Jump to content

Track this topic?


Recommended Posts

I have an outgoing message that has been blocked,so I've been told to download two logs,here they are .Sorry I haven't got a clue what I'm doing and now don;t see the Malware or Bullguard logos at the bottom of my computer.Hope that's okay?

DDS (Ver_2012-11-05.02) - NTFS_x86

Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_37

Run by Owner at 12:42:56 on 2012-11-06

Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.990.419 [GMT 0:00]

.

AV: BullGuard Antivirus *Enabled/Updated* {7A9BB333-8EDF-4FDC-A2A5-1A30FA021913}

FW: BullGuard Firewall *Disabled*

.

============== Running Processes ================

.

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe

C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe

C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe

C:\WINDOWS\system32\crypserv.exe

C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40RP7.EXE

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files\Common Files\Motive\pcCMService.exe

C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

C:\Program Files\Outlook Express\msimn.exe

C:\Program Files\UPHClean\uphclean.exe

C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

C:\WINDOWS\System32\alg.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\WINDOWS\System32\SvcHost.exe -k BullGuard_Main

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k NetworkService

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\System32\SvcHost.exe -k BullGuard_Backup

C:\WINDOWS\System32\SvcHost.exe -k BullGuard

C:\WINDOWS\System32\SvcHost.exe -k BullGuard_Proxy

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\WINDOWS\System32\svchost.exe -k HTTPFilter

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.yahoo.com/?fr=fp-yie8

uWindow Title = Windows Internet Explorer provided by Yahoo!

uSearch Page = hxxp://www.google.com

uDefault_Page_URL = hxxp://www.yahoo.com/?fr=fp-yie8

mStart Page = hxxp://www.yahoo.com/?fr=fp-yie8

mDefault_Page_URL = hxxp://www.yahoo.com/?fr=fp-yie8

uProxyOverride = <local>

mSearchAssistant = hxxp://www.google.com/ie

BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre6\bin\ssv.dll

BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

mRun: [siSPower] Rundll32.exe SiSPower.dll,ModeAgent

mRun: [bullGuard] "c:\program files\bullguard ltd\bullguard\BullGuard.exe" -boot

mRun: [soundMAX] "c:\program files\analog devices\soundmax\Smax4.exe" /tray

mRun: [soundMAXPnP] c:\program files\analog devices\soundmax\SMax4PNP.exe

mRun: [KernelFaultCheck] c:\windows\system32\dumprep 0 -k

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE

uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1

mPolicies-Explorer: NoDriveTypeAutoRun = dword:145

IE: {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - c:\program files\bullguard ltd\bullguard\antiphishing\ie\BGAntiphishingIE.dll

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab

DPF: {071582AE-C7F9-11D2-A742-0080C8129F3E} - hxxp://traptestsrv.east-northamptonshire.gov.uk/trpzx1.cab

DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} - hxxp://www.caminova.net/ja/downloads/getmodule.aspx?lang=en

DPF: {106E49CF-797A-11D2-81A2-00E02C015623} - hxxp://www.alternatiff.com/install/00/alttiff.cab

DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/0/5/7/05796dde-b2ba-4eef-8da4-f99c7e0c9b92/LegitCheckControl.cab

DPF: {3E82BB3F-ABE4-458D-9281-0187286A4E51} - hxxp://contacts.orange.co.uk/wuk_webab/VoxsyncX.cab

DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} - hxxp://www.linkedin.com/cab/LinkedInContactFinderControl.cab

DPF: {588031A3-94BF-4CDD-86D0-939F6F93910F} - hxxps://fixit.support.microsoft.com/ActiveX/FixItClient.CAB

DPF: {6218F7B5-0D3A-48BA-AE4C-49DCFA63D400} - hxxp://www.myheritage.com/Genoogle/Components/ActiveX/SearchEngineQuery.dll

DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1341415977484

DPF: {71057C18-0507-4747-86BC-E11CE7512C5F} - hxxps://register.btinternet.com/templates/btmailcontrol013.cab

DPF: {84818113-96C5-11D2-BE39-006008BF4DD5} - hxxp://www.scotlandspeople.gov.uk/Viewers/ActiveXControl/viewdw32.ocx

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab

DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab

DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} - hxxp://messenger.msn.com/download/MsnMessengerSetupDownloader.cab

DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

DPF: {EC5A4E7B-02EB-451D-B310-D5F2E0A4D8C3} - hxxps://register.btinternet.com/templates/btwebcontrol028.cab

TCP: NameServer = 192.168.1.254

TCP: Interfaces\{CE017AD2-DA29-44E2-A20E-8A1A6FC2ECE4} : DHCPNameServer = 192.168.1.254

