Jump to content

girlelec

Members
  • Posts

    7
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Here is the log from deleting AdwCleaner: # AdwCleaner v2.100 - Logfile created 12/12/2012 at 15:08:56 # Updated 09/12/2012 by Xplode # Operating system : Microsoft Windows XP Service Pack 3 (32 bits) # User : Jess - JESSICA700M # Boot Mode : Normal # Running from : C:\Documents and Settings\Jess\Desktop\anti-virus\adwcleaner.exe # Option [Delete] ***** [services] ***** ***** [Files / Folders] ***** Deleted on reboot : C:\Program Files\Common Files\AVG Secure Search File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml Folder Deleted : C:\Documents and Settings\All Users\Application Data\AVG Secure Search Folder Deleted : C:\Documents and Settings\Jess\Application Data\AVG Secure Search Folder Deleted : C:\Documents and Settings\Jess\Local Settings\Application Data\AVG Secure Search Folder Deleted : C:\Program Files\AVG Secure Search ***** [Registry] ***** Key Deleted : HKCU\Software\AVG Secure Search Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted : HKLM\Software\AVG Secure Search Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB} Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1 Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1 Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6} Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1 Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94} Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1 Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}] Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar] ***** [internet Browsers] ***** -\\ Internet Explorer v8.0.6001.18702 Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxps://isearch.avg.com/?cid={E74EDDFE-758D-4E95-8608-AF6E40959D9E}&mid=3b0b2e00938547d085a526531fe9b5d6-f54db5c9b71f6d133d90889d918be46c29a3e7a7〈=en&ds=AVG&pr=fr&d=2012-06-27 22:04:12&v=12.2.5.32&sap=hp --> hxxp://www.google.com Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxps://isearch.avg.com/tab?cid={E74EDDFE-758D-4E95-8608-AF6E40959D9E}&mid=3b0b2e00938547d085a526531fe9b5d6-f54db5c9b71f6d133d90889d918be46c29a3e7a7〈=en&ds=AVG&pr=fr&d=2012-06-27 22:04:12&v=12.2.5.32&sap=nt --> hxxp://www.google.com -\\ Mozilla Firefox v17.0.1 (en-US) Profile name : default File : C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\x3tcajz3.default\prefs.js Deleted : user_pref("avg.install.installDirPath", "C:\\Documents and Settings\\All Users\\Application Data\\AV[...] Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search"); ************************* AdwCleaner[R1].txt - [5408 octets] - [02/12/2012 16:31:30] AdwCleaner[R2].txt - [5468 octets] - [02/12/2012 16:31:51] AdwCleaner[R3].txt - [5539 octets] - [11/12/2012 09:11:20] AdwCleaner[s2].txt - [5488 octets] - [12/12/2012 15:08:56] ########## EOF - C:\AdwCleaner[s2].txt - [5548 octets] ##########
  2. Thanks. I do have Windows set to automatically update, so I assume I am good there. Does it appear that I am virus free yet? # AdwCleaner v2.100 - Logfile created 12/11/2012 at 09:11:20 # Updated 09/12/2012 by Xplode # Operating system : Microsoft Windows XP Service Pack 3 (32 bits) # User : Jess - JESSICA700M # Boot Mode : Normal # Running from : C:\Documents and Settings\Jess\Desktop\anti-virus\adwcleaner.exe # Option [search] ***** [services] ***** ***** [Files / Folders] ***** File Found : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml Folder Found : C:\Documents and Settings\All Users\Application Data\AVG Secure Search Folder Found : C:\Documents and Settings\Jess\Application Data\AVG Secure Search Folder Found : C:\Documents and Settings\Jess\Local Settings\Application Data\AVG Secure Search Folder Found : C:\Program Files\AVG Secure Search Folder Found : C:\Program Files\Common Files\AVG Secure Search ***** [Registry] ***** Key Found : HKCU\Software\AVG Secure Search Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Found : HKLM\Software\AVG Secure Search Key Found : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2} Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB} Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE Key Found : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1 Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1 Key Found : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Key Found : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Found : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9} Key Found : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3} Key Found : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Found : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6} Key Found : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1 Key Found : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94} Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1 Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Found : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin Key Found : HKU\S-1-5-21-1844237615-1606980848-1060284298-1003\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}] Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}] Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar] ***** [internet Browsers] ***** -\\ Internet Explorer v8.0.6001.18702 [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxps://isearch.avg.com/?cid={E74EDDFE-758D-4E95-8608-AF6E40959D9E}&mid=3b0b2e00938547d085a526531fe9b5d6-f54db5c9b71f6d133d90889d918be46c29a3e7a7〈=en&ds=AVG&pr=fr&d=2012-06-27 22:04:12&v=12.2.5.32&sap=hp [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxps://isearch.avg.com/tab?cid={E74EDDFE-758D-4E95-8608-AF6E40959D9E}&mid=3b0b2e00938547d085a526531fe9b5d6-f54db5c9b71f6d133d90889d918be46c29a3e7a7〈=en&ds=AVG&pr=fr&d=2012-06-27 22:04:12&v=12.2.5.32&sap=nt -\\ Mozilla Firefox v17.0.1 (en-US) Profile name : default File : C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\x3tcajz3.default\prefs.js Found : user_pref("avg.install.installDirPath", "C:\\Documents and Settings\\All Users\\Application Data\\AV[...] Found : user_pref("browser.search.defaultenginename", "AVG Secure Search"); ************************* AdwCleaner[R1].txt - [5408 octets] - [02/12/2012 16:31:30] AdwCleaner[R2].txt - [5468 octets] - [02/12/2012 16:31:51] AdwCleaner[R3].txt - [5410 octets] - [11/12/2012 09:11:20] ########## EOF - C:\AdwCleaner[R3].txt - [5470 octets] ##########
  3. things seem to be running well, but here are the logs you requested: TDSSKiller 14:12:28.0986 1272 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35 14:12:31.0019 1272 ============================================================ 14:12:31.0019 1272 Current date / time: 2012/12/02 14:12:31.0019 14:12:31.0019 1272 SystemInfo: 14:12:31.0019 1272 14:12:31.0019 1272 OS Version: 5.1.2600 ServicePack: 3.0 14:12:31.0019 1272 Product type: Workstation 14:12:31.0019 1272 ComputerName: JESSICA700M 14:12:31.0019 1272 UserName: Jess 14:12:31.0019 1272 Windows directory: C:\WINDOWS 14:12:31.0019 1272 System windows directory: C:\WINDOWS 14:12:31.0019 1272 Processor architecture: Intel x86 14:12:31.0019 1272 Number of processors: 1 14:12:31.0019 1272 Page size: 0x1000 14:12:31.0019 1272 Boot type: Normal boot 14:12:31.0019 1272 ============================================================ 14:12:33.0863 1272 Drive \Device\Harddisk0\DR0 - Size: 0xDF8F90000 (55.89 Gb), SectorSize: 0x200, Cylinders: 0x1C80, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054 14:12:33.0863 1272 ============================================================ 14:12:33.0863 1272 \Device\Harddisk0\DR0: 14:12:33.0863 1272 MBR partitions: 14:12:33.0863 1272 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x6FC3D80 14:12:33.0863 1272 ============================================================ 14:12:33.0904 1272 C: <-> \Device\Harddisk0\DR0\Partition1 14:12:33.0904 1272 ============================================================ 14:12:33.0904 1272 Initialize success 14:12:33.0904 1272 ============================================================ 14:12:56.0837 2284 ============================================================ 14:12:56.0837 2284 Scan started 14:12:56.0837 2284 Mode: Manual; 14:12:56.0837 2284 ============================================================ 14:12:57.0187 2284 ================ Scan system memory ======================== 14:12:57.0187 2284 System memory - ok 14:12:57.0197 2284 ================ Scan services ============================= 14:12:57.0317 2284 Abiosdsk - ok 14:12:57.0327 2284 abp480n5 - ok 14:12:57.0417 2284 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys 14:12:57.0427 2284 ACPI - ok 14:12:57.0437 2284 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys 14:12:57.0467 2284 ACPIEC - ok 14:12:57.0568 2284 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe 14:12:57.0608 2284 AdobeFlashPlayerUpdateSvc - ok 14:12:57.0628 2284 adpu160m - ok 14:12:57.0668 2284 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys 14:12:57.0678 2284 aec - ok 14:12:57.0738 2284 [ 4B66E250C94C92522C33A759D5D273CB ] AegisP C:\WINDOWS\system32\DRIVERS\AegisP.sys 14:12:57.0738 2284 AegisP - ok 14:12:57.0818 2284 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys 14:12:57.0828 2284 AFD - ok 14:12:57.0848 2284 Aha154x - ok 14:12:57.0858 2284 aic78u2 - ok 14:12:57.0878 2284 aic78xx - ok 14:12:57.0938 2284 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll 14:12:57.0948 2284 Alerter - ok 14:12:57.0988 2284 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe 14:12:57.0988 2284 ALG - ok 14:12:57.0998 2284 AliIde - ok 14:12:58.0018 2284 amsint - ok 14:12:58.0148 2284 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 14:12:58.0188 2284 Apple Mobile Device - ok 14:12:58.0269 2284 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll 14:12:58.0309 2284 AppMgmt - ok 14:12:58.0349 2284 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys 14:12:58.0369 2284 Arp1394 - ok 14:12:58.0399 2284 asc - ok 14:12:58.0409 2284 asc3350p - ok 14:12:58.0419 2284 asc3550 - ok 14:12:58.0599 2284 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe 14:12:58.0609 2284 aspnet_state - ok 14:12:58.0639 2284 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys 14:12:58.0649 2284 AsyncMac - ok 14:12:58.0679 2284 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys 14:12:58.0679 2284 atapi - ok 14:12:58.0689 2284 Atdisk - ok 14:12:58.0729 2284 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys 14:12:58.0739 2284 Atmarpc - ok 14:12:58.0779 2284 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll 14:12:58.0779 2284 AudioSrv - ok 14:12:58.0849 2284 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys 14:12:58.0879 2284 audstub - ok 14:12:59.0570 2284 [ F6A528DE535396C2FB1A4E3C6F00CEC4 ] AVGIDSAgent C:\Program Files\AVG\AVG2012\avgidsagent.exe 14:12:59.0681 2284 AVGIDSAgent - ok 14:12:59.0731 2284 [ 1074F787080068C71303B61FAE7E7CA4 ] AVGIDSDriver C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys 14:12:59.0731 2284 AVGIDSDriver - ok 14:12:59.0761 2284 [ 61A7E0B02F82CFF3DB2445BBE50B3589 ] AVGIDSFilter C:\WINDOWS\system32\DRIVERS\avgidsfilterx.sys 14:12:59.0761 2284 AVGIDSFilter - ok 14:12:59.0791 2284 [ D63D83659EEDF60B3A3E620281A888E5 ] AVGIDSHX C:\WINDOWS\system32\DRIVERS\avgidshx.sys 14:12:59.0791 2284 AVGIDSHX - ok 14:12:59.0831 2284 [ BAF975B72062F53D327788E99D64197E ] AVGIDSShim C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys 14:12:59.0831 2284 AVGIDSShim - ok 14:12:59.0881 2284 [ DCB09125C8B4766A88C86914B65487C1 ] Avgldx86 C:\WINDOWS\system32\DRIVERS\avgldx86.sys 14:12:59.0881 2284 Avgldx86 - ok 14:12:59.0921 2284 [ CCDD61545AAEA265977E4B1EFDC74E8C ] Avgmfx86 C:\WINDOWS\system32\DRIVERS\avgmfx86.sys 14:12:59.0931 2284 Avgmfx86 - ok 14:12:59.0951 2284 [ 1FD90B28D2C3100BF4500199C8AD6358 ] Avgrkx86 C:\WINDOWS\system32\DRIVERS\avgrkx86.sys 14:12:59.0951 2284 Avgrkx86 - ok 14:13:00.0011 2284 [ C0BC3B2E3FD625E7F55E1FF863E94592 ] Avgtdix C:\WINDOWS\system32\DRIVERS\avgtdix.sys 14:13:00.0021 2284 Avgtdix - ok 14:13:00.0091 2284 [ 57D83B82117C2DDB9D7E9AEA691CEDFC ] avgtp C:\WINDOWS\system32\drivers\avgtpx86.sys 14:13:00.0161 2284 avgtp - ok 14:13:00.0181 2284 [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd C:\Program Files\AVG\AVG2012\avgwdsvc.exe 14:13:00.0191 2284 avgwd - ok 14:13:00.0261 2284 [ 78123F44BE9E4768852A3A017E02D637 ] bcm4sbxp C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys 14:13:00.0271 2284 bcm4sbxp - ok 14:13:00.0312 2284 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys 14:13:00.0312 2284 Beep - ok 14:13:00.0402 2284 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll 14:13:00.0442 2284 BITS - ok 14:13:00.0542 2284 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 14:13:00.0552 2284 Bonjour Service - ok 14:13:00.0582 2284 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll 14:13:00.0582 2284 Browser - ok 14:13:00.0592 2284 bvrp_pci - ok 14:13:00.0752 2284 catchme - ok 14:13:00.0782 2284 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys 14:13:00.0912 2284 cbidf2k - ok 14:13:00.0962 2284 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys 14:13:00.0972 2284 CCDECODE - ok 14:13:00.0972 2284 cd20xrnt - ok 14:13:01.0013 2284 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys 14:13:01.0013 2284 Cdaudio - ok 14:13:01.0033 2284 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys 14:13:01.0033 2284 Cdfs - ok 14:13:01.0053 2284 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys 14:13:01.0053 2284 Cdrom - ok 14:13:01.0093 2284 [ 84853B3FD012251690570E9E7E43343F ] cercsr6 C:\WINDOWS\system32\drivers\cercsr6.sys 14:13:01.0093 2284 cercsr6 - ok 14:13:01.0103 2284 Changer - ok 14:13:01.0143 2284 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe 14:13:01.0143 2284 CiSvc - ok 14:13:01.0203 2284 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe 14:13:01.0203 2284 ClipSrv - ok 14:13:01.0253 2284 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 14:13:01.0343 2284 clr_optimization_v2.0.50727_32 - ok 14:13:01.0373 2284 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys 14:13:01.0373 2284 CmBatt - ok 14:13:01.0383 2284 CmdIde - ok 14:13:01.0393 2284 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys 14:13:01.0393 2284 Compbatt - ok 14:13:01.0403 2284 COMSysApp - ok 14:13:01.0413 2284 Cpqarray - ok 14:13:01.0453 2284 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll 14:13:01.0453 2284 CryptSvc - ok 14:13:01.0463 2284 dac2w2k - ok 14:13:01.0473 2284 dac960nt - ok 14:13:01.0563 2284 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll 14:13:01.0603 2284 DcomLaunch - ok 14:13:01.0694 2284 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll 14:13:01.0694 2284 Dhcp - ok 14:13:01.0704 2284 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys 14:13:01.0704 2284 Disk - ok 14:13:01.0714 2284 dmadmin - ok 14:13:01.0794 2284 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys 14:13:01.0854 2284 dmboot - ok 14:13:01.0954 2284 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys 14:13:02.0234 2284 dmio - ok 14:13:02.0284 2284 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys 14:13:02.0385 2284 dmload - ok 14:13:02.0495 2284 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll 14:13:02.0575 2284 dmserver - ok 14:13:02.0625 2284 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys 14:13:02.0625 2284 DMusic - ok 14:13:02.0685 2284 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll 14:13:02.0685 2284 Dnscache - ok 14:13:02.0825 2284 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll 14:13:02.0835 2284 Dot3svc - ok 14:13:02.0835 2284 dpti2o - ok 14:13:02.0885 2284 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys 14:13:02.0885 2284 drmkaud - ok 14:13:02.0935 2284 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll 14:13:02.0955 2284 EapHost - ok 14:13:03.0005 2284 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll 14:13:03.0005 2284 ERSvc - ok 14:13:03.0076 2284 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe 14:13:03.0076 2284 Eventlog - ok 14:13:03.0166 2284 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll 14:13:03.0186 2284 EventSystem - ok 14:13:03.0316 2284 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys 14:13:03.0336 2284 Fastfat - ok 14:13:03.0416 2284 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll 14:13:03.0426 2284 FastUserSwitchingCompatibility - ok 14:13:03.0446 2284 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys 14:13:03.0446 2284 Fdc - ok 14:13:03.0456 2284 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys 14:13:03.0466 2284 Fips - ok 14:13:03.0466 2284 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys 14:13:03.0476 2284 Flpydisk - ok 14:13:03.0536 2284 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys 14:13:03.0536 2284 FltMgr - ok 14:13:03.0636 2284 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe 14:13:03.0636 2284 FontCache3.0.0.0 - ok 14:13:03.0646 2284 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys 14:13:03.0656 2284 Fs_Rec - ok 14:13:03.0686 2284 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys 14:13:03.0696 2284 Ftdisk - ok 14:13:03.0736 2284 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys 14:13:03.0746 2284 GEARAspiWDM - ok 14:13:03.0797 2284 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys 14:13:03.0807 2284 Gpc - ok 14:13:03.0867 2284 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe 14:13:03.0877 2284 gusvc - ok 14:13:04.0017 2284 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll 14:13:04.0017 2284 helpsvc - ok 14:13:04.0047 2284 HidServ - ok 14:13:04.0107 2284 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll 14:13:04.0107 2284 hkmsvc - ok 14:13:04.0117 2284 hpn - ok 14:13:04.0197 2284 [ 9F1D80908658EB7F1BF70809E0B51470 ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys 14:13:04.0227 2284 HPZid412 - ok 14:13:04.0257 2284 [ F7E3E9D50F9CD3DE28085A8FDAA0A1C3 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys 14:13:04.0257 2284 HPZipr12 - ok 14:13:04.0287 2284 [ CF1B7951B4EC8D13F3C93B74BB2B461B ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys 14:13:04.0297 2284 HPZius12 - ok 14:13:04.0367 2284 [ A84BBBDD125D370593004F6429F8445C ] HSFHWICH C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys 14:13:04.0377 2284 HSFHWICH - ok 14:13:04.0498 2284 [ B678FA91CF4A1C19B462D8DB04CD02AB ] HSF_DPV C:\WINDOWS\system32\DRIVERS\HSF_DPV.SYS 14:13:04.0598 2284 HSF_DPV - ok 14:13:04.0678 2284 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys 14:13:04.0688 2284 HTTP - ok 14:13:04.0738 2284 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll 14:13:04.0738 2284 HTTPFilter - ok 14:13:04.0748 2284 i2omgmt - ok 14:13:04.0758 2284 i2omp - ok 14:13:05.0028 2284 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys 14:13:05.0158 2284 i8042prt - ok 14:13:05.0409 2284 [ 9A883C3C4D91292C0D09DE7C728E781C ] ialm C:\WINDOWS\system32\DRIVERS\ialmnt5.sys 14:13:05.0509 2284 ialm - ok 14:13:05.0609 2284 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe 14:13:05.0609 2284 IDriverT - ok 14:13:05.0769 2284 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 14:13:05.0829 2284 idsvc - ok 14:13:05.0860 2284 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys 14:13:05.0860 2284 Imapi - ok 14:13:05.0920 2284 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe 14:13:05.0930 2284 ImapiService - ok 14:13:05.0940 2284 ini910u - ok 14:13:05.0980 2284 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys 14:13:05.0980 2284 IntelIde - ok 14:13:06.0000 2284 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys 14:13:06.0010 2284 intelppm - ok 14:13:06.0060 2284 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys 14:13:06.0060 2284 Ip6Fw - ok 14:13:06.0110 2284 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 14:13:06.0110 2284 IpFilterDriver - ok 14:13:06.0140 2284 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys 14:13:06.0140 2284 IpInIp - ok 14:13:06.0190 2284 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys 14:13:06.0190 2284 IpNat - ok 14:13:06.0340 2284 [ 57EDB35EA2FECA88F8B17C0C095C9A56 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe 14:13:06.0360 2284 iPod Service - ok 14:13:06.0390 2284 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys 14:13:06.0390 2284 IPSec - ok 14:13:06.0440 2284 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys 14:13:06.0460 2284 IRENUM - ok 14:13:06.0470 2284 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys 14:13:06.0480 2284 isapnp - ok 14:13:06.0520 2284 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys 14:13:06.0520 2284 Kbdclass - ok 14:13:06.0561 2284 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys 14:13:06.0571 2284 kmixer - ok 14:13:06.0611 2284 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys 14:13:06.0621 2284 KSecDD - ok 14:13:06.0681 2284 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll 14:13:06.0691 2284 lanmanserver - ok 14:13:06.0731 2284 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll 14:13:06.0751 2284 lanmanworkstation - ok 14:13:06.0771 2284 lbrtfdc - ok 14:13:06.0811 2284 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll 14:13:06.0821 2284 LmHosts - ok 14:13:06.0881 2284 [ 757706A720255945BA36AD0422A8CE95 ] MaxtorFrontPanel1 C:\WINDOWS\system32\DRIVERS\mxofwfp.sys 14:13:07.0272 2284 MaxtorFrontPanel1 - ok 14:13:07.0362 