Jump to content

JohanF

Honorary Members
 View Profile  See their activity

  • Posts

    63

  • Joined

  • Last visited

 Content Type 

Everything posted by JohanF

  1. JohanF
    I've deleted those 4 files - no joy yet Note that ComboFix is running somehow (it keeps the RAM quite busy). When I click the close button on the AutoScan window, it closes, but there's no progress indicator.
  2. JohanF
    Sorry, I got your last message only now (I'm at home now) and will only be able to run file assassin tomorrow morning. What should I do with Crawler Parental Control?
  3. JohanF
    IE8 is gone, but there is no option to remove IE7 Uninstalled AutrunEater - CF still don't run There are no toolbars installed in FireFox - I suspect it must be part of Crawler Parental Control - which prompts me for a password if I try to uninstall it. Can I just delete it's program folder or is it going to cause problems?
  4. JohanF
    . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 7.0.5730.11 Run by T.H. Ngcobo at 14:17:57 on 2012-07-24 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.495.109 [GMT 2:00] . AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} . ============== Running Processes =============== . C:\WINDOWS\system32\svchost.exe -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe svchost.exe C:\WINDOWS\system32\brsvc01a.exe C:\WINDOWS\system32\brss01a.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\Parental Control\ParentalControl.Exe C:\Program Files\Autorun Eater\oldmcdonald.exe C:\Program Files\AVG\AVG2012\avgtray.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Autorun Eater\billy.exe svchost.exe C:\Program Files\AVG\AVG2012\avgwdsvc.exe C:\Program Files\802.11 Wireless LAN\802.11g Wireless Cardbus & PCI Adapter HW.51 V1.00\WlanCU.exe C:\WINDOWS\system32\ChgService.exe C:\WINDOWS\System32\svchost.exe -k imgsvc C:\WINDOWS\system32\wuauclt.exe C:\Program Files\AVG\AVG2012\avgrsx.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\AVG\AVG2012\avgcsrvx.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com/ mStart Page = about:blank uInternet Settings,ProxyServer = localhost:3128 mWinlogon: Userinit=c:\windows\system32\userinit.exe,System, BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll BHO: AVG Do Not Track: {31332eef-cb9f-458f-afeb-d30e9a66b6ba} - c:\program files\avg\avg2012\avgdtiex.dll BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.5.0_06\bin\ssv.dll TB: &Crawler Toolbar: {4b3803ea-5230-4dc3-a7fc-33638f3d3542} - c:\progra~1\crawler\toolbar\ctbr.dll uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [Google Update] "c:\documents and settings\t.h. ngcobo\local settings\application data\google\update\GoogleUpdate.exe" /c mRun: [igfxTray] c:\windows\system32\igfxtray.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe" mRun: [sunJavaUpdateSched] c:\program files\java\jre1.5.0_06\bin\jusched.exe mRun: [ParentalControl] c:\program files\parental control\ParentalControl.Exe /SERVICE mRun: [userFaultCheck] %systemroot%\system32\dumprep 0 -u mRun: [Autorun Eater] c:\program files\autorun eater\oldmcdonald.exe mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe" dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\wirele~1.lnk - c:\program files\802.11 wireless lan\802.11g wireless cardbus & pci adapter hw.51 v1.00\WlanCU.exe uPolicies-explorer: NoMultiIE = 0 (0x0) uPolicies-explorer: LWA = 0 (0x0) uPolicies-explorer: LWB = 0 (0x0) uPolicies-explorer: LWC = 0 (0x0) uPolicies-explorer: LWD = 0 (0x0) uPolicies-explorer: LWE = 0 (0x0) uPolicies-explorer: LWF = 0 (0x0) uPolicies-explorer: LWG = 0 (0x0) uPolicies-explorer: LWH = 0 (0x0) uPolicies-explorer: LWI = 0 (0x0) uPolicies-explorer: LWJ = 0 (0x0) uPolicies-explorer: LWK = 0 (0x0) uPolicies-explorer: LWL = 0 (0x0) uPolicies-explorer: LWM = 0 (0x0) uPolicies-explorer: LWN = 0 (0x0) uPolicies-explorer: LWO = 0 (0x0) uPolicies-explorer: LWP = 0 (0x0) uPolicies-explorer: LWQ = 0 (0x0) uPolicies-explorer: LWR = 0 (0x0) uPolicies-explorer: LWS = 0 (0x0) uPolicies-explorer: LWT = 0 (0x0) uPolicies-explorer: LWU = 0 (0x0) uPolicies-explorer: LWV = 0 (0x0) uPolicies-explorer: LWW = 0 (0x0) uPolicies-explorer: LWX = 0 (0x0) uPolicies-explorer: LWY = 0 (0x0) uPolicies-explorer: LWZ = 0 (0x0) uPolicies-system: DisableClock = 0 (0x0) IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC} - c:\program files\java\jre1.5.0_06\bin\ssv.dll IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - c:\program files\avg\avg2012\avgdtiex.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1342541062625 DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab TCP: Interfaces\{F040A7DC-1F30-4821-B9D4-DCDECB54CFB5} : NameServer = 196.43.1.11,196.25.1.11 Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll Notify: igfxcui - igfxsrvc.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll . ================= FIREFOX =================== . FF - ProfilePath - c:\documents and settings\t.h. ngcobo\application data\mozilla\firefox\profiles\qjmj1hwr.default\ FF - prefs.js: network.proxy.type - 0 FF - plugin: c:\documents and settings\t.h. ngcobo\local settings\application data\google\update\1.3.21.115\npGoogleUpdate3.dll . ============= SERVICES / DRIVERS =============== . R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-4-19 24896] R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011-9-13 31952] R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2011-10-7 235216] R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-8-8 41040] R2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2012-2-14 193288] R2 Change Modem Device Service;Change Modem Device Service;c:\windows\system32\ChgService.exe [2011-10-17 135168] S3 cmnsusbser;Mobile Connector USB Device for Legacy Serial Communication LCT2053s;c:\windows\system32\drivers\cmnsusbser.sys [2011-10-17 103424] S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-7-21 113120] . =============== Created Last 30 ================ . 2012-07-24 06:41:20 -------- d-s---w- C:\ComboFix 2012-07-20 06:42:04 -------- d-sha-r- C:\cmdcons 2012-07-20 06:35:08 98816 ----a-w- c:\windows\sed.exe 2012-07-20 06:35:08 518144 ----a-w- c:\windows\SWREG.exe 2012-07-20 06:35:08 256000 ----a-w- c:\windows\PEV.exe 2012-07-20 06:35:08 208896 ----a-w- c:\windows\MBR.exe 2012-07-19 12:21:10 -------- d-----w- c:\program files\ESET 2012-07-19 06:28:36 -------- d-----w- C:\53982c37fb4e5f4cb42dd1e3 2012-07-19 06:08:04 -------- d-sh--w- c:\documents and settings\t.h. ngcobo\IECompatCache 2012-07-19 06:06:24 -------- d-sh--w- c:\documents and settings\t.h. ngcobo\PrivacIE 2012-07-19 06:01:49 -------- d-sh--w- c:\documents and settings\t.h. ngcobo\IETldCache 2012-07-18 06:57:00 521728 -c----w- c:\windows\system32\dllcache\jsdbgui.dll 2012-07-18 06:52:53 6144 -c----w- c:\windows\system32\dllcache\iecompat.dll 2012-07-18 06:51:44 -------- d-----w- c:\windows\ie8updates 2012-07-18 06:50:58 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll 2012-07-18 06:50:53 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll 2012-07-18 06:50:50 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll 2012-07-17 16:34:51 139656 -c----w- c:\windows\system32\dllcache\rdpwd.sys 2012-07-17 16:31:48 3072 -c----w- c:\windows\system32\dllcache\iacenc.dll 2012-07-17 16:31:48 3072 ------w- c:\windows\system32\iacenc.dll 2012-07-17 16:28:12 456320 -c----w- c:\windows\system32\dllcache\mrxsmb.sys 2012-07-17 16:28:07 10496 -c----w- c:\windows\system32\dllcache\ndistapi.sys 2012-07-17 16:27:28 105472 -c----w- c:\windows\system32\dllcache\mup.sys 2012-07-17 16:24:29 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys 2012-07-17 16:24:13 45568 -c----w- c:\windows\system32\dllcache\wab.exe 2012-07-17 16:24:08 590848 -c----w- c:\windows\system32\dllcache\rpcrt4.dll 2012-07-17 16:23:50 978944 -c----w- c:\windows\system32\dllcache\mfc42.dll 2012-07-17 16:23:50 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll 2012-07-17 16:23:13 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll 2012-07-17 16:22:28 3558912 -c----w- c:\windows\system32\dllcache\moviemk.exe 2012-07-17 16:21:59 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe 2012-07-17 16:19:41 81920 -c----w- c:\windows\system32\dllcache\fontsub.dll 2012-07-17 16:19:41 119808 -c----w- c:\windows\system32\dllcache\t2embed.dll 2012-07-17 16:17:36 153088 -c----w- c:\windows\system32\dllcache\triedit.dll 2012-07-17 16:13:49 331776 -c----w- c:\windows\system32\dllcache\msadce.dll 2012-07-17 16:12:52 272128 -c----w- c:\windows\system32\dllcache\bthport.sys 2012-07-17 16:12:46 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys 2012-07-17 16:06:01 15384 ----a-w- c:\windows\system32\wuapi.dll.mui 2012-07-17 15:45:18 79872 -c----w- c:\windows\system32\dllcache\msxml6r.dll 2012-07-17 15:45:18 1372672 -c----w- c:\windows\system32\dllcache\msxml6.dll 2012-07-17 15:44:42 9728 ------w- c:\windows\system32\rwnh.dll 2012-07-17 15:44:41 10752 ------w- c:\windows\system32\smtpapi.dll 2012-07-17 15:42:51 11053008 ------w- c:\program files\msn\msncorefiles\install\msn9components\msncli.exe 2012-07-17 15:42:46 -------- d-----w- c:\windows\l2schemas 2012-07-17 15:42:45 229376 ------w- c:\program files\msn\msncorefiles\oobe\obelog.dll 2012-07-17 15:42:44 966656 ------w- c:\program files\msn\msncorefiles\oobe\obemetal.dll 2012-07-17 15:42:44 86016 ------w- c:\program files\msn\msncorefiles\oobe\obepopc.dll 2012-07-17 15:42:44 77824 ------w- c:\program files\msn\msncorefiles\oobe\obemtllc.dll 2012-07-17 15:42:44 -------- d-----w- c:\windows\system32\en 2012-07-17 15:28:49 19569 ----a-w- c:\windows\007493_.tmp 2012-07-17 14:38:59 19968 ----a-w- c:\windows\system32\SET2E8.tmp 2012-07-17 14:37:59 18944 ----a-w- c:\windows\system32\SET1A4.tmp 2012-07-17 14:35:52 19569 ----a-w- c:\windows\006137_.tmp 2012-07-09 08:32:25 -------- d-----w- c:\documents and settings\t.h. ngcobo\local settings\application data\Google 2012-07-09 08:31:17 -------- d-----w- c:\documents and settings\t.h. ngcobo\local settings\application data\Deployment 2012-07-06 06:54:20 -------- d-----w- C:\TDSSKiller_Quarantine 2012-07-04 14:08:59 -------- d-----w- c:\documents and settings\t.h. ngcobo\application data\Malwarebytes 2012-07-04 14:08:40 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes 2012-07-02 09:27:04 6400 -c--a-w- c:\windows\system32\dllcache\enum1394.sys 2012-07-02 09:27:04 6400 ----a-w- c:\windows\system32\drivers\enum1394.sys 2012-07-02 09:27:02 61696 ----a-w- c:\windows\system32\drivers\ohci1394.sys 2012-07-02 09:27:02 53376 ----a-w- c:\windows\system32\drivers\1394bus.sys . ==================== Find3M ==================== . 