camper65 Posted November 3, 2012 ID:609327 Share Posted November 3, 2012 I working on a friend's notebook who a few weeks ago found that it was very slow. She's not sure what she was doing but it just became unusable. I've run Spybot Search and Destroy which found just a batch of cookies (expected that) and MBAM didn't find anything with two scans done. I ran Hijackthis to see if someone can find what could be causing extreme slowness. Is this machine infected?She is running Windows XP, SP3, it's updated except for the lastest IE8 security update which it cannot seem to update. She has 512 MB of memory (with a request that she add some more) but that doesn't explain the change in speed of the machine. She did download, pay for and install fixcleaner (which I never had heard of) to see if she could fix it herself.Logfile of Trend Micro HijackThis v2.0.2Scan saved at 3:07:48 PM, on 11/1/2012Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v8.00 (8.00.6001.18702)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exeC:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exeC:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exeC:\WINDOWS\system32\mfevtps.exeC:\Program Files\McAfee Online Backup\MOBK755backup.exeC:\Program Files\Analog Devices\SoundMAX\SMAgent.exeC:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.1.5\ToolbarUpdater.exeC:\Program Files\Common Files\McAfee\SystemCore\mcshield.exeC:\Program Files\Common Files\McAfee\SystemCore\mfefire.exeC:\WINDOWS\system32\rundll32.exeC:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exeC:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exeC:\WINDOWS\system32\igfxpers.exeC:\WINDOWS\system32\hkcmd.exeC:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exeC:\Program Files\iTunes\iTunesHelper.exeC:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exeC:\Program Files\AVG Secure Search\vprot.exeC:\Program Files\McAfee.com\Agent\mcagent.exeC:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exeC:\Program Files\Spybot - Search & Destroy\TeaTimer.exeC:\Program Files\Messenger\msmsgs.exeC:\Program Files\FixCleaner\FixCleaner.exeC:\Program Files\DriverUpdate\DriverUpdate.exeC:\Program Files\Sony Corporation\Image Transfer\SonyTray.exeC:\Program Files\Microsoft Office\Office\FINDFAST.EXEC:\Program Files\Microsoft Office\Office\OSA.EXEC:\QUICKENW\QWDLLS.EXEC:\PROGRA~1\hpq\Shared\HPQTOA~1.EXEC:\WINDOWS\system32\wuauclt.exeC:\Program Files\iPod\bin\iPodService.exeC:\Program Files\Spybot - Search & Destroy\SpybotSD.exeC:\PROGRA~1\McAfee\MSC\McSync.exec:\PROGRA~1\mcafee\SITEAD~1\saUpd.exeC:\Program Files\Google\Chrome\Application\chrome.exeC:\WINDOWS\system32\wuauclt.exeC:\Program Files\Google\Chrome\Application\chrome.exeC:\Program Files\Trend Micro\HijackThis\HijackThis.exeC:\Program Files\Google\Chrome\Application\chrome.exeC:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exeR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.yahoo.com/search?fr=mcafee&p=%s%sR1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.localR3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dllO2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dllO2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dllO2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dllO2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120820092718.dllO2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\12.1.0.21\AVG Secure Search_toolbar.dllO2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dllO2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dllO3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dllO3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\12.1.0.21\AVG Secure Search_toolbar.dllO4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exeO4 - HKLM\..\Run: [DeviceDiscovery] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exeO4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exeO4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exeO4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exeO4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exeO4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -kO4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"O4 - HKLM\..\Run: [nmctxth] "C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe"O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe"O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkeyO4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exeO4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /backgroundO4 - HKCU\..\Run: [FixCleaner] C:\Program Files\FixCleaner\FixCleaner.exe -bootO4 - HKCU\..\Run: [DriverUpdate] "C:\Program Files\DriverUpdate\DriverUpdate.exe" -bootO4 - Global Startup: Billminder.lnk = C:\QUICKENW\BILLMIND.EXEO4 - Global Startup: Image Transfer.lnk = ?O4 - Global Startup: Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXEO4 - Global Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXEO4 - Global Startup: Quicken Startup.lnk = C:\QUICKENW\QWDLLS.EXEO9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dllO9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dllO9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cabO18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dllO18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dllO18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\12.1.5\ViProtocol.dllO18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~1\mcafee\msc\mcsniepl.dllO23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeO23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exeO23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exeO23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exeO23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exeO23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exeO23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exeO23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exeO23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exeO23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exeO23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exeO23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exeO23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exeO23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exeO23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exeO23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\WINDOWS\system32\mfevtps.exeO23 - Service: McAfee Online Backup Service (MOBK755backup) - McAfee, Inc. - C:\Program Files\McAfee Online Backup\MOBK755backup.exeO23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exeO23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exeO23 - Service: Pure Networks Platform Service (nmservice) - Cisco Systems, Inc. - C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exeO23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exeO23 - Service: vToolbarUpdater12.1.5 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.1.5\ToolbarUpdater.exeAttached are also the MBAM and Spybot logs from the last scans I did.mbam-log-2012-11-01 (15-39-10).txtSpybotSD.Report.txt Link to post Share on other sites More sharing options...
MrCharlie Posted November 3, 2012 ID:609359 Share Posted November 3, 2012 Welcome to the forum, please start at the link below:http://forums.malwar...?showtopic=9573Post back the 2 logs here.....DDS.txt and Attach.txt<====><====><====><====><====><====><====><====>Next.......Please remove any usb or external drives from the computer before you run this scan!Quit all running programs.Please download and run RogueKiller to your desktop.For Windows XP, double-click to start.For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.Click Scan to scan the system. When the scan completes > Close out the program > Don't Fix anything!Don't run any other options, they're not all bad!!!!!!!Post back the report which should be located on your desktop.MrC------->Your topic will be closed if you haven't replied within 3 days!<-------- Link to post Share on other sites More sharing options...
camper65 Posted November 4, 2012 Author ID:609571 Share Posted November 4, 2012 As per your instructions I ran the programs and have attached the one file and posted the other two reports. Please let me know if you see anything that is affecting her machine. If not, the next step for me would be to do major testing of the memory in the machine (the present chip) and test when we get the new chip (trying to upgrade her amount of memory). Thanks again.This is the first of the DDS files, the other one is attached as a zip fileDDS (Ver_2012-10-19.01) - NTFS_x86Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.5.1Run by Owner at 12:19:47 on 2012-11-04.============== Running Processes ================.C:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\System32\SCardSvr.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exeC:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exeC:\WINDOWS\system32\mfevtps.exeC:\Program Files\McAfee Online Backup\MOBK755backup.exeC:\Program Files\Analog Devices\SoundMAX\SMAgent.exeC:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.1.5\ToolbarUpdater.exeC:\Program Files\Common Files\McAfee\SystemCore\mcshield.exeC:\Program Files\Common Files\McAfee\SystemCore\mfefire.exeC:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exeC:\WINDOWS\system32\rundll32.exeC:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exeC:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exeC:\WINDOWS\system32\igfxpers.exeC:\WINDOWS\system32\wuauclt.exeC:\WINDOWS\system32\hkcmd.exeC:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exeC:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exeC:\Program Files\AVG Secure Search\vprot.exeC:\Program Files\McAfee.com\Agent\mcagent.exeC:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exeC:\Program Files\Spybot - Search & Destroy\TeaTimer.exeC:\Program Files\Messenger\msmsgs.exeC:\Program Files\FixCleaner\FixCleaner.exeC:\Program Files\DriverUpdate\DriverUpdate.exeC:\WINDOWS\system32\wbem\wmiprvse.exeC:\Program Files\Sony Corporation\Image Transfer\SonyTray.exeC:\Program Files\Microsoft Office\Office\FINDFAST.EXEC:\Program Files\Microsoft Office\Office\OSA.EXEC:\QUICKENW\QWDLLS.EXEC:\PROGRA~1\hpq\Shared\HPQTOA~1.EXEC:\WINDOWS\System32\alg.exeC:\WINDOWS\explorer.exeC:\WINDOWS\system32\wuauclt.exeC:\WINDOWS\system32\wbem\wmiprvse.exeC:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exeC:\WINDOWS\System32\svchost.exe -k netsvcsC:\WINDOWS\system32\svchost.exe -k NetworkServiceC:\WINDOWS\system32\svchost.exe -k LocalServiceC:\WINDOWS\system32\svchost.exe -k LocalService.