2284 [ 0575B71F6232579F2AEE55626CB13B03 ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe 14:13:07.0372 2284 MDM - ok 14:13:07.0412 2284 [ 3C318B9CD391371BED62126581EE9961 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys 14:13:07.0412 2284 mdmxsdk - ok 14:13:07.0452 2284 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll 14:13:07.0452 2284 Messenger - ok 14:13:07.0512 2284 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys 14:13:07.0542 2284 mnmdd - ok 14:13:07.0582 2284 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe 14:13:07.0612 2284 mnmsrvc - ok 14:13:07.0662 2284 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys 14:13:07.0662 2284 Modem - ok 14:13:07.0672 2284 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys 14:13:07.0682 2284 Mouclass - ok 14:13:07.0692 2284 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys 14:13:07.0702 2284 MountMgr - ok 14:13:07.0782 2284 [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe 14:13:07.0782 2284 MozillaMaintenance - ok 14:13:07.0792 2284 mraid35x - ok 14:13:07.0812 2284 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys 14:13:07.0822 2284 MRxDAV - ok 14:13:07.0912 2284 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 14:13:07.0953 2284 MRxSmb - ok 14:13:07.0993 2284 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe 14:13:07.0993 2284 MSDTC - ok 14:13:08.0013 2284 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys 14:13:08.0023 2284 Msfs - ok 14:13:08.0033 2284 MSIServer - ok 14:13:08.0063 2284 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys 14:13:08.0063 2284 MSKSSRV - ok 14:13:08.0083 2284 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys 14:13:08.0093 2284 MSPCLOCK - ok 14:13:08.0123 2284 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys 14:13:08.0123 2284 MSPQM - ok 14:13:08.0163 2284 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys 14:13:08.0183 2284 mssmbios - ok 14:13:08.0223 2284 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys 14:13:08.0233 2284 MSTEE - ok 14:13:08.0253 2284 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys 14:13:08.0263 2284 Mup - ok 14:13:08.0293 2284 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys 14:13:08.0293 2284 NABTSFEC - ok 14:13:08.0333 2284 [ EBBEF7D3DDEB24239AB8D067F3A27CCF ] NAL C:\WINDOWS\system32\Drivers\iqvw32.sys 14:13:08.0363 2284 NAL - ok 14:13:08.0463 2284 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll 14:13:08.0503 2284 napagent - ok 14:13:08.0553 2284 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys 14:13:08.0563 2284 NDIS - ok 14:13:08.0603 2284 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys 14:13:08.0603 2284 NdisIP - ok 14:13:08.0664 2284 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys 14:13:08.0664 2284 NdisTapi - ok 14:13:08.0734 2284 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys 14:13:08.0734 2284 Ndisuio - ok 14:13:08.0744 2284 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys 14:13:08.0754 2284 NdisWan - ok 14:13:08.0804 2284 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys 14:13:08.0804 2284 NDProxy - ok 14:13:08.0844 2284 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys 14:13:08.0874 2284 NetBIOS - ok 14:13:08.0934 2284 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys 14:13:08.0954 2284 NetBT - ok 14:13:09.0014 2284 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe 14:13:09.0024 2284 NetDDE - ok 14:13:09.0054 2284 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe 14:13:09.0064 2284 NetDDEdsdm - ok 14:13:09.0104 2284 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe 14:13:09.0114 2284 Netlogon - ok 14:13:09.0154 2284 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll 14:13:09.0184 2284 Netman - ok 14:13:09.0345 2284 [ 25D4FD2151185172B6643C94F34F36BE ] NetSvc C:\Program Files\Intel\NCS\Sync\NetSvc.exe 14:13:09.0375 2284 NetSvc - ok 14:13:09.0435 2284 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 14:13:09.0435 2284 NetTcpPortSharing - ok 14:13:09.0485 2284 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys 14:13:09.0495 2284 NIC1394 - ok 14:13:09.0535 2284 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll 14:13:09.0615 2284 Nla - ok 14:13:09.0645 2284 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys 14:13:09.0645 2284 Npfs - ok 14:13:09.0705 2284 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys 14:13:09.0785 2284 Ntfs - ok 14:13:09.0805 2284 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe 14:13:09.0805 2284 NtLmSsp - ok 14:13:10.0015 2284 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll 14:13:10.0046 2284 NtmsSvc - ok 14:13:10.0076 2284 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys 14:13:10.0076 2284 Null - ok 14:13:10.0136 2284 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 14:13:10.0136 2284 NwlnkFlt - ok 14:13:10.0146 2284 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 14:13:10.0146 2284 NwlnkFwd - ok 14:13:10.0156 2284 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys 14:13:10.0166 2284 ohci1394 - ok 14:13:10.0206 2284 [ DC450992EBA6F914080C1F7FBEEED72C ] PalmUSBD C:\WINDOWS\system32\drivers\PalmUSBD.sys 14:13:10.0216 2284 PalmUSBD - ok 14:13:10.0226 2284 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys 14:13:10.0226 2284 Parport - ok 14:13:10.0246 2284 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys 14:13:10.0246 2284 PartMgr - ok 14:13:10.0286 2284 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys 14:13:10.0286 2284 ParVdm - ok 14:13:10.0296 2284 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys 14:13:10.0306 2284 PCI - ok 14:13:10.0306 2284 PCIDump - ok 14:13:10.0336 2284 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\drivers\PCIIde.sys 14:13:10.0346 2284 PCIIde - ok 14:13:10.0446 2284 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys 14:13:10.0536 2284 Pcmcia - ok 14:13:10.0536 2284 PDCOMP - ok 14:13:10.0546 2284 PDFRAME - ok 14:13:10.0556 2284 PDRELI - ok 14:13:10.0556 2284 PDRFRAME - ok 14:13:10.0566 2284 perc2 - ok 14:13:10.0586 2284 perc2hib - ok 14:13:10.0656 2284 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe 14:13:10.0666 2284 PlugPlay - ok 14:13:10.0747 2284 [ 9D84376931440F3679BEEF2A414FA493 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.exe 14:13:10.0747 2284 Pml Driver HPZ12 - ok 14:13:10.0757 2284 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe 14:13:10.0757 2284 PolicyAgent - ok 14:13:10.0787 2284 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys 14:13:10.0787 2284 PptpMiniport - ok 14:13:10.0797 2284 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe 14:13:10.0797 2284 ProtectedStorage - ok 14:13:10.0807 2284 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys 14:13:10.0817 2284 PSched - ok 14:13:10.0837 2284 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys 14:13:10.0837 2284 Ptilink - ok 14:13:10.0857 2284 ql1080 - ok 14:13:10.0867 2284 Ql10wnt - ok 14:13:10.0877 2284 ql12160 - ok 14:13:10.0887 2284 ql1240 - ok 14:13:10.0897 2284 ql1280 - ok 14:13:10.0907 2284 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys 14:13:10.0917 2284 RasAcd - ok 14:13:10.0957 2284 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll 14:13:10.0957 2284 RasAuto - ok 14:13:11.0007 2284 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 14:13:11.0007 2284 Rasl2tp - ok 14:13:11.0087 2284 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll 14:13:11.0097 2284 RasMan - ok 14:13:11.0107 2284 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys 14:13:11.0107 2284 RasPppoe - ok 14:13:11.0127 2284 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys 14:13:11.0127 2284 Raspti - ok 14:13:11.0167 2284 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys 14:13:11.0167 2284 Rdbss - ok 14:13:11.0197 2284 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 14:13:11.0197 2284 RDPCDD - ok 14:13:11.0217 2284 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys 14:13:11.0227 2284 rdpdr - ok 14:13:11.0287 2284 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys 14:13:11.0287 2284 RDPWD - ok 14:13:11.0327 2284 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe 14:13:11.0327 2284 RDSessMgr - ok 14:13:11.0367 2284 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys 14:13:11.0377 2284 redbook - ok 14:13:11.0438 2284 [ 2721D89B80F8E154668190BF240E5698 ] RegSrvc C:\WINDOWS\system32\RegSrvc.exe 14:13:11.0438 2284 RegSrvc - ok 14:13:11.0488 2284 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll 14:13:11.0498 2284 RemoteAccess - ok 14:13:11.0538 2284 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll 14:13:11.0548 2284 RemoteRegistry - ok 14:13:11.0578 2284 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe 14:13:11.0578 2284 RpcLocator - ok 14:13:11.0648 2284 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\System32\rpcss.dll 14:13:11.0658 2284 RpcSs - ok 14:13:11.0698 2284 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe 14:13:11.0708 2284 RSVP - ok 14:13:11.0768 2284 [ B6CAA5219B1F98FFA58247F9E207D9B9 ] S24EventMonitor C:\WINDOWS\system32\S24EvMon.exe 14:13:11.0788 2284 S24EventMonitor - ok 14:13:11.0818 2284 [ F8E1A385D08204A461E19CD9BCA2B461 ] s24trans C:\WINDOWS\system32\DRIVERS\s24trans.sys 14:13:11.0818 2284 s24trans - ok 14:13:11.0848 2284 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe 14:13:11.0848 2284 SamSs - ok 14:13:11.0908 2284 [ B244960E5A1DB8E9D5D17086DE37C1E4 ] sbp2port C:\WINDOWS\system32\DRIVERS\sbp2port.sys 14:13:11.0908 2284 sbp2port - ok 14:13:11.0948 2284 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe 14:13:11.0968 2284 SCardSvr - ok 14:13:12.0028 2284 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll 14:13:12.0068 2284 Schedule - ok 14:13:12.0159 2284 [ 16B44D246835EAC156F8DAF0AA4F530C ] SeagateDashboardService C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe 14:13:12.0169 2284 SeagateDashboardService - ok 14:13:12.0199 2284 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys 14:13:12.0229 2284 Secdrv - ok 14:13:12.0279 2284 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll 14:13:12.0279 2284 seclogon - ok 14:13:12.0339 2284 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll 14:13:12.0349 2284 SENS - ok 14:13:12.0379 2284 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\drivers\Serial.sys 14:13:12.0379 2284 Serial - ok 14:13:12.0459 2284 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys 14:13:12.0469 2284 Sfloppy - ok 14:13:12.0569 2284 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll 14:13:12.0609 2284 SharedAccess - ok 14:13:12.0659 2284 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll 14:13:12.0669 2284 