2012-06-13 13:19:59 1866112 ----a-w- c:\windows\system32\win32k.sys 2012-06-05 15:50:25 1372672 ----a-w- c:\windows\system32\msxml6.dll 2012-06-05 15:50:25 1172480 ----a-w- c:\windows\system32\msxml3.dll 2012-06-04 04:32:08 152576 ----a-w- c:\windows\system32\schannel.dll 2012-06-02 13:19:44 22040 ----a-w- c:\windows\system32\wucltui.dll.mui 2012-06-02 13:19:38 219160 ----a-w- c:\windows\system32\wuaucpl.cpl 2012-06-02 13:19:38 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui 2012-06-02 13:19:30 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui 2012-05-31 13:22:09 599040 ----a-w- c:\windows\system32\crypt32.dll 2012-05-04 13:16:13 2148352 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-05-04 12:32:19 2026496 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-05-02 13:46:36 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys . ============= FINISH: 14:19:37.15 ===============
  5. JohanF
    Hi I'm back! I have no software installed under the name "Squid", but it seems we got rid of it by using FireFox! Now there's one more thing which is bothering me - the folder options for hiding extensions of known file types and hiding protected operating system files keep coming back on after I have switched it off. OK, there's something else not right - something is blocking ComboFix from running and preventing me from booting in Safe Mode.
  6. JohanF
    Thanks daledoc1. Yes, this is my sister in-law's computer which I worked on over the weekend. I told her of this great site after she complained about her computer being terribly slow. I battled to find the place to post the DDS log. Sorry for posting on the wrong place!
  7. JohanF
    Hi, I'm suspecting a malware infection on a laptop which is very slow -especally internet connections. Here is the DDS log - I will appreciate if someone could please have a look at it and tell me if there is anything to worry about. . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_29 Run by Heidi at 21:04:11 on 2012-07-21 Microsoft Windows 7 Ultimate 6.1.7600.0.1252.27.1033.18.2013.1278 [GMT 2:00] . AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C} SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691} SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\Explorer.EXE C:\Windows\System32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE C:\Program Files\facemoods.com\facemoods\1.4.17.4\facemoodssrv.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Apps\CAMI EduSuite\CAMIKey\CAMIKey.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Nokia\PC Internet Access\NPCIA.exe C:\Program Files\Duden\Duden Korrektor\DKTray.exe C:\Program Files\OpenOffice.org 2.0\program\soffice.exe C:\Program Files\Duden\Duden Korrektor\DKCore.exe C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN C:\Program Files\Office-Bibliothek\officebib.exe C:\Program Files\Avira\AntiVir Desktop\avshadow.exe C:\Windows\system32\conhost.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\PC Connectivity Solution\ServiceLayer.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\system32\WUDFHost.exe C:\Windows\system32\DeviceDisplayObjectProvider.exe C:\Windows\system32\DXPServer.exe C:\Windows\system32\WUDFHost.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uSearch Page = hxxp://www.google.com uStart Page = hxxp://www.google.co.za/ uSearch Bar = Preserve uSearchAssistant = hxxp://www.google.com/ie mSearchAssistant = hxxp://start.facemoods.com/?a=iron&s={searchTerms}&f=4 BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: CescrtHlpr Object: {64182481-4f71-486b-a045-b233bd0da8fc} - c:\program files\facemoods.com\facemoods\1.4.17.4\bh\facemoods.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~2\office12\GR469A~1.DLL BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll TB: facemoods Toolbar: {db4e9724-f518-4dfd-9c7c-78b52103cab9} - c:\program files\facemoods.com\facemoods\1.4.17.4\facemoodsTlbr.dll uRun: [PC Suite Tray] "c:\program files\nokia\nokia pc suite 7\PCSuite.exe" -onlytray uRun: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe" uRun: [NokiaPCInternetAccess] "c:\program files\nokia\pc internet access\NPCIA.exe" /b uRun: [Duden Korrektor SysTray] c:\program files\duden\duden korrektor\DKtray.exe mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe" mRun: [NeroFilterCheck] c:\program files\common files\ahead\lib\NeroCheck.exe mRun: [sSBkgdUpdate] "c:\program files\common files\scansoft shared\ssbkgdupdate\SSBkgdupdate.exe" -Embedding -boot mRun: [OpwareSE4] "c:\program files\scansoft\omnipagese4\OpwareSE4.exe" mRun: [CanonSolutionMenu] c:\program files\canon\solutionmenu\CNSLMAIN.exe /logon mRun: [CanonMyPrinter] c:\program files\canon\myprinter\BJMyPrt.exe /logon mRun: [facemoods] "c:\program files\facemoods.com\facemoods\1.4.17.4\facemoodssrv.exe" /md I mRun: [igfxTray] c:\windows\system32\igfxtray.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [Persistence] c:\windows\system32\igfxpers.exe mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [CAMIKey] c:\apps\camied~1\camikey\CAMIKey.exe mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" StartupFolder: c:\users\heidi\appdata\roaming\micros~1\windows\startm~1\programs\startup\openof~1.lnk - c:\program files\openoffice.org 2.0\program\quickstart.exe mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableLUA = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: PromptOnSecureDesktop = 0 (0x0) IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab TCP: Interfaces\{16494108-AC2D-40B0-96A4-23BDEB15C628} : NameServer = 196.207.36.251 196.207.36.254 TCP: Interfaces\{3422C899-C647-4E8B-9DE9-778017057E18}\35368657C656 : DhcpNameServer = 192.168.0.254 10.98.1.1 Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\progra~1\micros~2\office12\GRA32A~1.DLL Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL Notify: igfxcui - igfxdev.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~2\office12\GR469A~1.DLL . ================= FIREFOX =================== . FF - ProfilePath - c:\users\heidi\appdata\roaming\mozilla\firefox\profiles\3659ap5p.default\ FF - prefs.js: browser.search.selectedEngine - Facemoods Search FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.za/ FF - component: c:\users\heidi\appdata\roaming\mozilla\firefox\profiles\3659ap5p.default\extensions\ffxtlbr@facemoods.com\components\FFHst.dll FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll FF - plugin: c:\program files\picasa2\npPicasa3.dll FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} FF - Ext: Facemoods: ffxtlbr@Facemoods.com - %profile%\extensions\ffxtlbr@Facemoods.com . ============= SERVICES / DRIVERS =============== . R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [2012-2-12 36000] R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-14 48128] R2 AntiVirSchedulerService;Avira Scheduler;c:\program files\avira\antivir desktop\sched.exe [2012-2-12 86224] R2 AntiVirService;Avira Realtime Protection;c:\program files\avira\antivir desktop\avguard.exe [2012-2-12 110032] R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2012-2-12 83392] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\drivers\vwifimp.sys [2009-7-14 14336] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888] S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2010-2-26 137344] S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2010-2-26 8320] . =============== Created Last 30 ================ . . ==================== Find3M ==================== . 2012-05-12 17:32:33 83392 ----a-w- c:\windows\system32\drivers\avgntflt.sys . ============= FINISH: 21:05:13.14 =============== Thanks, Johan
  8. JohanF
    Thanks man! Have a good rest yourself! I've got some urgent farm work to do tomorrow, so I don't think I'll get to this tomorrow. You can shout some stuf I can look at when I do get back, but possibly only Sunday. Cheers
  9. JohanF
    OK FireFox is working fine (I've switched the proxy setting off) and IE8 is gone. What now? I think it's about time for you to knock off and for me to hit the sac (already 1:30 AM here!)
  10. JohanF
    OK, lest see how long my patience lasts... I've got a copy of Firefox 13.01 setup file on my machine - will that work for now or should we rather go for the latest version?
