsvc - ok
16:20:56.0718 1716 WSTCODEC (d5842484f05e12121c511aa93f6439ec) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
16:20:56.0718 1716 WSTCODEC - ok
16:20:56.0734 1716 wuauserv (13d72740963cba12d9ff76a7f218bcd8) C:\WINDOWS\system32\wuauserv.dll
16:20:56.0765 1716 wuauserv - ok
16:20:56.0796 1716 WZCSVC (247520eded53a08ae89ea4fae04f54d8) C:\WINDOWS\System32\wzcsvc.dll
16:20:56.0812 1716 WZCSVC - ok
16:20:56.0828 1716 xmlprov (eef46dab68229a14da3d8e73c99e2959) C:\WINDOWS\System32\xmlprov.dll
16:20:56.0859 1716 xmlprov - ok
16:20:56.0906 1716 MBR (0x1B8) (5cb90281d1a59b251f6603134774eec3) \Device\Harddisk0\DR0
16:20:57.0281 1716 \Device\Harddisk0\DR0 - ok
16:20:57.0296 1716 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR5
16:20:57.0390 1716 \Device\Harddisk1\DR5 - ok
16:20:57.0390 1716 Boot (0x1200) (f45778939809192282715bbccb576bfd) \Device\Harddisk0\DR0\Partition0
16:20:57.0406 1716 \Device\Harddisk0\DR0\Partition0 - ok
16:20:57.0437 1716 Boot (0x1200) (73769ceebb457a1fc047b3c14f5fce25) \Device\Harddisk0\DR0\Partition1
16:20:57.0437 1716 \Device\Harddisk0\DR0\Partition1 - ok
16:20:57.0437 1716 Boot (0x1200) (2b2c4ef4750343f3031916890d3f51be) \Device\Harddisk1\DR5\Partition0
16:20:57.0437 1716 \Device\Harddisk1\DR5\Partition0 - ok
16:20:57.0453 1716 ============================================================
16:20:57.0453 1716 Scan finished
16:20:57.0453 1716 ============================================================
16:20:57.0468 1708 Detected object count: 0
16:20:57.0468 1708 Actual detected object count: 0
NDWales is offline  
Old 06-08-2012, 04:57 AM   #13
Security Team
Analyst
 
Join Date: Nov 2011
Posts: 754
OS: Win7 SP 1



I am currently reviewing your log. I will be back with a fix for your problem as soon as possible.

Please subscribe to this thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant Notification, then click Subscribe.

Please be patient with me during this time.

Regards,

Marius
TB-PsYcHoTiC is offline  
Old 06-08-2012, 05:15 AM   #14
Security Team
Analyst
 
Join Date: Nov 2011
Posts: 754
OS: Win7 SP 1



Please post the content of attach.txt also!
TB-PsYcHoTiC is offline  
Old 06-09-2012, 05:54 AM   #15
Security Team
Analyst
 
Join Date: Nov 2011
Posts: 754
OS: Win7 SP 1



I also needed to see the Attach.txt that dds.scr produces. Kindly run dds.scr again and post only the Attach.txt.
TB-PsYcHoTiC is offline  
Old 06-09-2012, 07:13 AM   #16
Registered Member
 
Join Date: May 2012
Posts: 28
OS: XP



Hi, this is the attach.txt file from the original dds scan. I forgot to include originally.