============== Pseudo HJT Report ===============.uStart Page = hxxp://www.google.com/uSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%s%suURLSearchHooks: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\program files\mcafee\siteadvisor\McIEPlg.dllBHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dllBHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dllBHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\oracle\javafx 2.1 runtime\bin\ssv.dllBHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\common files\mcafee\systemcore\ScriptSn.20120820092718.dllBHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg secure search\12.1.0.21\AVG Secure Search_toolbar.dllBHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\program files\mcafee\siteadvisor\McIEPlg.dllBHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\oracle\javafx 2.1 runtime\bin\jp2ssv.dllTB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file>TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\program files\mcafee\siteadvisor\McIEPlg.dllTB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg secure search\12.1.0.21\AVG Secure Search_toolbar.dlluRun: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe"uRun: [spybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exeuRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /backgrounduRun: [FixCleaner] c:\program files\fixcleaner\FixCleaner.exe -bootuRun: [DriverUpdate] "c:\program files\driverupdate\DriverUpdate.exe" -bootmRun: [HPDJ Taskbar Utility] c:\windows\system32\spool\drivers\w32x86\3\hpztsb09.exemRun: [DeviceDiscovery] c:\program files\hewlett-packard\digital imaging\bin\hpotdd01.exemRun: [igfxtray] c:\windows\system32\igfxtray.exemRun: [igfxpers] c:\windows\system32\igfxpers.exemRun: [igfxhkcmd] c:\windows\system32\hkcmd.exemRun: [hpWirelessAssistant] c:\program files\hpq\hp wireless assistant\HP Wireless Assistant.exemRun: [KernelFaultCheck] c:\windows\system32\dumprep 0 -kmRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"mRun: [nmctxth] "c:\program files\common files\pure networks shared\platform\nmctxth.exe"mRun: [vProt] "c:\program files\avg secure search\vprot.exe"mRun: [mcui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkeyuPolicies-Explorer: NoDriveTypeAutoRun = dword:145uPolicies-Explorer: NoThumbnailCache = dword:1mPolicies-Explorer: NoDriveTypeAutoRun = dword:28mPolicies-Explorer: NoDriveTypeAutoRun = dword:145IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dllIE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exeIE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exeDPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1351901225171DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cabDPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cabDPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cabDPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cabTCP: NameServer = 75.75.75.75 75.75.76.76TCP: Interfaces\{D1C23877-3C03-4FE1-B9F6-1DAEC9B9F137} : DHCPNameServer = 75.75.75.75 75.75.76.76Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\program files\mcafee\msc\McSnIePl.dllHandler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - c:\program files\hp\hpcoretech\comp\hpuiprot.dllHandler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files\mcafee\siteadvisor\McIEPlg.dllHandler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - c:\program files\common files\pure networks shared\platform\puresp4.dllHandler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files\mcafee\siteadvisor\McIEPlg.dllHandler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\12.1.5\ViProtocol.dllNotify: igfxcui - igfxdev.dllSSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll.============= SERVICES / DRIVERS ===============.R? ADM8511;ADMtek ADM8511/AN986 USB To Fast Ethernet ConverterR? mfendisk;McAfee Core NDIS Intermediate FilterR? mferkdet;McAfee Inc. mferkdetR? SWDUMon;SWDUMonS? avgtp;avgtpS? cfwids;McAfee Inc. cfwidsS? GTIPCI21;GTIPCI21S? McAfee SiteAdvisor Service;McAfee SiteAdvisor ServiceS? McMPFSvc;McAfee Personal Firewall ServiceS? McNaiAnn;McAfee VirusScan AnnouncerS? McProxy;McAfee Proxy ServiceS? McShield;McAfee McShieldS? mfeavfk;McAfee Inc. mfeavfkS? mfebopk;McAfee Inc. mfebopkS? mfefire;McAfee Firewall Core ServiceS? mfefirek;McAfee Inc. mfefirekS? mfehidk;McAfee Inc. mfehidkS? mfendiskmp;mfendiskmpS? mfetdi2k;McAfee Inc. mfetdi2kS? mfevtp;McAfee Validation Trust Protection ServiceS? MOBK755backup;McAfee Online Backup ServiceS? MOBK755Filter;MOBK755FilterS? mrtRate;mrtRateS? vToolbarUpdater12.1.5;vToolbarUpdater12.1.5.=============== Created Last 30 ================.2012-11-01 19:01:33 -------- d-----w- c:\program files\Trend Micro2012-11-01 17:40:12 -------- d-----w- C:\e4dac09a09da8dc777cd5f8a4f2012-10-31 12:21:33 -------- d-----w- c:\windows\pss2012-10-28 12:30:02 -------- d-----w- c:\documents and settings\owner\application data\Malwarebytes2012-10-28 12:28:17 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes2012-10-28 12:28:04 22856 ----a-w- c:\windows\system32\drivers\mbam.sys2012-10-28 12:28:01 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware2012-10-27 22:55:08 -------- d-----w- c:\program files\Spybot - Search & Destroy2012-10-27 20:09:02 -------- d-----w- C:\483f5c0d14c4ee78282012-10-27 19:45:44 -------- d-----w- c:\windows\system32\XPSViewer2012-10-27 19:36:47 89088 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll2012-10-27 19:29:51 117760 ------w- c:\windows\system32\prntvpt.dll2012-10-27 19:29:50 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll2012-10-27 19:29:49 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe2012-10-27 19:29:49 597504 ------w- c:\windows\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe2012-10-27 19:29:46 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll2012-10-27 19:29:46 575488 ------w- c:\windows\system32\xpsshhdr.dll2012-10-27 19:29:38 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll2012-10-27 19:29:38 1676288 ------w- c:\windows\system32\xpssvcs.dll2012-10-27 19:29:21 -------- d-----w- C:\0a8481c6362fa3ca3c55a62012-10-27 18:15:35 -------- d-----w- c:\program files\TeaTimer (Spybot - Search & Destroy)2012-10-27 18:15:35 -------- d-----w- c:\program files\SDHelper (Spybot - Search & Destroy)2012-10-27 18:15:35 -------- d-----w- c:\program files\Misc. Support Library (Spybot - Search & Destroy)2012-10-27 18:15:35 -------- d-----w- c:\program files\File Scanner Library (Spybot - Search & Destroy)2012-10-27 18:15:35 -------- d-----w- c:\documents and settings\all users\application data\Spybot - Search & Destroy2012-10-23 13:46:00 3993600 ----a-w- c:\program files\GUT9.tmp2012-10-23 13:46:00 -------- d-----w- c:\program files\GUM8.tmp2012-10-23 13:07:42 -------- d-----w- c:\documents and settings\owner\local settings\application data\Real2012-10-23 13:01:54 -------- d-----w- c:\program files\common files\xing shared2012-10-23 12:36:04 -------- d-----w- c:\program files\The Weather Channel FW2012-10-23 12:33:58 -------- d-----w- c:\documents and settings\owner\local settings\application data\The Weather Channel2012-10-22 19:54:07 -------- d-----w- c:\documents and settings\owner\local settings\application data\Google2012-10-22 19:53:29 4096000 ----a-w- c:\program files\GUT43.tmp2012-10-22 19:53:29 -------- d-----w- c:\program files\GUM42.tmp2012-10-12 23:26:00 96224 ----a-w- c:\program files\mozilla firefox\webapprt-stub.exe2012-10-12 23:26:00 157272 ----a-w- c:\program files\mozilla firefox\webapp-uninstaller.exe2012-10-12 23:25:29 29312 ----a-w- c:\program files\mozilla firefox\ScriptFF.dll.==================== Find3M ====================.2012-11-04 17:02:00 13024 ----a-w- c:\windows\system32\drivers\SWDUMon.sys2012-11-01 18:20:14 13024 ----a-w- c:\windows\system32\drivers\SETE.tmp2012-10-23 12:56:01 348160 ----a-w- c:\windows\system32\msvcr71.dll2012-10-23 12:55:58 499712 ----a-w- c:\windows\system32\msvcp71.dll2012-08-24 13:53:22 177664 ----a-w- c:\windows\system32\wintrust.dll2012-08-21 13:29:19 2192896 ----a-w- c:\windows\system32\ntoskrnl.exe2012-08-21 12:58:06 2069632 ----a-w- c:\windows\system32\ntkrnlpa.exe2012-08-18 21:41:38 143872 ----a-w- c:\windows\system32\javacpl.cpl.============= FINISH: 12:26:16.54 ===============This one is the roguekiller report:RogueKiller V8.2.2 [11/03/2012] by Tigzymail: tigzyRK<at>gmail<dot>comFeedback: http://www.geekstogo...13-roguekiller/Website: http://tigzy.geeksto...roguekiller.phpBlog: http://tigzyrk.blogspot.comOperating System: Windows XP (5.1.2600 Service Pack 3) 32 bits versionStarted in : Normal modeUser : Owner [Admin rights]Mode : Scan -- Date : 11/04/2012 12:49:35¤¤¤ Bad processes : 1 ¤¤¤[sUSP PATH] for susan's machine - RogueKiller.exe -- C:\Documents and Settings\Owner\Desktop\run on Susan's machine\for susan's machine - RogueKiller.exe -> KILLED [TermThr]¤¤¤ Registry Entries : 1 ¤¤¤[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND¤¤¤ Particular Files / Folders: ¤¤¤¤¤¤ Driver : [LOADED] ¤¤¤¤¤¤ HOSTS File: ¤¤¤--> C:\WINDOWS\system32\drivers\etc\hosts127.0.0.1 localhost¤¤¤ MBR Check: ¤¤¤+++++ PhysicalDrive0: TOSHIBA MK8025GAS +++++--- User ---[MBR] 7b1c534463396aa2733efab8aabee4ff[bSP] 7166e01b0afeb0f73e9ab91b34015cd2 : Windows XP MBR CodePartition table:0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 76308 MoUser = LL1 ... OK!User = LL2 ... OK!Finished : << RKreport[1]_S_11042012_02d1249.txt >>RKreport[1]_S_11042012_02d1249.txtattach.zip Link to post Share on other sites More sharing options...