  11. JohanF
    Let me just tell you - this machine has no critical documents or other data on it. I have done it before and I don't mind doing it with this machine - format and re-load windows and other software. It's really actually bacame more of a challenge now to me to see if I/ we will be able to rescue it without formatting. So if all else fails and you feel we are wasting our time - there is an easy way out!
  12. JohanF
    No, I'v tried it a couple of times - same thing happens. It really looks and sounds as if it is resetting - the screen displays that "No Signal" warning and then it just restarts.
  13. JohanF
    I get to the Advanced options menu where I can select safe mode, then I'm prompted to select between Microsoft Windows Recovery Console, do not select this [debugger enabled] and Microsoft Windows XP Professional. Selecting the last of the 3 options starts loading the system32 drivers and then it seems as if there is like a reset (screen goes blank), the revious menu for choice of operating system briefly comes up an then its replaces by the "Windows did not start successfully. A recent hardware or software change might have caused this.... with the option of safe mode etc again.
  14. JohanF
    No strange behavior, but proxy server is switched on again
  15. JohanF
    What do you mean with the proxy in both? - (I don't have Firefox installed, only IE) . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 8.0.6001.18702 Run by J. fourie at 0:21:47 on 2012-07-21 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.495.194 [GMT 2:00] . AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} . ============== Running Processes =============== . C:\WINDOWS\system32\svchost.exe -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe svchost.exe C:\WINDOWS\system32\brss01a.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\Parental Control\ParentalControl.Exe svchost.exe C:\Program Files\Autorun Eater\oldmcdonald.exe C:\Program Files\AVG\AVG2012\avgwdsvc.exe C:\Program Files\AVG\AVG2012\avgtray.exe C:\WINDOWS\system32\ChgService.exe C:\WINDOWS\System32\svchost.exe -k imgsvc C:\WINDOWS\system32\ctfmon.exe C:\Program Files\802.11 Wireless LAN\802.11g Wireless Cardbus & PCI Adapter HW.51 V1.00\WlanCU.exe C:\Program Files\Autorun Eater\billy.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\NOTEPAD.EXE . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com/ uInternet Settings,ProxyServer = localhost:3128 mWinlogon: Userinit=c:\windows\system32\userinit.exe,System, BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll BHO: AVG Do Not Track: {31332eef-cb9f-458f-afeb-d30e9a66b6ba} - c:\program files\avg\avg2012\avgdtiex.dll BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.5.0_06\bin\ssv.dll TB: &Crawler Toolbar: {4b3803ea-5230-4dc3-a7fc-33638f3d3542} - c:\progra~1\crawler\toolbar\ctbr.dll uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [Google Update] "c:\documents and settings\t.h. ngcobo\local settings\application data\google\update\GoogleUpdate.exe" /c mRun: [igfxTray] c:\windows\system32\igfxtray.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe" mRun: [sunJavaUpdateSched] c:\program files\java\jre1.5.0_06\bin\jusched.exe mRun: [ParentalControl] c:\program files\parental control\ParentalControl.Exe /SERVICE mRun: [userFaultCheck] %systemroot%\system32\dumprep 0 -u mRun: [Autorun Eater] c:\program files\autorun eater\oldmcdonald.exe mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe" dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\wirele~1.lnk - c:\program files\802.11 wireless lan\802.11g wireless cardbus & pci adapter hw.51 v1.00\WlanCU.exe uPolicies-explorer: NoMultiIE = 0 (0x0) uPolicies-explorer: LWA = 0 (0x0) uPolicies-explorer: LWB = 0 (0x0) uPolicies-explorer: LWC = 0 (0x0) uPolicies-explorer: LWD = 0 (0x0) uPolicies-explorer: LWE = 0 (0x0) uPolicies-explorer: LWF = 0 (0x0) uPolicies-explorer: LWG = 0 (0x0) uPolicies-explorer: LWH = 0 (0x0) uPolicies-explorer: LWI = 0 (0x0) uPolicies-explorer: LWJ = 0 (0x0) uPolicies-explorer: LWK = 0 (0x0) uPolicies-explorer: LWL = 0 (0x0) uPolicies-explorer: LWM = 0 (0x0) uPolicies-explorer: LWN = 0 (0x0) uPolicies-explorer: LWO = 0 (0x0) uPolicies-explorer: LWP = 0 (0x0) uPolicies-explorer: LWQ = 0 (0x0) uPolicies-explorer: LWR = 0 (0x0) uPolicies-explorer: LWS = 0 (0x0) uPolicies-explorer: LWT = 0 (0x0) uPolicies-explorer: LWU = 0 (0x0) uPolicies-explorer: LWV = 0 (0x0) uPolicies-explorer: LWW = 0 (0x0) uPolicies-explorer: LWX = 0 (0x0) uPolicies-explorer: LWY = 0 (0x0) uPolicies-explorer: LWZ = 0 (0x0) uPolicies-system: DisableClock = 0 (0x0) IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC} - c:\program files\java\jre1.5.0_06\bin\ssv.dll IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - c:\program files\avg\avg2012\avgdtiex.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1342541062625 DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab TCP: DhcpNameServer = 10.0.0.2 TCP: Interfaces\{F040A7DC-1F30-4821-B9D4-DCDECB54CFB5} : NameServer = 196.43.1.11,196.25.1.11 TCP: Interfaces\{F040A7DC-1F30-4821-B9D4-DCDECB54CFB5} : DhcpNameServer = 10.0.0.2 Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll Notify: igfxcui - igfxsrvc.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll . ============= SERVICES / DRIVERS =============== . R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-4-19 24896] R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011-9-13 31952] R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2011-10-7 235216] R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-8-8 41040] R2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2012-2-14 193288] R2 Change Modem Device Service;Change Modem Device Service;c:\windows\system32\ChgService.exe [2011-10-17 135168] S3 cmnsusbser;Mobile Connector USB Device for Legacy Serial Communication LCT2053s;c:\windows\system32\drivers\cmnsusbser.sys [2011-10-17 103424] . =============== Created Last 30 ================ . 2012-07-20 21:29:27 -------- d-s---w- C:\ComboFix 2012-07-20 06:42:04 -------- d-sha-r- C:\cmdcons 2012-07-20 06:35:08 98816 ----a-w- c:\windows\sed.exe 2012-07-20 06:35:08 518144 ----a-w- c:\windows\SWREG.exe 2012-07-20 06:35:08 256000 ----a-w- c:\windows\PEV.exe 2012-07-20 06:35:08 208896 ----a-w- c:\windows\MBR.exe 2012-07-19 12:21:10 -------- d-----w- c:\program files\ESET 2012-07-19 06:28:36 -------- d-----w- C:\53982c37fb4e5f4cb42dd1e3 2012-07-19 06:08:04 -------- d-sh--w- c:\documents and settings\t.h. ngcobo\IECompatCache 2012-07-19 06:06:24 -------- d-sh--w- c:\documents and settings\t.h. ngcobo\PrivacIE 2012-07-19 06:01:49 -------- d-sh--w- c:\documents and settings\t.h. ngcobo\IETldCache 2012-07-18 06:57:00 521728 -c----w- c:\windows\system32\dllcache\jsdbgui.dll 2012-07-18 06:52:53 6144 -c----w- c:\windows\system32\dllcache\iecompat.dll 2012-07-18 06:51:44 -------- d-----w- c:\windows\ie8updates 2012-07-18 06:50:58 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll 2012-07-18 06:50:53 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll 2012-07-18 06:50:50 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll 2012-07-18 06:46:17 -------- dc-h--w- c:\windows\ie8 2012-07-17 16:34:51 139656 -c----w- c:\windows\system32\dllcache\rdpwd.sys 2012-07-17 16:31:48 3072 -c----w- c:\windows\system32\dllcache\iacenc.dll 2012-07-17 16:31:48 3072 ------w- c:\windows\system32\iacenc.dll 2012-07-17 16:28:12 456320 -c----w- c:\windows\system32\dllcache\mrxsmb.sys 2012-07-17 16:28:07 10496 -c----w- c:\windows\system32\dllcache\ndistapi.sys 2012-07-17 16:27:28 105472 -c----w- c:\windows\system32\dllcache\mup.sys 2012-07-17 16:24:29 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys 2012-07-17 16:24:13 45568 -c----w- c:\windows\system32\dllcache\wab.exe 2012-07-17 16:24:08 590848 -c----w- c:\windows\system32\dllcache\rpcrt4.dll 2012-07-17 16:23:50 978944 -c----w- c:\windows\system32\dllcache\mfc42.dll 2012-07-17 16:23:50 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll 2012-07-17 16:23:13 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll 2012-07-17 16:22:28 3558912 -c----w- c:\windows\system32\dllcache\moviemk.exe 2012-07-17 16:21:59 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe 2012-07-17 16:19:41 81920 -c----w- c:\windows\system32\dllcache\fontsub.dll 2012-07-17 16:19:41 119808 -c----w- c:\windows\system32\dllcache\t2embed.dll 2012-07-17 16:17:36 153088 -c----w- c:\windows\system32\dllcache\triedit.dll 2012-07-17 16:13:49 331776 -c----w- c:\windows\system32\dllcache\msadce.dll 2012-07-17 16:12:52 272128 -c----w- c:\windows\system32\dllcache\bthport.sys 2012-07-17 16:12:46 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys 2012-07-17 16:06:01 15384 ----a-w- c:\windows\system32\wuapi.dll.mui 2012-07-17 15:45:18 79872 -c----w- c:\windows\system32\dllcache\msxml6r.dll 2012-07-17 15:45:18 1372672 -c----w- c:\windows\system32\dllcache\msxml6.dll 2012-07-17 15:44:42 9728 ------w- c:\windows\system32\rwnh.dll 2012-07-17 15:44:41 10752 ------w- c:\windows\system32\smtpapi.dll 2012-07-17 15:42:51 11053008 ------w- c:\program files\msn\msncorefiles\install\msn9components\msncli.exe 2012-07-17 15:42:46 -------- d-----w- c:\windows\l2schemas 2012-07-17 15:42:45 229376 ------w- c:\program files\msn\msncorefiles\oobe\obelog.dll 