.
==== Installed Programs ======================
.
4oD
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader 9.5.0
Adobe Shockwave Player 11.5
Advanced PC Tweaker v4.2
Advanced Video FX Engine
Age of Mythology
Age of Mythology - The Titans Expansion
ALOT Toolbar
Ancient Jewels v1.0
AOL You've Got Pictures Screensaver
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArcSoft PhotoImpression 4
ArcSoft Software Suite
ARTEuro
Audacity 1.2.6
Babylon toolbar on IE
BAMZOOKi v3.1 (build 115.158)
BIAS SoundSoap 2.0
Bing Bar
Bing Bar Platform
Blender
Bonjour
ClickPotato
Compatibility Pack for the 2007 Office system
Conexant HDA D110 MDC V.92 Modem
Corel Paint Shop Pro Photo XI
Corel Snapfire Plus
Coupon Printer for Windows
Creative Live! Cam Center
Creative Live! Cam Manager
Creative Live! Cam Video IM Pro Driver (1.01.03.0928)
Creative Live! Cam Video IM Pro User's Guide (English)
Creative Photo Calendar
Creative Photo Manager
Creative Software AutoUpdate
Creative System Information
Dell CinePlayer
Dell Driver Reset Tool
Dell Network Assistant
Dell Support 3.2.1
Dell System Restore
Digital Line Detect
Dino Island
Disney Pirates of the Caribbean Online
Dogz 5
EA Download Manager
Electronic Arts Product Registration
ESPNMotion
Fraps (remove only)
Freecom Backup Software 1.15
Freecom Personal Media Suite 2.24
Full Marks Key Stage 2 Junior Topics
Full Marks Key Stage 2 Mental Maths
Full Marks Key Stage 2 Science
Full Marks Key Stage 2 Spelling
Garmin ANT Agent
Garmin Communicator Plugin
Garmin USB Drivers
GemMaster Mystic
Google Chrome
Google Desktop
Google Earth
Google SketchUp 7.1
Google Toolbar for Internet Explorer
Google Update Helper
Google Updater
Harry Potter - Quidditch World Cup
Harry Potter and the Prisoner of Azkaban(TM)
Harry Potter II
Harry Potter TM
High Definition Audio Driver Package - KB835221
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Player 10 (KB903157)
Hotfix for Windows XP (KB888795)
Hotfix for Windows XP (KB891593)
Hotfix for Windows XP (KB895961)
Hotfix for Windows XP (KB896256)
Hotfix for Windows XP (KB899337)
Hotfix for Windows XP (KB899510)
Hotfix for Windows XP (KB902841)
Hotfix for Windows XP (KB906569)
Hotfix for Windows XP (KB908673)
Hotfix for Windows XP (KB912024)
Hotfix for Windows XP (KB914440)
Hotfix for Windows XP (KB915865)
Hotfix for Windows XP (KB921411)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB954708)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976002-v5)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HP Deskjet 3050 J610 series Basic Device Software
HP Deskjet 3050 J610 series Help
HP Deskjet 3050 J610 series Product Improvement Study
HP Photo Creations
HP Update
HyperCam 2
Hyperionics DB Toolbar
IBM Learning Summit 1.0
iLivid
IncrediMail
IncrediMail 2.0
IncrediMail MediaBar 4 Toolbar
Intel(R) Matrix Storage Manager
Intel(R) PRO Network Connections
iTunes
J2SE Runtime Environment 5.0 Update 6
Java(TM) 6 Update 14
Java(TM) 6 Update 2
Java(TM) 6 Update 3
Java(TM) 6 Update 7
Java(TM) SE Runtime Environment 6 Update 1
Junk Mail filter update
Key Stage 2 English Skills
KS2 Maths Skills
LanguageNow
Learn2 Player (Uninstall Only)
LG PhoneManager
LG SyncManager
LG USB Modem driver
LimeWire 4.12.6
LiveReg (Symantec Corporation)
LiveUpdate 2.6 (Symantec Corporation)
Logitech QuickCam
LogMeIn Hamachi
Malwarebytes' Anti-Malware
Map Button (Windows Live Toolbar)
McAfee Total Protection
McAfee Uninstaller
MCU
Microsoft .NET Framework 1.0 Hotfix (KB887998)
Microsoft .NET Framework 1.0 Hotfix (KB930494)
Microsoft .NET Framework 1.0 Hotfix (KB953295)
Microsoft .NET Framework 1.0 Hotfix (KB979904)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Age of Empires Gold
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Default Manager
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Live Add-in 1.3
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office XP Professional with FrontPage
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft Software Update for Web Folders (English) 12
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Works
Microsoft WSE 3.0 Runtime
Microsoft Zoo Tycoon
MINI ZIB
Modem Helper
Mozilla Firefox (3.6.23)
MSN
MSVCRT
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6 Service Pack 2 (KB973686)
MSXML4 Parser
Mumble 1.2.3
muvee autoProducer 4.1
My DSC
MyFreeWeather 2.00
Myopoly5
Myopoly5 (C:\Program Files\Myopoly5\)
Net Nanny Home Suite 5.5
NetWaiting
Norton 360
Norton Ghost 10.0
NVIDIA Display Control Panel
NVIDIA Drivers
NVIDIA nView Desktop Manager
OneCare Advisor (Windows Live Toolbar)
OpenDNS Updater 2.2.1
OpenOffice.org Installer 1.0
Orange Preload
Otto
PC-Checkup
PC Confidential 2008
Philips Photo Manager 1.0
PHOTOfunSTUDIO -viewer-
Popup Blocker (Windows Live Toolbar)
Praetorians
QuickTime
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
RealUpgrade 1.1
Registry Mechanic 9.0
Roxio DLA
Roxio MyDVD LE
Roxio RecordNow Audio
Roxio RecordNow Copy
Roxio RecordNow Data
Scooby-Doo(TM), Case File #1 The Glowing Bug Man
Scooby-Doo(TM), Phantom of the Knight(TM)
Scooby-Doo(TM), Showdown in Ghost Town(TM)
Search-Results Toolbar
SearchAssist
SecondLife (remove only)
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2553089)
Security Update for 2007 Microsoft Office System (KB2553090)
Security Update for 2007 Microsoft Office System (KB2584063)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 7 (KB974455)
Security Update for Windows Internet Explorer 7 (KB976325)
