Jasonsan
-
Posts
35 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by Jasonsan
-
-
Do you understand that I cannot open MBAM at all? Because of Error 372 I mentioned previously there's nothing visible for me to view or turn off.
Is there anyone there that is familiar with this issue that can provide a fix? Thanks
-
mbam-check result log version: 1.10.0.1000
Malwarebytes Version: REG_SZ 1.70.0.1100
Date Log Created: 01/25/13
Time Log Created: 21:05:09
32 bit Operating System
Product Name: REG_SZ Microsoft Windows XP
Current Build Number: 2600
Current Version Number: 5.1
Current CSDVersion: Service Pack 3
OS Product Info: Professional
Proxy Status: No proxy is Set
LAN Settings:
=============
No Settings are Set <--NOT DETECTING SETTING AUTOMATICALLY
SystemPartition:
================
HKEY_LOCAL_MACHINE\SYSTEM\Setup\
SystemPartition REG_SZ \Device\HarddiskVolume1
Balloon Tips Status:
====================
Enabled
Time Format Settings:
=====================
Should be:
h:mm:ss tt
AM
PM
:
Currently:
REG_SZ h:mm:ss tt
REG_SZ AM
REG_SZ PM
REG_SZ :
Language and Regional Settings:
===============================
ACP: Language is English (United States)
MACCP: Language is English (United States)
OEMCP: Language is English (United States)
Startup Folders for Error_Expanding_Variables Check:
====================================================
All Users Startup Folder Exists.
Current User's startup Folder Exists.
Terminal Services Status for (null) entries in PM logs and GetUserToken errors:
===============================================================================
TERMService:
==============
Type : 32
State : 4 (The service is running.) (State is stopped)
WIN32_EXIT_CODE : 0
SERVICE_EXIT_CODE : 0
CHECKPOINT : 0
WAIT_HINT : 0
TermService Start is set to: 3 (Manual Startup)
Compatibility Flag Settings (Any MBAM file listings should be removed):
=======================================================================
Malwarebytes Anti-Malware Shell Extension Block Check:
======================================================
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Blocked
MBAM Startup Entries:
=====================
Service and Driver Status:
==========================
Can not open SC_HANDLE, Service not running for MBAMProtector
Can not open SC_HANDLE, Service not running for MBAMService
MBAMProtector Registry Values:
==============================
MBAMService Registry Values:
============================
MBAM DLL's and Runtime Files:
=============================
HKEY_CLASSES_ROOT\vbAcceleratorSGrid6.vbalGrid
(Default): REG_SZ vbAccelerator Grid Control
HKEY_CLASSES_ROOT\vbAcceleratorSGrid6.vbalGrid\Clsid
(Default): REG_SZ {C5DA1F2B-B2BF-4DFC-BC9A-439133543A67}
HKEY_CLASSES_ROOT\SSubTimer6.GSubclass
(Default): REG_SZ SSubTimer6.GSubclass
HKEY_CLASSES_ROOT\SSubTimer6.GSubclass\Clsid
(Default): REG_SZ {71A27032-C7D8-11D2-BEF8-525400DFB47A}
HKEY_CLASSES_ROOT\SSubTimer6.CTimer
(Default): REG_SZ SSubTimer6.CTimer
HKEY_CLASSES_ROOT\SSubTimer6.CTimer\Clsid
(Default): REG_SZ {71A27034-C7D8-11D2-BEF8-525400DFB47A}
HKEY_CLASSES_ROOT\SSubTimer6.ISubclass
(Default): REG_SZ SSubTimer6.ISubclass
HKEY_CLASSES_ROOT\SSubTimer6.ISubclass\Clsid
(Default): REG_SZ {71A2702F-C7D8-11D2-BEF8-525400DFB47A}
HKEY_CLASSES_ROOT\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}
(Default): REG_SZ SSubTimer6.ISubclass
HKEY_CLASSES_ROOT\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories
HKEY_CLASSES_ROOT\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}
HKEY_CLASSES_ROOT\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\ProgID
(Default): REG_SZ SSubTimer6.ISubclass
HKEY_CLASSES_ROOT\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\Programmable
HKEY_CLASSES_ROOT\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\TypeLib
(Default): REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A}
HKEY_CLASSES_ROOT\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\VERSION
(Default): REG_SZ 1.0
HKEY_CLASSES_ROOT\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}
(Default): REG_SZ SSubTimer6.GSubclass
HKEY_CLASSES_ROOT\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories
HKEY_CLASSES_ROOT\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}
HKEY_CLASSES_ROOT\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\InprocServer32
(Default): REG_SZ C:\Program Files\Malwarebytes' Anti-Malware\ssubtmr6.dll
ThreadingModel REG_SZ Apartment
HKEY_CLASSES_ROOT\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\ProgID
(Default): REG_SZ SSubTimer6.GSubclass
HKEY_CLASSES_ROOT\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\Programmable
HKEY_CLASSES_ROOT\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\TypeLib
(Default): REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A}
HKEY_CLASSES_ROOT\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\VERSION
(Default): REG_SZ 1.0
HKEY_CLASSES_ROOT\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}
(Default): REG_SZ SSubTimer6.CTimer
HKEY_CLASSES_ROOT\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories
HKEY_CLASSES_ROOT\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}
HKEY_CLASSES_ROOT\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\InprocServer32
(Default): REG_SZ C:\Program Files\Malwarebytes' Anti-Malware\ssubtmr6.dll
ThreadingModel REG_SZ Apartment
HKEY_CLASSES_ROOT\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\ProgID
(Default): REG_SZ SSubTimer6.CTimer
HKEY_CLASSES_ROOT\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\Programmable
HKEY_CLASSES_ROOT\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\TypeLib
(Default): REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A}
HKEY_CLASSES_ROOT\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\VERSION
(Default): REG_SZ 1.0
HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}
HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1
(Default): REG_SZ vbAccelerator VB6 SGrid Control 2.0
HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\0
HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\0\win32
(Default): REG_SZ C:\Program Files\Malwarebytes' Anti-Malware\vbalsgrid6.ocx
HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\FLAGS
(Default): REG_SZ 2
HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\HELPDIR
(Default): REG_SZ C:\Program Files\Malwarebytes' Anti-Malware
HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}
HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0
(Default): REG_SZ vbAccelerator VB6 Subclassing and Timer Assistant (with configurable message response, multi-control support + timer bug fix)
HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\0
HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\0\win32
(Default): REG_SZ C:\Program Files\Malwarebytes' Anti-Malware\ssubtmr6.dll
HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\FLAGS
(Default): REG_SZ 0
HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\HELPDIR
(Default): REG_SZ C:\Program Files\Malwarebytes' Anti-Malware
HKEY_CLASSES_ROOT\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}
(Default): REG_SZ ISubclass
HKEY_CLASSES_ROOT\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid
(Default): REG_SZ {00020424-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid32
(Default): REG_SZ {00020424-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}\TypeLib
(Default): REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A}
Version REG_SZ 1.0
HKEY_CLASSES_ROOT\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}
(Default): REG_SZ CTimer
HKEY_CLASSES_ROOT\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid
(Default): REG_SZ {00020420-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid32
(Default): REG_SZ {00020420-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}\TypeLib
(Default): REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A}
Version REG_SZ 1.0
HKEY_CLASSES_ROOT\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}
(Default): REG_SZ vbalGrid
HKEY_CLASSES_ROOT\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}\ProxyStubClsid
(Default): REG_SZ {00020420-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}\ProxyStubClsid32
(Default): REG_SZ {00020420-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}\TypeLib
(Default): REG_SZ {DE8CE233-DD83-481D-844C-C07B96589D3A}
Version REG_SZ 1.1
MBAM Registry Settings and License Info:
========================================
HKEY_LOCAL_MACHINE\SOFTWARE\Malwarebytes' Anti-Malware
advancedheuristics REG_DWORD 1
downloadprogram REG_DWORD 1
hidereg REG_DWORD 0
detectp2p REG_DWORD 0
detectpum REG_DWORD 1
detectpup REG_DWORD 2
updatewarn REG_DWORD 1
updatewarndays REG_DWORD 7
useproxy REG_DWORD 0
useauthentication REG_DWORD 0
contextmenu REG_DWORD 1
reportthreats REG_DWORD 1
startwithwindows REG_DWORD 1
startfsdisabled REG_DWORD 0
startipdisabled REG_DWORD 0
silentipmode REG_DWORD 0
autoquarantine REG_DWORD 1
notifyinstallprogram REG_DWORD 1
trialpromptshown REG_DWORD 0
autoquarantinenotify REG_DWORD 1
InstallPath REG_SZ C:\Program Files\Malwarebytes' Anti-Malware
dbdate REG_SZ Fri, 14 Dec 2012 20:56:34 GMT
dbversion REG_SZ v2012.12.14.11
programversion REG_SZ 1.70.0.1100
programbuild REG_SZ consumer
HKEY_LOCAL_MACHINE\SOFTWARE\Malwarebytes' Anti-Malware (Trial)
TrialId There is data here but it is hidden.