2012-07-17 15:42:44 966656 ------w- c:\program files\msn\msncorefiles\oobe\obemetal.dll 2012-07-17 15:42:44 86016 ------w- c:\program files\msn\msncorefiles\oobe\obepopc.dll 2012-07-17 15:42:44 77824 ------w- c:\program files\msn\msncorefiles\oobe\obemtllc.dll 2012-07-17 15:42:44 -------- d-----w- c:\windows\system32\en 2012-07-17 15:28:49 19569 ----a-w- c:\windows\007493_.tmp 2012-07-17 14:38:59 19968 ----a-w- c:\windows\system32\SET2E8.tmp 2012-07-17 14:37:59 18944 ----a-w- c:\windows\system32\SET1A4.tmp 2012-07-17 14:35:52 19569 ----a-w- c:\windows\006137_.tmp 2012-07-09 08:32:25 -------- d-----w- c:\documents and settings\t.h. ngcobo\local settings\application data\Google 2012-07-09 08:31:17 -------- d-----w- c:\documents and settings\t.h. ngcobo\local settings\application data\Deployment 2012-07-06 06:54:20 -------- d-----w- C:\TDSSKiller_Quarantine 2012-07-04 14:08:59 -------- d-----w- c:\documents and settings\t.h. ngcobo\application data\Malwarebytes 2012-07-04 14:08:40 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes 2012-07-02 09:27:04 6400 -c--a-w- c:\windows\system32\dllcache\enum1394.sys 2012-07-02 09:27:04 6400 ----a-w- c:\windows\system32\drivers\enum1394.sys 2012-07-02 09:27:02 61696 ----a-w- c:\windows\system32\drivers\ohci1394.sys 2012-07-02 09:27:02 53376 ----a-w- c:\windows\system32\drivers\1394bus.sys . ==================== Find3M ==================== . 2012-06-13 13:19:59 1866112 ----a-w- c:\windows\system32\win32k.sys 2012-06-05 15:50:25 1372672 ----a-w- c:\windows\system32\msxml6.dll 2012-06-05 15:50:25 1172480 ----a-w- c:\windows\system32\msxml3.dll 2012-06-04 04:32:08 152576 ----a-w- c:\windows\system32\schannel.dll 2012-06-02 13:19:44 22040 ----a-w- c:\windows\system32\wucltui.dll.mui 2012-06-02 13:19:38 219160 ----a-w- c:\windows\system32\wuaucpl.cpl 2012-06-02 13:19:38 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui 2012-06-02 13:19:30 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui 2012-05-31 13:22:09 599040 ----a-w- c:\windows\system32\crypt32.dll 2012-05-16 15:08:26 916992 ----a-w- c:\windows\system32\wininet.dll 2012-05-11 14:42:33 43520 ------w- c:\windows\system32\licmgr10.dll 2012-05-11 14:42:33 1469440 ------w- c:\windows\system32\inetcpl.cpl 2012-05-11 11:38:02 385024 ------w- c:\windows\system32\html.iec 2012-05-04 13:16:13 2148352 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-05-04 12:32:19 2026496 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-05-02 13:46:36 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-04-23 14:46:47 78336 ------w- c:\windows\system32\ieencode.dll . ============= FINISH: 0:22:00.95 ===============
  16. JohanF
    Done!
  17. JohanF
    Everything seems to be running fine. Just the proxy server which keeps coming back. . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 8.0.6001.18702 Run by J. fourie at 23:59:39 on 2012-07-20 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.495.234 [GMT 2:00] . AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} . ============== Running Processes =============== . C:\WINDOWS\system32\svchost.exe -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe svchost.exe C:\WINDOWS\system32\brsvc01a.exe C:\WINDOWS\system32\brss01a.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\Parental Control\ParentalControl.Exe svchost.exe C:\Program Files\Autorun Eater\oldmcdonald.exe C:\Program Files\AVG\AVG2012\avgwdsvc.exe C:\Program Files\AVG\AVG2012\avgtray.exe C:\WINDOWS\system32\ChgService.exe C:\WINDOWS\System32\svchost.exe -k imgsvc C:\WINDOWS\system32\ctfmon.exe C:\Program Files\802.11 Wireless LAN\802.11g Wireless Cardbus & PCI Adapter HW.51 V1.00\WlanCU.exe C:\Program Files\Autorun Eater\billy.exe C:\WINDOWS\system32\wscntfy.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com/ uInternet Settings,ProxyServer = localhost:3128 mWinlogon: Userinit=c:\windows\system32\userinit.exe,System, BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll BHO: AVG Do Not Track: {31332eef-cb9f-458f-afeb-d30e9a66b6ba} - c:\program files\avg\avg2012\avgdtiex.dll BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.5.0_06\bin\ssv.dll TB: &Crawler Toolbar: {4b3803ea-5230-4dc3-a7fc-33638f3d3542} - c:\progra~1\crawler\toolbar\ctbr.dll uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [Google Update] "c:\documents and settings\t.h. ngcobo\local settings\application data\google\update\GoogleUpdate.exe" /c mRun: [igfxTray] c:\windows\system32\igfxtray.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe" mRun: [sunJavaUpdateSched] c:\program files\java\jre1.5.0_06\bin\jusched.exe mRun: [ParentalControl] c:\program files\parental control\ParentalControl.Exe /SERVICE mRun: [userFaultCheck] %systemroot%\system32\dumprep 0 -u mRun: [Autorun Eater] c:\program files\autorun eater\oldmcdonald.exe mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe" dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\wirele~1.lnk - c:\program files\802.11 wireless lan\802.11g wireless cardbus & pci adapter hw.51 v1.00\WlanCU.exe uPolicies-explorer: NoMultiIE = 0 (0x0) uPolicies-explorer: LWA = 0 (0x0) uPolicies-explorer: LWB = 0 (0x0) uPolicies-explorer: LWC = 0 (0x0) uPolicies-explorer: LWD = 0 (0x0) uPolicies-explorer: LWE = 0 (0x0) uPolicies-explorer: LWF = 0 (0x0) uPolicies-explorer: LWG = 0 (0x0) uPolicies-explorer: LWH = 0 (0x0) uPolicies-explorer: LWI = 0 (0x0) uPolicies-explorer: LWJ = 0 (0x0) uPolicies-explorer: LWK = 0 (0x0) uPolicies-explorer: LWL = 0 (0x0) uPolicies-explorer: LWM = 0 (0x0) uPolicies-explorer: LWN = 0 (0x0) uPolicies-explorer: LWO = 0 (0x0) uPolicies-explorer: LWP = 0 (0x0) uPolicies-explorer: LWQ = 0 (0x0) uPolicies-explorer: LWR = 0 (0x0) uPolicies-explorer: LWS = 0 (0x0) uPolicies-explorer: LWT = 0 (0x0) uPolicies-explorer: LWU = 0 (0x0) uPolicies-explorer: LWV = 0 (0x0) uPolicies-explorer: LWW = 0 (0x0) uPolicies-explorer: LWX = 0 (0x0) uPolicies-explorer: LWY = 0 (0x0) uPolicies-explorer: LWZ = 0 (0x0) uPolicies-system: DisableClock = 0 (0x0) IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC} - c:\program files\java\jre1.5.0_06\bin\ssv.dll IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - c:\program files\avg\avg2012\avgdtiex.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1342541062625 DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab TCP: DhcpNameServer = 10.0.0.2 TCP: Interfaces\{F040A7DC-1F30-4821-B9D4-DCDECB54CFB5} : NameServer = 196.43.1.11,196.25.1.11 TCP: Interfaces\{F040A7DC-1F30-4821-B9D4-DCDECB54CFB5} : DhcpNameServer = 10.0.0.2 Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll Notify: igfxcui - igfxsrvc.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll . ============= SERVICES / DRIVERS =============== . R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-4-19 24896] R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011-9-13 31952] R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2011-10-7 235216] R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-8-8 41040] R2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2012-2-14 193288] R2 Change Modem Device Service;Change Modem Device Service;c:\windows\system32\ChgService.exe [2011-10-17 135168] S3 cmnsusbser;Mobile Connector USB Device for Legacy Serial Communication LCT2053s;c:\windows\system32\drivers\cmnsusbser.sys [2011-10-17 103424] . =============== Created Last 30 ================ . 2012-07-20 21:29:27 -------- d-s---w- C:\ComboFix 2012-07-20 06:42:04 -------- d-sha-r- C:\cmdcons 2012-07-20 06:35:08 98816 ----a-w- c:\windows\sed.exe 2012-07-20 06:35:08 518144 ----a-w- c:\windows\SWREG.exe 2012-07-20 06:35:08 256000 ----a-w- c:\windows\PEV.exe 2012-07-20 06:35:08 208896 ----a-w- c:\windows\MBR.exe 2012-07-19 12:21:10 -------- d-----w- c:\program files\ESET 2012-07-19 06:28:36 -------- d-----w- C:\53982c37fb4e5f4cb42dd1e3 2012-07-19 06:08:04 -------- d-sh--w- c:\documents and settings\t.h. ngcobo\IECompatCache 2012-07-19 06:06:24 -------- d-sh--w- c:\documents and settings\t.h. ngcobo\PrivacIE 2012-07-19 06:01:49 -------- d-sh--w- c:\documents and settings\t.h. ngcobo\IETldCache 2012-07-18 06:57:00 521728 -c----w- c:\windows\system32\dllcache\jsdbgui.dll 2012-07-18 06:52:53 6144 -c----w- c:\windows\system32\dllcache\iecompat.dll 2012-07-18 06:51:44 -------- d-----w- c:\windows\ie8updates 2012-07-18 06:50:58 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll 2012-07-18 06:50:53 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll 2012-07-18 06:50:50 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll 2012-07-18 06:46:17 -------- dc-h--w- c:\windows\ie8 2012-07-17 16:34:51 139656 -c----w- c:\windows\system32\dllcache\rdpwd.sys 2012-07-17 16:31:48 3072 -c----w- c:\windows\system32\dllcache\iacenc.dll 2012-07-17 16:31:48 3072 ------w- c:\windows\system32\iacenc.dll 2012-07-17 16:28:12 456320 -c----w- c:\windows\system32\dllcache\mrxsmb.sys 2012-07-17 16:28:07 10496 -c----w- c:\windows\system32\dllcache\ndistapi.sys 2012-07-17 16:27:28 105472 -c----w- c:\windows\system32\dllcache\mup.sys 2012-07-17 16:24:29 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys 2012-07-17 16:24:13 45568 -c----w- c:\windows\system32\dllcache\wab.exe 2012-07-17 16:24:08 590848 -c----w- c:\windows\system32\dllcache\rpcrt4.dll 2012-07-17 16:23:50 978944 -c----w- c:\windows\system32\dllcache\mfc42.dll 2012-07-17 16:23:50 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll 2012-07-17 16:23:13 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll 2012-07-17 16:22:28 3558912 -c----w- c:\windows\system32\dllcache\moviemk.exe 2012-07-17 16:21:59 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe 2012-07-17 16:19:41 81920 -c----w- c:\windows\system32\dllcache\fontsub.dll 2012-07-17 16:19:41 119808 -c----w- c:\windows\system32\dllcache\t2embed.dll 2012-07-17 16:17:36 153088 -c----w- c:\windows\system32\dllcache\triedit.dll 2012-07-17 16:13:49 331776 -c----w- c:\windows\system32\dllcache\msadce.dll 2012-07-17 16:12:52 272128 -c----w- c:\windows\system32\dllcache\bthport.sys 2012-07-17 16:12:46 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys 2012-07-17 16:06:01 15384 ----a-w- c:\windows\system32\wuapi.dll.mui 2012-07-17 15:45:18 79872 -c----w- c:\windows\system32\dllcache\msxml6r.dll 2012-07-17 15:45:18 1372672 -c----w- c:\windows\system32\dllcache\msxml6.dll 2012-07-17 15:44:42 9728 ------w- c:\windows\system32\rwnh.dll 2012-07-17 15:44:41 10752 ------w- c:\windows\system32\smtpapi.dll 2012-07-17 15:42:51 11053008 ------w- c:\program files\msn\msncorefiles\install\msn9components\msncli.exe 2012-07-17 15:42:46 -------- d-----w- c:\windows\l2schemas 2012-07-17 15:42:45 229376 ------w- c:\program files\msn\msncorefiles\oobe\obelog.dll 2012-07-17 15:42:44 966656 ------w- c:\program files\msn\msncorefiles\oobe\obemetal.dll 2012-07-17 15:42:44 86016 ------w- c:\program files\msn\msncorefiles\oobe\obepopc.dll 2012-07-17 15:42:44 77824 ------w- c:\program files\msn\msncorefiles\oobe\obemtllc.dll 2012-07-17 15:42:44 -------- d-----w- c:\windows\system32\en 2012-07-17 15:28:49 19569 ----a-w- c:\windows\007493_.tmp 2012-07-17 14:38:59 19968 ----a-w- c:\windows\system32\SET2E8.tmp 2012-07-17 14:37:59 18944 ----a-w- c:\windows\system32\SET1A4.tmp 2012-07-17 14:35:52 19569 ----a-w- c:\windows\006137_.tmp 2012-07-09 08:32:25 -------- d-----w- c:\documents and settings\t.h. ngcobo\local settings\application data\Google 2012-07-09 08:31:17 -------- d-----w- c:\documents and settings\t.h. ngcobo\local settings\application data\Deployment 2012-07-06 06:54:20 -------- d-----w- C:\TDSSKiller_Quarantine 2012-07-04 14:08:59 -------- d-----w- c:\documents and settings\t.h. ngcobo\application data\Malwarebytes 2012-07-04 14:08:40 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes 2012-07-02 09:27:04 6400 -c--a-w- c:\windows\system32\dllcache\enum1394.sys 2012-07-02 09:27:04 6400 ----a-w- c:\windows\system32\drivers\enum1394.sys 2012-07-02 09:27:02 61696 ----a-w- c:\windows\system32\drivers\ohci1394.sys 2012-07-02 09:27:02 53376 ----a-w- c:\windows\system32\drivers\1394bus.sys . ==================== Find3M ==================== . 2012-06-13 13:19:59 1866112 ----a-w- c:\windows\system32\win32k.sys 2012-06-05 15:50:25 1372672 ----a-w- c:\windows\system32\msxml6.dll 2012-06-05 15:50:25 1172480 ----a-w- c:\windows\system32\msxml3.dll 2012-06-04 04:32:08 152576 ----a-w- c:\windows\system32\schannel.dll 2012-06-02 13:19:44 22040 ----a-w- c:\windows\system32\wucltui.dll.mui 2012-06-02 13:19:38 219160 ----a-w- c:\windows\system32\wuaucpl.cpl 2012-06-02 13:19:38 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui 2012-06-02 13:19:30 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui 2012-05-31 13:22:09 599040 ----a-w- c:\windows\system32\crypt32.dll 2012-05-16 15:08:26 916992 ----a-w- c:\windows\system32\wininet.dll 2012-05-11 14:42:33 43520 ------w- c:\windows\system32\licmgr10.dll 2012-05-11 14:42:33 1469440 ------w- c:\windows\system32\inetcpl.cpl 2012-05-11 11:38:02 385024 ------w- c:\windows\system32\html.iec 2012-05-04 13:16:13 2148352 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-05-04 12:32:19 2026496 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-05-02 13:46:36 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-04-23 14:46:47 78336 ------w- c:\windows\system32\ieencode.dll . ============= FINISH: 0:00:45.14 ===============
  18. JohanF
    23:48:15.0046 0416 TDSS rootkit removing tool 2.7.46.0 Jul 16 2012 22:10:11 23:48:16.0296 0416 ============================================================ 23:48:16.0296 0416 Current date / time: 2012/07/20 23:48:16.0296 23:48:16.0296 0416 SystemInfo: 23:48:16.0296 0416 23:48:16.0296 0416 OS Version: 5.1.2600 ServicePack: 3.0 23:48:16.0296 0416 Product type: Workstation 23:48:16.0296 0416 ComputerName: VRYHEID-LM 23:48:16.0296 0416 UserName: T.H. Ngcobo 23:48:16.0296 0416 Windows directory: C:\WINDOWS 23:48:16.0296 0416 System windows directory: C:\WINDOWS 23:48:16.0296 0416 Processor architecture: Intel x86 23:48:16.0296 0416 Number of processors: 2 23:48:16.0296 0416 Page size: 0x1000 23:48:16.0296 0416 Boot type: Normal boot 23:48:16.0296 0416 ============================================================ 23:48:18.0531 0416 Drive \Device\Harddisk0\DR0 - Size: 0x9516AE000 (37.27 Gb), SectorSize: 0x200, Cylinders: 0x1301, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054 23:48:18.0531 0416 Drive \Device\Harddisk1\DR2 - Size: 0xEEE00000 (3.73 Gb), SectorSize: 0x200, Cylinders: 0x1E7, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W' 23:48:18.0531 0416 ============================================================ 23:48:18.0531 0416 \Device\Harddisk0\DR0: 23:48:18.0546 0416 MBR partitions: 23:48:18.0546 0416 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x4A852C1 23:48:18.0546 0416 \Device\Harddisk1\DR2: 23:48:18.0546 0416 MBR partitions: 23:48:18.0546 0416 \Device\Harddisk1\DR2\Partition0: MBR, Type 0xB, StartLBA 0x1F80, BlocksNum 0x775080 23:48:18.0546 0416 ============================================================ 23:48:18.0578 0416 C: <-> \Device\Harddisk0\DR0\Partition0 23:48:18.0593 0416 ============================================================ 23:48:18.0593 0416 Initialize success 23:48:18.0593 0416 ============================================================ 23:49:18.0781 3372 ============================================================ 23:49:18.0781 3372 Scan started 23:49:18.0781 3372 Mode: Manual; SigCheck; TDLFS; 23:49:18.0781 3372 ============================================================ 23:49:19.0078 3372 Abiosdsk - ok 23:49:19.0093 3372 abp480n5 - ok 23:49:19.0140 3372 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys 23:49:20.0656 3372 ACPI - ok 23:49:20.0703 3372 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys 23:49:20.0906 3372 ACPIEC - ok 23:49:20.0906 3372 adpu160m - ok 23:49:20.0968 3372 aeaudio (e696e749bedcda8b23757b8b5ea93780) C:\WINDOWS\system32\drivers\aeaudio.sys 23:49:21.0078 3372 aeaudio - ok 23:49:21.0109 3372 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys 23:49:21.0265 3372 aec - ok 23:49:21.0312 3372 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys 23:49:21.0390 3372 AFD - ok 23:49:21.0390 3372 Aha154x - ok 23:49:21.0406 3372 aic78u2 - ok 23:49:21.0406 3372 aic78xx - ok 23:49:21.0453 3372 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll 23:49:21.0609 3372 Alerter - ok 23:49:21.0640 3372 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe 23:49:21.0718 3372 ALG - ok 23:49:21.0718 3372 AliIde - ok 23:49:21.0734 3372 amsint - ok 23:49:21.0812 3372 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll 23:49:21.0921 3372 AppMgmt - ok 23:49:21.0968 3372 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys 23:49:22.0125 3372 Arp1394 - ok 23:49:22.0125 3372 asc - ok 23:49:22.0140 3372 asc3350p - ok 23:49:22.0156 3372 asc3550 - ok 23:49:22.0312 3372 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe 23:49:22.0359 3372 aspnet_state - ok 23:49:22.0406 3372 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys 23:49:22.0562 3372 AsyncMac - ok 23:49:22.0625 3372 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys 23:49:22.0796 3372 atapi - ok 23:49:22.0796 3372 Atdisk - ok 23:49:22.0843 3372 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys 23:49:23.0000 3372 Atmarpc - ok 23:49:23.0046 3372 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll 23:49:23.0187 3372 AudioSrv - ok 23:49:23.0250 3372 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys 23:49:23.0390 3372 audstub - ok 23:49:23.0437 3372 AVGIDSHX (d63d83659eedf60b3a3e620281a888e5) C:\WINDOWS\system32\DRIVERS\avgidshx.sys 23:49:23.0718 3372 AVGIDSHX - ok 23:49:23.0765 3372 Avgldx86 (dda6a2a18841e4c9172bb85958b8d948) C:\WINDOWS\system32\DRIVERS\avgldx86.sys 23:49:23.0796 3372 Avgldx86 - ok 23:49:23.0812 3372 Avgmfx86 (ccdd61545aaea265977e4b1efdc74e8c) C:\WINDOWS\system32\DRIVERS\avgmfx86.sys 23:49:23.0828 3372 Avgmfx86 - ok 23:49:23.0859 3372 Avgrkx86 (1fd90b28d2c3100bf4500199c8ad6358) C:\WINDOWS\system32\DRIVERS\avgrkx86.sys 23:49:23.0875 3372 Avgrkx86 - ok 23:49:24.0015 3372 avgwd (ea1145debcd508fd25bd1e95c4346929) C:\Program Files\AVG\AVG2012\avgwdsvc.exe 23:49:24.0062 3372 avgwd - ok 23:49:24.0093 3372 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys 23:49:24.0265 3372 Beep - ok 23:49:24.0328 3372 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll 23:49:24.0562 3372 BITS - ok 23:49:24.0625 3372 Brother XP spl Service (cac61bdd786a6928989451871fbcedb8) C:\WINDOWS\system32\brsvc01a.exe 23:49:24.0703 3372 Brother XP spl Service - ok 23:49:24.0750 3372 