Security Update for Windows Internet Explorer 7 (KB978207)
Security Update for Windows Internet Explorer 7 (KB982381)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899588)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB908531)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB918899)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920214)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921503)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923694)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925486)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928090)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929123)
Security Update for Windows XP (KB929969)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB931768)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Security Update for Windows XP (KB933566)
Security Update for Windows XP (KB933729)
Security Update for Windows XP (KB935839)
Security Update for Windows XP (KB935840)
Security Update for Windows XP (KB936021)
Security Update for Windows XP (KB937143)
Security Update for Windows XP (KB937894)
Security Update for Windows XP (KB938127)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB938829)
Security Update for Windows XP (KB939653)
Security Update for Windows XP (KB941202)
Security Update for Windows XP (KB941568)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB941644)
Security Update for Windows XP (KB941693)
Security Update for Windows XP (KB942615)
Security Update for Windows XP (KB943055)
Security Update for Windows XP (KB943460)
Security Update for Windows XP (KB943485)
Security Update for Windows XP (KB944338)
Security Update for Windows XP (KB944533)
Security Update for Windows XP (KB944653)
Security Update for Windows XP (KB945553)
Security Update for Windows XP (KB946026)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB947864)
Security Update for Windows XP (KB948590)
Security Update for Windows XP (KB948881)
Security Update for Windows XP (KB950749)
Security Update for Windows XP (KB950759)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953838)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958470)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971032)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB981349)
Segoe UI
SightSpeed (remove only)
Skype Click to Call
Skype™ 5.5
Smart Menus (Windows Live Toolbar)
Sonic Activation Module
Sonic Encoders
Sonic Update Manager
SpeedItUp Extreme V3.70U
SpeedItUp Ultimate V6.00
Spyware Begone V9.15
SUPERAntiSpyware Free Edition
Tabbed Browsing (Windows Live Toolbar)
The Official DSA Theory Test for Car Drivers
The Sims 2
The Sims™ 3
Tiscali Internet
Transformers(TM) - The Game
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 System (KB2539530)
Update for Windows Internet Explorer 7 (KB976749)
Update for Windows Internet Explorer 7 (KB980182)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Media Player 10 (KB910393)
Update for Windows Media Player 10 (KB913800)
Update for Windows Media Player 10 (KB926251)
Update for Windows XP (KB894391)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB904942)
Update for Windows XP (KB910437)
Update for Windows XP (KB911280)
Update for Windows XP (KB912945)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB925720)
Update for Windows XP (KB927891)
Update for Windows XP (KB929338)
Update for Windows XP (KB930916)
Update for Windows XP (KB931836)
Update for Windows XP (KB932823-v3)
Update for Windows XP (KB933360)
Update for Windows XP (KB936357)
Update for Windows XP (KB938828)
Update for Windows XP (KB942763)
Update for Windows XP (KB942840)
Update for Windows XP (KB946627)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB961503)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update Rollup 2 for Windows XP Media Center Edition 2005
URL Assistant
VideoSpirit Pro 1.75
Viewpoint Manager (Remove Only)
Viewpoint Media Player
Wacky Races
WebFldrs XP
Windows Driver Package - Dynastream Innovations (libusb0) LibUsbDevices (07/07/2009 1.12.2)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows iLivid Toolbar
Windows Imaging Component
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live Favorites for Windows Live Toolbar
Windows Live ID Sign-in Assistant
Windows Live Mail
Windows Live Messenger
Windows Live Outlook Toolbar (Windows Live Toolbar)
Windows Live Photo Gallery
Windows Live Sync
Windows Live Toolbar
Windows Live Toolbar Extension (Windows Live Toolbar)
Windows Live Toolbar Feed Detector (Windows Live Toolbar)
Windows Live Upload Tool
Windows Live Writer
Windows Media Format Runtime
Windows Media Player 10 Hotfix [See EmeraldQFE2 for more information]
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885295
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB885884
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB889673
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB890927
Windows XP Hotfix - KB891781
Windows XP Media Center Edition 2005 KB2502898
Windows XP Media Center Edition 2005 KB2619340
Windows XP Media Center Edition 2005 KB2628259
Windows XP Media Center Edition 2005 KB908246
Windows XP Media Center Edition 2005 KB912067
Windows XP Media Center Edition 2005 KB973768
Winferno Registry Power Cleaner
WinRAR 4.01 (32-bit)
Xvid 1.2.1 final uninstall
Yahoo! Toolbar
Zylom Games Player Plugin
.
==== End Of File ===========================
NDWales is offline  
Old 06-11-2012, 05:52 AM   #17
Security Team
Analyst
 