Notify: GoToAssist - c:\program files\citrix\gotoassist\570\G2AWinLogon.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

mASetup: {A509B1FF-37FF-4bFF-8CFF-4F3A747040FF} - c:\windows\system32\rundll32.exe c:\windows\system32\advpack.dll,launchinfsectionex c:\program files\internet explorer\clrtour.inf,DefaultInstall.ResetTour,,12

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\documents and settings\owner\application data\mozilla\firefox\profiles\uorzh9uj.default\

FF - prefs.js: browser.startup.homepage - hxxp://uk.yahoo.com/

FF - component: c:\program files\bullguard ltd\bullguard\antiphishing\ff\antiphishing@bullguard\components\BGFFComponent.dll

FF - plugin: c:\documents and settings\owner\local settings\application data\yahoo!\browserplus\2.8.1\plugins\npybrowserplus_2.8.1.dll

FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll

FF - plugin: c:\program files\common files\motive\npMotive.dll

FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll

FF - plugin: c:\program files\google\update\1.3.21.115\npGoogleUpdate3.dll

FF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dll

FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll

FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll

FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_4_402_287.dll

FF - plugin: c:\windows\system32\npdeployJava1.dll

FF - plugin: c:\windows\system32\npptools.dll

FF - ExtSQL: 2012-10-17 09:43; {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}; c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}

.

============= SERVICES / DRIVERS ===============

.

R1 BdSpy;BdSpy;c:\windows\system32\drivers\BdSpy.sys [2010-3-12 64608]

R1 NovaShieldFilterDriver;NovaShieldFilterDriver;c:\windows\system32\drivers\NSKernel.sys [2011-1-27 789960]

R1 NovaShieldTDIDriver;NovaShieldTDIDriver;c:\windows\system32\drivers\NSNetmon.sys [2011-1-27 19272]

R2 BsBackup;BullGuard backup service;c:\windows\system32\SvcHost.exe -k BullGuard_Backup [2004-8-4 14336]

R2 BsBhvScan;BullGuard Behavioural Detection;c:\program files\bullguard ltd\bullguard\BullGuardBhvScanner.exe [2011-1-27 321376]

R2 BsFileScan;BullGuard on-access service;c:\windows\system32\SvcHost.exe -k BullGuard [2004-8-4 14336]

R2 BsFire;BullGuard firewall service;c:\windows\system32\SvcHost.exe -k BullGuard [2004-8-4 14336]

R2 BsMailProxy;BullGuard e-mail monitoring service;c:\windows\system32\SvcHost.exe -k BullGuard_Proxy [2004-8-4 14336]

R2 BsMain;BullGuard main service;c:\windows\system32\SvcHost.exe -k BullGuard_Main [2004-8-4 14336]

R2 BsScanner;BullGuard scanning service;c:\program files\bullguard ltd\bullguard\BullGuardScanner.exe [2010-3-3 178528]

R2 BsUpdate;BullGuard update service;c:\program files\bullguard ltd\bullguard\BullGuardUpdate.exe [2012-8-27 304480]

R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2012-9-18 399432]

R2 pcCMService;pcCMService;c:\program files\common files\motive\pcCMService.exe [2012-7-31 361472]

R3 afw;Agnitum firewall driver;c:\windows\system32\drivers\Afw.sys [2009-12-4 32512]

R3 afwcore;afwcore;c:\windows\system32\drivers\AfwCore.sys [2009-12-4 284928]

S2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2009-12-28 676936]

S2 ScanDrv;ScanDrv; [x]

S3 FXDRV;FXDRV;\??\d:\fxdrv.sys --> d:\Fxdrv.sys [?]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2009-12-28 22856]

.

=============== Created Last 30 ================

.

2012-10-27 16:39:59 638432 ----a-w- c:\program files\mozilla firefox\nss3.dll

.

==================== Find3M ====================

.

2012-10-09 21:58:25 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-10-09 21:58:25 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-09-29 18:54:26 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-09-24 14:32:24 477168 ----a-w- c:\windows\system32\npdeployJava1.dll

2012-09-24 14:32:20 473072 ----a-w- c:\windows\system32\deployJava1.dll

2012-09-24 12:51:47 73728 ----a-w- c:\windows\system32\javacpl.cpl

2012-08-28 15:14:53 916992 ----a-w- c:\windows\system32\wininet.dll

2012-08-28 15:14:53 43520 ------w- c:\windows\system32\licmgr10.dll

2012-08-28 15:14:52 1469440 ------w- c:\windows\system32\inetcpl.cpl

2012-08-28 12:07:15 385024 ----a-w- c:\windows\system32\html.iec

2012-08-27 11:29:43 100216 ----a-w- c:\windows\system32\BgGamingMonitor.dll

2012-08-24 13:53:22 177664 ----a-w- c:\windows\system32\wintrust.dll

2012-08-21 13:29:19 2192896 ----a-w- c:\windows\system32\ntoskrnl.exe

2012-08-21 12:58:06 2069632 ----a-w- c:\windows\system32\ntkrnlpa.exe

2012-08-17 16:33:51 54624 ----a-w- c:\windows\system32\BGLsp.dll

.