MrCharlie Posted November 4, 2012 ID:609576 Share Posted November 4, 2012 Not much showing but lets run some scans.......Please read the directions carefully so you don't end up deleting something that is good!!Please note that TDSSKiller can be run in safe mode if needed.Please download the latest version of TDSSKiller from here and save it to your Desktop.Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.Put a checkmark beside loaded modules.A reboot will be needed to apply the changes. Do it.TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.Then click on Change parameters in TDSSKiller.Check all boxes then click OK.Click the Start Scan button.The scan should take no longer than 2 minutes.If a suspicious object is detected, the default action will be Skip, click on Continue.Any entries like this: \Device\Harddisk0\DR0 ( TDSS File System ) - please choose Skip.If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here. There may be 3 logs > so post or attach all of them.Sometimes these logs can be very large, in that case please attach it or zip it up and attach it.Here's a summary of what to do if you would like to print it out:If a suspicious object is detected, the default action will be Skip, click on ContinueIf you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please chooseSkip and click on ContinueAny entries like this: \Device\Harddisk0\DR0 ( TDSS File System ) - please choose Skip.If malicious objects are found, they will show in the Scan results and offer three (3) options.Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.~~~~~~~~~~~~~~~~~~~~You can attach the logs if they're too long:Bottom right corner of this page.New window that comes up.MrC Link to post Share on other sites More sharing options...
camper65 Posted November 4, 2012 Author ID:609598 Share Posted November 4, 2012 Here are the two logs from TDSSKiller being run. Thanks for your help.First one:13:33:21.0468 2620 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:3513:33:23.0500 2620 ============================================================13:33:23.0500 2620 Current date / time: 2012/11/04 13:33:23.050013:33:23.0500 2620 SystemInfo:13:33:23.0500 2620 13:33:23.0500 2620 OS Version: 5.1.2600 ServicePack: 3.013:33:23.0500 2620 Product type: Workstation13:33:23.0500 2620 ComputerName: OWNER-4D0C6BC6913:33:23.0500 2620 UserName: Owner13:33:23.0500 2620 Windows directory: C:\WINDOWS13:33:23.0500 2620 System windows directory: C:\WINDOWS13:33:23.0500 2620 Processor architecture: Intel x8613:33:23.0500 2620 Number of processors: 113:33:23.0500 2620 Page size: 0x100013:33:23.0500 2620 Boot type: Normal boot13:33:23.0500 2620 ============================================================13:33:31.0734 2620 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2861, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x0000005413:33:31.0859 2620 ============================================================13:33:31.0859 2620 \Device\Harddisk0\DR0:13:33:33.0000 2620 MBR partitions:13:33:33.0000 2620 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x950A5C113:33:33.0000 2620 ============================================================13:33:39.0187 2620 C: <-> \Device\Harddisk0\DR0\Partition113:33:39.0187 2620 ============================================================13:33:39.0187 2620 Initialize success13:33:39.0187 2620 ============================================================13:33:53.0625 1632 Deinitialize successsecond one:13:41:26.0968 1992 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:3513:41:28.0968 1992 ============================================================13:41:28.0968 1992 Current date / time: 2012/11/04 13:41:28.096813:41:28.0968 1992 SystemInfo:13:41:28.0968 1992 13:41:28.0968 1992 OS Version: 5.1.2600 ServicePack: 3.013:41:28.0968 1992 Product type: Workstation13:41:28.0968 1992 ComputerName: OWNER-4D0C6BC6913:41:28.0968 1992 UserName: Owner13:41:28.0968 1992 Windows directory: C:\WINDOWS13:41:28.0968 1992 System windows directory: C:\WINDOWS13:41:28.0968 1992 Processor architecture: Intel x8613:41:28.0968 1992 Number of processors: 113:41:28.0968 1992 Page size: 0x100013:41:28.0968 1992 Boot type: Normal boot13:41:28.0968 1992 ============================================================13:41:48.0781 1992 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2861, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x0000005413:41:49.0015 1992 ============================================================13:41:49.0015 1992 \Device\Harddisk0\DR0:13:41:49.0156 1992 MBR partitions:13:41:49.0156 1992 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x950A5C113:41:49.0156 1992 ============================================================13:41:50.0593 1992 C: <-> \Device\Harddisk0\DR0\Partition113:41:50.0656 1992 ============================================================13:41:50.0656 1992 Initialize success13:41:50.0656 1992 ============================================================13:47:11.0859 2064 ============================================================13:47:11.0859 2064 Scan started13:47:11.0859 2064 Mode: Manual; SigCheck; TDLFS;13:47:11.0859 2064 ============================================================13:47:16.0468 2064 ================ Scan system memory ========================13:47:16.0468 2064 System memory - ok13:47:16.0468 2064 ================ Scan services =============================13:47:22.0296 2064 92433500 - ok13:47:22.0406 2064 Abiosdsk - ok13:47:22.0578 2064 abp480n5 - ok13:47:23.0015 2064 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys13:48:39.0687 2064 ACPI - ok13:48:54.0875 2064 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys13:48:55.0828 2064 ACPIEC - ok13:48:58.0031 2064 [ B05F2367F62552A2DE7E3C352B7B9885 ] ADM8511 C:\WINDOWS\system32\DRIVERS\ADM8511.SYS13:49:08.0406 2064 ADM8511 - ok13:49:08.0421 2064 adpu160m - ok13:49:10.0937 2064 [ AD707942E4CCB28D77CEE5ED989C9E55 ] aeaudio C:\WINDOWS\system32\drivers\aeaudio.sys13:49:11.0453 2064 aeaudio - ok13:49:12.0640 2064 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys13:49:13.0812 2064 aec - ok13:49:16.0031 2064 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys13:49:19.0296 2064 AFD - ok13:49:22.0312 2064 [ 0EBB674888CBDEFD5773341C16DD6A07 ] AFS2K C:\WINDOWS\system32\drivers\AFS2K.sys13:49:23.0343 2064 AFS2K - ok13:49:34.0875 2064 [ 029E01CB2938BEC5AF31BF47B6AF0159 ] AgereSoftModem C:\WINDOWS\system32\DRIVERS\AGRSM.sys13:49:42.0484 2064 AgereSoftModem - ok13:49:42.0734 2064 Aha154x - ok13:49:43.0281 2064 aic78u2 - ok13:49:43.0296 2064 aic78xx - ok13:49:45.0421 2064 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll13:49:46.0343 2064 Alerter - ok13:49:46.0500 2064 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe13:49:47.0562 2064 ALG - ok13:49:47.0562 2064 AliIde - ok13:49:47.0640 2064 amsint - ok13:49:48.0640 2064 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll13:49:49.0671 2064 AppMgmt - ok13:49:53.0500 2064 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys13:49:55.0343 2064 Arp1394 - ok13:49:55.0375 2064 asc - ok13:49:55.0406 2064 asc3350p - ok13:49:55.0484 2064 asc3550 - ok13:50:56.0281 2064 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe13:51:11.0609 2064 aspnet_state - ok13:51:15.0906 2064 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys13:52:41.0140 2064 AsyncMac - ok13:52:43.0625 2064 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys13:52:44.0968 2064 atapi - ok13:52:44.0984 2064 Atdisk - ok13:52:45.0375 2064 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys13:52:46.0640 2064 Atmarpc - ok13:52:48.0453 2064 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll13:52:49.0375 2064 AudioSrv - ok13:52:51.0109 2064 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys13:52:52.0000 2064 audstub - ok13:53:01.0062 2064 [ 684DE9D6E62BFB177AABED3C62FDEAB3 ] avgtp C:\WINDOWS\system32\drivers\avgtpx86.sys13:53:06.0765 2064 avgtp - ok13:53:17.0046 2064 [ 2DC524A5D9C4879E7A7CB7100A2D36B4 ] b57w2k C:\WINDOWS\system32\DRIVERS\b57xp32.sys13:53:17.0906 2064 b57w2k - ok13:53:20.0437 2064 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys13:53:21.0312 2064 Beep - ok13:53:24.0546 2064 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll13:53:31.0484 2064 BITS - ok13:53:39.0578 2064 [ A065F048E9E23E6C026A7BB548D126A7 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe13:53:41.0687 2064 Bonjour Service - ok13:53:42.0468 2064 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll13:53:43.0625 2064 Browser - ok13:53:44.0359 2064 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys13:53:44.0984 2064 cbidf2k - ok13:53:45.0140 2064 cd20xrnt - ok13:53:45.0765 2064 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys13:53:46.0609 2064 Cdaudio - ok13:53:48.0093 2064 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys13:53:48.0718 2064 Cdfs - ok13:53:49.0687 2064 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys13:53:50.0109 2064 Cdrom - ok13:53:50.0890 2064 [ 1C7B1E36F3CED9E4B0B13385E627FE8B ] cfwids C:\WINDOWS\system32\drivers\cfwids.sys13:53:50.0984 2064 cfwids - ok13:53:51.0015 2064 Changer - ok13:53:52.0312 2064 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe13:53:53.0656 2064 CiSvc - ok13:53:54.0140 2064 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe13:53:55.0046 2064 ClipSrv - ok13:53:56.0718 2064 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe13:54:06.0796 2064 clr_optimization_v2.0.50727_32 - ok13:54:07.0203 2064 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys13:54:08.0953 2064 CmBatt - ok13:54:08.0953 2064 CmdIde - ok13:54:09.0296 2064 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys13:54:10.0812 2064 Compbatt - ok13:54:10.0875 2064 COMSysApp - ok13:54:11.0906 2064 