Join Date: Nov 2011
Posts: 754
OS: Win7 SP 1



Start your computer in safe mode!

Download ComboFix from one of these locations:

Link 1
Link 2


* IMPORTANT- Save ComboFix.exe to your Desktop

====================================================


Disable your AntiVirus and AntiSpyware applications as they will interfere with our tools and the removal. If you are unsure how to do this, please refer to our sticky topic How to disable your security applications


====================================================


Double click on ComboFix.exe & follow the prompts.

  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.





Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:





Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply for further review.
TB-PsYcHoTiC is offline  
Old 06-14-2012, 02:34 AM   #18
Security Team
Analyst
 
Join Date: Nov 2011
Posts: 754
OS: Win7 SP 1



Are you still with me?
TB-PsYcHoTiC is offline  
Old 06-14-2012, 03:50 AM   #19
Registered Member
 
Join Date: May 2012
Posts: 28
OS: XP



Hi sorry I have been away with work this week. I will be home this evening and will run the utility tonight.
NDWales is offline  
Old 06-15-2012, 02:55 AM   #20
Registered Member
 
Join Date: May 2012
Posts: 28
OS: XP



Hi, I have run ComboFix in safemode as it was not running correctly with full login. It was unable to download the recovery console as the PC has not been able to get Internet access since the issues began. I have pasted the ComboFix log below, please note this was a second run as the PC had problems with the automatic reboot the first time.