HKEY_CURRENT_USER\SOFTWARE\Malwarebytes' Anti-Malware
alwaysscanfiles REG_DWORD 1
alwaysscanheuristics REG_DWORD 1
alwaysscanmemory REG_DWORD 1
alwaysscanregistry REG_DWORD 1
alwaysscanstartups REG_DWORD 1
autosavelog REG_DWORD 1
openlog REG_DWORD 1
defaultscan REG_DWORD 0
terminateie REG_DWORD 0
Language REG_SZ English.lng
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Malwarebytes' Anti-Malware_is1
Inno Setup: Setup Version REG_SZ 5.5.3-dev (a)
Inno Setup: App Path REG_SZ C:\Program Files\Malwarebytes' Anti-Malware
InstallLocation REG_SZ C:\Program Files\Malwarebytes' Anti-Malware\
Inno Setup: Icon Group REG_SZ Malwarebytes' Anti-Malware
Inno Setup: User REG_SZ Jason
Inno Setup: Selected Tasks REG_SZ desktopicon,quicklaunchicon
Inno Setup: Deselected Tasks REG_DWORD 0
Inno Setup: Language REG_SZ English
DisplayName REG_SZ Malwarebytes Anti-Malware version 1.70.0.1100
DisplayIcon REG_SZ C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
UninstallString REG_SZ "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
QuietUninstallString REG_SZ "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" /SILENT
DisplayVersion REG_SZ 1.70.0.1100
Publisher REG_SZ Malwarebytes Corporation
URLInfoAbout REG_SZ http://www.malwarebytes.org
NoModify REG_DWORD 1
NoRepair REG_DWORD 1
InstallDate REG_SZ 20130124
MajorVersion REG_DWORD 1
MinorVersion REG_DWORD 70
Context Menu Entries:
=====================
HKEY_CLASSES_ROOT\AllFilesystemObjects\shellex\ContextMenuHandlers\MBAMShlExt
(Default): REG_SZ {57CE581A-0CB6-4266-9CA0-19364C90A0B3}
HKEY_CLASSES_ROOT\Folder\shellex\ContextMenuHandlers\MBAMShlExt
(Default): REG_SZ {57CE581A-0CB6-4266-9CA0-19364C90A0B3}
HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt
(Default): REG_SZ MBAMShlExt Class
HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt\CLSID
(Default): REG_SZ {57CE581A-0CB6-4266-9CA0-19364C90A0B3}
HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt\CurVer
(Default): REG_SZ MBAMExt.MBAMShlExt.1
HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt.1
(Default): REG_SZ MBAMShlExt Class
HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt.1\CLSID
(Default): REG_SZ {57CE581A-0CB6-4266-9CA0-19364C90A0B3}
HKEY_CLASSES_ROOT\Interface\{015FAC74-0374-494A-A02D-316D562C0FCE}
(Default): REG_SZ IMBAMShlExt
HKEY_CLASSES_ROOT\Interface\{015FAC74-0374-494A-A02D-316D562C0FCE}\ProxyStubClsid
(Default): REG_SZ {00020424-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{015FAC74-0374-494A-A02D-316D562C0FCE}\ProxyStubClsid32
(Default): REG_SZ {00020424-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{015FAC74-0374-494A-A02D-316D562C0FCE}\TypeLib
(Default): REG_SZ {AFF1A83B-6C83-4342-8E68-1648DE06CB65}
Version REG_SZ 1.0
HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}
(Default): REG_SZ MBAMShlExt Class
HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\InprocServer32
(Default): REG_SZ C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll
ThreadingModel REG_SZ Apartment
HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\ProgID
(Default): REG_SZ MBAMExt.MBAMShlExt.1
HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\TypeLib
(Default): REG_SZ {AFF1A83B-6C83-4342-8E68-1648DE06CB65}
HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\VersionIndependentProgID
(Default): REG_SZ MBAMExt.MBAMShlExt
HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}
HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0
(Default): REG_SZ MBAMExt 1.0 Type Library
HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\0
HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\0\win32
(Default): REG_SZ C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll
HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\FLAGS
(Default): REG_SZ 0
HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\HELPDIR
(Default): REG_SZ C:\Program Files\Malwarebytes' Anti-Malware\
MBAM Drivers:
=============
C:\WINDOWS\system32\drivers\mbam.sys File Size: 21104 BYTES FileVersion: 1.60.2.0
C:\WINDOWS\system32\drivers\mbamswissarmy.sys File Size: 40776 BYTES FileVersion: 1.60.0.0
Required Dependencies:
======================
fltmgr:
==============
Type : 2
State : 4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0
SERVICE_EXIT_CODE : 0
CHECKPOINT : 0
WAIT_HINT : 0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FltMgr
Type REG_DWORD 2
Start REG_DWORD 0
ErrorControl REG_DWORD 1
Tag REG_DWORD 4
ImagePath REG_EXPAND_SZ system32\DRIVERS\fltMgr.sys
DisplayName REG_SZ FltMgr
Group REG_SZ FSFilter Infrastructure
Description REG_SZ File System Filter Manager Driver
AttachWhenLoaded REG_DWORD 0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FltMgr\Security
Security REG_BINARY Binary Data
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FltMgr\Enum
0 REG_SZ Root\LEGACY_FLTMGR\0000
Count REG_DWORD 1
NextInstance REG_DWORD 1
C:\WINDOWS\system32\drivers\fltmgr.sys File Size: 129792 BYTES FileVersion: 5.1.2600.5512
C:\WINDOWS\system32\olepro32.dll File Size: 84992 BYTES FileVersion: 5.1.2600.5512
List of MBAM Related Directories:
=================================
C:\Program Files\Malwarebytes' Anti-Malware
changes.txt File Size: 2128 BYTES
license.rtf File Size: 17916 BYTES
mbam.chm File Size: 469873 BYTES
mbam.dll File Size: 508264 BYTES FileVersion: 1.70.0.0
mbam.exe File Size: 824232 BYTES FileVersion: 1.70.0.9
mbamcore.dll File Size: 1091432 BYTES FileVersion: 1.70.0.0
mbamext.dll File Size: 79208 BYTES FileVersion: 1.70.0.0
mbamgui.exe File Size: 512360 BYTES FileVersion: 1.70.0.0
mbamnet.dll File Size: 2171240 BYTES FileVersion: 1.70.0.0
mbampt.exe File Size: 38248 BYTES FileVersion: 1.70.0.0
mbamscheduler.exe File Size: 398184 BYTES FileVersion: 1.70.0.0
mbamservice.exe File Size: 682344 BYTES FileVersion: 1.70.0.0
ssubtmr6.dll File Size: 46416 BYTES FileVersion: 1.1.0.3
unins000.dat File Size: 14410 BYTES
unins000.exe File Size: 710504 BYTES FileVersion: 51.52.0.0
unins000.msg File Size: 11277 BYTES
vbalsgrid6.ocx File Size: 496976 BYTES FileVersion: 2.0.0.40
C:\Program Files\Malwarebytes' Anti-Malware\Chameleon
chameleon.chm File Size: 186068 BYTES
firefox.com File Size: 216424 BYTES
firefox.exe File Size: 216424 BYTES
firefox.pif File Size: 216424 BYTES
firefox.scr File Size: 216424 BYTES
iexplore.exe File Size: 216424 BYTES
mbam-chameleon.com File Size: 216424 BYTES
mbam-chameleon.exe File Size: 216424 BYTES
mbam-chameleon.pif File Size: 216424 BYTES
mbam-chameleon.scr File Size: 216424 BYTES
mbam-killer.exe File Size: 894312 BYTES
rundll32.exe File Size: 216424 BYTES
svchost.exe File Size: 216424 BYTES
winlogon.exe File Size: 216424 BYTES
C:\Program Files\Malwarebytes' Anti-Malware\Languages
arabic.lng File Size: 21728 BYTES
belarusian.lng File Size: 26766 BYTES
bosnian.lng File Size: 26988 BYTES
bulgarian.lng File Size: 27400 BYTES
catalan.lng File Size: 28114 BYTES
chineseSI.lng File Size: 10970 BYTES
chineseTR.lng File Size: 11894 BYTES
croatian.lng File Size: 26576 BYTES
czech.lng File Size: 24682 BYTES
danish.lng File Size: 26434 BYTES
dutch.lng File Size: 28142 BYTES
english.lng File Size: 24418 BYTES
estonian.lng File Size: 25014 BYTES
finnish.lng File Size: 25770 BYTES
french.lng File Size: 29674 BYTES
german.lng File Size: 29698 BYTES
greek.lng File Size: 29116 BYTES
hebrew.lng File Size: 19202 BYTES
hungarian.lng File Size: 28430 BYTES
italian.lng File Size: 28022 BYTES
japanese.lng File Size: 16140 BYTES
korean.lng File Size: 14096 BYTES
latvian.lng File Size: 26916 BYTES
lithuanian.lng File Size: 27664 BYTES
macedonian.lng File Size: 28864 BYTES
norwegian.lng File Size: 24978 BYTES
polish.lng File Size: 26484 BYTES
portugueseBR.lng File Size: 28544 BYTES
portuguesePT.lng File Size: 28904 BYTES
romanian.lng File Size: 28090 BYTES
russian.lng File Size: 27134 BYTES
serbian.lng File Size: 26662 BYTES
slovak.lng File Size: 25486 BYTES
slovenian.lng File Size: 24696 BYTES
spanish.lng File Size: 29902 BYTES
swedish.lng File Size: 25800 BYTES
thai.lng File Size: 25884 BYTES
turkish.lng File Size: 25800 BYTES
vietnamese.lng File Size: 29400 BYTES
C:\Documents and Settings\Jason\Application Data\Malwarebytes\Malwarebytes' Anti-Malware
C:\Documents and Settings\Jason\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs
C:\Documents and Settings\Jason\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine
===============================================================
END OF FILE
-
I also attempted to do a system restore to back when computer was working normally but after it restarted computer said it was unable to restore to previous state.
-
MBAM setup completed with 5 errors at the end. Then it would try to open it and that ieframe.dll error came up 5 times.
So yes it appeared to complete
No I'm not able to simply start MBAM. Every time I try I get the same Run time error 372. Failed to load control 'Webbrowser' from ieframe.dll...
I do not have the PRO license for MBAM because I want to get the regular version working first.
Is it possible that I need to update visual basic system files?
-
I get the same errors as before and still cannot run malwarebytes.
-
The same error also popped up again when it tried to copy the file:
"The process cannot access the file because it is being used by another process."
After that it the program finishes and disappears
-
Not sure if it attached properly but the error was:
RegSvr32
DLLUnregisterServer in ieframe.dll failed.
Return code was: 0x80004001
In the command prompt it said Access is denied after windows\system32\ieframe.dll
Then it went to Documents and settings\jason\desktop>regsvr32 /u ieframe.dll
-
I was able to run the fix.bat up until this point and got the following error which prevented it from finishing. I'm not sure how to paste pictures here so I just attached the screenshot of the error I got as a jpg file. What now?