============= FINISH: 12:44:58.54 ===============

And

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-05.02)

.

Microsoft Windows XP Home Edition

Boot Device: \Device\HarddiskVolume1

Install Date: 23/03/2006 15:52:22

System Uptime: 06/11/2012 08:44:12 (4 hours ago)

.

Motherboard: WinFast | | 760GXK8MC

Processor: AMD Sempron Processor 2600+ | Socket 940 | 1599/200mhz

.

==== Disk Partitions =========================

.

A: is Removable

C: is FIXED (NTFS) - 77 GiB total, 55.514 GiB free.

D: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP1329: 04/08/2012 10:25:47 - System Checkpoint

RP1330: 05/08/2012 11:04:21 - System Checkpoint

RP1331: 07/08/2012 09:09:13 - System Checkpoint

RP1332: 08/08/2012 09:27:51 - System Checkpoint

RP1333: 09/08/2012 20:04:49 - System Checkpoint

RP1334: 17/08/2012 17:57:21 - Software Distribution Service 3.0

RP1335: 20/08/2012 09:24:08 - System Checkpoint

RP1336: 29/08/2012 08:51:09 - System Checkpoint

RP1337: 02/09/2012 18:24:09 - System Checkpoint

RP1338: 03/09/2012 16:12:25 - Installed Microsoft Office Word Viewer 2003

RP1339: 03/09/2012 17:29:12 - Installed Java 6 Update 35

RP1340: 04/09/2012 07:40:39 - Software Distribution Service 3.0

RP1341: 09/09/2012 17:09:10 - System Checkpoint

RP1342: 12/09/2012 07:33:29 - Software Distribution Service 3.0

RP1343: 14/09/2012 09:41:41 - System Checkpoint

RP1344: 14/09/2012 16:35:45 - Removed WinBMD 7.

RP1345: 14/09/2012 16:36:01 - Installed WinBMD 7.

RP1346: 18/09/2012 17:58:08 - Installed Compatibility Pack for the 2007 Office system

RP1347: 19/09/2012 07:19:08 - Software Distribution Service 3.0

RP1348: 22/09/2012 08:30:46 - Software Distribution Service 3.0

RP1349: 26/09/2012 16:37:04 - System Checkpoint

RP1350: 27/09/2012 16:52:15 - System Checkpoint

RP1351: 30/09/2012 09:09:14 - System Checkpoint

RP1352: 03/10/2012 08:32:21 - System Checkpoint

RP1353: 05/10/2012 16:05:24 - System Checkpoint

RP1354: 07/10/2012 12:51:31 - System Checkpoint

RP1355: 10/10/2012 07:43:43 - Software Distribution Service 3.0

RP1356: 11/10/2012 17:02:11 - System Checkpoint

RP1357: 13/10/2012 09:45:04 - System Checkpoint

RP1358: 14/10/2012 17:52:24 - System Checkpoint

RP1359: 16/10/2012 07:39:54 - Software Distribution Service 3.0

RP1360: 17/10/2012 09:42:58 - Installed Java 6 Update 37

RP1361: 18/10/2012 10:18:44 - System Checkpoint

RP1362: 20/10/2012 11:46:52 - Removed UK-Info 2003

RP1363: 20/10/2012 11:52:23 - Installed UK-Info 2003

RP1364: 21/10/2012 19:18:08 - System Checkpoint

RP1365: 23/10/2012 13:52:37 - System Checkpoint

RP1366: 25/10/2012 12:32:17 - Removed UK-Info 2003

RP1367: 25/10/2012 12:39:29 - Installed UK-Info 2003

RP1368: 26/10/2012 20:58:54 - System Checkpoint

RP1369: 26/10/2012 23:34:33 - Removed UK-Info 2003

RP1370: 28/10/2012 11:10:24 - System Checkpoint

RP1371: 30/10/2012 18:16:32 - System Checkpoint

RP1372: 01/11/2012 08:41:55 - System Checkpoint

RP1373: 01/11/2012 14:50:22 - Installed Microsoft Office 2000 Resource Kit Tools and Utilities

RP1374: 02/11/2012 10:35:25 - Removed HP Photo and Imaging 2.1 - Scanjet 2400 Series

RP1375: 04/11/2012 11:02:57 - System Checkpoint

RP1376: 05/11/2012 16:26:23 - System Checkpoint

.