Thanks again for your continued help

ComboFix 12-06-14.05 - Nick 15/06/2012 10:30:22.3.2 - x86 MINIMAL
Running from: c:\documents and settings\Nick\Desktop\ComboFix.exe
.
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\TEMP
C:\Recycle
.
.
((((((((((((((((((((((((( Files Created from 2012-05-15 to 2012-06-15 )))))))))))))))))))))))))))))))
.
.
2012-06-03 18:59 . 2012-06-03 18:59 -------- d-----w- C:\mal
2012-05-30 08:19 . 2012-05-30 08:22 60872 ----a-w- c:\windows\system32\S32EVNT1.DLL
2012-05-30 08:19 . 2012-05-30 08:22 141944 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2012-05-30 08:18 . 2012-05-30 08:18 -------- d-----w- c:\windows\system32\drivers\N360
2012-05-30 08:18 . 2012-05-30 08:18 -------- d-----w- c:\program files\Norton 360
2012-05-30 08:18 . 2012-05-30 08:18 -------- d-----w- c:\program files\Windows Sidebar
2012-05-30 08:14 . 2012-05-30 08:14 -------- d-----w- c:\program files\NortonInstaller
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-03 19:00 . 2008-10-27 20:09 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2012-04-04 14:56 . 2008-10-27 20:09 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-04-14 13:01 . 2010-11-08 17:14 24376 ----a-w- c:\program files\mozilla firefox\components\Scriptff.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
Cryptography Services Error !!
.
((((((((((((((((((((((((((((( [email protected]_08.59.04 )))))))))))))))))))))))))))))))))))))))))
.
+ 2006-12-21 20:03 . 2012-06-15 08:59 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2006-12-21 20:03 . 2012-06-01 13:38 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2006-12-21 20:03 . 2012-06-15 08:59 32768 c:\windows\system32\config\systemprofile\Cookies\index.dat
- 2006-12-21 20:03 . 2012-06-01 13:38 32768 c:\windows\system32\config\systemprofile\Cookies\index.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{90eee664-34b1-422a-a782-779af65cdf6d}]
2011-05-09 09:49 176936 ----a-w- c:\program files\IncrediMail_MediaBar_4\prxtbInc2.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2011-08-25 15:24 1515496 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{90eee664-34b1-422a-a782-779af65cdf6d}"= "c:\program files\IncrediMail_MediaBar_4\prxtbInc2.dll" [2011-05-09 176936]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-08-25 1515496]
.
[HKEY_CLASSES_ROOT\clsid\{90eee664-34b1-422a-a782-779af65cdf6d}]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{90EEE664-34B1-422A-A782-779AF65CDF6D}"= "c:\program files\IncrediMail_MediaBar_4\prxtbInc2.dll" [2011-05-09 176936]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-08-25 1515496]
.
[HKEY_CLASSES_ROOT\clsid\{90eee664-34b1-422a-a782-779af65cdf6d}]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-10-13 19550344]
"kdx"="c:\program files\Kontiki\KHost.exe" [2007-04-23 1032640]
"ANT Agent"="c:\program files\Garmin\ANT Agent\ANT Agent.exe" [2010-02-03 11136360]
"OpenDNS Updater"="c:\program files\OpenDNS Updater\OpenDNSUpdater.exe" [2010-06-16 839680]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SigmatelSysTrayApp"="stsystra.exe" [2006-07-24 282624]
"LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam\Quickcam.exe" [2007-07-25 2027792]
"LogitechCommunicationsManager"="c:\program files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-07-25 563984]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-07-27 81920]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 221184]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2006-07-06 151552]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-06-25 30192]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-09-29 67584]
"DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2005-09-08 122940]
"Corel Photo Downloader"="c:\program files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe" [2006-08-14 462336]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2004-12-13 58992]
"AVFX Engine"="c:\program files\Creative\Creative Live! Cam\VideoFX\StartFX.exe" [2006-08-16 24576]
"Auto Run Software for Photo Frame"="c:\program files\Philips\Auto Run Software for Photo Frame\PhotoManager.exe" [2006-08-04 2110464]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
"4oD"="c:\program files\Kontiki\KHost.exe" [2007-04-23 1032640]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2010-07-07 1753192]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-07-09 110696]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-07-09 13923432]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2011-11-22 1318816]
"PC-Checkup"="c:\pc-checkup\PCCheckUp.exe" [2011-07-06 5359104]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2010-03-12 49208]
"Bing Bar"="c:\program files\MSN Toolbar\Platform\5.0.1449.0\mswinext.exe" [2010-04-27 243544]
"Microsoft Default Manager"="c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-11-11 288088]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-11-29 421888]
"TkBellExe"="c:\program files\real\realplayer\update\realsched.exe" [2011-07-26 273544]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-11-13 421736]
"LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2011-08-15 1955208]
"ApnUpdater"="c:\program files\Ask.com\Updater\Updater.exe" [2011-08-25 886760]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-01-03 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-10 15360]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-01-31 00:38 356352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^AOL 9.0 Tray Icon.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\AOL 9.0 Tray Icon.lnk
backup=c:\windows\pss\AOL 9.0 Tray Icon.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^AOL Companion.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\AOL Companion.lnk
backup=c:\windows\pss\AOL Companion.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^LG SyncManager.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\LG SyncManager.lnk
backup=c:\windows\pss\LG SyncManager.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cwcptray]
2008-10-25 02:35 399152 -c--a-w- c:\program files\ContentWatch\Internet Protection\cwtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Norton Ghost 10.0]
2005-12-07 16:05 1537696 -c--a-w- c:\program files\Norton Ghost\Agent\GhostTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC-Checkup]
2011-07-06 22:49 5359104 ----a-w- c:\pc-checkup\PCCheckUp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray]
2011-07-26 11:46 490112 ----a-w- c:\program files\real\realplayer\realplay.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegistryMechanic]
2009-12-29 08:31 3225560 ----a-w- c:\program files\Registry Mechanic\RegMech.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpeedItUpEX]
2006-05-16 07:57 1767936 ----a-w- c:\program files\SpeedItUpExtreme\SpeedItUpEx.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
2009-05-30 17:41 1830128 ----a-w- c:\program files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\V0230Mon.exe]
2006-09-06 17:01 32768 ----a-r- c:\windows\V0230Mon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"CwAltaService20"=2 (0x2)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Kontiki\\KService.exe"=
"c:\\Program Files\\Microsoft Games\\Age of Mythology\\aom.exe"=
"c:\\Program Files\\Microsoft Games\\Age of Mythology\\aomx.exe"=
"c:\\Program Files\\Electronic Arts\\EADM\\Core.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\IncrediMail\\Bin\\IncMail.exe"=
"c:\\Program Files\\IncrediMail\\Bin\\ImApp.exe"=
"c:\\Program Files\\IncrediMail\\Bin\\ImpCnt.exe"=
"c:\\Program Files\\Common Files\\McAfee\\McSvcHost\\McSvHost.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\Windows iLivid Toolbar\\Datamngr\\ToolBar\\dtUser.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Dell Network Assistant\\ezi_hnm2.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"10421:UDP"= 10421:UDP:SingleClick Discovery Protocol
"10426:UDP"= 10426:UDP:SingleClick ICC
.
R1 BHDrvx86;BHDrvx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\BASHDefs\20111201.001\BHDrvx86.sys [2011-11-29 820344]
R1 ccSet_N360;Norton 360 Settings Manager;c:\windows\system32\drivers\N360\0600000.091\ccSetx86.sys [2011-11-04 132744]
R1 mfetdi2k;McAfee Inc. mfetdi2k;c:\windows\system32\drivers\mfetdi2k.sys [2011-10-15 89792]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2009-05-30 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.sys [2008-09-03 55024]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360\0600000.091\Ironx86.SYS [2011-11-17 149624]
R2 0115431328141478mcinstcleanup;McAfee Application Installer Cleanup (0115431328141478);c:\windows\TEMP\011543~1.EXE [x]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-01-06 135664]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [2011-08-15 1361288]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\McAfee\SiteAdvisor\McSACore.exe [2009-02-11 210216]
R2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe [2011-01-27 214904]
R2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 214904]
R2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2011-10-18 160608]
R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2011-10-18 150856]
R2 N360;Norton 360;c:\program files\Norton 360\Engine\6.0.0.145\ccSvcHst.exe [2011-11-30 138248]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\Common Files\PC Tools\sMonitor\StartManSvc.exe [2009-11-25 583640]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [2007-01-04 24652]
R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2011-10-15 57600]
R3 Gonzales;Gonzales;c:\windows\system32\DRIVERS\Gonzales.sys [2005-12-13 7040]
R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2010-06-25 30192]
R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-01-06 135664]
R3 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\IPSDefs\20111130.012\IDSxpx86.sys [2011-11-24 356280]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2012-06-03 40776]
R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2011-10-15 338176]
R3 mfendisk;McAfee Core NDIS Intermediate Filter;c:\windows\system32\DRIVERS\mfendisk.sys [2011-10-15 83856]