ShellHWDetection - ok 14:13:12.0689 2284 Simbad - ok 14:13:12.0759 2284 [ DDAA5F4A6B958FC313EBD02DD925752F ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe 14:13:12.0779 2284 SkypeUpdate - ok 14:13:12.0830 2284 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys 14:13:12.0830 2284 SLIP - ok 14:13:12.0850 2284 Sparrow - ok 14:13:12.0900 2284 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys 14:13:12.0900 2284 splitter - ok 14:13:12.0970 2284 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe 14:13:12.0970 2284 Spooler - ok 14:13:13.0000 2284 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys 14:13:13.0040 2284 sr - ok 14:13:13.0090 2284 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll 14:13:13.0130 2284 srservice - ok 14:13:13.0210 2284 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys 14:13:13.0240 2284 Srv - ok 14:13:13.0320 2284 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll 14:13:13.0350 2284 SSDPSRV - ok 14:13:13.0440 2284 [ 5813D453EF8CE49D607C255CF128ACEB ] STAC97 C:\WINDOWS\system32\drivers\stac97.sys 14:13:13.0490 2284 STAC97 - ok 14:13:13.0541 2284 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll 14:13:13.0581 2284 stisvc - ok 14:13:13.0611 2284 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys 14:13:13.0621 2284 streamip - ok 14:13:13.0681 2284 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys 14:13:13.0681 2284 swenum - ok 14:13:13.0731 2284 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys 14:13:13.0731 2284 swmidi - ok 14:13:13.0761 2284 SwPrv - ok 14:13:13.0781 2284 symc810 - ok 14:13:13.0791 2284 symc8xx - ok 14:13:13.0801 2284 sym_hi - ok 14:13:13.0831 2284 sym_u3 - ok 14:13:13.0881 2284 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys 14:13:13.0891 2284 sysaudio - ok 14:13:13.0921 2284 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe 14:13:13.0951 2284 SysmonLog - ok 14:13:14.0041 2284 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll 14:13:14.0302 2284 TapiSrv - ok 14:13:14.0412 2284 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys 14:13:14.0442 2284 Tcpip - ok 14:13:14.0482 2284 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys 14:13:14.0492 2284 TDPIPE - ok 14:13:14.0502 2284 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys 14:13:14.0512 2284 TDTCP - ok 14:13:14.0552 2284 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys 14:13:14.0552 2284 TermDD - ok 14:13:14.0662 2284 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll 14:13:14.0792 2284 TermService - ok 14:13:14.0812 2284 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll 14:13:14.0822 2284 Themes - ok 14:13:14.0882 2284 [ 465C92A7CB4FC1885B0018BA6325B463 ] tifm C:\WINDOWS\system32\drivers\tifm.sys 14:13:14.0892 2284 tifm - ok 14:13:14.0953 2284 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe 14:13:14.0963 2284 TlntSvr - ok 14:13:14.0973 2284 TosIde - ok 14:13:15.0023 2284 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll 14:13:15.0033 2284 TrkWks - ok 14:13:15.0063 2284 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys 14:13:15.0073 2284 Udfs - ok 14:13:15.0073 2284 UIUSys - ok 14:13:15.0093 2284 ultra - ok 14:13:15.0183 2284 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys 14:13:15.0223 2284 Update - ok 14:13:15.0283 2284 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll 14:13:15.0393 2284 upnphost - ok 14:13:15.0413 2284 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe 14:13:15.0563 2284 UPS - ok 14:13:15.0874 2284 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys 14:13:15.0914 2284 usbaudio - ok 14:13:15.0974 2284 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys 14:13:15.0974 2284 usbccgp - ok 14:13:16.0024 2284 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys 14:13:16.0034 2284 usbehci - ok 14:13:16.0034 2284 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys 14:13:16.0044 2284 usbhub - ok 14:13:16.0074 2284 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys 14:13:16.0074 2284 usbprint - ok 14:13:16.0184 2284 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys 14:13:16.0224 2284 usbscan - ok 14:13:16.0254 2284 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 14:13:16.0264 2284 USBSTOR - ok 14:13:16.0295 2284 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys 14:13:16.0305 2284 usbuhci - ok 14:13:16.0355 2284 [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys 14:13:16.0395 2284 usbvideo - ok 14:13:16.0435 2284 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys 14:13:16.0455 2284 VgaSave - ok 14:13:16.0455 2284 ViaIde - ok 14:13:16.0485 2284 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys 14:13:16.0485 2284 VolSnap - ok 14:13:16.0555 2284 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe 14:13:16.0585 2284 VSS - ok 14:13:16.0735 2284 [ 7D110D645030C05A06C3CD08D1E47D0A ] vToolbarUpdater13.2.0 C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe 14:13:16.0755 2284 vToolbarUpdater13.2.0 - ok 14:13:16.0795 2284 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll 14:13:16.0795 2284 W32Time - ok 14:13:16.0905 2284 [ 677AD85E3058C821F5A73CDF7E5B5478 ] w70n51 C:\WINDOWS\system32\DRIVERS\w70n51.sys 14:13:17.0026 2284 w70n51 - ok 14:13:17.0106 2284 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys 14:13:17.0126 2284 Wanarp - ok 14:13:17.0166 2284 WDICA - ok 14:13:17.0216 2284 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys 14:13:17.0246 2284 wdmaud - ok 14:13:17.0276 2284 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll 14:13:17.0296 2284 WebClient - ok 14:13:17.0366 2284 [ 0C5B9CF1BDF998750D9C5EEB5F8C55AC ] winachsf C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys 14:13:17.0426 2284 winachsf - ok 14:13:17.0566 2284 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll 14:13:17.0586 2284 winmgmt - ok 14:13:17.0596 2284 wltrysvc - ok 14:13:17.0646 2284 [ C7E39EA41233E9F5B86C8DA3A9F1E4A8 ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll 14:13:17.0646 2284 WmdmPmSN - ok 14:13:17.0747 2284 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll 14:13:17.0827 2284 Wmi - ok 14:13:17.0857 2284 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe 14:13:17.0867 2284 WmiApSrv - ok 14:13:17.0957 2284 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys 14:13:17.0967 2284 WS2IFSL - ok 14:13:18.0047 2284 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll 14:13:18.0057 2284 wscsvc - ok 14:13:18.0117 2284 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS 14:13:18.0117 2284 WSTCODEC - ok 14:13:18.0177 2284 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll 14:13:18.0177 2284 wuauserv - ok 14:13:18.0327 2284 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll 14:13:18.0398 2284 WZCSVC - ok 14:13:18.0478 2284 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll 14:13:18.0498 2284 xmlprov - ok 14:13:18.0528 2284 ================ Scan global =============================== 14:13:18.0558 2284 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll 14:13:18.0678 2284 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll 14:13:18.0748 2284 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll 14:13:18.0778 2284 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe 14:13:18.0778 2284 [Global] - ok 14:13:18.0778 2284 ================ Scan MBR ================================== 14:13:18.0818 2284 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0 14:13:19.0159 2284 \Device\Harddisk0\DR0 - ok 14:13:19.0169 2284 ================ Scan VBR ================================== 14:13:19.0169 2284 [ 79068B77997F23BBE176DF1A4571B665 ] \Device\Harddisk0\DR0\Partition1 14:13:19.0179 2284 \Device\Harddisk0\DR0\Partition1 - ok 14:13:19.0179 2284 ============================================================ 14:13:19.0179 2284 Scan finished 14:13:19.0179 2284 ============================================================ 14:13:19.0219 1508 Detected object count: 0 14:13:19.0219 1508 Actual detected object count: 0 14:22:28.0028 1856 Deinitialize success ESET Online Scanner C:\Qoobox\Quarantine\C\autorun.inf.vir Win32/PSW.OnLineGames.OUM trojan cleaned by deleting - quarantined C:\System Volume Information\_restore{CA4FB9B1-A2C2-4D3E-BA48-E5E64E4EC17D}\RP139\A0023168.inf Win32/PSW.OnLineGames.OUM trojan cleaned by deleting - quarantined AdwCleaner # AdwCleaner v2.011 - Logfile created 12/02/2012 at 16:31:30 # Updated 02/12/2012 by Xplode # Operating system : Microsoft Windows XP Service Pack 3 (32 bits) # User : Jess - JESSICA700M # Boot Mode : Normal # Running from : C:\Documents and Settings\Jess\Desktop\adwcleaner.exe # Option [search] ***** [services] ***** ***** [Files / Folders] ***** File Found : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml Folder Found : C:\Documents and Settings\All Users\Application Data\AVG Secure Search Folder Found : C:\Documents and Settings\Jess\Application Data\AVG Secure Search Folder Found : C:\Documents and Settings\Jess\Local Settings\Application Data\AVG Secure Search Folder Found : C:\Program Files\AVG Secure Search Folder Found : C:\Program Files\Common Files\AVG Secure Search ***** [Registry] ***** Key Found : HKCU\Software\AVG Secure Search Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Found : HKLM\Software\AVG Secure Search Key Found : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2} Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB} Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE Key Found : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1 Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1 Key Found : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Key Found : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Found : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9} Key Found : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3} Key Found : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Found : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6} Key Found : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1 Key Found : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94} Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1 Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Found : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin Key Found : HKU\S-1-5-21-1844237615-1606980848-1060284298-1003\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}] Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}] Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar] ***** [internet Browsers] ***** -\\ Internet Explorer v8.0.6001.18702 [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxps://isearch.avg.com/?cid={E74EDDFE-758D-4E95-8608-AF6E40959D9E}&mid=3b0b2e00938547d085a526531fe9b5d6-f54db5c9b71f6d133d90889d918be46c29a3e7a7〈=en&ds=AVG&pr=fr&d=2012-06-27 22:04:12&v=12.2.5.32&sap=hp [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxps://isearch.avg.com/tab?cid={E74EDDFE-758D-4E95-8608-AF6E40959D9E}&mid=3b0b2e00938547d085a526531fe9b5d6-f54db5c9b71f6d133d90889d918be46c29a3e7a7〈=en&ds=AVG&pr=fr&d=2012-06-27 22:04:12&v=12.2.5.32&sap=nt -\\ Mozilla Firefox v16.0.2 (en-US) Profile name : default File : C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\x3tcajz3.default\prefs.js Found : user_pref("avg.install.installDirPath", "C:\\Documents and Settings\\All Users\\Application Data\\AV[...] Found : user_pref("browser.search.defaultenginename", "AVG Secure Search"); ************************* AdwCleaner[R1].txt - [5279 octets] - [02/12/2012 16:31:30] ########## EOF - C:\AdwCleaner[R1].txt - [5339 octets] ########## BleepingComputer Security Check Results of screen317's Security Check version 0.99.56 Windows XP Service Pack 3 x86 Internet Explorer 8 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! Please wait while WMIC is being installed.d i s p l a y N a m e ECHO is off. A V G ECHO is off. A n t i V i r u s ECHO is off. F r e ECHO is off. E d i t i o n ECHO is off. 2 0 1 2 ECHO is off. Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.65.1.1000 Adobe Flash Player 11.4.402.287 Adobe Reader 10.1.4 Adobe Reader out of Date! Mozilla Firefox 16.0.2 Firefox out of Date! ````````Process Check: objlist.exe by Laurent```````` AVG avgwdsvc.exe AVG avgtray.exe AVG avgrsx.exe AVG avgnsx.exe AVG avgemc.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C:: 2% ````````````````````End of Log``````````````````````
  4. Thanks. Should I post the attach.txt file again too? ComboFix 12-11-28.02 - Jess 11/28/2012 11:11:24.1.1 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1262.499 [GMT -5:00] Running from: c:\documents and settings\Jess\My Documents\Downloads\ComboFix.exe AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . C:\autorun.inf C:\Install.exe c:\windows\system32\Cache c:\windows\system32\Cache\272512937d9e61a4.fb c:\windows\system32\Cache\287204568329e189.fb c:\windows\system32\Cache\28bc8f716fd76a47.fb c:\windows\system32\Cache\2c53092c95605355.fb c:\windows\system32\Cache\31a0997e9a5b5eb3.fb c:\windows\system32\Cache\32c84fe32bb74d60.fb c:\windows\system32\Cache\3917078cb68ec657.fb c:\windows\system32\Cache\590ba23ce359fd0c.fb c:\windows\system32\Cache\610289e025a3ee9a.fb c:\windows\system32\Cache\62b76dccf0e84bae.fb c:\windows\system32\Cache\651c5d3cdbfb8bd1.fb c:\windows\system32\Cache\6c59ac5e7e7a3ad0.fb c:\windows\system32\Cache\6d03dad1035885d3.fb c:\windows\system32\Cache\a8556537add6dfc5.fb c:\windows\system32\Cache\abd6ac014d9706c7.fb c:\windows\system32\Cache\ad10a52aff5e038d.fb c:\windows\system32\Cache\b1ffdc988127b409.fb c:\windows\system32\Cache\c1fa887b03019701.fb c:\windows\system32\Cache\c4d28dca2e7648be.fb c:\windows\system32\Cache\d201ef9910cd39de.fb c:\windows\system32\Cache\d2e94710a5708128.fb c:\windows\system32\Cache\d79b9dfe81484ec4.fb c:\windows\system32\Cache\d98ca5fa83bc5a72.fb c:\windows\system32\Cache\f998975c9cc711ee.fb . . ((((((((((((((((((((((((( Files Created from 2012-10-28 to 2012-11-28 ))))))))))))))))))))))))))))))) . . 2012-11-21 16:38 . 2012-11-26 22:13 -------- d-----w- c:\windows\SxsCaPendDel 2012-11-17 00:53 . 2012-11-17 00:53 -------- d-----w- c:\program files\Microsoft Silverlight 2012-10-31 20:35 . 2012-10-31 20:35 -------- d-----w- c:\documents and settings\Jess\Local Settings\Application Data\MFAData 2012-10-31 20:35 . 2012-10-31 20:35 -------- d-----w- c:\documents and settings\Jess\Local Settings\Application Data\Avg2013 . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-11-08 18:24 . 2012-09-03 16:12 26984 ----a-w- c:\windows\system32\drivers\avgtpx86.sys 2012-10-22 08:37 . 2004-08-04 10:00 1866368 ----a-w- c:\windows\system32\win32k.sys 2012-10-09 21:44 . 2012-05-14 18:23 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-10-09 21:44 . 2012-05-14 18:23 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-10-02 18:04 . 2004-08-04 10:00 58368 ----a-w- c:\windows\system32\synceng.dll 2012-09-29 23:54 . 2012-05-14 15:23 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-10-31 21:27 . 2012-10-31 21:27 261600 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] 2012-09-03 16:12 1734240 ----a-w- c:\program files\AVG Secure Search\12.2.5.32\AVG Secure Search_toolbar.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\12.2.5.32\AVG Secure Search_toolbar.dll" [2012-09-03 1734240] . [HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-15 00:32 94208 ----a-w- c:\documents and settings\Jess\Application Data\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-15 00:32 94208 ----a-w- c:\documents and settings\Jess\Application Data\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-15 00:32 94208 ----a-w- c:\documents and settings\Jess\Application Data\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-15 00:32 94208 ----a-w- c:\documents and settings\Jess\Application Data\Dropbox\bin\DropboxExt.14.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-07-13 17418928] "Akamai NetSession Interface"="c:\documents and settings\Jess\Local Settings\Application Data\Akamai\netsession_win.exe" [2012-10-09 4441920] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "igfxtray"="c:\windows\system32\igfxtray.exe" [2005-09-20 94208] "igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-09-20 77824] "igfxpers"="c:\windows\system32\igfxpers.exe" [2005-09-20 114688] "Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2007-03-16 1392640] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-03-27 421736] "WorksFUD"="c:\program files\Microsoft Works\wkfud.exe" [2001-10-06 24576] "Microsoft Works Portfolio"="c:\program files\Microsoft Works\WksSb.exe" [2001-08-23 331830] "Microsoft Works Update Detection"="c:\program files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe" [2001-08-17 28738] "ZCfgSvc.exe"="c:\windows\system32\ZCfgSvc.exe" [2004-06-17 409664] "vProt"="c:\program files\AVG Secure Search\vprot.exe" [2012-11-08 997320] "AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2012-07-31 2596984] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-04-19 421888] "Seagate Dashboard"="c:\program files\Seagate\Seagate Dashboard\MemeoLauncher.exe" [2011-06-01 79112] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008] "ROC_ROC_JULY_P1"="c:\program files\AVG Secure Search\ROC_ROC_JULY_P1.exe" [2012-09-03 1022048] . c:\documents and settings\Jess\Start Menu\Programs\Startup\ Dropbox.lnk - c:\documents and settings\Jess\Application Data\Dropbox\bin\Dropbox.exe [2012-5-24 27112840] . c:\documents and settings\All Users\Start Menu\Programs\Startup\ Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\Sebring] 2004-06-17 16:14 180290 ----a-w- c:\windows\system32\LgNotify.dll . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Digital Line Detect.lnk] path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk backup=c:\windows\pss\Digital Line Detect.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HotSync Manager.lnk] path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HotSync Manager.lnk backup=c:\windows\pss\HotSync Manager.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk] path=c:\documents and settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk backup=c:\windows\pss\McAfee Security Scan Plus.lnkCommon Startup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2012-07-27 20:51 919008 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon] 2012-02-21 01:28 59240 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update] 2011-05-10 06:41 49208 ----a-w- c:\program files\HP\HP Software Update\hpwuschd2.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PRONoMgr.exe] 2004-05-24 19:59 86016 ----a-w- c:\program files\Intel\NCS\PROSet\PRONoMgr.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt] 2012-11-08 18:24 997320 ----a-w- c:\program files\AVG Secure Search\vprot.exe . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Documents and Settings\\Jess\\Application Data\\Dropbox\\bin\\Dropbox.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Documents and Settings\\Jess\\Local Settings\\Application Data\\Akamai\\netsession_win.exe"= "c:\\Program Files\\AVG\\AVG2012\\avgmfapx.exe"= "c:\\Program Files\\Seagate\\Seagate Dashboard\\HipServAgent\\HipServAgent.exe"= "c:\\Program Files\\AVG\\AVG2012\\avgnsx.exe"= "c:\\Program Files\\AVG\\AVG2012\\avgdiagex.exe"= "c:\\Program Files\\AVG\\AVG2012\\avgemcx.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "1256:TCP"= 1256:TCP:Akamai NetSession Interface "5000:UDP"= 5000:UDP:Akamai NetSession Interface . R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [4/19/2012 3:50 AM 24896] R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [1/31/2012 3:46 AM 31952] R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2/22/2012 4:25 AM 237408] R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [3/19/2012 4:17 AM 301920] R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [9/3/2012 11:12 AM 26984] R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\avgidsagent.exe [8/13/2012 2:24 AM 5167736] R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [2/14/2012 3:53 AM 193288] R2 SeagateDashboardService;Seagate Dashboard Service;c:\program files\Seagate\Seagate Dashboard\SeagateDashboardService.exe [6/1/2011 11:42 AM 14088] R2 vToolbarUpdater13.2.0;vToolbarUpdater13.2.0;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe [11/8/2012 1:24 PM 711112] R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [12/23/2011 12:32 PM 139856] R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\avgidsfilterx.sys [12/23/2011 12:32 PM 24144] R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [12/23/2011 12:32 PM 17232] S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [6/7/2012 6:12 PM 160944] . Contents of the 'Scheduled Tasks' folder . 2012-11-28 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-14 21:44] . . ------- Supplementary Scan ------- . uStart Page = https://isearch.avg.com/?cid={E74EDDFE-758D-4E95-8608-AF6E40959D9E}&mid=3b0b2e00938547d085a526531fe9b5d6-f54db5c9b71f6d133d90889d918be46c29a3e7a7〈=en&ds=AVG&pr=fr&d=2012-06-27 22:04&v=12.2.5.32&sap=hp uInternet Connection Wizard,ShellNext = hxxp://www.drivermax.com/index2.htm uInternet Settings,ProxyOverride = *.local;<local> IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 TCP: DhcpNameServer = 192.168.1.1 Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\12.2.6\ViProtocol.dll FF - ProfilePath - c:\documents and settings\Jess\Application Data\Mozilla\Firefox\Profiles\x3tcajz3.