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll 23:49:24.0937 3372 Browser - ok 23:49:25.0000 3372 BrPar (2fe6d5be0629f706197b30c0aa05de30) C:\WINDOWS\System32\drivers\BrPar.sys 23:49:25.0015 3372 BrPar ( UnsignedFile.Multi.Generic ) - warning 23:49:25.0015 3372 BrPar - detected UnsignedFile.Multi.Generic (1) 23:49:25.0046 3372 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys 23:49:25.0218 3372 cbidf2k - ok 23:49:25.0234 3372 cd20xrnt - ok 23:49:25.0281 3372 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys 23:49:25.0437 3372 Cdaudio - ok 23:49:25.0484 3372 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys 23:49:25.0671 3372 Cdfs - ok 23:49:25.0703 3372 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys 23:49:25.0859 3372 Cdrom - ok 23:49:25.0921 3372 Change Modem Device Service (9b4caefdbe28a24e3218775493784cdf) C:\WINDOWS\system32\ChgService.exe 23:49:25.0937 3372 Change Modem Device Service ( UnsignedFile.Multi.Generic ) - warning 23:49:25.0937 3372 Change Modem Device Service - detected UnsignedFile.Multi.Generic (1) 23:49:25.0953 3372 Changer - ok 23:49:25.0984 3372 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe 23:49:26.0140 3372 CiSvc - ok 23:49:26.0171 3372 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe 23:49:26.0343 3372 ClipSrv - ok 23:49:26.0484 3372 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 23:49:26.0562 3372 clr_optimization_v2.0.50727_32 - ok 23:49:26.0578 3372 CmdIde - ok 23:49:26.0625 3372 cmnsusbser (675d67423980fc1784b93aa47d350a31) C:\WINDOWS\system32\DRIVERS\cmnsusbser.sys 23:49:26.0687 3372 cmnsusbser - ok 23:49:26.0687 3372 COMSysApp - ok 23:49:26.0703 3372 Cpqarray - ok 23:49:26.0750 3372 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll 23:49:26.0921 3372 CryptSvc - ok 23:49:26.0937 3372 dac2w2k - ok 23:49:26.0937 3372 dac960nt - ok 23:49:27.0015 3372 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll 23:49:27.0093 3372 DcomLaunch - ok 23:49:27.0171 3372 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll 23:49:27.0312 3372 Dhcp - ok 23:49:27.0359 3372 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys 23:49:27.0531 3372 Disk - ok 23:49:27.0531 3372 dmadmin - ok 23:49:27.0656 3372 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys 23:49:27.0953 3372 dmboot - ok 23:49:27.0968 3372 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys 23:49:28.0140 3372 dmio - ok 23:49:28.0156 3372 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys 23:49:28.0312 3372 dmload - ok 23:49:28.0343 3372 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll 23:49:28.0500 3372 dmserver - ok 23:49:28.0546 3372 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys 23:49:28.0703 3372 DMusic - ok 23:49:28.0734 3372 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll 23:49:28.0796 3372 Dnscache - ok 23:49:28.0859 3372 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll 23:49:29.0031 3372 Dot3svc - ok 23:49:29.0046 3372 dpti2o - ok 23:49:29.0078 3372 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys 23:49:29.0234 3372 drmkaud - ok 23:49:29.0281 3372 E100B (98b46b331404a951cabad8b4877e1276) C:\WINDOWS\system32\DRIVERS\e100b325.sys 23:49:29.0328 3372 E100B - ok 23:49:29.0375 3372 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll 23:49:29.0546 3372 EapHost - ok 23:49:29.0609 3372 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll 23:49:29.0750 3372 ERSvc - ok 23:49:29.0796 3372 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe 23:49:29.0828 3372 Eventlog - ok 23:49:29.0875 3372 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\System32\es.dll 23:49:29.0937 3372 EventSystem - ok 23:49:29.0984 3372 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys 23:49:30.0140 3372 Fastfat - ok 23:49:30.0187 3372 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll 23:49:30.0296 3372 FastUserSwitchingCompatibility - ok 23:49:30.0328 3372 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys 23:49:30.0484 3372 Fdc - ok 23:49:30.0531 3372 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys 23:49:30.0703 3372 Fips - ok 23:49:30.0734 3372 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys 23:49:30.0890 3372 Flpydisk - ok 23:49:30.0937 3372 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys 23:49:31.0093 3372 FltMgr - ok 23:49:31.0265 3372 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe 23:49:31.0296 3372 FontCache3.0.0.0 - ok 23:49:31.0343 3372 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys 23:49:31.0484 3372 Fs_Rec - ok 23:49:31.0515 3372 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys 23:49:31.0671 3372 Ftdisk - ok 23:49:31.0718 3372 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys 23:49:31.0875 3372 Gpc - ok 23:49:31.0968 3372 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll 23:49:32.0125 3372 helpsvc - ok 23:49:32.0171 3372 HidServ (deb04da35cc871b6d309b77e1443c796) C:\WINDOWS\System32\hidserv.dll 23:49:32.0312 3372 HidServ - ok 23:49:32.0359 3372 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys 23:49:32.0515 3372 hidusb - ok 23:49:32.0593 3372 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll 23:49:32.0734 3372 hkmsvc - ok 23:49:32.0750 3372 hpn - ok 23:49:32.0796 3372 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys 23:49:32.0859 3372 HTTP - ok 23:49:32.0890 3372 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll 23:49:33.0046 3372 HTTPFilter - ok 23:49:33.0062 3372 i2omgmt - ok 23:49:33.0062 3372 i2omp - ok 23:49:33.0125 3372 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys 23:49:33.0250 3372 i8042prt - ok 23:49:33.0296 3372 ialm (1406d6ef4436aee970efe13193123965) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys 23:49:33.0484 3372 ialm - ok 23:49:33.0640 3372 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 23:49:33.0843 3372 idsvc - ok 23:49:33.0890 3372 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys 23:49:34.0062 3372 Imapi - ok 23:49:34.0109 3372 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe 23:49:34.0265 3372 ImapiService - ok 23:49:34.0281 3372 ini910u - ok 23:49:34.0296 3372 IntelIde - ok 23:49:34.0328 3372 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys 23:49:34.0484 3372 intelppm - ok 23:49:34.0515 3372 ip6fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys 23:49:34.0671 3372 ip6fw - ok 23:49:34.0718 3372 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 23:49:34.0875 3372 IpFilterDriver - ok 23:49:34.0921 3372 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys 23:49:35.0078 3372 IpInIp - ok 23:49:35.0109 3372 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys 23:49:35.0265 3372 IpNat - ok 23:49:35.0312 3372 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys 23:49:35.0468 3372 IPSec - ok 23:49:35.0500 3372 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys 23:49:35.0562 3372 IRENUM - ok 23:49:35.0625 3372 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys 23:49:35.0781 3372 isapnp - ok 23:49:35.0812 3372 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys 23:49:35.0953 3372 Kbdclass - ok 23:49:35.0968 3372 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys 23:49:36.0140 3372 kbdhid - ok 23:49:36.0203 3372 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys 23:49:36.0390 3372 kmixer - ok 23:49:36.0437 3372 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys 23:49:36.0531 3372 KSecDD - ok 23:49:36.0593 3372 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll 23:49:36.0656 3372 lanmanserver - ok 23:49:36.0687 3372 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll 23:49:36.0750 3372 lanmanworkstation - ok 23:49:36.0750 3372 lbrtfdc - ok 23:49:36.0812 3372 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll 23:49:36.0984 3372 LmHosts - ok 23:49:37.0031 3372 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll 23:49:37.0187 3372 Messenger - ok 23:49:37.0250 3372 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys 23:49:37.0390 3372 mnmdd - ok 23:49:37.0437 3372 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\System32\mnmsrvc.exe 23:49:37.0593 3372 mnmsrvc - ok 23:49:37.0625 3372 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys 23:49:37.0781 3372 Modem - ok 23:49:37.0796 3372 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys 23:49:37.0953 3372 Mouclass - ok 23:49:37.0968 3372 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys 23:49:38.0109 3372 mouhid - ok 23:49:38.0156 3372 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys 23:49:38.0328 3372 MountMgr - ok 23:49:38.0343 3372 mraid35x - ok 23:49:38.0375 3372 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys 23:49:38.0531 3372 MRxDAV - ok 23:49:38.0609 3372 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 23:49:38.0734 3372 MRxSmb - ok 23:49:38.0781 3372 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\System32\msdtc.exe 23:49:38.0937 3372 MSDTC - ok 23:49:38.0984 3372 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys 23:49:39.0140 3372 Msfs - ok 23:49:39.0156 3372 MSIServer - ok 23:49:39.0187 3372 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys 23:49:39.0328 3372 MSKSSRV - ok 23:49:39.0343 3372 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys 23:49:39.0500 3372 MSPCLOCK - ok 23:49:39.0531 3372 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys 23:49:39.0687 3372 MSPQM - ok 23:49:39.0718 3372 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys 23:49:39.0890 3372 mssmbios - ok 23:49:39.0953 3372 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys 23:49:40.0015 3372 Mup - ok 23:49:40.0078 3372 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll 23:49:40.0250 3372 napagent - ok 23:49:40.0296 3372 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys 23:49:40.0437 3372 NDIS - ok 23:49:40.0484 3372 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys 23:49:40.0531 3372 NdisTapi - ok 23:49:40.0593 3372 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys 23:49:40.0734 3372 Ndisuio - ok 23:49:40.0781 3372 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys 23:49:40.0937 3372 NdisWan - ok 23:49:40.0968 3372 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys 23:49:41.0046 3372 NDProxy - ok 23:49:41.0078 3372 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys 23:49:41.0250 3372 NetBIOS - ok 23:49:41.0281 3372 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys 23:49:41.0453 3372 NetBT - ok 23:49:41.0500 3372 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe 23:49:41.0656 3372 NetDDE - ok 23:49:41.0671 3372 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe 23:49:41.0812 3372 NetDDEdsdm - ok 23:49:41.0859 3372 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\System32\lsass.exe 23:49:42.0000 3372 Netlogon - ok 23:49:42.0062 3372 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll 23:49:42.0234 3372 Netman - ok 23:49:42.0390 3372 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 23:49:42.0421 3372 NetTcpPortSharing - ok 23:49:42.0453 3372 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys 23:49:42.0609 3372 NIC1394 - ok 23:49:42.0656 3372 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll 23:49:42.0718 3372 Nla - ok 23:49:42.0750 3372 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys 23:49:42.0906 3372 Npfs - ok 23:49:42.0968 3372 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys 23:49:43.0171 3372 Ntfs - ok 23:49:43.0218 3372 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\System32\lsass.exe 23:49:43.0375 3372 NtLmSsp - ok 23:49:43.0468 3372 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll 23:49:43.0750 3372 NtmsSvc - ok 23:49:43.0781 3372 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys 23:49:43.0921 3372 Null - ok 23:49:43.0984 3372 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 23:49:44.0140 3372 NwlnkFlt - ok 23:49:44.0171 3372 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 23:49:44.0312 3372 NwlnkFwd - ok 23:49:44.0375 3372 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys 23:49:44.0515 3372 ohci1394 - ok 23:49:44.0671 3372 ose (7a56cf3e3f12e8af599963b16f50fb6a) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 23:49:44.0687 3372 ose - ok 23:49:44.0734 3372 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys 23:49:44.0906 3372 Parport - ok 23:49:44.0937 3372 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys 23:49:45.0093 3372 PartMgr - ok 23:49:45.0140 3372 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys 23:49:45.0296 3372 ParVdm - ok 23:49:45.0343 3372 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys 23:49:45.0484 3372 PCI - ok 23:49:45.0484 3372 PCIDump - ok 23:49:45.0515 3372 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys 23:49:45.0671 3372 PCIIde - ok 23:49:45.0734 3372 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys 23:49:45.0890 3372 Pcmcia - ok 23:49:45.0906 3372 PDCOMP - ok 23:49:45.0906 3372 PDFRAME - ok 23:49:45.0921 3372 PDRELI - ok 23:49:45.0937 3372 PDRFRAME - ok 23:49:45.0937 3372 perc2 - ok 23:49:45.0953 3372 perc2hib - ok 23:49:46.0000 3372 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe 23:49:46.0046 3372 PlugPlay - ok 23:49:46.0062 3372 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe 23:49:46.0218 3372 PolicyAgent - ok 23:49:46.0265 3372 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys 23:49:46.0421 3372 PptpMiniport - ok 23:49:46.0468 3372 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys 23:49:46.0609 3372 Processor - ok 23:49:46.0625 3372 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe 23:49:46.0781 3372 ProtectedStorage - ok 23:49:46.0828 3372 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys 23:49:46.0984 3372 PSched - ok 23:49:47.0000 3372 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys 23:49:47.0156 3372 Ptilink - ok 23:49:47.0171 3372 ql1080 - ok 23:49:47.0171 3372 Ql10wnt - ok 23:49:47.0187 3372 ql12160 - ok 23:49:47.0203 3372 ql1240 - ok 23:49:47.0203 3372 ql1280 - ok 23:49:47.0250 3372 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys 23:49:47.0375 3372 RasAcd - ok 23:49:47.0437 3372 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll 23:49:47.0578 3372 RasAuto - ok 23:49:47.0625 3372 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 23:49:47.0781 3372 Rasl2tp - ok 23:49:47.0859 3372 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll 23:49:47.0984 3372 RasMan - ok 23:49:48.0046 3372 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys 23:49:48.0203 3372 RasPppoe - ok 23:49:48.0250 3372 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys 23:49:48.0390 3372 Raspti - ok 23:49:48.0437 3372 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys 23:49:48.0609 3372 Rdbss - ok 23:49:48.0640 3372 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 23:49:48.0781 3372 RDPCDD - ok 23:49:48.0812 3372 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys 23:49:48.0953 3372 rdpdr - ok 23:49:49.0000 3372 RDPWD (6589db6e5969f8eee594cf71171c5028) C:\WINDOWS\system32\drivers\RDPWD.sys 23:49:49.0093 3372 RDPWD - ok 23:49:49.0156 3372 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe 23:49:49.0312 3372 RDSessMgr - ok 23:49:49.0359 3372 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys 23:49:49.0500 3372 redbook - ok 23:49:49.0531 3372 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll 23:49:49.0687 3372 RemoteAccess - ok 23:49:49.0734 3372 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINDOWS\system32\regsvc.dll 23:49:49.0875 3372 RemoteRegistry - ok 23:49:49.0937 3372 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\System32\locator.exe 23:49:50.0109 3372 RpcLocator - ok 23:49:50.0187 3372 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll 23:49:50.0218 3372 RpcSs - ok 23:49:50.0250 3372 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\System32\rsvp.exe 23:49:50.0421 3372 RSVP - ok 23:49:50.0453 3372 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe 23:49:50.0593 3372 SamSs - ok 23:49:50.0656 3372 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe 23:49:50.0812 3372 SCardSvr - ok 23:49:50.0875 3372 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll 23:49:51.0031 3372 Schedule - ok 23:49:51.0093 3372 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys 23:49:51.0171 3372 Secdrv - ok 23:49:51.0218 3372 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll 23:49:51.0375 3372 seclogon - ok 23:49:51.0406 3372 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll 23:49:51.0546 3372 SENS - ok 23:49:51.0609 3372 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys 23:49:51.0765 3372 serenum - ok 23:49:51.0781 3372 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys 23:49:51.0937 3372 Serial - ok 23:49:52.0000 3372 sf (e8cc4ba7b2e962bd932c7bf678e762e0) C:\WINDOWS\system32\drivers\sf.sys 23:49:52.0031 3372 sf - ok 23:49:52.0062 3372 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys 23:49:52.0203 3372 Sfloppy - ok 23:49:52.0265 3372 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll 23:49:52.0453 3372 SharedAccess - ok 23:49:52.0500 3372 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll 23:49:52.0531 3372 ShellHWDetection - ok 23:49:52.0531 3372 Simbad - ok 23:49:52.0593 3372 SMBios (d72a21424ca66c7a745bd995eca6a710) C:\WINDOWS\system32\DRIVERS\SMBios.sys 23:49:52.0625 3372 SMBios ( UnsignedFile.Multi.Generic ) - warning 23:49:52.0625 3372 SMBios - detected UnsignedFile.Multi.Generic (1) 23:49:52.0718 3372 smwdm (7d9b50329af9fd94b0529282530d2cb7) C:\WINDOWS\system32\drivers\smwdm.sys 23:49:52.0812 3372 smwdm - ok 23:49:52.0812 3372 Sparrow - ok 23:49:52.0875 3372 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys 23:49:53.0015 3372 splitter - ok 23:49:53.0062 3372 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe 23:49:53.0093 3372 Spooler - ok 23:49:53.0140 3372 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys 23:49:53.0218 3372 sr - ok 23:49:53.0265 3372 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll 23:49:53.0343 3372 srservice - ok 23:49:53.0390 3372 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys 23:49:53.0468 3372 Srv - ok 23:49:53.0531 3372 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll 23:49:53.0609 3372 SSDPSRV - ok 23:49:53.0671 3372 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll 23:49:53.0843 3372 stisvc - ok 23:49:53.0890 3372 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys 23:49:54.0046 3372 swenum - ok 23:49:54.0078 3372 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys 23:49:54.0203 3372 swmidi - ok 23:49:54.0218 3372 SwPrv - ok 23:49:54.0234 3372 symc810 - ok 