R3 mfendiskmp;mfendiskmp;c:\windows\system32\DRIVERS\mfendisk.sys [2011-10-15 83856]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2011-10-15 87656]
R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2008-09-03 7408]
R3 V0230Vfx;V0230Vfx;c:\windows\system32\DRIVERS\V0230Vfx.sys [2006-03-23 6272]
R3 V0230VID;Live! Cam Video IM Pro;c:\windows\system32\DRIVERS\V0230VID.sys [2006-09-28 500480]
R4 CwAltaService20;ContentWatch;c:\program files\ContentWatch\Internet Protection\cwsvc.exe [2008-10-25 1218352]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360\0600000.091\SYMDS.SYS [2011-08-16 340088]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360\0600000.091\SYMEFA.SYS [2011-11-24 905336]
S3 Bonifay;Bonifay;c:\windows\system32\DRIVERS\Bonifay.sys [2005-11-28 12160]
.
.
Contents of the 'Scheduled Tasks' folder
.
2011-11-20 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 17:57]
.
2011-12-26 c:\windows\Tasks\At1.job
- c:\program files\HP\HP Deskjet 3050 J610 series\Bin\HPCustPartic.exe [2010-06-14 16:07]
.
2012-01-27 c:\windows\Tasks\At2.job
- c:\program files\HP\HP Deskjet 3050 J610 series\Bin\HPCustPartic.exe [2010-06-14 16:07]
.
2012-01-21 c:\windows\Tasks\At3.job
- c:\program files\HP\HP Deskjet 3050 J610 series\Bin\HPCustPartic.exe [2010-06-14 16:07]
.
2012-01-08 c:\windows\Tasks\At4.job
- c:\program files\HP\HP Deskjet 3050 J610 series\Bin\HPCustPartic.exe [2010-06-14 16:07]
.
2011-12-26 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-01-27 09:40]
.
2012-02-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-06 17:39]
.
2012-02-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-06 17:39]
.
2012-01-21 c:\windows\Tasks\hpwebreg_CN0952C31C05HX.job
- c:\program files\HP\HP Deskjet 3050 J610 series\Bin\hpwebreg.exe [2010-06-14 16:10]
.
2011-09-05 c:\windows\Tasks\One-Click Tweak.job
- c:\program files\Advanced PC Tweaker\OneClick.exe [2010-05-24 17:40]
.
2009-03-12 c:\windows\Tasks\PCConfidential.job
- c:\program files\Winferno\PC Confidential\PCConfidential.exe [2009-03-12 14:10]
.
2012-02-04 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-3733576535-1022918574-790488910-1005.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 09:47]
.
2012-02-15 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-3733576535-1022918574-790488910-1006.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 09:47]
.
2012-02-04 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-3733576535-1022918574-790488910-1007.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 09:47]
.
2012-02-02 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-3733576535-1022918574-790488910-1005.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 09:47]
.
2012-02-15 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-3733576535-1022918574-790488910-1006.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 09:47]
.
2012-01-03 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-3733576535-1022918574-790488910-1007.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 09:47]
.
2012-02-04 c:\windows\Tasks\RegPowerClean.job
- c:\program files\Winferno\RegistryPowerCleaner\RegPowerClean.exe [2009-03-12 14:48]
.
2012-02-02 c:\windows\Tasks\RPCReminder.job
- c:\program files\Winferno\RegistryPowerCleaner\RPCReminder.exe [2009-03-12 14:34]
.
2012-02-02 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\program files\Ask.com\UpdateTask.exe [2011-08-25 15:24]
.
.
------- Supplementary Scan -------
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uStart Page = hxxp://www.google.co.uk/
uInternet Settings,ProxyOverride = *.local
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.3.0/GarminAxControl.CAB
FF - ProfilePath - c:\documents and settings\Nick\Application Data\Mozilla\Firefox\Profiles\w4trgjny.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.searchqu.com/406
FF - prefs.js: keyword.URL - hxxp://dts.search-results.com/sr?src=ffb&appid=101&systemid=406&sr=0&q=
FF - Ext: Skype Click to Call: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - c:\program files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Java Quick Starter: [email protected] - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: McAfee SiteAdvisor: {B7082FAA-CB62-4872-9106-E42DD88EDE45} - c:\program files\McAfee\SiteAdvisor
FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, https://www.gmer.net
Rootkit scan 2012-06-15 10:39
Windows 5.1.2600 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\N360]
"ImagePath"="\"c:\program files\Norton 360\Engine\6.0.0.145\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton 360\Engine\6.0.0.145\diMaster.dll\" /prefetch:1"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(272)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\WININET.dll
.
- - - - - - - > 'explorer.exe'(636)
c:\windows\system32\WININET.dll
.
Completion time: 2012-06-15 10:40:14
ComboFix-quarantined-files.txt 2012-06-15 09:40
ComboFix2.txt 2012-06-15 09:07
.
Pre-Run: 237,623,726,080 bytes free
Post-Run: 237,593,985,024 bytes free
.
- - End Of File - - DE2B79FFE4BA655A2C2AE88C21F9D78C
NDWales is offline  
Closed Thread