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxps://accounts.google.com/ServiceLogin?continue=http://www.google.com/ig%3Fhl%3Den&followup=http://www.google.com/ig%3Fhl%3Den&service=ig&passive=true&cd=US&hl=en&nui=1&ltmpl=default FF - prefs.js: keyword.URL - hxxp://www.goodsearch.com/search.aspx?toolbarcharity=___toolbarcharity___&id=goodsearchtb&v=2_0&keywords= . - - - - ORPHANS REMOVED - - - - . WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file) MSConfigStartUp-HotSync - c:\program files\PalmSource\Desktop\HotSync.exe MSConfigStartUp-mcui_exe - c:\program files\McAfee.com\Agent\mcagent.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2012-11-28 11:16 Windows 5.1.2600 Service Pack 3 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'winlogon.exe'(1108) c:\windows\System32\BCMLogon.dll c:\windows\system32\LgNotify.dll c:\windows\system32\igfxdev.dll . Completion time: 2012-11-28 11:21:33 ComboFix-quarantined-files.txt 2012-11-28 16:21 . Pre-Run: 9,859,239,936 bytes free Post-Run: 10,075,926,528 bytes free . WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect . - - End Of File - - 00E5FA409B82E020CB9B58F220AAA1CB DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 8.0.6001.18702 Run by Jess at 14:15:22 on 2012-11-28 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1262.423 [GMT -5:00] . AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} . ============== Running Processes ================ . \??\C:\PROGRA~1\AVG\AVG2012\avgrsx.exe \??\C:\Program Files\AVG\AVG2012\avgcsrvx.exe C:\WINDOWS\system32\S24EvMon.exe C:\WINDOWS\system32\ZCfgSvc.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\1XConfig.exe C:\WINDOWS\System32\WLTRYSVC.EXE C:\WINDOWS\System32\bcmwltry.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\system32\igfxsrvc.exe C:\WINDOWS\system32\WLTRAY.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe C:\Program Files\AVG Secure Search\vprot.exe C:\Program Files\AVG\AVG2012\avgtray.exe C:\Program Files\Skype\Phone\Skype.exe C:\Documents and Settings\Jess\Local Settings\Application Data\Akamai\netsession_win.exe C:\Documents and Settings\Jess\Local Settings\Application Data\Akamai\netsession_win.exe C:\Documents and Settings\Jess\Application Data\Dropbox\bin\Dropbox.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\AVG\AVG2012\avgwdsvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\RegSrvc.exe C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe C:\Program Files\Seagate\Seagate Dashboard\MemeoDashboard.exe C:\Program Files\AVG\AVG2012\avgnsx.exe C:\Program Files\AVG\AVG2012\avgemcx.exe C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe C:\Program Files\AVG\AVG2012\avgidsagent.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\System32\alg.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\WINDOWS\system32\svchost.exe -k DcomLaunch C:\WINDOWS\system32\svchost.exe -k rpcss C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k NetworkService C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\system32\svchost.exe -k imgsvc . ============== Pseudo HJT Report =============== . uStart Page = hxxps://isearch.avg.com/?cid={E74EDDFE-758D-4E95-8608-AF6E40959D9E}&mid=3b0b2e00938547d085a526531fe9b5d6-f54db5c9b71f6d133d90889d918be46c29a3e7a7〈=en&ds=AVG&pr=fr&d=2012-06-27 22:04:12&v=12.2.5.32&sap=hp uInternet Connection Wizard,ShellNext = hxxp://www.drivermax.com/index2.htm BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - c:\program files\avg\avg2012\avgssie.dll BHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg secure search\12.2.5.32\AVG Secure Search_toolbar.dll TB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg secure search\12.2.5.32\AVG Secure Search_toolbar.dll uRun: [skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun uRun: [Akamai NetSession Interface] "c:\documents and settings\jess\local settings\application data\akamai\netsession_win.exe" uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe mRun: [igfxtray] c:\windows\system32\igfxtray.exe mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe mRun: [igfxpers] c:\windows\system32\igfxpers.exe mRun: [broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [WorksFUD] c:\program files\microsoft works\wkfud.exe mRun: [Microsoft Works Portfolio] c:\program files\microsoft works\WksSb.exe /AllUsers mRun: [Microsoft Works Update Detection] c:\program files\common files\microsoft shared\works shared\WkUFind.exe mRun: [ZCfgSvc.exe] c:\windows\system32\ZCfgSvc.exe mRun: [vProt] "c:\program files\avg secure search\vprot.exe" mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe" mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime mRun: [seagate Dashboard] c:\program files\seagate\seagate dashboard\MemeoLauncher.exe --silent --no_ui mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [ROC_ROC_JULY_P1] "c:\program files\avg secure search\ROC_ROC_JULY_P1.exe" / /PROMPT /CMPID=ROC_JULY_P1 StartupFolder: c:\docume~1\jess\startm~1\programs\startup\dropbox.lnk - c:\documents and settings\jess\application data\dropbox\bin\Dropbox.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~2.lnk - c:\program files\microsoft office\office10\OSA.EXE uPolicies-Explorer: NoDriveTypeAutoRun = dword:323 uPolicies-Explorer: NoDriveAutoRun = dword:67108863 uPolicies-Explorer: NoDrives = dword:0 mPolicies-Explorer: NoDriveAutoRun = dword:67108863 mPolicies-Explorer: NoDriveTypeAutoRun = dword:323 mPolicies-Explorer: NoDrives = dword:0 mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1 mPolicies-Explorer: NoDriveAutoRun = dword:67108863 mPolicies-Explorer: NoDriveTypeAutoRun = dword:323 IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe TCP: NameServer = 209.18.47.61 209.18.47.62 TCP: Interfaces\{253B1A57-04A1-4DAE-B49C-F17A10CC0988} : DHCPNameServer = 209.18.47.61 209.18.47.62 TCP: Interfaces\{F80A5669-AAFF-4B76-940C-3A42475B1E80} : DHCPNameServer = 209.18.47.61 209.18.47.62 Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\12.2.6\ViProtocol.dll Notify: igfxcui - igfxdev.dll Notify: Sebring - c:\windows\system32\LgNotify.dll . ================= FIREFOX =================== . FF - ProfilePath - c:\documents and settings\jess\application data\mozilla\firefox\profiles\x3tcajz3.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxps://accounts.google.com/ServiceLogin?continue=http://www.google.com/ig%3Fhl%3Den&followup=http://www.google.com/ig%3Fhl%3Den&service=ig&passive=true&cd=US&hl=en&nui=1&ltmpl=default FF - prefs.js: keyword.URL - hxxp://www.goodsearch.com/search.aspx?toolbarcharity=___toolbarcharity___&id=goodsearchtb&v=2_0&keywords= FF - plugin: c:\progra~1\palm\packag~1\NPInstal.dll FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll FF - plugin: c:\program files\common files\avg secure search\sitesafetyinstaller\13.2.0\npsitesafety.dll FF - plugin: c:\program files\google\picasa3\npPicasa3.dll FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_4_402_287.dll . ============= SERVICES / DRIVERS =============== . R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-4-19 24896] R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2012-1-31 31952] R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2012-2-22 237408] R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-12-23 41040] R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2012-3-19 301920] R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2012-9-3 26984] R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\avgidsagent.exe [2012-8-13 5167736] R2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2012-2-14 193288] R2 SeagateDashboardService;Seagate Dashboard Service;c:\program files\seagate\seagate dashboard\SeagateDashboardService.exe [2011-6-1 14088] R2 vToolbarUpdater13.2.0;vToolbarUpdater13.2.0;c:\program files\common files\avg secure search\vtoolbarupdater\13.2.0\ToolbarUpdater.exe [2012-11-8 711112] R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2011-12-23 139856] R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\avgidsfilterx.sys [2011-12-23 24144] R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2011-12-23 17232] S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-6-7 160944] . =============== Created Last 30 ================ . 2012-11-28 16:09:45 -------- d-sha-r- C:\cmdcons 2012-11-28 16:06:58 98816 ----a-w- c:\windows\sed.exe 2012-11-28 16:06:58 256000 ----a-w- c:\windows\PEV.exe 2012-11-28 16:06:58 208896 ----a-w- c:\windows\MBR.exe 2012-11-21 16:38:46 -------- d-----w- c:\windows\SxsCaPendDel 2012-10-31 20:35:47 -------- d-----w- c:\documents and settings\jess\local settings\application data\MFAData 2012-10-31 20:35:47 -------- d-----w- c:\documents and settings\jess\local settings\application data\Avg2013 . ==================== Find3M ==================== . 2012-11-08 18:24:19 26984 ----a-w- c:\windows\system32\drivers\avgtpx86.sys 2012-10-22 08:37:31 1866368 ----a-w- c:\windows\system32\win32k.sys 2012-10-09 21:44:24 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-10-09 21:44:23 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-10-02 18:04:21 58368 ----a-w- c:\windows\system32\synceng.dll 2012-09-29 23:54:26 22856 ----a-w- c:\windows\system32\drivers\mbam.sys . ============= FINISH: 14:16:11.44 ===============