-
SystemLook 30.07.11 by jpshortstuff
Log created at 21:04 on 22/01/2013 by Jason
Administrator - Elevation successful
========== filefind ==========
Searching for "ieframe.dll"
C:\WINDOWS\$hf_mig$\KB2530548-IE8\SP3QFE\ieframe.dll --a---- 11083776 bytes [19:23 07/08/2011] [16:09 25/04/2011] A1089F1F506A56E6C3B047ED61B205C5
C:\WINDOWS\$hf_mig$\KB2559049-IE8\SP3QFE\ieframe.dll --a---- 11083776 bytes [05:03 25/06/2011] [05:03 25/06/2011] 87A15EF9AE97787B6D1BBEBC20185D27
C:\WINDOWS\$hf_mig$\KB2586448-IE8\SP3QFE\ieframe.dll --a---- 11084288 bytes [19:38 12/10/2011] [23:47 22/08/2011] C7D32F283994CC77DE43AD34FCBEA60D
C:\WINDOWS\$hf_mig$\KB2618444-IE8\SP3QFE\ieframe.dll --a---- 11083776 bytes [19:19 05/11/2011] [19:19 05/11/2011] F9372AB72020156C79B7A92AD4A1078D
C:\WINDOWS\$hf_mig$\KB2647516-IE8\SP3QFE\ieframe.dll --a---- 11085312 bytes [21:04 15/02/2012] [19:45 17/12/2011] 7091AE89663C1A89E4F8C46AD266557E
C:\WINDOWS\$hf_mig$\KB2675157-IE8\SP3QFE\ieframe.dll --a---- 11085312 bytes [23:10 11/04/2012] [10:58 01/03/2012] 74E6BFB8EC949380A917F2B49D4539D2
C:\WINDOWS\$hf_mig$\KB2699988-IE8\SP3QFE\ieframe.dll --a---- 11112960 bytes [00:25 13/06/2012] [14:41 11/05/2012] CB63D1090F09DD306D2FF2E2C2770664
C:\WINDOWS\$hf_mig$\KB2722913-IE8\SP3QFE\ieframe.dll --a---- 11112960 bytes [01:52 16/08/2012] [17:48 02/07/2012] D6B7593EE88D0419AB3B3A4C2DD8CAD5
C:\WINDOWS\$hf_mig$\KB2744842-IE8\SP3QFE\ieframe.dll --a---- 11113472 bytes [02:10 22/09/2012] [15:13 28/08/2012] 0AEF74EA3115E8E2477578531390432D
C:\WINDOWS\$hf_mig$\KB2761465-IE8\SP3QFE\ieframe.dll --a---- 11113472 bytes [05:55 12/12/2012] [12:15 01/11/2012] 8002527BBF49C028AD5FA866D66768B4
C:\WINDOWS\$hf_mig$\KB982381-IE8\SP3QFE\ieframe.dll --a---- 11078144 bytes [19:23 07/08/2011] [20:06 06/05/2010] 829BC36DEC43E7A9F53E826BAC991540
C:\WINDOWS\ie8updates\KB2530548-IE8\ieframe.dll -----c- 11076096 bytes [19:23 07/08/2011] [10:41 06/05/2010] 4939E99C1B61017E37A006EEC2E7632D
C:\WINDOWS\ie8updates\KB2559049-IE8\ieframe.dll -----c- 11081728 bytes [01:46 11/08/2011] [14:11 26/04/2011] AF61826B82DE7B95D5DB8EE075A172D2
C:\WINDOWS\ie8updates\KB2586448-IE8\ieframe.dll -----c- 11081728 bytes [00:12 13/10/2011] [18:36 23/06/2011] BE835135871C04F58E7911934628B58F
C:\WINDOWS\ie8updates\KB2618444-IE8\ieframe.dll -----c- 11081728 bytes [01:55 16/12/2011] [21:48 23/08/2011] 0217CD51D55CA3E693A682664D3DE2BF
C:\WINDOWS\ie8updates\KB2647516-IE8\ieframe.dll -----c- 11081728 bytes [02:34 16/02/2012] [19:20 04/11/2011] 0B8FB29CDA02015448C9F5260A013F19
C:\WINDOWS\ie8updates\KB2675157-IE8\ieframe.dll -----c- 11082240 bytes [02:02 12/04/2012] [19:46 18/12/2011] 2C849EF63C0086287E427BF65FC64D09
C:\WINDOWS\ie8updates\KB2699988-IE8\ieframe.dll -----c- 11082752 bytes [02:41 13/06/2012] [10:01 02/03/2012] 119224478F77BEBDC36368E346D39B0C
C:\WINDOWS\ie8updates\KB2722913-IE8\ieframe.dll -----c- 11111424 bytes [01:59 16/08/2012] [00:12 12/05/2012] 3618313F7DFB605571A48FCF55D7868F
C:\WINDOWS\ie8updates\KB2744842-IE8\ieframe.dll -----c- 11111424 bytes [02:26 22/09/2012] [03:19 03/07/2012] CE5BC065C74C0A49486664CF71E0CA0A
C:\WINDOWS\ie8updates\KB2761465-IE8\ieframe.dll -----c- 11111424 bytes [08:10 12/12/2012] [00:44 29/08/2012] D573DEB87CB2DF4E5116D2A4E284EAB4
C:\WINDOWS\ie8updates\KB982381-IE8\ieframe.dll -----c- 11063808 bytes [19:23 07/08/2011] [08:39 08/03/2009] 729DA5D23A9AD20A6AA353156A126420
C:\WINDOWS\SoftwareDistribution\Download\730e51ab61fc82e473594dd494abebf2\SP3GDR\ieframe.dll --a---- 11081728 bytes [14:11 26/04/2011] [14:11 26/04/2011] AF61826B82DE7B95D5DB8EE075A172D2
C:\WINDOWS\SoftwareDistribution\Download\730e51ab61fc82e473594dd494abebf2\SP3QFE\ieframe.dll --a---- 11083776 bytes [19:22 07/08/2011] [16:09 25/04/2011] A1089F1F506A56E6C3B047ED61B205C5
C:\WINDOWS\SoftwareDistribution\Download\e9e3bc7b49018c1f53cc0d1bd73cad37\SP3GDR\ieframe.dll --a---- 11076096 bytes [19:22 07/08/2011] [10:41 06/05/2010] 4939E99C1B61017E37A006EEC2E7632D
C:\WINDOWS\SoftwareDistribution\Download\e9e3bc7b49018c1f53cc0d1bd73cad37\SP3QFE\ieframe.dll --a---- 11078144 bytes [20:06 06/05/2010] [20:06 06/05/2010] 829BC36DEC43E7A9F53E826BAC991540
C:\WINDOWS\system32\ieframe.dll --a---- 11111424 bytes [08:39 08/03/2009] [12:17 01/11/2012] 903C8C110131B8A71501514B61A17761
C:\WINDOWS\system32\dllcache\ieframe.dll -----c- 11111424 bytes [19:23 07/08/2011] [12:17 01/11/2012] 903C8C110131B8A71501514B61A17761
-= EOF =-
-
I still can't run Malwarebytes. I get the same exact error as before: ""Run time error '372.' Failed to load control 'WebBrowser' from ieframe.dll. Your version of ieframe may be outdated. Make sure you are using the version of this control that was provided with the application." What else do I do at this point?
-
23:55:17.0828 2068 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
23:55:18.0109 2068 ============================================================
23:55:18.0109 2068 Current date / time: 2013/01/20 23:55:18.0109
23:55:18.0109 2068 SystemInfo:
23:55:18.0109 2068
23:55:18.0109 2068 OS Version: 5.1.2600 ServicePack: 3.0
23:55:18.0109 2068 Product type: Workstation
23:55:18.0109 2068 ComputerName: JASON-33450E334
23:55:18.0109 2068 UserName: Jason
23:55:18.0109 2068 Windows directory: C:\WINDOWS
23:55:18.0109 2068 System windows directory: C:\WINDOWS
23:55:18.0109 2068 Processor architecture: Intel x86
23:55:18.0109 2068 Number of processors: 2
23:55:18.0109 2068 Page size: 0x1000
23:55:18.0109 2068 Boot type: Normal boot
23:55:18.0109 2068 ============================================================
23:55:18.0515 2068 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
23:55:18.0515 2068 ============================================================
23:55:18.0515 2068 \Device\Harddisk0\DR0:
23:55:18.0515 2068 MBR partitions:
23:55:18.0515 2068 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x254297C1
23:55:18.0515 2068 ============================================================
23:55:18.0546 2068 C: <-> \Device\Harddisk0\DR0\Partition1
23:55:18.0546 2068 ============================================================
23:55:18.0546 2068 Initialize success
23:55:18.0546 2068 ============================================================
23:55:30.0984 2368 ============================================================
23:55:30.0984 2368 Scan started
23:55:30.0984 2368 Mode: Manual;
23:55:30.0984 2368 ============================================================
23:55:31.0078 2368 ================ Scan system memory ========================
23:55:31.0078 2368 System memory - ok
23:55:31.0078 2368 ================ Scan services =============================
23:55:31.0250 2368 [ 149A8F7ADF9742554DC323E290551E3E ] Aavmker4 C:\WINDOWS\system32\drivers\Aavmker4.sys
23:55:31.0250 2368 Aavmker4 - ok
23:55:31.0250 2368 Abiosdsk - ok
23:55:31.0265 2368 abp480n5 - ok
23:55:31.0296 2368 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
23:55:31.0296 2368 ACPI - ok
23:55:31.0328 2368 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
23:55:31.0328 2368 ACPIEC - ok
23:55:31.0421 2368 [ 76D5A3D2A50402A0B9B6ED13C4371E79 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
23:55:31.0421 2368 AdobeFlashPlayerUpdateSvc - ok
23:55:31.0421 2368 adpu160m - ok
23:55:31.0484 2368 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
23:55:31.0484 2368 aec - ok
23:55:31.0531 2368 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
23:55:31.0531 2368 AFD - ok
23:55:31.0546 2368 Aha154x - ok
23:55:31.0546 2368 aic78u2 - ok
23:55:31.0546 2368 aic78xx - ok
23:55:31.0578 2368 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
23:55:31.0578 2368 Alerter - ok
23:55:31.0625 2368 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
23:55:31.0625 2368 ALG - ok
23:55:31.0625 2368 AliIde - ok
23:55:31.0671 2368 [ EFBB0956BAED786E137351B5CA272AEF ] AmdK8 C:\WINDOWS\system32\DRIVERS\AmdK8.sys
23:55:31.0671 2368 AmdK8 - ok
23:55:31.0718 2368 [ AD8FA28D8ED0D0A689A0559085CE0F18 ] AmdLLD C:\WINDOWS\system32\DRIVERS\AmdLLD.sys
23:55:31.0718 2368 AmdLLD - ok
23:55:31.0718 2368 amsint - ok
23:55:31.0750 2368 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
23:55:31.0750 2368 AppMgmt - ok
23:55:31.0765 2368 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
23:55:31.0781 2368 Arp1394 - ok
23:55:31.0781 2368 asc - ok
23:55:31.0781 2368 asc3350p - ok
23:55:31.0781 2368 asc3550 - ok
23:55:31.0812 2368 [ 9D8CB58B9A9E177DDD599791A58A654D ] AsIO C:\WINDOWS\system32\drivers\AsIO.sys
23:55:31.0812 2368 AsIO - ok
23:55:31.0828 2368 [ E67493490466B5F04B58C22D2590E8CA ] AsUpIO C:\WINDOWS\system32\drivers\AsUpIO.sys
23:55:31.0828 2368 AsUpIO - ok
23:55:31.0859 2368 [ DE6ED95AEF259979B2830450072A627B ] aswFsBlk C:\WINDOWS\system32\drivers\aswFsBlk.sys
23:55:31.0859 2368 aswFsBlk - ok
23:55:31.0875 2368 [ CCAFDA4AB7F3738142B3BA7DA311FFB0 ] aswFW C:\WINDOWS\system32\drivers\aswFW.sys
23:55:31.0875 2368 aswFW - ok
23:55:31.0921 2368 [ E2FEE0486D68BF85355D3EDA1A24FF68 ] aswKbd C:\WINDOWS\system32\drivers\aswKbd.sys
23:55:31.0921 2368 aswKbd - ok
23:55:31.0921 2368 [ 84F0BE324EE111338589F448C3E8BAB2 ] aswMon2 C:\WINDOWS\system32\drivers\aswMon2.sys
23:55:31.0921 2368 aswMon2 - ok
23:55:31.0953 2368 [ 7B948E3657BEA62E437BC46CA6EF6012 ] aswNdis C:\WINDOWS\system32\DRIVERS\aswNdis.sys
23:55:31.0953 2368 aswNdis - ok
23:55:31.0953 2368 [ DCF8B68A3A6217F87CA7FA95F535B47E ] aswNdis2 C:\WINDOWS\system32\drivers\aswNdis2.sys
23:55:31.0968 2368 aswNdis2 - ok
23:55:31.0968 2368 [ 7C9F0A2AB17D52261A9252A2EB320884 ] aswRdr C:\WINDOWS\system32\drivers\aswRdr.sys
23:55:31.0968 2368 aswRdr - ok
23:55:32.0031 2368 [ B32E9AD44A1DBB3E8095E80F8DF32B03 ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
23:55:32.0046 2368 aswSnx - ok
23:55:32.0046 2368 [ 67B558895695545FB0568B7541F3BCA7 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
23:55:32.0062 2368 aswSP - ok
23:55:32.0062 2368 [ E3E73B2B73A4DFADFDDF557192C4B08A ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys
23:55:32.0062 2368 aswTdi - ok
23:55:32.0093 2368 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
23:55:32.0093 2368 AsyncMac - ok
23:55:32.0109 2368 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
23:55:32.0109 2368 atapi - ok
23:55:32.0125 2368 Atdisk - ok
23:55:32.0156 2368 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
23:55:32.0156 2368 Atmarpc - ok
23:55:32.0187 2368 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
23:55:32.0187 2368 AudioSrv - ok
23:55:32.0203 2368 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
23:55:32.0203 2368 audstub - ok
23:55:32.0312 2368 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
23:55:32.0312 2368 avast! Antivirus - ok
23:55:32.0359 2368 [ BC0E07A768A0A14C48E3CE1875F2C377 ] avast! Firewall C:\Program Files\AVAST Software\Avast\afwServ.exe
23:55:32.0359 2368 avast! Firewall - ok
23:55:32.0406 2368 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
23:55:32.0406 2368 Beep - ok
23:55:32.0437 2368 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
23:55:32.0453 2368 BITS - ok
23:55:32.0500 2368 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
23:55:32.0500 2368 Browser - ok
23:55:32.0609 2368 catchme - ok
23:55:32.0640 2368 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
23:55:32.0656 2368 cbidf2k - ok
23:55:32.0671 2368 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
23:55:32.0671 2368 CCDECODE - ok
23:55:32.0671 2368 cd20xrnt - ok
23:55:32.0718 2368 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
23:55:32.0718 2368 Cdaudio - ok
23:55:32.0765 2368 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
23:55:32.0765 2368 Cdfs - ok
23:55:32.0812 2368 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
23:55:32.0812 2368 Cdrom - ok
23:55:32.0828 2368 Changer - ok
23:55:32.0843 2368 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
23:55:32.0843 2368 CiSvc - ok
23:55:32.0859 2368 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
23:55:32.0875 2368 ClipSrv - ok
23:55:32.0937 2368 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:55:32.0937 2368 clr_optimization_v4.0.30319_32 - ok
23:55:32.0937 2368 CmdIde - ok
23:55:32.0984 2368 [ 334D77EFC9F3D22DEE021A9BB3F4E13E ] COMMONFX C:\WINDOWS\system32\drivers\COMMONFX.SYS
23:55:32.0984 2368 COMMONFX - ok
23:55:33.0000 2368 [ 334D77EFC9F3D22DEE021A9BB3F4E13E ] COMMONFX.SYS C:\WINDOWS\System32\drivers\COMMONFX.SYS
23:55:33.0000 2368 COMMONFX.SYS - ok
23:55:33.0000 2368 COMSysApp - ok
23:55:33.0000 2368 Cpqarray - ok
23:55:33.0031 2368 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
23:55:33.0031 2368 CryptSvc - ok
23:55:33.0062 2368 [ 270DFADA559691363A276478BAB36B68 ] CT20XUT C:\WINDOWS\system32\drivers\CT20XUT.SYS
23:55:33.0062 2368 CT20XUT - ok
23:55:33.0078 2368 [ 270DFADA559691363A276478BAB36B68 ] CT20XUT.SYS C:\WINDOWS\System32\drivers\CT20XUT.SYS
23:55:33.0078 2368 CT20XUT.SYS - ok
23:55:33.0125 2368 [ 34AC8A1DC4299A34FF06949011EB53EF ] ctac32k C:\WINDOWS\system32\drivers\ctac32k.sys
23:55:33.0125 2368 ctac32k - ok
23:55:33.0140 2368 [ BBE95F29EABC46371DADFACC586D420B ] ctaud2k C:\WINDOWS\system32\drivers\ctaud2k.sys
23:55:33.0140 2368 ctaud2k - ok
23:55:33.0203 2368 [ BE7DCEE4191C74156288B1D217350189 ] CTAUDFX C:\WINDOWS\system32\drivers\CTAUDFX.SYS
23:55:33.0203 2368 CTAUDFX - ok
23:55:33.0218 2368 [ BE7DCEE4191C74156288B1D217350189 ] CTAUDFX.SYS C:\WINDOWS\System32\drivers\CTAUDFX.SYS
23:55:33.0218 2368 CTAUDFX.SYS - ok
23:55:33.0265 2368 [ E55F88B27498A4B5E17EAC75425A7755 ] CTEAPSFX C:\WINDOWS\system32\drivers\CTEAPSFX.SYS
23:55:33.0265 2368 CTEAPSFX - ok
23:55:33.0281 2368 [ E55F88B27498A4B5E17EAC75425A7755 ] CTEAPSFX.SYS C:\WINDOWS\System32\drivers\CTEAPSFX.SYS
23:55:33.0281 2368 CTEAPSFX.SYS - ok
23:55:33.0296 2368 [ 6BE4E4DCB76874765C55ECB1F474F7FD ] CTEDSPFX C:\WINDOWS\system32\drivers\CTEDSPFX.SYS
23:55:33.0296 2368 CTEDSPFX - ok
23:55:33.0296 2368 [ 6BE4E4DCB76874765C55ECB1F474F7FD ] CTEDSPFX.SYS C:\WINDOWS\System32\drivers\CTEDSPFX.SYS
23:55:33.0296 2368 CTEDSPFX.SYS - ok
23:55:33.0343 2368 [ 1E7D07D669A2572B73006FEDE47E173F ] CTEDSPIO C:\WINDOWS\system32\drivers\CTEDSPIO.SYS
23:55:33.0343 2368 CTEDSPIO - ok
23:55:33.0343 2368 [ 1E7D07D669A2572B73006FEDE47E173F ] CTEDSPIO.SYS C:\WINDOWS\System32\drivers\CTEDSPIO.SYS
23:55:33.0359 2368 CTEDSPIO.SYS - ok
23:55:33.0406 2368 [ B70DFA869EE0B63B9FA01B038C886640 ] CTEDSPSY C:\WINDOWS\system32\drivers\CTEDSPSY.SYS
23:55:33.0406 2368 CTEDSPSY - ok
23:55:33.0406 2368 [ B70DFA869EE0B63B9FA01B038C886640 ] CTEDSPSY.SYS C:\WINDOWS\System32\drivers\CTEDSPSY.SYS
23:55:33.0421 2368 CTEDSPSY.SYS - ok
23:55:33.0453 2368 [ 10BC33D886BCD3F0ADD4AAB8051015C1 ] CTERFXFX C:\WINDOWS\system32\drivers\CTERFXFX.SYS
23:55:33.0453 2368 CTERFXFX - ok
23:55:33.0468 2368 [ 10BC33D886BCD3F0ADD4AAB8051015C1 ] CTERFXFX.SYS C:\WINDOWS\System32\drivers\CTERFXFX.SYS
23:55:33.0468 2368 CTERFXFX.SYS - ok
23:55:33.0484 2368 [ 6337BDB64B1B94FAC817A6A9B83B5800 ] CTEXFIFX C:\WINDOWS\system32\drivers\CTEXFIFX.SYS
23:55:33.0500 2368 CTEXFIFX - ok
23:55:33.0531 2368 [ 6337BDB64B1B94FAC817A6A9B83B5800 ] CTEXFIFX.SYS C:\WINDOWS\System32\drivers\CTEXFIFX.SYS
23:55:33.0531 2368 CTEXFIFX.SYS - ok
23:55:33.0546 2368 [ A6C62AE40FC06EA5DBCF82AC24F7EA4E ] CTHWIUT C:\WINDOWS\system32\drivers\CTHWIUT.SYS
23:55:33.0546 2368 CTHWIUT - ok
23:55:33.0546 2368 [ A6C62AE40FC06EA5DBCF82AC24F7EA4E ] CTHWIUT.SYS C:\WINDOWS\System32\drivers\CTHWIUT.SYS
23:55:33.0546 2368 CTHWIUT.SYS - ok
23:55:33.0562 2368 [ DA5EA613E3E77E64D7191BB85675DC45 ] ctprxy2k C:\WINDOWS\system32\drivers\ctprxy2k.sys
23:55:33.0562 2368 ctprxy2k - ok
23:55:33.0578 2368 [ 6EA007E24F959FC3CC342AEE53838A38 ] CTSBLFX C:\WINDOWS\system32\drivers\CTSBLFX.SYS
23:55:33.0578 2368 CTSBLFX - ok
23:55:33.0593 2368 [ 6EA007E24F959FC3CC342AEE53838A38 ] CTSBLFX.SYS C:\WINDOWS\System32\drivers\CTSBLFX.SYS
23:55:33.0593 2368 CTSBLFX.SYS - ok
23:55:33.0625 2368 [ 8CC0D8A826974A2FDE2D24B2739AD177 ] ctsfm2k C:\WINDOWS\system32\drivers\ctsfm2k.sys
23:55:33.0625 2368 ctsfm2k - ok
23:55:33.0625 2368 dac2w2k - ok
23:55:33.0625 2368 dac960nt - ok
23:55:33.0687 2368 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
23:55:33.0703 2368 DcomLaunch - ok
23:55:33.0734 2368 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
23:55:33.0734 2368 Dhcp - ok
23:55:33.0796 2368 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
23:55:33.0796 2368 Disk - ok
23:55:33.0796 2368 dmadmin - ok
23:55:33.0843 2368 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
23:55:33.0859 2368 dmboot - ok
23:55:33.0859 2368 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
23:55:33.0875 2368 dmio - ok
23:55:33.0875 2368 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
23:55:33.0890 2368 dmload - ok
23:55:33.0906 2368 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
23:55:33.0906 2368 dmserver - ok
23:55:33.0953 2368 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
23:55:33.0953 2368 DMusic - ok
23:55:33.0984 2368 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
23:55:33.0984 2368 Dnscache - ok
23:55:34.0000 2368 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
23:55:34.0000 2368 Dot3svc - ok
23:55:34.0000 2368 dpti2o - ok
23:55:34.0015 2368 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
23:55:34.0015 2368 drmkaud - ok
23:55:34.0031 2368 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
23:55:34.0031 2368 EapHost - ok
23:55:34.0062 2368 [ DCF87151C15F56B4ECEA370E94CA1297 ] emupia C:\WINDOWS\system32\drivers\emupia2k.sys
23:55:34.0062 2368 emupia - ok
23:55:34.0078 2368 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
23:55:34.0078 2368 ERSvc - ok
23:55:34.0125 2368 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
23:55:34.0125 2368 Eventlog - ok
23:55:34.0156 2368 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
23:55:34.0156 2368 EventSystem - ok
23:55:34.0187 2368 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
23:55:34.0187 2368 Fastfat - ok
23:55:34.0218 2368 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
23:55:34.0234 2368 FastUserSwitchingCompatibility - ok
23:55:34.0234 2368 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
23:55:34.0234 2368 Fdc - ok
23:55:34.0250 2368 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
23:55:34.0250 2368 Fips - ok
23:55:34.0265 2368 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
23:55:34.0265 2368 Flpydisk - ok
23:55:34.0312 2368 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
23:55:34.0312 2368 FltMgr - ok
23:55:34.0312 2368 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
23:55:34.0312 2368 Fs_Rec - ok
23:55:34.0328 2368 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
23:55:34.0328 2368 Ftdisk - ok
23:55:34.0359 2368 [ 065639773D8B03F33577F6CDAEA21063 ] gameenum C:\WINDOWS\system32\DRIVERS\gameenum.sys
23:55:34.0359 2368 gameenum - ok
23:55:34.0390 2368 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
23:55:34.0390 2368 Gpc - ok
23:55:34.0406 2368 [ 36322CD973A20F189422BC25562142D7 ] ha10kx2k C:\WINDOWS\system32\drivers\ha10kx2k.sys
23:55:34.0421 2368 ha10kx2k - ok
23:55:34.0468 2368 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
23:55:34.0468 2368 HDAudBus - ok
23:55:34.0515 2368 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
23:55:34.0515 2368 helpsvc - ok
23:55:34.0515 2368 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
23:55:34.0515 2368 HidServ - ok
23:55:34.0531 2368 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
23:55:34.0531 2368 hidusb - ok
23:55:34.0562 2368 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
23:55:34.0578 2368 hkmsvc - ok
23:55:34.0578 2368 hpn - ok
23:55:34.0609 2368 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
23:55:34.0609 2368 HTTP - ok
23:55:34.0640 2368 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
23:55:34.0656 2368 HTTPFilter - ok