23:49:54.0234 3372 symc8xx - ok 23:49:54.0250 3372 sym_hi - ok 23:49:54.0265 3372 sym_u3 - ok 23:49:54.0296 3372 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys 23:49:54.0437 3372 sysaudio - ok 23:49:54.0515 3372 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe 23:49:54.0671 3372 SysmonLog - ok 23:49:54.0750 3372 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll 23:49:54.0921 3372 TapiSrv - ok 23:49:54.0984 3372 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys 23:49:55.0062 3372 Tcpip - ok 23:49:55.0109 3372 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys 23:49:55.0250 3372 TDPIPE - ok 23:49:55.0281 3372 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys 23:49:55.0437 3372 TDTCP - ok 23:49:55.0453 3372 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys 23:49:55.0609 3372 TermDD - ok 23:49:55.0703 3372 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll 23:49:55.0843 3372 TermService - ok 23:49:55.0906 3372 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll 23:49:55.0921 3372 Themes - ok 23:49:55.0968 3372 TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINDOWS\System32\tlntsvr.exe 23:49:56.0046 3372 TlntSvr - ok 23:49:56.0062 3372 TosIde - ok 23:49:56.0109 3372 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll 23:49:56.0281 3372 TrkWks - ok 23:49:56.0312 3372 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys 23:49:56.0468 3372 Udfs - ok 23:49:56.0468 3372 ultra - ok 23:49:56.0546 3372 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys 23:49:56.0750 3372 Update - ok 23:49:56.0812 3372 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll 23:49:56.0906 3372 upnphost - ok 23:49:56.0937 3372 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe 23:49:57.0093 3372 UPS - ok 23:49:57.0140 3372 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys 23:49:57.0312 3372 usbccgp - ok 23:49:57.0343 3372 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys 23:49:57.0484 3372 usbehci - ok 23:49:57.0515 3372 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys 23:49:57.0671 3372 usbhub - ok 23:49:57.0703 3372 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys 23:49:57.0859 3372 usbprint - ok 23:49:57.0890 3372 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys 23:49:58.0031 3372 usbscan - ok 23:49:58.0078 3372 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 23:49:58.0218 3372 USBSTOR - ok 23:49:58.0281 3372 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys 23:49:58.0421 3372 usbuhci - ok 23:49:58.0468 3372 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys 23:49:58.0609 3372 VgaSave - ok 23:49:58.0625 3372 ViaIde - ok 23:49:58.0671 3372 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys 23:49:58.0812 3372 VolSnap - ok 23:49:58.0921 3372 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe 23:49:59.0109 3372 VSS - ok 23:49:59.0171 3372 W32Time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll 23:49:59.0312 3372 W32Time - ok 23:49:59.0375 3372 W8335XP (7e34bdb4707dcae858091be94ba346fb) C:\WINDOWS\system32\DRIVERS\Mrv8000c.sys 23:49:59.0421 3372 W8335XP ( UnsignedFile.Multi.Generic ) - warning 23:49:59.0421 3372 W8335XP - detected UnsignedFile.Multi.Generic (1) 23:49:59.0468 3372 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys 23:49:59.0625 3372 Wanarp - ok 23:49:59.0625 3372 WDICA - ok 23:49:59.0671 3372 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys 23:49:59.0828 3372 wdmaud - ok 23:49:59.0859 3372 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll 23:50:00.0015 3372 WebClient - ok 23:50:00.0125 3372 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll 23:50:00.0281 3372 winmgmt - ok 23:50:00.0343 3372 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll 23:50:00.0453 3372 WmdmPmSN - ok 23:50:00.0531 3372 Wmi (e76f8807070ed04e7408a86d6d3a6137) C:\WINDOWS\System32\advapi32.dll 23:50:00.0656 3372 Wmi - ok 23:50:00.0750 3372 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\System32\wbem\wmiapsrv.exe 23:50:00.0875 3372 WmiApSrv - ok 23:50:01.0078 3372 WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\WMPNetwk.exe 23:50:01.0187 3372 WMPNetworkSvc - ok 23:50:01.0281 3372 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys 23:50:01.0453 3372 WS2IFSL - ok 23:50:01.0515 3372 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll 23:50:01.0671 3372 wscsvc - ok 23:50:01.0703 3372 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll 23:50:01.0859 3372 wuauserv - ok 23:50:01.0906 3372 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys 23:50:01.0984 3372 WudfPf - ok 23:50:02.0000 3372 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys 23:50:02.0046 3372 WudfRd - ok 23:50:02.0109 3372 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll 23:50:02.0140 3372 WudfSvc - ok 23:50:02.0203 3372 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll 23:50:02.0421 3372 WZCSVC - ok 23:50:02.0468 3372 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll 23:50:02.0640 3372 xmlprov - ok 23:50:02.0734 3372 {6080A529-897E-4629-A488-ABA0C29B635E} (fd1f4e9cf06c71c8d73a24acf18d8296) C:\WINDOWS\system32\drivers\ialmsbw.sys 23:50:02.0781 3372 {6080A529-897E-4629-A488-ABA0C29B635E} - ok 23:50:02.0796 3372 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91} (d4d7331d33d1fa73e588e5ce0d90a4c1) C:\WINDOWS\system32\drivers\ialmkchw.sys 23:50:02.0843 3372 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91} - ok 23:50:02.0875 3372 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0 23:50:03.0421 3372 \Device\Harddisk0\DR0 - ok 23:50:03.0421 3372 MBR (0x1B8) (65e858a8a0293be11a920b0bc99d695e) \Device\Harddisk1\DR2 23:50:04.0453 3372 \Device\Harddisk1\DR2 - ok 23:50:04.0453 3372 Boot (0x1200) (ea094e728d5d43d089d72f69fd47c31c) \Device\Harddisk0\DR0\Partition0 23:50:04.0468 3372 \Device\Harddisk0\DR0\Partition0 - ok 23:50:04.0468 3372 Boot (0x1200) (b5baa7b6e3d3df4c06240b38d450da23) \Device\Harddisk1\DR2\Partition0 23:50:04.0468 3372 \Device\Harddisk1\DR2\Partition0 - ok 23:50:04.0468 3372 ============================================================ 23:50:04.0468 3372 Scan finished 23:50:04.0468 3372 ============================================================ 23:50:04.0609 3364 Detected object count: 4 23:50:04.0609 3364 Actual detected object count: 4 23:50:23.0078 3364 BrPar ( UnsignedFile.Multi.Generic ) - skipped by user 23:50:23.0078 3364 BrPar ( UnsignedFile.Multi.Generic ) - User select action: Skip 23:50:23.0078 3364 Change Modem Device Service ( UnsignedFile.Multi.Generic ) - skipped by user 23:50:23.0078 3364 Change Modem Device Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 23:50:23.0078 3364 SMBios ( UnsignedFile.Multi.Generic ) - skipped by user 23:50:23.0078 3364 SMBios ( UnsignedFile.Multi.Generic ) - User select action: Skip 23:50:23.0078 3364 W8335XP ( UnsignedFile.Multi.Generic ) - skipped by user 23:50:23.0078 3364 W8335XP ( UnsignedFile.Multi.Generic ) - User select action: Skip 23:51:35.0734 1988 Deinitialize success
  19. JohanF
    No progress: Scanning for infected files... This typically doesn't take more than 10 minutes However, scan time for badly infected machines may easily double _ (blinking cursor) I see this machine has Parental Control software installed - could it possibly be stuffing us around?
  20. JohanF
    ESET did not find any problems: ESETSmartInstaller@High as CAB hook log: OnlineScanner.ocx - registred OK # version=7 # iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339) # OnlineScanner.ocx=1.0.0.6583 # api_version=3.0.2 # EOSSerial=d75b3ae8fd9f3242a95032db6e03cf4f # end=finished # remove_checked=false # archives_checked=false # unwanted_checked=true # unsafe_checked=true # antistealth_checked=true # utc_time=2012-07-20 09:12:30 # local_time=2012-07-20 11:12:31 (+0200, South Africa Standard Time) # country="South Africa" # lang=1033 # osver=5.1.2600 NT Service Pack 3 # compatibility_mode=1024 16777175 100 0 12142459 12142459 0 0 # compatibility_mode=8192 67108863 100 0 116399 116399 0 0 # scanned=50908 # found=0 # cleaned=0 # scan_time=1883
  21. JohanF
    No, I disabled the proxy setting and ESET is now scanning (40%) How much time do we have before you switch off?
  22. JohanF
    Guess what - that proxy server is switched back on!
  23. JohanF
    I'm still awake! Fresh copy of CF did not make any differnece. I'm re-booting as I had problems connecting to the ESET scanner...
  24. JohanF
    I have also tried booting into safe mode - after loading the drivers, it just loops back to the options screen (safe mode/ safe mode with networking/ safe mode with command prompt). Scan is now on for 1 hour - I'll leave it over night. (is it suppose to show a progress bar of any sort like rkill and dss?)
  25. JohanF
    Hi, I'm not sure in which time zone you are, but I'm at GMT+2 - I suspect you're awake when I'm sleeping and vice versa I brought the PC home (ja sure, I have nothing better to do on a Friday evening!). The only process in the taskmanger from your list above is GREP.3XE and its memory usage is quite high (pushes PF usage to 0.99GB). I ended it and it caused the AutoScan window to close. I switched the proxy server off and CF is scanning again - about 30 minutes that it is busy now...
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.