  5. It looks like I am no longer able to update MBAM. My last update was 11/21/12. A full scan at that point had nothing detected, but I ran a quick scan again with that version. MBAM log Malwarebytes Anti-Malware 1.65.1.1000 www.malwarebytes.org Database version: v2012.11.22.01 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 Jess :: JESSICA700M [administrator] 11/23/2012 10:28:03 AM mbam-log-2012-11-23 (10-28-03).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 195956 Time elapsed: 9 minute(s), 22 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) DDS.txt DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 8.0.6001.18702 Run by Jess at 23:10:19 on 2012-11-22 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1262.401 [GMT -5:00] . AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} . ============== Running Processes ================ . \??\C:\PROGRA~1\AVG\AVG2012\avgrsx.exe \??\C:\Program Files\AVG\AVG2012\avgcsrvx.exe C:\WINDOWS\system32\S24EvMon.exe C:\WINDOWS\system32\ZCfgSvc.exe C:\WINDOWS\System32\WLTRYSVC.EXE C:\WINDOWS\System32\bcmwltry.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\1XConfig.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\system32\igfxsrvc.exe C:\WINDOWS\system32\WLTRAY.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe C:\Program Files\AVG Secure Search\vprot.exe C:\Program Files\AVG\AVG2012\avgtray.exe C:\Program Files\Skype\Phone\Skype.exe C:\Documents and Settings\Jess\Local Settings\Application Data\Akamai\netsession_win.exe C:\WINDOWS\system32\ctfmon.exe C:\Documents and Settings\Jess\Local Settings\Application Data\Akamai\netsession_win.exe C:\Documents and Settings\Jess\Application Data\Dropbox\bin\Dropbox.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\AVG\AVG2012\avgwdsvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\system32\RegSrvc.exe C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe C:\Program Files\AVG\AVG2012\avgnsx.exe C:\Program Files\Seagate\Seagate Dashboard\MemeoDashboard.exe C:\Program Files\AVG\AVG2012\avgemcx.exe C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe C:\Program Files\AVG\AVG2012\avgidsagent.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\Program Files\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\System32\alg.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\WINDOWS\notepad.exe C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k NetworkService C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\system32\svchost.exe -k imgsvc . ============== Pseudo HJT Report =============== . uStart Page = hxxps://isearch.avg.com/?cid={E74EDDFE-758D-4E95-8608-AF6E40959D9E}&mid=3b0b2e00938547d085a526531fe9b5d6-f54db5c9b71f6d133d90889d918be46c29a3e7a7〈=en&ds=AVG&pr=fr&d=2012-06-27 22:04:12&v=12.2.5.32&sap=hp uInternet Connection Wizard,ShellNext = hxxp://www.drivermax.com/index2.htm BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - c:\program files\avg\avg2012\avgssie.dll BHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg secure search\12.2.5.32\AVG Secure Search_toolbar.dll TB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file> TB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg secure search\12.2.5.32\AVG Secure Search_toolbar.dll uRun: [skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun uRun: [Akamai NetSession Interface] "c:\documents and settings\jess\local settings\application data\akamai\netsession_win.exe" uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe mRun: [igfxtray] c:\windows\system32\igfxtray.exe mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe mRun: [igfxpers] c:\windows\system32\igfxpers.exe mRun: [broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [WorksFUD] c:\program files\microsoft works\wkfud.exe mRun: [Microsoft Works Portfolio] c:\program files\microsoft works\WksSb.exe /AllUsers mRun: [Microsoft Works Update Detection] c:\program files\common files\microsoft shared\works shared\WkUFind.exe mRun: [ZCfgSvc.exe] c:\windows\system32\ZCfgSvc.exe mRun: [vProt] "c:\program files\avg secure search\vprot.exe" mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe" mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime mRun: [seagate Dashboard] c:\program files\seagate\seagate dashboard\MemeoLauncher.exe --silent --no_ui mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [ROC_ROC_JULY_P1] "c:\program files\avg secure search\ROC_ROC_JULY_P1.exe" / /PROMPT /CMPID=ROC_JULY_P1 mRun: [KernelFaultCheck] c:\windows\system32\dumprep 0 -k StartupFolder: c:\docume~1\jess\startm~1\programs\startup\dropbox.lnk - c:\documents and settings\jess\application data\dropbox\bin\Dropbox.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~2.lnk - c:\program files\microsoft office\office10\OSA.EXE uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1 IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe TCP: NameServer = 192.168.1.1 TCP: Interfaces\{253B1A57-04A1-4DAE-B49C-F17A10CC0988} : DHCPNameServer = 192.168.1.1 Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\12.2.6\ViProtocol.dll Notify: igfxcui - igfxdev.dll Notify: Sebring - c:\windows\system32\LgNotify.dll . ================= FIREFOX =================== . FF - ProfilePath - c:\documents and settings\jess\application data\mozilla\firefox\profiles\x3tcajz3.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxps://accounts.google.com/ServiceLogin?continue=http://www.google.com/ig%3Fhl%3Den&followup=http://www.google.com/ig%3Fhl%3Den&service=ig&passive=true&cd=US&hl=en&nui=1&ltmpl=default FF - prefs.js: keyword.URL - hxxp://www.goodsearch.com/search.aspx?toolbarcharity=___toolbarcharity___&id=goodsearchtb&v=2_0&keywords= FF - plugin: c:\progra~1\palm\packag~1\NPInstal.dll FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll FF - plugin: c:\program files\common files\avg secure search\sitesafetyinstaller\13.2.0\npsitesafety.dll FF - plugin: c:\program files\google\picasa3\npPicasa3.dll FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_4_402_287.dll . ============= SERVICES / DRIVERS =============== . R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-4-19 24896] R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2012-1-31 31952] R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2012-2-22 237408] R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-12-23 41040] R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2012-3-19 301920] R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2012-9-3 26984] R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\avgidsagent.exe [2012-8-13 5167736] R2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2012-2-14 193288] R2 SeagateDashboardService;Seagate Dashboard Service;c:\program files\seagate\seagate dashboard\SeagateDashboardService.exe [2011-6-1 14088] R2 vToolbarUpdater13.2.0;vToolbarUpdater13.2.0;c:\program files\common files\avg secure search\vtoolbarupdater\13.2.0\ToolbarUpdater.exe [2012-11-8 711112] R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2011-12-23 139856] R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\avgidsfilterx.sys [2011-12-23 24144] R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2011-12-23 17232] R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2012-11-21 40776] S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-6-7 160944] . =============== Created Last 30 ================ . . ==================== Find3M ==================== . 2012-11-08 18:24:19 26984 ----a-w- c:\windows\system32\drivers\avgtpx86.sys 2012-10-22 08:37:31 1866368 ----a-w- c:\windows\system32\win32k.sys 2012-10-09 21:44:24 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-10-09 21:44:23 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-10-02 18:04:21 58368 ----a-w- c:\windows\system32\synceng.dll 2012-09-29 23:54:26 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-08-28 15:14:53 916992 ----a-w- c:\windows\system32\wininet.dll 2012-08-28 15:14:53 43520 ------w- c:\windows\system32\licmgr10.dll 2012-08-28 15:14:52 1469440 ------w- c:\windows\system32\inetcpl.cpl 2012-08-28 12:07:15 385024 ------w- c:\windows\system32\html.iec . ============= FINISH: 23:11:04.90 =============== Attach.txt . DDS (Ver_2012-11-20.01) . Microsoft Windows XP Professional Boot Device: \Device\HarddiskVolume1 Install Date: 5/14/2012 12:28:46 AM System Uptime: 11/20/2012 1:48:47 PM (58 hours ago) . Motherboard: DELL SYSTEM | | Inspiron 700m Processor: Intel® Pentium® M processor 1.60GHz | U1 | 1195/mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 56 GiB total, 9.348 GiB free. D: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP88: 8/28/2012 8:58:03 PM - System Checkpoint RP89: 8/30/2012 7:08:56 PM - System Checkpoint RP90: 9/2/2012 3:44:02 PM - System Checkpoint RP91: 9/6/2012 10:59:45 PM - System Checkpoint RP92: 9/9/2012 12:05:09 PM - System Checkpoint RP93: 9/10/2012 3:26:56 PM - System Checkpoint RP94: 9/11/2012 9:45:23 PM - System Checkpoint RP95: 9/11/2012 11:31:44 PM - Software Distribution Service 3.0 RP96: 9/15/2012 8:19:27 PM - System Checkpoint RP97: 9/20/2012 6:53:09 PM - System Checkpoint RP98: 9/22/2012 7:47:09 PM - Software Distribution Service 3.0 RP99: 9/23/2012 7:57:37 PM - System Checkpoint RP100: 9/24/2012 8:51:49 PM - System Checkpoint RP101: 9/25/2012 11:19:48 PM - System Checkpoint RP102: 10/2/2012 12:44:06 AM - System Checkpoint RP103: 10/3/2012 8:46:44 PM - System Checkpoint RP104: 10/4/2012 11:26:11 PM - System Checkpoint RP105: 10/6/2012 2:08:09 PM - System Checkpoint RP106: 10/8/2012 8:48:25 PM - System Checkpoint RP107: 10/9/2012 9:25:20 PM - System Checkpoint RP108: 10/9/2012 10:51:03 PM - Software Distribution Service 3.0 RP109: 10/12/2012 5:58:16 PM - System Checkpoint RP110: 10/19/2012 8:40:02 PM - System Checkpoint RP111: 10/20/2012 8:42:43 PM - System Checkpoint RP112: 10/21/2012 9:21:47 PM - System Checkpoint RP113: 10/23/2012 1:48:25 PM - System Checkpoint RP114: 10/24/2012 3:05:19 PM - System Checkpoint RP115: 10/25/2012 4:11:34 PM - System Checkpoint RP116: 10/26/2012 4:45:51 PM - System Checkpoint RP117: 10/27/2012 10:27:38 PM - System Checkpoint RP118: 10/31/2012 4:59:19 PM - System Checkpoint RP119: 11/1/2012 7:07:03 PM - System Checkpoint RP120: 11/4/2012 4:23:12 PM - System Checkpoint RP121: 11/6/2012 2:48:52 PM - System Checkpoint RP122: 11/7/2012 4:33:37 PM - System Checkpoint RP123: 11/8/2012 8:59:26 PM - System Checkpoint RP124: 11/9/2012 9:53:05 PM - System Checkpoint RP125: 11/10/2012 10:22:40 PM - System Checkpoint RP126: 11/12/2012 6:01:27 PM - System Checkpoint RP127: 11/13/2012 6:33:53 PM - System Checkpoint RP128: 11/14/2012 12:02:18 PM - Software Distribution Service 3.0 RP129: 11/15/2012 12:24:44 PM - System Checkpoint RP130: 11/17/2012 5:00:56 PM - System Checkpoint RP131: 11/18/2012 8:50:52 PM - System Checkpoint RP132: 11/20/2012 5:17:18 PM - System Checkpoint RP133: 11/21/2012 11:34:50 AM - Removed Shutterfly Express Uploader RP134: 11/21/2012 11:37:23 AM - Removed Google SketchUp 8 RP135: 11/22/2012 12:03:38 PM - System Checkpoint . ==== Installed Programs ====================== . 