Cpqarray - ok13:54:16.0812 2064 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll13:54:18.0000 2064 CryptSvc - ok13:54:18.0015 2064 dac2w2k - ok13:54:18.0187 2064 dac960nt - ok13:54:20.0093 2064 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll13:54:23.0156 2064 DcomLaunch - ok13:54:24.0703 2064 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll13:54:26.0171 2064 Dhcp - ok13:54:26.0515 2064 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys13:54:27.0453 2064 Disk - ok13:54:27.0453 2064 dmadmin - ok13:54:34.0093 2064 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys13:54:37.0359 2064 dmboot - ok13:54:43.0515 2064 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys13:54:44.0703 2064 dmio - ok13:54:46.0171 2064 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys13:54:47.0250 2064 dmload - ok13:54:49.0406 2064 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll13:54:54.0796 2064 dmserver - ok13:55:24.0765 2064 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys13:55:25.0703 2064 DMusic - ok13:55:26.0906 2064 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll13:55:30.0203 2064 Dnscache - ok13:55:33.0781 2064 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll13:55:36.0140 2064 Dot3svc - ok13:55:36.0140 2064 dpti2o - ok13:55:36.0343 2064 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys13:55:37.0593 2064 drmkaud - ok13:55:38.0031 2064 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll13:55:39.0453 2064 EapHost - ok13:55:39.0718 2064 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll13:55:40.0796 2064 ERSvc - ok13:55:41.0031 2064 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe13:55:42.0328 2064 Eventlog - ok13:55:43.0750 2064 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll13:55:45.0718 2064 EventSystem - ok13:55:46.0375 2064 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys13:55:46.0765 2064 Fastfat - ok13:55:47.0718 2064 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll13:55:48.0796 2064 FastUserSwitchingCompatibility - ok13:55:49.0250 2064 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys13:55:49.0937 2064 Fdc - ok13:55:50.0218 2064 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys13:55:50.0781 2064 Fips - ok13:55:51.0671 2064 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys13:55:52.0281 2064 Flpydisk - ok13:55:53.0078 2064 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys13:55:53.0937 2064 FltMgr - ok13:55:56.0937 2064 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe13:55:58.0203 2064 FontCache3.0.0.0 - ok13:55:58.0875 2064 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys13:55:59.0609 2064 Fs_Rec - ok13:56:04.0734 2064 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys13:56:05.0343 2064 Ftdisk - ok13:56:05.0609 2064 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys13:56:05.0906 2064 GEARAspiWDM - ok13:56:06.0234 2064 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys13:56:07.0437 2064 Gpc - ok13:56:18.0000 2064 [ B6B1F53F585B41091EB3586F8297A379 ] GTIPCI21 C:\WINDOWS\system32\DRIVERS\gtipci21.sys13:56:19.0109 2064 GTIPCI21 - ok13:56:31.0062 2064 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll13:56:32.0265 2064 helpsvc - ok13:56:32.0421 2064 HidServ - ok13:56:43.0656 2064 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll13:56:45.0296 2064 hkmsvc - ok13:56:45.0328 2064 hpn - ok13:56:50.0296 2064 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys13:56:56.0484 2064 HTTP - ok13:56:58.0718 2064 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll13:56:59.0968 2064 HTTPFilter - ok13:56:59.0968 2064 i2omgmt - ok13:56:59.0984 2064 i2omp - ok13:57:07.0093 2064 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys13:57:07.0484 2064 i8042prt - ok13:57:11.0953 2064 [ 9E52A1C2E2D7660612C52BC282259852 ] ialm C:\WINDOWS\system32\DRIVERS\ialmnt5.sys13:57:16.0718 2064 ialm - ok13:57:19.0031 2064 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe13:57:24.0546 2064 idsvc - ok13:57:24.0875 2064 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys13:57:25.0500 2064 Imapi - ok13:57:25.0953 2064 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe13:57:27.0093 2064 ImapiService - ok13:57:27.0171 2064 ini910u - ok13:57:27.0390 2064 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys13:57:28.0406 2064 IntelIde - ok13:57:28.0578 2064 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys13:57:29.0625 2064 intelppm - ok13:57:30.0609 2064 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys13:57:31.0859 2064 Ip6Fw - ok13:57:32.0203 2064 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys13:57:33.0000 2064 IpFilterDriver - ok13:57:33.0031 2064 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys13:57:35.0156 2064 IpInIp - ok13:57:36.0156 2064 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys13:57:38.0171 2064 IpNat - ok13:57:41.0578 2064 [ D8389F60EC63FB8197772349E82B5BB7 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe13:57:47.0031 2064 iPod Service - ok13:57:47.0671 2064 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys13:57:49.0859 2064 IPSec - ok13:57:50.0843 2064 [ ACA5E7B54409F9CB5EED97ED0C81120E ] irda C:\WINDOWS\system32\DRIVERS\irda.sys13:57:55.0890 2064 irda - ok13:57:56.0656 2064 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys13:57:59.0281 2064 IRENUM - ok13:57:59.0531 2064 [ 49CC4533CE897CB2E93C1E84A818FDE5 ] Irmon C:\WINDOWS\System32\irmon.dll13:58:00.0968 2064 Irmon - ok13:58:01.0765 2064 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys13:58:03.0078 2064 isapnp - ok13:58:04.0000 2064 [ 4F2143570D2250CA4C4A4C98553C82CD ] JavaQuickStarterService C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe13:58:04.0281 2064 JavaQuickStarterService - ok13:58:05.0031 2064 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys13:58:05.0453 2064 Kbdclass - ok13:58:07.0968 2064 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys13:58:08.0703 2064 kmixer - ok13:58:10.0265 2064 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys13:58:11.0250 2064 KSecDD - ok13:58:12.0531 2064 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll13:58:13.0312 2064 LanmanServer - ok13:58:14.0718 2064 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll13:58:15.0359 2064 lanmanworkstation - ok13:58:15.0406 2064 lbrtfdc - ok13:58:17.0343 2064 [ 6E5DAC168D1FF9843E84A59D51D31107 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe13:58:18.0437 2064 LightScribeService ( UnsignedFile.Multi.Generic ) - warning13:58:19.0062 2064 LightScribeService - detected UnsignedFile.Multi.Generic (1)13:58:32.0765 2064 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll13:58:33.0343 2064 LmHosts - ok13:58:41.0156 2064 [ 7E6932EEDA54C8EAF7DC6C2225261B85 ] McAfee SiteAdvisor Service C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe13:58:42.0187 2064 McAfee SiteAdvisor Service - ok13:58:43.0578 2064 [ 7E6932EEDA54C8EAF7DC6C2225261B85 ] McMPFSvc C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe13:58:43.0609 2064 McMPFSvc - ok13:58:44.0937 2064 [ 7E6932EEDA54C8EAF7DC6C2225261B85 ] mcmscsvc C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe13:58:45.0125 2064 mcmscsvc - ok13:58:45.0609 2064 [ 7E6932EEDA54C8EAF7DC6C2225261B85 ] McNaiAnn C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe13:58:50.0187 2064 McNaiAnn - ok13:58:52.0500 2064 [ 7E6932EEDA54C8EAF7DC6C2225261B85 ] McNASvc C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe13:58:53.0468 2064 McNASvc - ok13:58:57.0843 2064 [ B3CD9ADE1C2665124CA34125B331B0B4 ] McODS C:\Program Files\McAfee\VirusScan\mcods.exe13:59:00.0203 2064 McODS - ok13:59:10.0031 2064 [ 7E6932EEDA54C8EAF7DC6C2225261B85 ] McProxy C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe13:59:10.0203 2064 McProxy - ok13:59:13.0531 2064 [ 593FA4C378818ECE76BA64A11AD56CF2 ] McShield C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe13:59:14.0453 2064 McShield - ok13:59:17.0703 2064 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll13:59:52.0578 2064 Messenger - ok13:59:56.0046 2064 [ 43C31BDF404A6D7A7AC1BFD5EAD2A566 ] mfeapfk C:\WINDOWS\system32\drivers\mfeapfk.sys13:59:56.0687 2064 mfeapfk - ok13:59:57.0812 2064 [ C1DC5F42D3367F33B6451BE78B38BD46 ] mfeavfk C:\WINDOWS\system32\drivers\mfeavfk.sys13:59:58.0609 2064 mfeavfk - ok13:59:58.0687 2064 mfeavfk01 - ok13:59:59.0546 2064 [ 0435C43F4C2BE01B84868AD2A906397B ] mfebopk C:\WINDOWS\system32\drivers\mfebopk.sys13:59:59.0734 2064 mfebopk - ok14:00:01.0968 2064 [ 7E1F8B1BDC8240F08BD358B3A466C005 ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe14:00:06.0765 2064 mfefire - ok14:00:08.0921 2064 [ 4EA6FF90015424517843E931448E00F1 ] mfefirek C:\WINDOWS\system32\drivers\mfefirek.sys14:00:10.0921 2064 mfefirek - ok14:00:18.0000 2064 [ D1E998748BA24A731106611D535C6BBF ] mfehidk C:\WINDOWS\system32\drivers\mfehidk.sys14:00:20.0265 2064 mfehidk - ok14:00:21.0875 2064 [ 26C76D10ED650E6492800D6F081ECFBA ] mfendisk C:\WINDOWS\system32\DRIVERS\mfendisk.sys14:00:26.0015 2064 mfendisk - ok14:00:26.0625 2064 [ 26C76D10ED650E6492800D6F081ECFBA ] mfendiskmp C:\WINDOWS\system32\DRIVERS\mfendisk.sys14:00:26.0687 2064 mfendiskmp - ok14:00:27.0703 2064 [ F454A13377F0A006D20A8C14A753C432 ] mferkdet C:\WINDOWS\system32\drivers\mferkdet.sys14:00:28.0734 2064 mferkdet - ok14:00:29.0265 2064 [ 070D3FAF2EAC417C59D8674A8752F7A6 ] mfetdi2k C:\WINDOWS\system32\drivers\mfetdi2k.sys14:00:29.0750 2064 mfetdi2k - ok14:00:31.0015 2064 [ B10C4EFD40810C08F4B44DF2EFCB54F7 ] mfevtp C:\WINDOWS\system32\mfevtps.exe14:00:34.0906 2064 mfevtp - ok14:00:35.0125 2064 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys14:00:36.0828 2064 mnmdd - ok14:00:37.0296 2064 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe14:00:39.0156 2064 mnmsrvc - ok14:00:43.0218 