23:55:34.0656 2368 i2omgmt - ok
23:55:34.0671 2368 i2omp - ok
23:55:34.0703 2368 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\drivers\i8042prt.sys
23:55:34.0703 2368 i8042prt - ok
23:55:34.0718 2368 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
23:55:34.0718 2368 Imapi - ok
23:55:34.0765 2368 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
23:55:34.0765 2368 ImapiService - ok
23:55:34.0781 2368 ini910u - ok
23:55:34.0781 2368 IntelIde - ok
23:55:34.0828 2368 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
23:55:34.0828 2368 Ip6Fw - ok
23:55:34.0859 2368 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
23:55:34.0859 2368 IpFilterDriver - ok
23:55:34.0875 2368 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
23:55:34.0875 2368 IpInIp - ok
23:55:34.0906 2368 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
23:55:34.0906 2368 IpNat - ok
23:55:34.0937 2368 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
23:55:34.0937 2368 IPSec - ok
23:55:34.0968 2368 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
23:55:34.0968 2368 IRENUM - ok
23:55:35.0000 2368 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
23:55:35.0000 2368 isapnp - ok
23:55:35.0000 2368 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
23:55:35.0000 2368 Kbdclass - ok
23:55:35.0015 2368 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
23:55:35.0015 2368 kbdhid - ok
23:55:35.0062 2368 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
23:55:35.0062 2368 kmixer - ok
23:55:35.0078 2368 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
23:55:35.0078 2368 KSecDD - ok
23:55:35.0109 2368 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
23:55:35.0125 2368 LanmanServer - ok
23:55:35.0171 2368 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
23:55:35.0171 2368 lanmanworkstation - ok
23:55:35.0171 2368 lbrtfdc - ok
23:55:35.0203 2368 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
23:55:35.0203 2368 LmHosts - ok
23:55:35.0250 2368 [ C5EFBD05A5195402121711A6EBBB271F ] LVUSBSta C:\WINDOWS\system32\drivers\lvusbsta.sys
23:55:35.0250 2368 LVUSBSta - ok
23:55:35.0296 2368 [ 0DB7527DB188C7D967A37BB51BBF3963 ] MBAMSwissArmy C:\WINDOWS\system32\drivers\mbamswissarmy.sys
23:55:35.0296 2368 MBAMSwissArmy - ok
23:55:35.0328 2368 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
23:55:35.0328 2368 Messenger - ok
23:55:35.0343 2368 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
23:55:35.0343 2368 mnmdd - ok
23:55:35.0359 2368 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
23:55:35.0359 2368 mnmsrvc - ok
23:55:35.0375 2368 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
23:55:35.0375 2368 Modem - ok
23:55:35.0421 2368 [ 9DFD34E6841C460B5D992A1C5327AE69 ] MotoHelper C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe
23:55:35.0421 2368 MotoHelper - ok
23:55:35.0437 2368 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
23:55:35.0437 2368 Mouclass - ok
23:55:35.0453 2368 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
23:55:35.0453 2368 mouhid - ok
23:55:35.0468 2368 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
23:55:35.0468 2368 MountMgr - ok
23:55:35.0468 2368 mraid35x - ok
23:55:35.0468 2368 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
23:55:35.0484 2368 MRxDAV - ok
23:55:35.0515 2368 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
23:55:35.0531 2368 MRxSmb - ok
23:55:35.0546 2368 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
23:55:35.0546 2368 MSDTC - ok
23:55:35.0578 2368 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
23:55:35.0578 2368 Msfs - ok
23:55:35.0578 2368 MSIServer - ok
23:55:35.0609 2368 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
23:55:35.0609 2368 MSKSSRV - ok
23:55:35.0625 2368 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
23:55:35.0625 2368 MSPCLOCK - ok
23:55:35.0625 2368 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
23:55:35.0640 2368 MSPQM - ok
23:55:35.0640 2368 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
23:55:35.0656 2368 mssmbios - ok
23:55:35.0671 2368 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
23:55:35.0671 2368 MSTEE - ok
23:55:35.0687 2368 [ CA3E22598F411199ADC2DFEE76CD0AE0 ] ms_mpu401 C:\WINDOWS\system32\drivers\msmpu401.sys
23:55:35.0687 2368 ms_mpu401 - ok
23:55:35.0718 2368 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
23:55:35.0718 2368 Mup - ok
23:55:35.0734 2368 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
23:55:35.0734 2368 NABTSFEC - ok
23:55:35.0750 2368 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
23:55:35.0765 2368 napagent - ok
23:55:35.0781 2368 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
23:55:35.0796 2368 NDIS - ok
23:55:35.0812 2368 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
23:55:35.0828 2368 NdisIP - ok
23:55:35.0859 2368 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
23:55:35.0859 2368 NdisTapi - ok
23:55:35.0906 2368 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
23:55:35.0906 2368 Ndisuio - ok
23:55:35.0937 2368 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
23:55:35.0937 2368 NdisWan - ok
23:55:35.0968 2368 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
23:55:35.0968 2368 NDProxy - ok
23:55:36.0015 2368 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
23:55:36.0015 2368 NetBIOS - ok
23:55:36.0031 2368 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
23:55:36.0031 2368 NetBT - ok
23:55:36.0062 2368 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
23:55:36.0062 2368 NetDDE - ok
23:55:36.0078 2368 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
23:55:36.0078 2368 NetDDEdsdm - ok
23:55:36.0109 2368 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
23:55:36.0109 2368 Netlogon - ok
23:55:36.0125 2368 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
23:55:36.0140 2368 Netman - ok
23:55:36.0140 2368 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
23:55:36.0156 2368 NIC1394 - ok
23:55:36.0203 2368 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
23:55:36.0218 2368 Nla - ok
23:55:36.0218 2368 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
23:55:36.0218 2368 Npfs - ok
23:55:36.0234 2368 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
23:55:36.0250 2368 Ntfs - ok
23:55:36.0250 2368 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
23:55:36.0250 2368 NtLmSsp - ok
23:55:36.0265 2368 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
23:55:36.0281 2368 NtmsSvc - ok
23:55:36.0328 2368 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
23:55:36.0328 2368 Null - ok
23:55:36.0625 2368 [ 0DC79B60CEDC3A8854C27B3C6E4B3414 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
23:55:36.0875 2368 nv - ok
23:55:36.0921 2368 [ C03E15101F6D9E82CD9B0E7D715F5DE3 ] nvata C:\WINDOWS\system32\DRIVERS\nvata.sys
23:55:36.0921 2368 nvata - ok
23:55:36.0968 2368 [ 7D275ECDA4628318912F6C945D5CF963 ] NVENETFD C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
23:55:36.0968 2368 NVENETFD - ok
23:55:37.0015 2368 [ B64AACEFAD2BE5BFF5353FE681253C67 ] nvnetbus C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
23:55:37.0015 2368 nvnetbus - ok
23:55:37.0062 2368 [ 971B4344ABA9B79ED0E9D0BB2A5283C1 ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
23:55:37.0078 2368 NVSvc - ok
23:55:37.0203 2368 [ 4CDE6D8E0A07DCE9E568F58A5DC8086C ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
23:55:37.0218 2368 nvUpdatusService - ok
23:55:37.0234 2368 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
23:55:37.0234 2368 NwlnkFlt - ok
23:55:37.0250 2368 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
23:55:37.0250 2368 NwlnkFwd - ok
23:55:37.0265 2368 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
23:55:37.0265 2368 ohci1394 - ok
23:55:37.0296 2368 [ F8F7FE5D67C47C2F1016F7A139E0F664 ] ossrv C:\WINDOWS\system32\drivers\ctoss2k.sys
23:55:37.0296 2368 ossrv - ok
23:55:37.0296 2368 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
23:55:37.0296 2368 Parport - ok
23:55:37.0312 2368 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
23:55:37.0312 2368 PartMgr - ok
23:55:37.0359 2368 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
23:55:37.0359 2368 ParVdm - ok
23:55:37.0359 2368 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
23:55:37.0359 2368 PCI - ok
23:55:37.0375 2368 PCIDump - ok
23:55:37.0375 2368 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
23:55:37.0375 2368 PCIIde - ok
23:55:37.0406 2368 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
23:55:37.0406 2368 Pcmcia - ok
23:55:37.0421 2368 PDCOMP - ok
23:55:37.0421 2368 PDFRAME - ok
23:55:37.0453 2368 PDRELI - ok
23:55:37.0453 2368 PDRFRAME - ok
23:55:37.0453 2368 perc2 - ok
23:55:37.0468 2368 perc2hib - ok
23:55:37.0515 2368 [ 5BD2C6D982481D548107C602E7CCFBBC ] PID_0928 C:\WINDOWS\system32\DRIVERS\LV561AV.SYS
23:55:37.0531 2368 PID_0928 - ok
23:55:37.0546 2368 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
23:55:37.0546 2368 PlugPlay - ok
23:55:37.0546 2368 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
23:55:37.0562 2368 PolicyAgent - ok
23:55:37.0562 2368 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
23:55:37.0562 2368 PptpMiniport - ok
23:55:37.0609 2368 [ A32BEBAF723557681BFC6BD93E98BD26 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
23:55:37.0625 2368 Processor - ok
23:55:37.0625 2368 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
23:55:37.0625 2368 ProtectedStorage - ok
23:55:37.0625 2368 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
23:55:37.0640 2368 PSched - ok
23:55:37.0640 2368 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
23:55:37.0640 2368 Ptilink - ok
23:55:37.0640 2368 ql1080 - ok
23:55:37.0656 2368 Ql10wnt - ok
23:55:37.0656 2368 ql12160 - ok
23:55:37.0656 2368 ql1240 - ok
23:55:37.0671 2368 ql1280 - ok