7200 7200_Help 7200Trb Adobe AIR Adobe Flash Player 11 Plugin Adobe Reader X (10.1.4) AiO_Scan AiOSoftware Akamai NetSession Interface Apple Application Support Apple Mobile Device Support Apple Software Update AVG 2012 Bonjour Broadcom 440x 10/100 Integrated Controller Broadcom Management Programs BufferChm C-Major Audio Conexant D480 MDC V.92 Modem Crash Analysis Tool Dell Wireless WLAN Card Destinations Digital Line Detect Director Dropbox Family Tree Maker 2005 Fax Hewlett-Packard ACLM.NET v1.1.0.0 Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Hotfix for Windows XP (KB2633952) Hotfix for Windows XP (KB2756822) Hotfix for Windows XP (KB952287) Hotfix for Windows XP (KB954550-v5) Hotfix for Windows XP (KB961118) Hotfix for Windows XP (KB981793) HP Image Zone 4.7 HP Image Zone Express HP Product Assistant HP Product Detection HP PSC & OfficeJet 4.7 HP Update HPSystemDiagnostics Intel® Extreme Graphics 2 Driver Intel® PROSet iSEEK AnswerWorks English Runtime iTunes Malwarebytes Anti-Malware version 1.65.1.1000 Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.5 SP1 Microsoft Silverlight Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Word 2002 Microsoft Works 2002 Setup Launcher Microsoft Works 6.0 Modem Helper Mozilla Firefox 16.0.2 (x86 en-US) Mozilla Maintenance Service MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MSXML 6 Service Pack 2 (KB973686) OpenOffice.org 3.4 Palm Desktop by ACCESS Photobook Designer Picasa 3 ProductContext QFolder Quicken 2012 QuickTime Readme Scan ScannerCopy Seagate Dashboard Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424) Security Update for Microsoft Windows (KB2564958) Security Update for Windows Internet Explorer 8 (KB2510531) Security Update for Windows Internet Explorer 8 (KB2544521) Security Update for Windows Internet Explorer 8 (KB2618444) Security Update for Windows Internet Explorer 8 (KB2647516) Security Update for Windows Internet Explorer 8 (KB2675157) Security Update for Windows Internet Explorer 8 (KB2699988) Security Update for Windows Internet Explorer 8 (KB2722913) Security Update for Windows Internet Explorer 8 (KB2744842) Security Update for Windows Internet Explorer 8 (KB982381) Security Update for Windows Media Player (KB2378111) Security Update for Windows Media Player (KB952069) Security Update for Windows Media Player (KB954155) Security Update for Windows Media Player (KB973540) Security Update for Windows Media Player (KB975558) Security Update for Windows Media Player (KB978695) Security Update for Windows Media Player (KB979402) Security Update for Windows XP (KB2079403) Security Update for Windows XP (KB2115168) Security Update for Windows XP (KB2229593) Security Update for Windows XP (KB2296011) Security Update for Windows XP (KB2347290) Security Update for Windows XP (KB2360937) Security Update for Windows XP (KB2387149) Security Update for Windows XP (KB2393802) Security Update for Windows XP (KB2419632) Security Update for Windows XP (KB2423089) Security Update for Windows XP (KB2440591) Security Update for Windows XP (KB2443105) Security Update for Windows XP (KB2476490) Security Update for Windows XP (KB2478960) Security Update for Windows XP (KB2478971) Security Update for Windows XP (KB2479943) Security Update for Windows XP (KB2481109) Security Update for Windows XP (KB2483185) Security Update for Windows XP (KB2485663) Security Update for Windows XP (KB2506212) Security Update for Windows XP (KB2507618) Security Update for Windows XP (KB2507938) Security Update for Windows XP (KB2508429) Security Update for Windows XP (KB2509553) Security Update for Windows XP (KB2510581) Security Update for Windows XP (KB2535512) Security Update for Windows XP (KB2536276-v2) Security Update for Windows XP (KB2544521) Security Update for Windows XP (KB2544893-v2) Security Update for Windows XP (KB2566454) Security Update for Windows XP (KB2570947) Security Update for Windows XP (KB2584146) Security Update for Windows XP (KB2585542) Security Update for Windows XP (KB2592799) Security Update for Windows XP (KB2598479) Security Update for Windows XP (KB2603381) Security Update for Windows XP (KB2618451) Security Update for Windows XP (KB2619339) Security Update for Windows XP (KB2620712) Security Update for Windows XP (KB2621440) Security Update for Windows XP (KB2624667) Security Update for Windows XP (KB2631813) Security Update for Windows XP (KB2646524) Security Update for Windows XP (KB2653956) Security Update for Windows XP (KB2655992) Security Update for Windows XP (KB2659262) Security Update for Windows XP (KB2661637) Security Update for Windows XP (KB2675157) Security Update for Windows XP (KB2676562) Security Update for Windows XP (KB2685939) Security Update for Windows XP (KB2686509) Security Update for Windows XP (KB2691442) Security Update for Windows XP (KB2695962) Security Update for Windows XP (KB2698365) Security Update for Windows XP (KB2705219) Security Update for Windows XP (KB2707511) Security Update for Windows XP (KB2709162) Security Update for Windows XP (KB2712808) Security Update for Windows XP (KB2718523) Security Update for Windows XP (KB2719985) Security Update for Windows XP (KB2723135) Security Update for Windows XP (KB2724197) Security Update for Windows XP (KB2727528) Security Update for Windows XP (KB2731847) Security Update for Windows XP (KB2761226) Security Update for Windows XP (KB923561) Security Update for Windows XP (KB923789) Security Update for Windows XP (KB946648) Security Update for Windows XP (KB950762) Security Update for Windows XP (KB950974) Security Update for Windows XP (KB951376-v2) Security Update for Windows XP (KB951748) Security Update for Windows XP (KB952004) Security Update for Windows XP (KB952954) Security Update for Windows XP (KB955069) Security Update for Windows XP (KB956572) Security Update for Windows XP (KB956744) Security Update for Windows XP (KB956802) Security Update for Windows XP (KB956803) Security Update for Windows XP (KB956844) Security Update for Windows XP (KB958644) Security Update for Windows XP (KB958869) Security Update for Windows XP (KB959426) Security Update for Windows XP (KB960225) Security Update for Windows XP (KB960803) Security Update for Windows XP (KB960859) Security Update for Windows XP (KB961501) Security Update for Windows XP (KB969059) Security Update for Windows XP (KB970238) Security Update for Windows XP (KB970430) Security Update for Windows XP (KB971468) Security Update for Windows XP (KB971657) Security Update for Windows XP (KB972270) Security Update for Windows XP (KB973507) Security Update for Windows XP (KB973869) Security Update for Windows XP (KB973904) Security Update for Windows XP (KB974112) Security Update for Windows XP (KB974318) Security Update for Windows XP (KB974392) Security Update for Windows XP (KB974571) Security Update for Windows XP (KB975025) Security Update for Windows XP (KB975467) Security Update for Windows XP (KB975560) Security Update for Windows XP (KB975561) Security Update for Windows XP (KB975562) Security Update for Windows XP (KB975713) Security Update for Windows XP (KB977816) Security Update for Windows XP (KB977914) Security Update for Windows XP (KB978037) Security Update for Windows XP (KB978338) Security Update for Windows XP (KB978542) Security Update for Windows XP (KB978601) Security Update for Windows XP (KB978706) Security Update for Windows XP (KB979309) Security Update for Windows XP (KB979482) Security Update for Windows XP (KB979559) Security Update for Windows XP (KB979683) Security Update for Windows XP (KB979687) Security Update for Windows XP (KB980195) Security Update for Windows XP (KB980218) Security Update for Windows XP (KB980232) Security Update for Windows XP (KB981322) Security Update for Windows XP (KB981997) Security Update for Windows XP (KB982132) Security Update for Windows XP (KB982381) Security Update for Windows XP (KB982665) Skype™ 5.10 Texas Instruments PCIxx20 drivers. TIPCIxx20 TrayApp Unload Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Windows Internet Explorer 8 (KB2598845) Update for Windows XP (KB2345886) Update for Windows XP (KB2467659) Update for Windows XP (KB2641690) Update for Windows XP (KB2661254-v2) Update for Windows XP (KB2718704) Update for Windows XP (KB2736233) Update for Windows XP (KB2749655) Update for Windows XP (KB951978) Update for Windows XP (KB955759) Update for Windows XP (KB967715) Update for Windows XP (KB968389) Update for Windows XP (KB971029) Update for Windows XP (KB971737) Update for Windows XP (KB973687) Update for Windows XP (KB973815) WebFldrs XP WebReg Windows Genuine Advantage Notifications (KB905474) Windows Imaging Component Windows Internet Explorer 8 Windows XP Service Pack 3 WinRAR 4.11 (32-bit) Works Suite OS Pack Works Synchronization . ==== Event Viewer Messages From Past Week ======== . 11/21/2012 3:58:40 PM, error: Tcpip [4199] - The system detected an address conflict for IP address 192.168.54.131 with the system having network hardware address BC:52:B7:58:34:DE. Network operations on this system may be disrupted as a result. 11/18/2012 2:13:29 PM, error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{F80A5669-AAFF-4B76-940C-3A42475B1E80} because another computer on the network has the same name. The server could not start. 11/17/2012 8:14:32 PM, error: Dhcp [1002] - The IP address lease 192.168.54.155 for the Network Card with network address 000F1FAF4311 has been denied by the DHCP server 192.168.54.1 (The DHCP Server sent a DHCPNACK message). 11/17/2012 2:22:23 PM, error: PSched [14103] - QoS [Adapter {253B1A57-04A1-4DAE-B49C-F17A10CC0988}]: The netcard driver failed the query for OID_GEN_LINK_SPEED. 11/17/2012 2:14:27 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume1'. It has stopped monitoring the volume. 11/15/2012 8:08:33 PM, error: Dhcp [1002] - The IP address lease 192.168.1.4 for the Network Card with network address 000CF14D6185 has been denied by the DHCP server 192.168.54.1 (The DHCP Server sent a DHCPNACK message). . ==== End Of File ===========================
  6. My computer started misbehaving after opening a link from a friend's hacked email account. I received an email with my name in the subject line and what a link to what appeared to be a news article. Losing the desktop wallpaper photo was my first indication. Trouble accessing certain anti-virus sites seems to be another symptom. The questionable site is msnbc.msn.com-nbcnews9.net/jobs It seems to be an ad for a work-from-home scam disguised as a article about the best & worst jobs. None of the anti-virus/anti-malware software I have seems to have any information on this, but it appears the site was only created 5 days ago. I have run dds.com on my computer, but currently I am unable to sign on to this forum on that computer. Can I put the files (DDS.txt and Attach.txt) on a thumbdrive to move to another computer or do I risk infecting that computer as well?
  7. My computer started misbehaving after opening a link from a friend's hacked email account. I received an email with my name in the subject line and what a link to what appeared to be a news article. Losing the desktop wallpaper photo was my first indication. Trouble accessing certain anti-virus sites seems to be another symptom. The questionable site is msnbc.msn.com-nbcnews9.net/jobs It seems to be an ad for a work-from-home scam disguised as a article about the best & worst jobs. None of the anti-virus/anti-malware software I have seems to have any information on this, but it appears the site was only created 4 days ago. Has anyone else had trouble with this? Any idea why things are acting up?
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.