2064 [ D691B1E7B797778DBB831FFC5CFC39F1 ] MOBK755backup C:\Program Files\McAfee Online Backup\MOBK755backup.exe14:00:44.0250 2064 MOBK755backup - ok14:00:44.0859 2064 [ 720F2E1759526EC6D6D95CB284CF62D9 ] MOBK755Filter C:\WINDOWS\system32\DRIVERS\MOBK755.sys14:00:45.0843 2064 MOBK755Filter - ok14:00:47.0828 2064 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys14:00:48.0687 2064 Modem - ok14:00:49.0093 2064 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys14:00:55.0281 2064 Mouclass - ok14:00:57.0937 2064 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys14:00:59.0359 2064 MountMgr - ok14:00:59.0453 2064 mraid35x - ok14:01:00.0250 2064 [ 6075DE2AD531F6E30C9995DFDA22001F ] mrtRate C:\WINDOWS\system32\drivers\mrtRate.sys14:01:00.0687 2064 mrtRate ( UnsignedFile.Multi.Generic ) - warning14:01:00.0687 2064 mrtRate - detected UnsignedFile.Multi.Generic (1)14:01:02.0000 2064 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys14:01:03.0000 2064 MRxDAV - ok14:01:04.0859 2064 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys14:01:08.0546 2064 MRxSmb - ok14:01:09.0093 2064 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe14:01:17.0453 2064 MSDTC - ok14:01:18.0109 2064 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys14:01:20.0015 2064 Msfs - ok14:01:20.0125 2064 MSIServer - ok14:01:20.0546 2064 [ 7E6932EEDA54C8EAF7DC6C2225261B85 ] MSK80Service C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe14:01:22.0890 2064 MSK80Service - ok14:01:24.0140 2064 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys14:01:25.0718 2064 MSKSSRV - ok14:01:26.0437 2064 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys14:01:27.0234 2064 MSPCLOCK - ok14:01:27.0546 2064 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys14:01:33.0453 2064 MSPQM - ok14:01:33.0656 2064 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys14:01:34.0437 2064 mssmbios - ok14:01:35.0250 2064 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys14:01:35.0921 2064 Mup - ok14:01:37.0078 2064 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll14:01:38.0515 2064 napagent - ok14:01:40.0875 2064 [ 0D01287D85B3715FA8270E8EC919B7F7 ] NBService C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe14:01:46.0484 2064 NBService ( UnsignedFile.Multi.Generic ) - warning14:01:46.0484 2064 NBService - detected UnsignedFile.Multi.Generic (1)14:01:48.0234 2064 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys14:01:51.0062 2064 NDIS - ok14:01:56.0546 2064 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys14:01:57.0500 2064 NdisTapi - ok14:01:57.0828 2064 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys14:01:58.0546 2064 Ndisuio - ok14:01:58.0968 2064 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys14:02:00.0140 2064 NdisWan - ok14:02:00.0765 2064 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys14:02:01.0359 2064 NDProxy - ok14:02:02.0156 2064 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys14:02:02.0937 2064 NetBIOS - ok14:02:03.0343 2064 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys14:02:04.0187 2064 NetBT - ok14:02:04.0718 2064 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe14:02:05.0156 2064 NetDDE - ok14:02:05.0437 2064 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe14:02:06.0062 2064 NetDDEdsdm - ok14:02:06.0203 2064 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe14:02:06.0656 2064 Netlogon - ok14:02:07.0218 2064 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll14:02:07.0843 2064 Netman - ok14:02:10.0296 2064 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe14:02:10.0984 2064 NetTcpPortSharing - ok14:02:11.0187 2064 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys14:02:11.0531 2064 NIC1394 - ok14:02:11.0859 2064 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll14:02:12.0328 2064 Nla - ok14:02:13.0265 2064 [ C4EBBBD7165BE535F0BFD06B80601D91 ] NMIndexingService C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe14:02:13.0671 2064 NMIndexingService ( UnsignedFile.Multi.Generic ) - warning14:02:13.0671 2064 NMIndexingService - detected UnsignedFile.Multi.Generic (1)14:02:14.0828 2064 [ CD2FE9C33CFD0FE0AF124E05907E5C3D ] nmservice C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe14:02:16.0343 2064 nmservice - ok14:02:16.0421 2064 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys14:02:17.0015 2064 Npfs - ok14:02:17.0921 2064 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys14:02:19.0468 2064 Ntfs - ok14:02:19.0515 2064 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe14:02:19.0953 2064 NtLmSsp - ok14:02:20.0531 2064 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll14:02:21.0515 2064 NtmsSvc - ok14:02:21.0546 2064 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys14:02:22.0031 2064 Null - ok14:02:22.0187 2064 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys14:02:22.0390 2064 NwlnkFlt - ok14:02:22.0406 2064 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys14:02:22.0593 2064 NwlnkFwd - ok14:02:22.0656 2064 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys14:02:23.0281 2064 ohci1394 - ok14:02:23.0375 2064 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys14:02:24.0765 2064 Parport - ok14:02:24.0796 2064 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys14:02:25.0250 2064 PartMgr - ok14:02:25.0468 2064 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys14:02:25.0828 2064 ParVdm - ok14:02:26.0406 2064 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys14:02:26.0781 2064 PCI - ok14:02:26.0781 2064 PCIDump - ok14:02:27.0000 2064 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\drivers\PCIIde.sys14:02:27.0593 2064 PCIIde - ok14:02:27.0781 2064 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys14:02:28.0109 2064 Pcmcia - ok14:02:28.0125 2064 PDCOMP - ok14:02:28.0171 2064 PDFRAME - ok14:02:28.0171 2064 PDRELI - ok14:02:28.0250 2064 PDRFRAME - ok14:02:28.0250 2064 perc2 - ok14:02:28.0265 2064 perc2hib - ok14:02:28.0453 2064 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe14:02:28.0625 2064 PlugPlay - ok14:02:28.0781 2064 [ CE27FC8BDC54B3AC63D53E2D5F6CC929 ] pnarp C:\WINDOWS\system32\DRIVERS\pnarp.sys14:02:28.0875 2064 pnarp - ok14:02:28.0906 2064 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe14:02:29.0187 2064 PolicyAgent - ok14:02:29.0312 2064 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys14:02:30.0500 2064 PptpMiniport - ok14:02:30.0671 2064 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe14:02:31.0078 2064 ProtectedStorage - ok14:02:31.0203 2064 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys14:02:31.0656 2064 PSched - ok14:02:31.0796 2064 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys14:02:32.0984 2064 Ptilink - ok14:02:33.0250 2064 [ F4FD591E86ECB6B5D000C7D6C987416B ] purendis C:\WINDOWS\system32\DRIVERS\purendis.sys14:02:33.0671 2064 purendis - ok14:02:33.0750 2064 ql1080 - ok14:02:33.0890 2064 Ql10wnt - ok14:02:33.0968 2064 ql12160 - ok14:02:33.0984 2064 ql1240 - ok14:02:34.0046 2064 ql1280 - ok14:02:34.0359 2064 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys14:02:34.0703 2064 RasAcd - ok14:02:34.0984 2064 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll14:02:35.0500 2064 RasAuto - ok14:02:35.0656 2064 [ 0207D26DDF796A193CCD9F83047BB5FC ] Rasirda C:\WINDOWS\system32\DRIVERS\rasirda.sys14:02:36.0062 2064 Rasirda - ok14:02:36.0109 2064 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys14:02:36.0375 2064 Rasl2tp - ok14:02:36.0812 2064 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll14:02:37.0640 2064 RasMan - ok14:02:37.0687 2064 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys14:02:37.0984 2064 RasPppoe - ok14:02:38.0031 2064 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys14:02:38.0500 2064 Raspti - ok14:02:38.0984 2064 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys14:02:39.0578 2064 Rdbss - ok14:02:39.0734 2064 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys14:02:40.0031 2064 RDPCDD - ok14:02:40.0671 2064 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys14:02:41.0281 2064 rdpdr - ok14:02:41.0406 2064 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys14:02:42.0593 2064 RDPWD - ok14:02:43.0093 2064 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe14:02:43.0593 2064 RDSessMgr - ok14:02:43.0781 2064 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys14:02:44.0343 2064 redbook - ok14:02:44.0468 2064 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll14:02:44.0968 2064 RemoteAccess - ok14:02:45.0078 2064 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll14:02:45.0296 2064 RemoteRegistry - ok14:02:45.0656 2064 [ BD517C7FB119997EFFBE39D5E4B37B05 ] RichVideo C:\Program Files\CyberLink\Shared Files\RichVideo.exe14:02:46.0031 2064 RichVideo ( UnsignedFile.Multi.Generic ) - warning14:02:46.0031 2064 RichVideo - detected UnsignedFile.Multi.Generic (1)14:02:46.0187 2064 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe14:02:46.0656 2064 RpcLocator - ok14:02:46.0984 2064 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\system32\rpcss.dll14:02:47.0562 2064 RpcSs - ok14:02:47.0656 2064 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe14:02:48.0109 2064 RSVP - ok14:02:48.0218 2064 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe14:02:48.0359 2064 SamSs - ok14:02:48.0453 2064 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe14:02:49.0062 2064 SCardSvr - ok14:02:49.0296 2064 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll14:02:50.0468 2064 Schedule - ok14:02:50.0531 2064 [ 8D04819A3CE51B9EB47E5689B44D43C4 ] sdbus C:\WINDOWS\system32\DRIVERS\sdbus.sys14:02:50.0718 2064 sdbus - ok14:02:50.0843 2064 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys14:02:51.0187 2064 Secdrv - ok14:02:51.0843 2064 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll14:02:52.0171 2064 seclogon - ok14:02:52.0468 2064 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll14:02:53.0046 2064 SENS - ok14:02:53.0406 2064 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys14:02:53.0718 2064 serenum - ok14:02:53.0781 2064 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys14:02:54.0312 2064 Serial - ok14:02:54.0515 2064 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys14:02:55.0328 2064 Sfloppy - ok14:02:55.0750 2064 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll14:02:56.0750 2064 SharedAccess - ok14:02:56.0859 2064 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll14:02:57.0234 2064 ShellHWDetection - ok14:02:57.0250 2064 Simbad - ok14:02:57.0343 2064 [ 707647A1AA0EDB6CBEF61B0C75C28ED3 ] SMCIRDA C:\WINDOWS\system32\DRIVERS\smcirda.sys14:02:57.0625 2064 SMCIRDA - ok14:02:57.0968 2064 [ 858934C454BDC6664C752BF0CD3EAEAE ] smwdm C:\WINDOWS\system32\drivers\smwdm.sys14:02:58.0578 2064 smwdm - ok14:02:58.0781 2064 [ A1ECEEAA5C5E74B2499EB51D38185B84 ] SONYPVU1 C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS14:02:59.0484 2064 SONYPVU1 - ok14:02:59.0890 2064 [ 3978F082274F723AD5A0A8058C2417DD ] SoundMAX Agent Service (default) C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe14:03:00.0218 2064 SoundMAX Agent Service (default) ( UnsignedFile.Multi.Generic ) - warning14:03:00.0218 2064 SoundMAX Agent Service (default) - detected UnsignedFile.Multi.Generic (1)14:03:00.0312 2064 Sparrow - ok14:03:00.0484 2064 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys14:03:00.0890 2064 splitter - ok14:03:01.0187 2064 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe14:03:01.0500 2064 Spooler - ok14:03:01.0625 2064 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys14:03:01.0734 2064 sr - ok14:03:01.0890 2064 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll14:03:02.0203 2064 srservice - ok14:03:02.0406 2064 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys14:03:03.0156 2064 Srv - ok14:03:03.0250 2064 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll14:03:03.0421 2064 SSDPSRV - ok14:03:03.0578 2064 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll14:03:04.0093 2064 stisvc - ok14:03:04.0140 2064 SWDUMon - ok14:03:04.0250 2064 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys14:03:04.0625 2064 swenum - ok14:03:04.0765 2064 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys14:03:04.0953 2064 swmidi - ok14:03:04.0968 2064 SwPrv - ok14:03:04.0984 2064 symc810 - ok14:03:05.0000 2064 symc8xx - ok14:03:05.0015 2064 sym_hi - ok14:03:05.0031 2064 sym_u3 - ok14:03:05.0078 2064 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys14:03:05.0281 2064 sysaudio - ok14:03:05.0406 2064 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe14:03:05.0609 2064 SysmonLog - ok14:03:05.0781 2064 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll14:03:06.0140 2064 TapiSrv - ok14:03:06.0359 2064 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys14:03:07.0234 2064 Tcpip - ok14:03:07.0375 2064 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys14:03:07.0968 2064 TDPIPE - ok14:03:08.0046 2064 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys14:03:08.0437 2064 TDTCP - ok14:03:08.0562 2064 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys14:03:09.0000 2064 TermDD - ok14:03:09.0296 2064 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll14:03:09.0968 2064 TermService - ok14:03:10.0109 2064 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll14:03:10.0218 2064 Themes - ok14:03:10.0531 2064 [ 0EDC3CF7B38F4260EB006C38E4A44DE4 ] tifm21 C:\WINDOWS\system32\drivers\tifm21.sys14:03:10.0984 2064 tifm21 - ok14:03:11.0250 2064 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe14:03:11.0640 2064 TlntSvr - ok14:03:11.0640 2064 TosIde - ok14:03:11.0812 2064 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll14:03:12.0093 2064 TrkWks - ok14:03:12.0171 2064 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys14:03:12.0562 2064 Udfs - ok14:03:12.0578 2064 ultra - ok14:03:12.0859 2064 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys14:03:13.0640 2064 Update - ok14:03:13.0828 2064 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll14:03:14.0046 2064 upnphost - ok14:03:14.0078 2064 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe14:03:14.0421 2064 UPS - ok14:03:14.0421 2064 USBAAPL - ok14:03:14.0484 2064 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys14:03:14.0671 2064 usbehci - ok14:03:14.0718 2064 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys14:03:15.0078 2064 usbhub - ok14:03:15.0125 2064 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys14:03:15.0312 2064 usbprint - ok14:03:15.0390 2064 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS14:03:15.0843 2064 USBSTOR - ok14:03:15.0937 2064 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys14:03:16.0125 2064 usbuhci - ok14:03:16.0156 2064 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys14:03:16.0718 2064 VgaSave - ok14:03:16.0828 2064 ViaIde - ok14:03:17.0109 2064 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys14:03:17.0890 2064 VolSnap - ok14:03:18.0359 2064 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe14:03:18.0921 2064 VSS - ok14:03:20.0312 2064 [ 3DA649C6EC481D8F36B54F33FC01DD1E ] vToolbarUpdater12.1.5 C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.1.5\ToolbarUpdater.exe14:03:26.0765 2064 vToolbarUpdater12.1.5 - ok14:03:31.0359 2064 [ A22ABD73E0D6BA666CBA4E86EEB001B3 ] w29n51 C:\WINDOWS\system32\DRIVERS\w29n51.sys14:03:37.0609 2064 w29n51 - ok14:03:38.0671 2064 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll14:03:39.0781 2064 W32Time - ok14:03:39.0875 2064 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys14:03:40.0625 2064 Wanarp - ok14:03:40.0640 2064 WDICA - ok14:03:40.0843 2064 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys14:03:41.0578 2064 wdmaud - ok14:03:41.0656 2064 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll14:03:42.0546 2064 WebClient - ok14:03:43.0859 2064 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll14:03:45.0671 2064 winmgmt - ok14:03:45.0890 2064 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll14:03:46.0640 2064 WmdmPmSN - ok14:03:47.0625 2064 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll14:03:49.0796 2064 Wmi - ok14:03:49.0890 2064 [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys14:03:50.0328 2064 WmiAcpi - ok14:03:50.0687 2064 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe14:03:51.0140 2064 WmiApSrv - ok14:03:52.0515 2064 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe14:03:55.0562 2064 WMPNetworkSvc - ok14:03:55.0796 2064 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll14:03:56.0046 2064 wscsvc - ok14:03:56.0187 2064 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll14:03:56.0765 2064 wuauserv - ok14:03:56.0921 2064 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys14:03:57.0515 2064 WudfPf - ok14:03:57.0656 2064 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys14:03:57.0906 2064 WudfRd - ok14:03:58.0046 2064 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll14:03:58.0312 2064 WudfSvc - ok14:03:58.0921 2064 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll14:04:00.0281 2064 WZCSVC - ok14:04:00.0500 2064 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll14:04:00.0968 2064 xmlprov - ok14:04:01.0031 2064 ================ Scan global ===============================14:04:01.0328 2064 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll14:04:01.0796 2064 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll14:04:02.0343 2064 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll14:04:02.0437 2064 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe14:04:02.0484 2064 [Global] - ok14:04:02.0484 2064 ================ Scan MBR ==================================14:04:02.0593 2064 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR014:04:30.0156 2064 \Device\Harddisk0\DR0 - ok14:04:30.0171 2064 ================ Scan VBR ==================================14:04:30.0171 2064 [ 1D4FE6D09E064C76594E6966429F6B87 ] \Device\Harddisk0\DR0\Partition114:04:30.0171 2064 \Device\Harddisk0\DR0\Partition1 - ok14:04:30.0187 2064 ================ Scan active images ========================14:04:30.0218 2064 ============================================================14:04:30.0218 2064 Scan finished14:04:30.0218 2064 ============================================================14:04:30.0781 3608 Detected object count: 614:04:30.0781 3608 Actual detected object count: 614:06:51.0078 3608 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user14:06:51.0234 3608 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip14:06:51.0234 3608 mrtRate ( UnsignedFile.Multi.Generic ) - skipped by user14:06:51.0234 3608 mrtRate ( UnsignedFile.Multi.Generic ) - User select action: Skip14:06:51.0234 3608 NBService ( UnsignedFile.Multi.Generic ) - skipped by user14:06:51.0234 3608 NBService ( UnsignedFile.Multi.Generic ) - User select action: Skip14:06:51.0234 3608 NMIndexingService ( UnsignedFile.Multi.Generic ) - skipped by user14:06:51.0234 3608 NMIndexingService ( UnsignedFile.Multi.Generic ) - User select action: Skip14:06:51.0234 3608 RichVideo ( UnsignedFile.Multi.Generic ) - skipped by user14:06:51.0234 3608 RichVideo ( UnsignedFile.Multi.Generic ) - User select action: Skip14:06:51.0234 3608 SoundMAX Agent Service (default) ( UnsignedFile.Multi.Generic ) - skipped by user14:06:51.0234 3608 SoundMAX Agent Service (default) ( UnsignedFile.Multi.Generic ) - User select action: Skip14:07:52.0765 2028 Deinitialize success Link to post Share on other sites More sharing options...