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Similar Threads
Thread Thread Starter Forum Replies Last Post
Virus blocking internet access.
After removing XP Antispyware 2012,I can no longer connect to the internet.It just says "acquiring network address". When I do ipconfig it says "RPC server is unavailable".There's nothing wrong with the internet connection itself.Just something on my computer preventing it from connecting. ....
honeybe Resolved HJT Threads 28 01-10-2012 02:26 AM
HELP PLEASE!!!!!!!
Hi, For 2 weeks now, I have a problem with my laptop. Finally I just found you via https://www.techsupportforum.com/forums/f100/malware-removal-help-438072.html] and now I began hoping (please forgive my English!!). Could you please please help me too?? I have this laptop and more or...
Vladia Virus/Trojan/Spyware Help 1 01-08-2012 08:16 AM
"System Fix" virus hijacked computer
Hello, I’ve got a computer infected with the “System Fix” Virus. I believe the OS is Windows XP Professional. Searching the Tech Support Forum lead me to this thread: https://www.techsupportforum.com/forums/f50/im-in-trouble-614906.html Since that thread is getting quite long, I figured...
SilentJim Resolved HJT Threads 48 12-02-2011 08:10 AM
ALL files hidden. XP REPAIR "16375588.exe"
Hit a nasty link last nite and noticed Java icon pop up in the task bar. Hit Ctrl-Alt-Del to bring up task manager and it said disabled by administrator which is me and I did not do. Soon all files were hidden and only option on screen was "XP Repair" pop up. I only seem to get control in safe...
mrfurrypants Resolved HJT Threads 13 07-07-2011 06:16 PM
Please help I think I may have spyware/malware/virus & possible keylogger?
Hi there My other half was using my laptop yesterday (just regular web surfing) nothing untoward and she called out to me and said you have 30 viruses on your computer do you want me to remove them. Me thinks say what so I come out and have a look and notice - what seem's to be a dodgy...
scottietwenty3 Resolved HJT Threads 50 06-22-2011 11:42 PM

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is on
Smilies are on
[IMG] code is on
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Post a Question


» Site Navigation
 > FAQ
  > 10.0.0.2
Powered by vBadvanced CMPS v3.2.3


All times are GMT -7. The time now is 03:10 AM.


Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2020, vBulletin Solutions, Inc.
vBulletin Security provided by vBSecurity v2.2.2 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
User Alert System provided by Advanced User Tagging v3.1.0 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
Copyright 2001 - 2018, Tech Support Forum

Windows 10 - Windows 7 - Windows XP - Windows Vista - Trojan Removal - Spyware Removal - Virus Removal - Networking - Security - Top Web Hosts