23:55:37.0687 2368 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
23:55:37.0687 2368 RasAcd - ok
23:55:37.0718 2368 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
23:55:37.0734 2368 RasAuto - ok
23:55:37.0750 2368 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
23:55:37.0765 2368 Rasl2tp - ok
23:55:37.0781 2368 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
23:55:37.0796 2368 RasMan - ok
23:55:37.0796 2368 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
23:55:37.0796 2368 RasPppoe - ok
23:55:37.0812 2368 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
23:55:37.0812 2368 Raspti - ok
23:55:37.0828 2368 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
23:55:37.0843 2368 Rdbss - ok
23:55:37.0843 2368 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
23:55:37.0843 2368 RDPCDD - ok
23:55:37.0875 2368 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
23:55:37.0875 2368 rdpdr - ok
23:55:37.0890 2368 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
23:55:37.0906 2368 RDPWD - ok
23:55:37.0921 2368 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
23:55:37.0937 2368 RDSessMgr - ok
23:55:37.0953 2368 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
23:55:37.0953 2368 redbook - ok
23:55:38.0000 2368 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
23:55:38.0000 2368 RemoteAccess - ok
23:55:38.0015 2368 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
23:55:38.0031 2368 RemoteRegistry - ok
23:55:38.0046 2368 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
23:55:38.0046 2368 RpcLocator - ok
23:55:38.0078 2368 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\System32\rpcss.dll
23:55:38.0093 2368 RpcSs - ok
23:55:38.0125 2368 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
23:55:38.0125 2368 RSVP - ok
23:55:38.0156 2368 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
23:55:38.0156 2368 SamSs - ok
23:55:38.0171 2368 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
23:55:38.0187 2368 SCardSvr - ok
23:55:38.0218 2368 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
23:55:38.0234 2368 Schedule - ok
23:55:38.0250 2368 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
23:55:38.0250 2368 Secdrv - ok
23:55:38.0250 2368 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
23:55:38.0265 2368 seclogon - ok
23:55:38.0281 2368 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
23:55:38.0296 2368 SENS - ok
23:55:38.0312 2368 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
23:55:38.0312 2368 serenum - ok
23:55:38.0328 2368 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
23:55:38.0328 2368 Serial - ok
23:55:38.0359 2368 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
23:55:38.0359 2368 Sfloppy - ok
23:55:38.0390 2368 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
23:55:38.0390 2368 SharedAccess - ok
23:55:38.0406 2368 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
23:55:38.0421 2368 ShellHWDetection - ok
23:55:38.0421 2368 Simbad - ok
23:55:38.0453 2368 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
23:55:38.0453 2368 SLIP - ok
23:55:38.0468 2368 Sparrow - ok
23:55:38.0484 2368 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
23:55:38.0484 2368 splitter - ok
23:55:38.0531 2368 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
23:55:38.0531 2368 Spooler - ok
23:55:38.0578 2368 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
23:55:38.0578 2368 sr - ok
23:55:38.0609 2368 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
23:55:38.0625 2368 srservice - ok
23:55:38.0640 2368 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
23:55:38.0656 2368 Srv - ok
23:55:38.0687 2368 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
23:55:38.0687 2368 SSDPSRV - ok
23:55:38.0718 2368 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
23:55:38.0734 2368 stisvc - ok
23:55:38.0765 2368 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
23:55:38.0765 2368 streamip - ok
23:55:38.0781 2368 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
23:55:38.0796 2368 swenum - ok
23:55:38.0796 2368 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
23:55:38.0796 2368 swmidi - ok
23:55:38.0796 2368 SwPrv - ok
23:55:38.0812 2368 symc810 - ok
23:55:38.0812 2368 symc8xx - ok
23:55:38.0812 2368 sym_hi - ok
23:55:38.0828 2368 sym_u3 - ok
23:55:38.0828 2368 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
23:55:38.0843 2368 sysaudio - ok
23:55:38.0875 2368 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
23:55:38.0890 2368 SysmonLog - ok
23:55:38.0906 2368 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
23:55:38.0921 2368 TapiSrv - ok
23:55:38.0937 2368 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
23:55:38.0953 2368 Tcpip - ok
23:55:38.0984 2368 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
23:55:38.0984 2368 TDPIPE - ok
23:55:39.0000 2368 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
23:55:39.0000 2368 TDTCP - ok
23:55:39.0031 2368 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
23:55:39.0031 2368 TermDD - ok
23:55:39.0062 2368 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
23:55:39.0078 2368 TermService - ok
23:55:39.0093 2368 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
23:55:39.0109 2368 Themes - ok
23:55:39.0140 2368 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
23:55:39.0140 2368 TlntSvr - ok
23:55:39.0140 2368 TosIde - ok
23:55:39.0156 2368 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
23:55:39.0171 2368 TrkWks - ok
23:55:39.0187 2368 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
23:55:39.0187 2368 Udfs - ok
23:55:39.0187 2368 ultra - ok
23:55:39.0234 2368 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
23:55:39.0234 2368 Update - ok
23:55:39.0265 2368 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
23:55:39.0281 2368 upnphost - ok
23:55:39.0296 2368 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
23:55:39.0312 2368 UPS - ok
23:55:39.0359 2368 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
23:55:39.0359 2368 usbccgp - ok
23:55:39.0375 2368 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
23:55:39.0375 2368 usbehci - ok
23:55:39.0375 2368 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
23:55:39.0375 2368 usbhub - ok
23:55:39.0390 2368 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
23:55:39.0390 2368 usbohci - ok
23:55:39.0421 2368 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
23:55:39.0421 2368 USBSTOR - ok
23:55:39.0453 2368 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
23:55:39.0453 2368 VgaSave - ok
23:55:39.0453 2368 ViaIde - ok
23:55:39.0500 2368 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
23:55:39.0500 2368 VolSnap - ok
23:55:39.0515 2368 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
23:55:39.0531 2368 VSS - ok
23:55:39.0578 2368 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
23:55:39.0578 2368 W32Time - ok
23:55:39.0593 2368 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
23:55:39.0593 2368 Wanarp - ok
23:55:39.0593 2368 WDICA - ok
23:55:39.0640 2368 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
23:55:39.0640 2368 wdmaud - ok
23:55:39.0656 2368 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
23:55:39.0671 2368 WebClient - ok
23:55:39.0765 2368 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
23:55:39.0796 2368 winmgmt - ok
23:55:39.0859 2368 [ C7E39EA41233E9F5B86C8DA3A9F1E4A8 ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll
23:55:39.0859 2368 WmdmPmSN - ok
23:55:39.0890 2368 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll
23:55:39.0906 2368 Wmi - ok
23:55:39.0937 2368 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
23:55:39.0937 2368 WmiApSrv - ok
23:55:40.0000 2368 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
23:55:40.0015 2368 WPFFontCache_v0400 - ok
23:55:40.0046 2368 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
23:55:40.0046 2368 WS2IFSL - ok
23:55:40.0078 2368 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
23:55:40.0093 2368 wscsvc - ok
23:55:40.0093 2368 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
23:55:40.0093 2368 WSTCODEC - ok
23:55:40.0125 2368 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
23:55:40.0140 2368 wuauserv - ok
23:55:40.0171 2368 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
23:55:40.0187 2368 WZCSVC - ok
23:55:40.0218 2368 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
23:55:40.0218 2368 xmlprov - ok
23:55:40.0312 2368 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
23:55:40.0328 2368 YahooAUService - ok
23:55:40.0328 2368 ================ Scan global ===============================
23:55:40.0375 2368 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
23:55:40.0437 2368 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
23:55:40.0453 2368 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
23:55:40.0500 2368 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
23:55:40.0500 2368 [Global] - ok
23:55:40.0500 2368 ================ Scan MBR ==================================
23:55:40.0531 2368 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
23:55:40.0656 2368 \Device\Harddisk0\DR0 - ok
23:55:40.0656 2368 ================ Scan VBR ==================================
23:55:40.0671 2368 [ 67BF80636836D97D791E75EBEED09B0C ] \Device\Harddisk0\DR0\Partition1
23:55:40.0671 2368 \Device\Harddisk0\DR0\Partition1 - ok
23:55:40.0671 2368 ============================================================
23:55:40.0671 2368 Scan finished
23:55:40.0671 2368 ============================================================
23:55:40.0687 2236 Detected object count: 0
23:55:40.0687 2236 Actual detected object count: 0
-
I am pretty sure I had Avast turned off the first time. I just tried running OTL again with Avast turned off just to double-check and I get the same error I posted above.