MrCharlie Posted November 4, 2012 ID:609600 Share Posted November 4, 2012 That scan was clean.......Please download and run ComboFix.The most important things to remember when running it is to disable all your malware programs and run Combofix from your desktop.Please visit this webpage for download links, and instructions for running ComboFixhttp://www.bleepingc...to-use-combofixEnsure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.Information on disabling your malware programs can be found Here.Make sure you run ComboFix from your desktop. Give it at least 30-45 minutes to finish if needed.Please include the C:\ComboFix.txt in your next reply for further review.---------->NOTE<----------If you get the message Illegal operation attempted on registry key that has been marked for deletion after you run ComboFix....please reboot the computer, this should resolve the problem. You may have to do this several times if needed.MrC Link to post Share on other sites More sharing options...
camper65 Posted November 4, 2012 Author ID:609626 Share Posted November 4, 2012 From the last scan with ComboFix. It does seem faster right now, Sue will see if it stays this fast, but I don't want to say we're clean until you have said we're done.....ComboFix 12-11-04.01 - Owner 11/04/2012 15:19:14.1.1 - x86Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.503.244 [GMT -5:00]Running from: c:\documents and settings\Owner\Desktop\ComboFix.exeAV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}FW: McAfee Firewall *Disabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}..((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))..c:\documents and settings\Owner\WINDOWSc:\windows\offitems.logc:\windows\system32\servicec:\windows\system32\service\05092010_TIS17_SfFniAU.logc:\windows\system32\service\08042010_TIS17_SfFniAU.logc:\windows\system32\service\20032011_TIS17_SfFniAU.logc:\windows\system32\service\22022011_TIS17_SfFniAU.log..((((((((((((((((((((((((( Files Created from 2012-10-04 to 2012-11-04 )))))))))))))))))))))))))))))))..2012-11-04 18:49 . 2012-11-04 18:49 -------- d-----w- c:\windows\LastGood2012-11-01 19:01 . 2012-11-01 19:01 -------- d-----w- c:\program files\Trend Micro2012-11-01 17:40 . 2012-11-01 18:12 -------- d-----w- C:\e4dac09a09da8dc777cd5f8a4f2012-10-31 14:35 . 2012-10-31 14:36 -------- d-----w- c:\documents and settings\Administrator2012-10-28 12:30 . 2012-10-28 12:30 -------- d-----w- c:\documents and settings\Owner\Application Data\Malwarebytes2012-10-28 12:28 . 2012-10-28 12:28 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes2012-10-28 12:28 . 2012-09-29 23:54 22856 ----a-w- c:\windows\system32\drivers\mbam.sys2012-10-28 12:28 . 2012-10-28 12:33 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware2012-10-27 22:55 . 2012-10-28 00:02 -------- d-----w- c:\program files\Spybot - Search & Destroy2012-10-27 20:09 . 2012-10-27 20:09 -------- d-----w- C:\483f5c0d14c4ee78282012-10-27 19:45 . 2012-11-01 15:54 -------- d-----w- c:\windows\system32\XPSViewer2012-10-27 19:44 . 2012-10-27 19:44 -------- d-----w- c:\program files\MSBuild2012-10-27 19:42 . 2012-10-27 19:42 -------- d-----w- c:\program files\Reference Assemblies2012-10-27 19:36 . 2008-07-06 12:06 89088 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll2012-10-27 19:29 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll2012-10-27 19:29 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll2012-10-27 19:29 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe2012-10-27 19:29 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe2012-10-27 19:29 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll2012-10-27 19:29 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll2012-10-27 19:29 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll2012-10-27 19:29 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll2012-10-27 19:29 . 2012-10-27 19:37 -------- d-----w- C:\0a8481c6362fa3ca3c55a62012-10-27 18:15 . 2012-10-28 21:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy2012-10-27 18:15 . 2012-10-27 18:15 -------- d-----w- c:\program files\TeaTimer (Spybot - Search & Destroy)2012-10-27 18:15 . 2012-10-27 18:15 -------- d-----w- c:\program files\SDHelper (Spybot - Search & Destroy)2012-10-27 18:15 . 2012-10-27 18:15 -------- d-----w- c:\program files\Misc. Support Library (Spybot - Search & Destroy)2012-10-27 18:15 . 2012-10-27 18:15 -------- d-----w- c:\program files\File Scanner Library (Spybot - Search & Destroy)2012-10-23 13:46 . 2012-10-23 13:47 -------- d-----w- c:\program files\GUM8.tmp2012-10-23 13:46 . 2012-10-23 13:46 3993600 ----a-w- c:\program files\GUT9.tmp2012-10-23 13:07 . 2012-10-23 13:07 -------- d-----w- c:\documents and settings\Owner\Local Settings\Application Data\Real2012-10-23 13:01 . 2012-10-23 13:01 -------- d-----w- c:\program files\Common Files\xing shared2012-10-23 12:54 . 2012-10-23 13:02 -------- d-----w- c:\program files\Real2012-10-23 12:36 . 2012-10-23 12:36 -------- d-----w- c:\program files\The Weather Channel FW2012-10-23 12:33 . 2012-10-23 12:33 -------- d-----w- c:\documents and settings\Owner\Local Settings\Application Data\The Weather Channel2012-10-22 19:54 . 2012-11-04 00:08 -------- d-----w- c:\program files\Google2012-10-22 19:54 . 2012-11-04 00:07 -------- d-----w- c:\documents and settings\Owner\Local Settings\Application Data\Google2012-10-22 19:53 . 2012-10-22 19:53 -------- d-----w- c:\program files\GUM42.tmp2012-10-22 19:53 . 2012-10-22 19:53 4096000 ----a-w- c:\program files\GUT43.tmp...(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))).2012-11-04 18:47 . 2012-07-24 13:03 13024 ----a-w- c:\windows\system32\drivers\SWDUMon.sys2012-11-01 18:20 . 2012-07-24 13:03 13024 ----a-w- c:\windows\system32\drivers\SETE.tmp2012-10-23 12:56 . 2010-03-31 00:36 348160 ----a-w- c:\windows\system32\msvcr71.dll2012-10-23 12:55 . 2010-03-31 00:36 499712 ----a-w- c:\windows\system32\msvcp71.dll2012-08-24 13:53 . 2008-04-14 12:00 177664 ----a-w- c:\windows\system32\wintrust.dll2012-08-21 13:29 . 2008-04-14 12:00 2192896 ----a-w- c:\windows\system32\ntoskrnl.exe2012-08-21 12:58 . 2008-04-14 00:01 2069632 ----a-w- c:\windows\system32\ntkrnlpa.exe2012-08-18 21:41 . 2011-10-03 18:23 143872 ----a-w- c:\windows\system32\javacpl.cpl..((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shownREGEDIT4.[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]2012-07-24 12:29 2086496 -c--a-w- c:\program files\AVG Secure Search\12.1.0.21\AVG Secure Search_toolbar.dll.[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\12.1.0.21\AVG Secure Search_toolbar.dll" [2012-07-24 2086496].[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}][HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1][HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj].[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK755]@="{f378ff85-8d0a-cbe6-4735-3a67760db6bb}"[HKEY_CLASSES_ROOT\CLSID\{f378ff85-8d0a-cbe6-4735-3a67760db6bb}]2010-09-20 07:27 3480888 ----a-w- c:\program files\McAfee Online Backup\MOBK755shell.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK7552]@="{8406002f-3c7e-565d-de02-414c2856a50b}"[HKEY_CLASSES_ROOT\CLSID\{8406002f-3c7e-565d-de02-414c2856a50b}]2010-09-20 07:27 3480888 ----a-w- c:\program files\McAfee Online Backup\MOBK755shell.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK7553]@="{cb5494dd-88ee-383e-88d7-bbd79c7c52d4}"[HKEY_CLASSES_ROOT\CLSID\{cb5494dd-88ee-383e-88d7-bbd79c7c52d4}]2010-09-20 07:27 3480888 ----a-w- c:\program files\McAfee Online Backup\MOBK755shell.dll.[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-12-23 143360]"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]"FixCleaner"="c:\program files\FixCleaner\FixCleaner.exe" [2012-06-12 49887104]"DriverUpdate"="c:\program files\DriverUpdate\DriverUpdate.exe" [2012-07-02 28215168].[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb09.exe" [2003-09-01 176128]"DeviceDiscovery"="c:\program files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe" [2003-05-21 229437]"igfxtray"="c:\windows\system32\igfxtray.exe" [2007-06-19 101144]"igfxpers"="c:\windows\system32\igfxpers.exe" [2007-06-19 125720]"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2007-06-19 84760]"hpWirelessAssistant"="c:\program files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [2005-12-13 507904]"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-03-26 142120]"nmctxth"="c:\program files\Common Files\Pure Networks Shared\Platform\nmctxth.exe" [2009-04-07 642856]"vProt"="c:\program files\AVG Secure Search\vprot.exe" [2012-07-24 1147488]"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2012-03-22 1318816].c:\documents and settings\All Users\Start Menu\Programs\Startup\Billminder.lnk - c:\quickenw\BILLMIND.EXE [2011-9-25 36864]Image Transfer.lnk - c:\program files\Sony Corporation\Image Transfer\SonyTray.exe [2010-5-2 73728]Microsoft Find Fast.lnk - c:\program files\Microsoft Office\Office\FINDFAST.EXE [1997-7-10 122880]Office Startup.lnk - c:\program files\Microsoft Office\Office\OSA.EXE [1997-7-10 61440]Quicken Startup.lnk - c:\quickenw\QWDLLS.EXE [2011-9-25 36864].[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]"NoThumbnailCache"= 1 (0x1).[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]@="".[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]@="".[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]"DisableMonitoring"=dword:00000001.[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]"DisableMonitoring"=dword:00000001.[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]"EnableFirewall"= 0 (0x0).