-
Security Check can run:
Results of screen317's Security Check version 0.99.57
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
avast! Internet Security
Antivirus up to date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.70.0.1100
CCleaner
````````Process Check: objlist.exe by Laurent````````
system32 AvastSvc.exe -?-
system32 AvastUI.exe -?-
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:: 14% Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````
-
Weird. When I try to run OTL I get an error that OTL has encountered a problem and needs to close. : AppName: otl.exe AppVer: 3.2.69.0 ModName: kernel32.dll
ModVer: 5.1.2600.6293 Offset: 00012fd3.
What else to try?
<?xml version="1.0" encoding="UTF-16"?>
<DATABASE>
<EXE NAME="OTL.exe" FILTER="GRABMI_FILTER_PRIVACY">
<MATCHING_FILE NAME="Combo-Fix.exe" SIZE="5024203" CHECKSUM="0x153F51EB" BIN_FILE_VERSION="13.1.17.3" BIN_PRODUCT_VERSION="13.1.17.3" FILE_DESCRIPTION="ComboFix NSIS Installer" COMPANY_NAME="Swearware" PRODUCT_NAME="ComboFix" FILE_VERSION="13.01.17.03" ORIGINAL_FILENAME="ComboFix.exe" INTERNAL_NAME="ComboFix.exe" LEGAL_COPYRIGHT="sUBs" VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x4CBC43" LINKER_VERSION="0x60000" UPTO_BIN_FILE_VERSION="13.1.17.3" UPTO_BIN_PRODUCT_VERSION="13.1.17.3" LINK_DATE="12/05/2009 22:50:46" UPTO_LINK_DATE="12/05/2009 22:50:46" VER_LANGUAGE="English (United States) [0x409]" />
<MATCHING_FILE NAME="FSS.exe" SIZE="350915" CHECKSUM="0xF3E11884" BIN_FILE_VERSION="3.3.8.1" BIN_PRODUCT_VERSION="3.3.8.1" COMPANY_NAME="Farbar" FILE_VERSION="3.3.8.1" VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x0" MODULE_TYPE="WIN32" PE_CHECKSUM="0x0" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="3.3.8.1" UPTO_BIN_PRODUCT_VERSION="3.3.8.1" LINK_DATE="01/29/2012 21:32:28" UPTO_LINK_DATE="01/29/2012 21:32:28" VER_LANGUAGE="English (United Kingdom) [0x809]" />
<MATCHING_FILE NAME="mbam-setup-1.70.0.1100 (1).exe" SIZE="10156344" CHECKSUM="0xD093988F" BIN_FILE_VERSION="1.70.0.1100" BIN_PRODUCT_VERSION="1.70.0.1100" PRODUCT_VERSION="1.70.0.1100 " FILE_DESCRIPTION="Malwarebytes Anti-Malware " COMPANY_NAME="Malwarebytes Corporation " PRODUCT_NAME="Malwarebytes Anti-Malware " FILE_VERSION="1.70.0.1100 " LEGAL_COPYRIGHT="© Malwarebytes Corporation. All rights reserved. " VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x9BCA46" LINKER_VERSION="0x60000" UPTO_BIN_FILE_VERSION="1.70.0.1100" UPTO_BIN_PRODUCT_VERSION="1.70.0.1100" LINK_DATE="06/19/1992 22:22:17" UPTO_LINK_DATE="06/19/1992 22:22:17" VER_LANGUAGE="Language Neutral [0x0]" />
<MATCHING_FILE NAME="OTL.exe" SIZE="602112" CHECKSUM="0xABD80C51" BIN_FILE_VERSION="3.2.69.0" BIN_PRODUCT_VERSION="3.2.69.0" PRODUCT_VERSION="3.0.0.0" FILE_DESCRIPTION="" COMPANY_NAME="OldTimer Tools" PRODUCT_NAME="OTL" FILE_VERSION="3.2.69.0" ORIGINAL_FILENAME="OTL.exe" INTERNAL_NAME="OTL.exe" LEGAL_COPYRIGHT="" VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0xA0F87" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="3.2.69.0" UPTO_BIN_PRODUCT_VERSION="3.2.69.0" LINK_DATE="06/19/1992 22:22:17" UPTO_LINK_DATE="06/19/1992 22:22:17" VER_LANGUAGE="English (United States) [0x409]" />
<MATCHING_FILE NAME="RogueKiller.exe" SIZE="764416" CHECKSUM="0xF23384DE" BIN_FILE_VERSION="8.4.3.0" BIN_PRODUCT_VERSION="8.4.3.0" PRODUCT_VERSION="8.4.3" FILE_DESCRIPTION="RogueKiller by Tigzy" COMPANY_NAME="Tigzy" PRODUCT_NAME="RogueKiller" FILE_VERSION="8.4.3" ORIGINAL_FILENAME="RogueKiller" INTERNAL_NAME="RogueKiller" LEGAL_COPYRIGHT="Tigzy" VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x0" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="8.4.3.0" UPTO_BIN_PRODUCT_VERSION="8.4.3.0" LINK_DATE="01/10/2013 06:06:37" UPTO_LINK_DATE="01/10/2013 06:06:37" VER_LANGUAGE="French (France) [0x40c]" />
<MATCHING_FILE NAME="RSIT.exe" SIZE="781383" CHECKSUM="0xC93246C1" BIN_FILE_VERSION="3.3.6.1" BIN_PRODUCT_VERSION="3.3.6.1" FILE_DESCRIPTION="" FILE_VERSION="3, 3, 6, 1" VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x0" MODULE_TYPE="WIN32" PE_CHECKSUM="0xC44A2" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="3.3.6.1" UPTO_BIN_PRODUCT_VERSION="3.3.6.1" LINK_DATE="04/16/2010 07:47:33" UPTO_LINK_DATE="04/16/2010 07:47:33" VER_LANGUAGE="English (United Kingdom) [0x809]" />
<MATCHING_FILE NAME="SecurityCheck.exe" SIZE="881914" CHECKSUM="0xF78B0FEB" MODULE_TYPE="WIN32" PE_CHECKSUM="0x236E4" LINKER_VERSION="0x0" LINK_DATE="03/15/2010 06:27:50" UPTO_LINK_DATE="03/15/2010 06:27:50" />
<MATCHING_FILE NAME="VEW.exe" SIZE="61440" CHECKSUM="0x5D3B730F" BIN_FILE_VERSION="1.0.0.4" BIN_PRODUCT_VERSION="1.0.0.4" PRODUCT_VERSION="1.00.0004" FILE_DESCRIPTION="Windows Event Viewer - Reports from 1 to 20 of the last events or between two dates." COMPANY_NAME=" " PRODUCT_NAME="Vino's Event Viewer" FILE_VERSION="1.00.0004" ORIGINAL_FILENAME="VEWv01c.exe" INTERNAL_NAME="VEWv01c" LEGAL_COPYRIGHT="Fill Your Boots!" VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0xF529" LINKER_VERSION="0x10000" UPTO_BIN_FILE_VERSION="1.0.0.4" UPTO_BIN_PRODUCT_VERSION="1.0.0.4" LINK_DATE="08/10/2009 21:02:23" UPTO_LINK_DATE="08/10/2009 21:02:23" VER_LANGUAGE="English (United States) [0x409]" />
</EXE>
<EXE NAME="kernel32.dll" FILTER="GRABMI_FILTER_THISFILEONLY">
<MATCHING_FILE NAME="kernel32.dll" SIZE="990208" CHECKSUM="0xCC2C4544" BIN_FILE_VERSION="5.1.2600.6293" BIN_PRODUCT_VERSION="5.1.2600.6293" PRODUCT_VERSION="5.1.2600.6293" FILE_DESCRIPTION="Windows NT BASE API Client DLL" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Microsoft® Windows® Operating System" FILE_VERSION="5.1.2600.6293 (xpsp_sp3_gdr.121001-1622)" ORIGINAL_FILENAME="kernel32" INTERNAL_NAME="kernel32" LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0xFBCBC" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="5.1.2600.6293" UPTO_BIN_PRODUCT_VERSION="5.1.2600.6293" LINK_DATE="10/03/2012 04:58:13" UPTO_LINK_DATE="10/03/2012 04:58:13" VER_LANGUAGE="English (United States) [0x409]" />
</EXE>
<EXE NAME="kernel32.dll" FILTER="GRABMI_FILTER_THISFILEONLY">
<MATCHING_FILE NAME="kernel32.dll" SIZE="990208" CHECKSUM="0xCC2C4544" BIN_FILE_VERSION="5.1.2600.6293" BIN_PRODUCT_VERSION="5.1.2600.6293" PRODUCT_VERSION="5.1.2600.6293" FILE_DESCRIPTION="Windows NT BASE API Client DLL" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Microsoft® Windows® Operating System" FILE_VERSION="5.1.2600.6293 (xpsp_sp3_gdr.121001-1622)" ORIGINAL_FILENAME="kernel32" INTERNAL_NAME="kernel32" LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0xFBCBC" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="5.1.2600.6293" UPTO_BIN_PRODUCT_VERSION="5.1.2600.6293" LINK_DATE="10/03/2012 04:58:13" UPTO_LINK_DATE="10/03/2012 04:58:13" VER_LANGUAGE="English (United States) [0x409]" />
</EXE>
</DATABASE>
-
I just tried disabling anti-virus and trying to run VEW and I got same error. Downloading and running OTL now.
-
Good morning. Yes I was able to successfully complete the SFC run.
-
I tried to run VEW following your instructions but I get the following error " Run-time error '429': ActiveX component can't create object." So what now?
-
Also I noticed that the internet explorer icon appeared on my desktop now
-
It seems that windows starts up significantly faster and applications load faster as well after I ran the combofix and restarted. What should I do now?
-
ComboFix 13-01-17.03 - Jason 01/17/2013 20:32:22.1.2 - x86
Running from: c:\documents and settings\Jason\Desktop\Combo-Fix.exe
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\regedit.com
.
.
((((((((((((((((((((((((( Files Created from 2012-12-18 to 2013-01-18 )))))))))))))))))))))))))))))))
.
.