[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\system32\\sessmgr.exe"="c:\\Program Files\\Bonjour\\mDNSResponder.exe"="c:\\WINDOWS\\system32\\mshta.exe"="c:\\Program Files\\iTunes\\iTunes.exe"="c:\\Program Files\\Common Files\\Mcafee\\McSvcHost\\McSvHost.exe"=.R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [7/24/2012 7:30 AM 27496]R1 mfetdi2k;McAfee Inc. mfetdi2k;c:\windows\system32\drivers\mfetdi2k.sys [3/24/2012 7:07 PM 89792]R1 MOBK755Filter;MOBK755Filter;c:\windows\system32\drivers\MOBK755.sys [3/24/2012 7:11 PM 54776]R2 mrtRate;mrtRate;c:\windows\system32\drivers\MrtRate.sys [9/25/2011 1:05 PM 34916]R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [3/24/2012 7:07 PM 57600]R3 GTIPCI21;GTIPCI21;c:\windows\system32\drivers\gtipci21.sys [3/30/2010 7:00 PM 87936]R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [3/24/2012 7:07 PM 340920]R3 mfendiskmp;mfendiskmp;c:\windows\system32\drivers\mfendisk.sys [3/24/2012 7:07 PM 83856]S0 92433500;92433500;c:\windows\system32\drivers\80668581.sys --> c:\windows\system32\drivers\80668581.sys [?]S3 ADM8511;ADMtek ADM8511/AN986 USB To Fast Ethernet Converter;c:\windows\system32\drivers\ADM8511.SYS [3/30/2010 6:24 PM 20160]S3 mfendisk;McAfee Core NDIS Intermediate Filter;c:\windows\system32\drivers\mfendisk.sys [3/24/2012 7:07 PM 83856]S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [3/24/2012 7:07 PM 87656]S3 SWDUMon;SWDUMon;c:\windows\system32\drivers\SWDUMon.sys [7/24/2012 8:03 AM 13024].--- Other Services/Drivers In Memory ---.*NewlyCreated* - 49100910*Deregistered* - 49100910*Deregistered* - mfeavfk01.Contents of the 'Scheduled Tasks' folder.2012-08-29 c:\windows\Tasks\AppleSoftwareUpdate.job- c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 15:50].2012-11-04 c:\windows\Tasks\FixCleaner Scan.job- c:\program files\FixCleaner\FixCleaner.exe [2012-06-12 12:34].2012-11-04 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1757981266-725345543-1417001333-1003.job- c:\program files\Real\RealUpgrade\realupgrade.exe [2012-07-27 18:27].2012-11-01 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1757981266-725345543-1417001333-1003.job- c:\program files\Real\RealUpgrade\realupgrade.exe [2012-07-27 18:27].2012-11-04 c:\windows\Tasks\User_Feed_Synchronization-{3E9D4B84-CE5F-4E7A-8600-321A47CE3745}.job- c:\windows\system32\msfeedssync.exe [2009-03-08 09:31]..------- Supplementary Scan -------.uStart Page = hxxp://www.google.com/uInternet Settings,ProxyOverride = *.localuSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%s%sTCP: DhcpNameServer = 75.75.75.75 75.75.76.76Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\12.1.5\ViProtocol.dll.- - - - ORPHANS REMOVED - - - -.WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)SafeBoot-92433500.sys...**************************************************************************.catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2012-11-04 15:43Windows 5.1.2600 Service Pack 3 NTFS.scanning hidden processes ... .scanning hidden autostart entries ....scanning hidden files ... .scan completed successfullyhidden files: 0.**************************************************************************.Completion time: 2012-11-04 15:49:54ComboFix-quarantined-files.txt 2012-11-04 20:49.Pre-Run: 54,966,030,336 bytes freePost-Run: 55,151,816,704 bytes free.WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe[boot loader]timeout=2default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS[operating systems]c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdconsUnsupportedDebug="do not select this" /debugmulti(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect.- - End Of File - - 95D3248E341F60ACB431819B885194BD Link to post Share on other sites More sharing options...
MrCharlie Posted November 5, 2012 ID:609803 Share Posted November 5, 2012 Please make sure your hard drive is running in DMA mode:http://forums.vso-so...s-xp-t2796.html~~~~~~~~~~~~~~~~Run Disk Cleanup:http://www.bleepingc...topic84096.html~~~~~~~~~~~~~~~~~Please download AdwCleaner from here and save it on your Desktop. Right-click on adwcleaner.exe and select Run As Administrator to launch the application.Now click on the Search tab.Please post the contents of the log-file created in your next post.Note: The log can also be located at C:\ >> AdwCleaner[XX].txt >> XX <-- Denotes the number of times the application has been ran, so in this should be something like R1.MrC Link to post Share on other sites More sharing options...
camper65 Posted November 8, 2012 Author ID:610912 Share Posted November 8, 2012 I will continue to work on it either tonight or over the weekend and report the reports from this last recommendation. Sorry, the computer is not here but still at her place. Link to post Share on other sites More sharing options...
MrCharlie Posted November 8, 2012 ID:610928 Share Posted November 8, 2012 OK.....MrC Link to post Share on other sites More sharing options...
camper65 Posted November 10, 2012 Author ID:611695 Share Posted November 10, 2012 DMA is on one the two entries the other is running PIO (I'm assuming that's the cd drive in the system) the DMA is Multi-Word DMA mode 2.CDid the disk clean and it cleaned quite a bit of stuff off of her hard drive.here is the log from adwcleaner# AdwCleaner v2.007 - Logfile created 11/10/2012 at 14:51:56# Updated 06/11/2012 by Xplode# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)# User : Owner - OWNER-4D0C6BC69# Boot Mode : Normal# Running from : C:\Documents and Settings\Owner\Desktop\adwcleaner.exe# Option [search]***** [services] ********** [Files / Folders] *****File Found : C:\DOCUME~1\Owner\LOCALS~1\Temp\Uninstall.exe***** [Registry] *****Key Found : HKCU\Software\IGearSettingsKey Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure SearchKey Found : HKU\S-1-5-21-1757981266-725345543-1417001333-1003\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}***** [internet Browsers] *****-\\ Internet Explorer v8.0.6001.18702[OK] Registry is clean.-\\ Mozilla Firefox v [unable to get version]Profile name : defaultFile : C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\6yprxnyr.default\prefs.js[OK] File is clean.*************************AdwCleaner[R1].txt - [1786 octets] - [10/11/2012 14:51:56]########## EOF - C:\AdwCleaner[R1].txt - [1846 octets] ########## Link to post Share on other sites More sharing options...
MrCharlie Posted November 10, 2012 ID:611699 Share Posted November 10, 2012 Your hard drive is usually "0"Some adware found....lets clear it out..... Please re-run AdwCleanerClick on Delete button.Confirm each time with OK if asked.Your computer will be rebooted automatically. A text file will open after the restart. Please post the content of that logfile in your reply.Note: You can find the logfile at C:\AdwCleaner[sn].txt as well - n is the order number.MrC Link to post Share on other sites More sharing options...
camper65 Posted November 10, 2012 Author ID:611716 Share Posted November 10, 2012 okay the log after cleaning --># AdwCleaner v2.007 - Logfile created 11/10/2012 at 15:19:03# Updated 06/11/2012 by Xplode# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)# User : Owner - OWNER-4D0C6BC69# Boot Mode : Normal# Running from : C:\Documents and Settings\Owner\Desktop\adwcleaner.exe# Option [Delete]***** [services] ********** [Files / Folders] *****File Deleted : C:\DOCUME~1\Owner\LOCALS~1\Temp\Uninstall.exe***** [Registry] *****Key Deleted : HKCU\Software\IGearSettingsKey Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search***** [internet Browsers] *****-\\ Internet Explorer v8.0.6001.18702[OK] Registry is clean.-\\ Mozilla Firefox v [unable to get version]Profile name : defaultFile : C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\6yprxnyr.default\prefs.js[OK] File is clean.*************************AdwCleaner[R2].txt - [1915 octets] - [10/11/2012 15:18:18]AdwCleaner[s1].txt - [1714 octets] - [10/11/2012 15:19:03]########## EOF - C:\AdwCleaner[s1].txt - [1774 octets] ########## Link to post Share on other sites More sharing options...
MrCharlie Posted November 10, 2012 ID:611723 Share Posted November 10, 2012 Looks Good.....Please Update and run a Quick Scan with Malwarebytes Anti-Malware, post the report.Make sure that everything is checked, and click Remove Selected.Please let me know how computer is running now, MrC Link to post Share on other sites More sharing options...
camper65 Posted November 10, 2012 Author ID:611745 Share Posted November 10, 2012 It found nothing in the latest scan. I'm going to have her run a hard drive scan on it and as soon as the new memory is in remove current one to see if it has gone bad but in the meantime burn nearest to run on it. It still seems slow but being that it's only 512 MB it may be affecting how it is working. I will post back results of hard drive scan. Link to post Share on other sites More sharing options...
camper65 Posted November 10, 2012 Author ID:611747 Share Posted November 10, 2012 It found nothing in the latest scan. I'm going to have her run a hard drive scan on it and as soon as the new memory is in remove current one to see if it has gone bad but in the meantime burn nearest to run on it. It still seems slow but being that it's only 512 MB it may be affecting how it is working. I will post back results of hard drive scan. Link to post Share on other sites More sharing options...
camper65 Posted November 10, 2012 Author ID:611749 Share Posted November 10, 2012 Sorry. Accidentally pressed qoute meant to write memtest Link to post Share on other sites More sharing options...
MrCharlie Posted November 10, 2012 ID:611758 Share Posted November 10, 2012 OK.....MrC Link to post Share on other sites More sharing options...
Maurice Naggar Posted November 16, 2012 ID:613838 Share Posted November 16, 2012 Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Thanks! Link to post Share on other sites More sharing options...
Recommended Posts