2013-01-12 22:30 . 2013-01-13 21:41 -------- d-----w- c:\program files\ERUNT
2013-01-12 21:53 . 2013-01-12 21:53 -------- d--h--w- c:\windows\PIF
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-16 12:23 . 2008-04-14 12:00 290560 ----a-w- c:\windows\system32\atmfd.dll
2012-11-13 01:25 . 2008-04-14 12:00 1866368 ----a-w- c:\windows\system32\win32k.sys
2012-11-06 02:01 . 2008-04-14 12:00 1371648 ----a-w- c:\windows\system32\msxml6.dll
2012-11-02 02:02 . 2008-04-14 12:00 375296 ----a-w- c:\windows\system32\dpnet.dll
2012-11-01 12:17 . 2008-04-14 12:00 916992 ----a-w- c:\windows\system32\wininet.dll
2012-11-01 12:17 . 2008-04-14 12:00 43520 ------w- c:\windows\system32\licmgr10.dll
2012-11-01 12:17 . 2008-04-14 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-11-01 00:35 . 2008-04-14 12:00 385024 ------w- c:\windows\system32\html.iec
2012-10-30 23:51 . 2011-08-07 20:45 361032 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-10-30 23:51 . 2011-08-07 20:45 738504 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-10-30 23:51 . 2011-08-07 20:45 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-10-30 23:51 . 2011-08-07 20:45 35928 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2012-10-30 23:51 . 2011-08-07 20:45 199320 ----a-w- c:\windows\system32\drivers\aswNdis2.sys
2012-10-30 23:51 . 2011-08-07 20:45 97608 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2012-10-30 23:51 . 2011-08-07 20:45 89752 ----a-w- c:\windows\system32\drivers\aswmon.sys
2012-10-30 23:51 . 2012-02-25 15:47 20624 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2012-10-30 23:51 . 2011-08-07 20:45 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-10-30 23:51 . 2011-08-07 20:45 106560 ----a-w- c:\windows\system32\drivers\aswFW.sys
2012-10-30 23:51 . 2011-08-07 20:45 25256 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2012-10-30 23:51 . 2011-08-07 20:45 41224 ----a-w- c:\windows\avastSS.scr
2012-10-30 23:50 . 2011-08-07 20:45 227648 ----a-w- c:\windows\system32\aswBoot.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 23:50 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SetDefaultMIDI"="MIDIDef.exe" [2008-03-20 31232]
"Messenger (Yahoo!)"="c:\progra~1\Yahoo!\MESSEN~1\YahooMessenger.exe" [2012-05-25 6595928]
"Aim"="c:\program files\AIM\aim.exe" [2012-05-30 4331392]
"LogitechSoftwareUpdate"="c:\program files\Logitech\Video\ManifestEngine.exe" [2005-06-08 196608]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ASUS Update Checker"="c:\program files\ASUS\ASUSUpdate\UpdateChecker\UpdateChecker.exe" [2009-12-28 121472]
"amd_dc_opt"="c:\program files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"CTHelper"="CTHELPER.EXE" [2008-03-20 23040]
"CTxfiHlp"="CTXFIHLP.EXE" [2008-03-20 23552]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
"LVCOMSX"="c:\windows\system32\LVCOMSX.EXE" [2005-07-19 221184]
"LogitechVideoRepair"="c:\program files\Logitech\Video\ISStart.exe" [2005-06-08 458752]
"LogitechVideoTray"="c:\program files\Logitech\Video\LogiTray.exe" [2005-06-08 217088]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2012-02-10 15494464]
"nwiz"="c:\program files\NVIDIA Corporation\nview\nwiz.exe" [2012-02-10 1634112]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-10-12 59280]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"WIAWizardMenu"="c:\windows\system32\sti_ci.dll" [2008-04-14 136704]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36.sys]
@=""
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\AIM\\aim.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NVIDIA Update Core\\daemonu.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
.
R3 COMMONFX;COMMONFX;c:\windows\system32\drivers\COMMONFX.SYS [x]
R3 CT20XUT.SYS;CT20XUT.SYS;c:\windows\System32\drivers\CT20XUT.SYS [x]
R3 CT20XUT;CT20XUT;c:\windows\system32\drivers\CT20XUT.SYS [x]
R3 CTAUDFX.SYS;CTAUDFX.SYS;c:\windows\System32\drivers\CTAUDFX.SYS [x]
R3 CTAUDFX;CTAUDFX;c:\windows\system32\drivers\CTAUDFX.SYS [x]
R3 CTEAPSFX.SYS;CTEAPSFX.SYS;c:\windows\System32\drivers\CTEAPSFX.SYS [x]
R3 CTEAPSFX;CTEAPSFX;c:\windows\system32\drivers\CTEAPSFX.SYS [x]
R3 CTEDSPFX.SYS;CTEDSPFX.SYS;c:\windows\System32\drivers\CTEDSPFX.SYS [x]
R3 CTEDSPFX;CTEDSPFX;c:\windows\system32\drivers\CTEDSPFX.SYS [x]
R3 CTEDSPIO;CTEDSPIO;c:\windows\system32\drivers\CTEDSPIO.SYS [x]
R3 CTEDSPSY;CTEDSPSY;c:\windows\system32\drivers\CTEDSPSY.SYS [x]
R3 CTERFXFX.SYS;CTERFXFX.SYS;c:\windows\System32\drivers\CTERFXFX.SYS [x]
R3 CTERFXFX;CTERFXFX;c:\windows\system32\drivers\CTERFXFX.SYS [x]
R3 CTEXFIFX.SYS;CTEXFIFX.SYS;c:\windows\System32\drivers\CTEXFIFX.SYS [x]
R3 CTEXFIFX;CTEXFIFX;c:\windows\system32\drivers\CTEXFIFX.SYS [x]
R3 CTHWIUT.SYS;CTHWIUT.SYS;c:\windows\System32\drivers\CTHWIUT.SYS [x]
R3 CTHWIUT;CTHWIUT;c:\windows\system32\drivers\CTHWIUT.SYS [x]
R3 CTSBLFX.SYS;CTSBLFX.SYS;c:\windows\System32\drivers\CTSBLFX.SYS [x]
R3 CTSBLFX;CTSBLFX;c:\windows\system32\drivers\CTSBLFX.SYS [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [x]
S0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\DRIVERS\aswNdis.sys [x]
S0 aswNdis2;avast! Firewall Core Firewall Service; [x]
S1 AsUpIO;AsUpIO;c:\windows\system32\drivers\AsUpIO.sys [x]
S1 aswFW;avast! TDI Firewall driver; [x]
S1 aswKbd;aswKbd; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\afwServ.exe [x]
S2 MotoHelper;MotoHelper Service;c:\program files\Motorola\MotoHelper\MotoHelperService.exe [x]
S3 COMMONFX.SYS;COMMONFX.SYS;c:\windows\System32\drivers\COMMONFX.SYS [x]
S3 CTEDSPIO.SYS;CTEDSPIO.SYS;c:\windows\System32\drivers\CTEDSPIO.SYS [x]
S3 CTEDSPSY.SYS;CTEDSPSY.SYS;c:\windows\System32\drivers\CTEDSPSY.SYS [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2013-01-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-25 01:28]
.
2013-01-18 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2012-07-02 23:50]
.
2013-01-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-57989841-220523388-1801674531-1003Core.job
- c:\documents and settings\Jason\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-08-07 20:39]
.
2013-01-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-57989841-220523388-1801674531-1003UA.job
- c:\documents and settings\Jason\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-08-07 20:39]
.
2012-12-31 c:\windows\Tasks\MotoHelper MUM.job
- c:\program files\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-06 21:00]
.
2013-01-17 c:\windows\Tasks\MotoHelper Routing.job
- c:\program files\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-06 21:00]
.
2012-12-31 c:\windows\Tasks\MotoHelper Update.job
- c:\program files\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-06 21:00]
.
.
------- Supplementary Scan -------
.
TCP: DhcpNameServer = 192.168.1.1
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - (no file)
AddRemove-SoftwareUpdUtility - c:\program files\Common Files\Software Update Utility\uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-01-17 20:36
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
.
C:\avast! sandbox
.
scan completed successfully
hidden files: 1
.
**************************************************************************
.
Completion time: 2013-01-17 20:37:37
ComboFix-quarantined-files.txt 2013-01-18 01:37
.
Pre-Run: 289,124,982,784 bytes free
Post-Run: 289,311,776,768 bytes free
.
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect /usepmtimer
.
- - End Of File - - 50A89E82AB533367D0CFAE2C28F0171C
-
I just went through the setup for malwarebytes and unfortunately I get the same exact errors as before "CoCreateInstance failed; code 0x80040154. Class not registered." pops up 5 times at the end and then the "run-time error 372. Failed to load control 'WebBrowser' from ieframe.dll. Your version of ieframe.dll may be oudated. Make sure you are using the version of the control that was provided with your application." when I try to open malwarebytes.
Any other ideas?
-
The Junkware removal tool is good since it looks like it repaired and removed a few things that nothing else picked up.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.4.3 (01.15.2013:1)
OS: Microsoft Windows XP x86
Ran by Jason on Wed 01/16/2013 at 22:24:18.39
Blog: http://thisisudax.blogspot.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] hkey_current_user\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\DisplayName
Successfully repaired: [Registry Value] hkey_current_user\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\URL
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\DisplayName
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\URL
~~~ Registry Keys
Successfully deleted: [Registry Key] hkey_local_machine\software\freeze.com
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\appid\dnu.exe
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\dnupdate
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\dnupdater.downloaduibrowser
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\dnupdater.downloaduibrowser.1
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\dnupdater.downloadupdcontroller
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\dnupdater.downloadupdcontroller.1
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{02478d38-c3f9-4efb-9b51-7695eca05670}
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\Program Files\Common Files\software update utility"
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 01/16/2013 at 22:30:09.20
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
Farbar Service Scanner Version: 16-01-2013
Ran by Jason (administrator) on 15-01-2013 at 21:40:11
Running from "C:\Documents and Settings\Jason\Desktop"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************
Internet Services:
============
Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is offline
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.
Windows Firewall:
=============
Firewall Disabled Policy:
==================
System Restore:
============
System Restore Disabled Policy:
========================
Security Center:
============
Windows Update:
============
Windows Autoupdate Disabled Policy:
============================
File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit
Extra List:
=======
aswFW(9) aswTdi(8) Gpc(3) IPSec(5) NetBT(6) PSched(7) Tcpip(4)
0x09000000050000000100000002000000030000000400000009000000080000000600000007000000
IpSec Tag value is correct.
**** End of log ****
-
I still cannot run Malwarebytes even though it says its installed. I'm still seeing:
Run-time error '372.'
Failed to load control 'WebBrowser' from ieframe.dll. Your version of ieframe.dll may be outdated. Make sure you are using the version of the control that was provided with the application.
Cannot install malwarebytes
in Resolved Malware Removal Logs
Posted
Hmmm I didn't see error 372 error directly addressed in those forums.
I already have Path in environment variables with the following value - %SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem
Should I just overwrite it with C:\WINDOWS\system32?
Also I opened a ticket on the help desk. Let me know when you guys receive that. Thanks