==== Installed Programs ======================

.

Acrobat.com

Adobe AIR

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Photoshop 6.0

Adobe Reader 9.5.2

BT Desktop Help

BTHomeHub

BullGuard 9.0

Compatibility Pack for the 2007 Office system

Critical Update for Windows Media Player 11 (KB959772)

EPSON Copy Utility 3

EPSON Printer Software

EPSON Scan

ESC84 Software Guide

ESET Online Scanner v3

Family Historian PDF File (novaPDF 6.1 printer)

Family History Resource File Viewer 4.0

Family Tree Maker 2005

FamilySearch Indexing

Google Earth Plug-in

Google Update Helper

GoToAssist Corporate

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Hotfix for Windows Internet Explorer 7 (KB947864)

Hotfix for Windows Media Format 11 SDK (KB929399)

Hotfix for Windows Media Player 11 (KB939683)

Hotfix for Windows XP (KB2158563)

Hotfix for Windows XP (KB2443685)

Hotfix for Windows XP (KB2570791)

Hotfix for Windows XP (KB2633952)

Hotfix for Windows XP (KB2756822)

Hotfix for Windows XP (KB952287)

Hotfix for Windows XP (KB954550-v5)

Hotfix for Windows XP (KB961118)

Hotfix for Windows XP (KB970653-v3)

Hotfix for Windows XP (KB976002-v5)

Hotfix for Windows XP (KB976098-v2)

Hotfix for Windows XP (KB979306)

Hotfix for Windows XP (KB981793)

HP Memories Disc

Intel® 537EP Modem

Java Auto Updater

Java 6 Update 37

Junk Mail filter update

LizardTech DjVu Control

LizardTech DjVu Control (autoinstall)

Malwarebytes Anti-Malware version 1.65.1.1000

Micrografx Picture Publisher 7

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft Application Error Reporting

Microsoft Choice Guard

Microsoft Compression Client Pack 1.0 for Windows XP

Microsoft IntelliPoint 6.01

Microsoft IntelliType Pro 6.01

Microsoft Internationalized Domain Names Mitigation APIs

Microsoft National Language Support Downlevel APIs

Microsoft Office 2000 Resource Kit Tools and Utilities

Microsoft Office 2000 Small Business

Microsoft Office PowerPoint Viewer 2007 (English)

Microsoft Office Word Viewer 2003

Microsoft Press Interactive Training

Microsoft Silverlight

Microsoft User-Mode Driver Framework Feature Pack 1.0

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft Works 6-9 Converter

Mozilla Firefox 16.0.2 (x86 en-US)

Mozilla Maintenance Service

MSVCRT

Nero Suite

Personal Ancestral File 5

Personal Ancestral File Companion 5.4

ScanToWeb

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)

Security Update for Microsoft Windows (KB2564958)

Security Update for Step By Step Interactive Training (KB898458)

Security Update for Step By Step Interactive Training (KB923723)

Security Update for Windows Internet Explorer 7 (KB928090)

Security Update for Windows Internet Explorer 7 (KB929969)

Security Update for Windows Internet Explorer 7 (KB931768)

Security Update for Windows Internet Explorer 7 (KB933566)

Security Update for Windows Internet Explorer 7 (KB937143)

Security Update for Windows Internet Explorer 7 (KB938127)

Security Update for Windows Internet Explorer 7 (KB939653)

Security Update for Windows Internet Explorer 7 (KB942615)

Security Update for Windows Internet Explorer 7 (KB944533)

Security Update for Windows Internet Explorer 7 (KB950759)

Security Update for Windows Internet Explorer 7 (KB953838)

Security Update for Windows Internet Explorer 7 (KB956390)

Security Update for Windows Internet Explorer 7 (KB958215)

Security Update for Windows Internet Explorer 7 (KB960714)

Security Update for Windows Internet Explorer 7 (KB961260)

Security Update for Windows Internet Explorer 7 (KB963027)

Security Update for Windows Internet Explorer 8 (KB2360131)

Security Update for Windows Internet Explorer 8 (KB2416400)

Security Update for Windows Internet Explorer 8 (KB2482017)

Security Update for Windows Internet Explorer 8 (KB2497640)

Security Update for Windows Internet Explorer 8 (KB2510531)

Security Update for Windows Internet Explorer 8 (KB2530548)

Security Update for Windows Internet Explorer 8 (KB2544521)

Security Update for Windows Internet Explorer 8 (KB2559049)

Security Update for Windows Internet Explorer 8 (KB2586448)

Security Update for Windows Internet Explorer 8 (KB2618444)

Security Update for Windows Internet Explorer 8 (KB2647516)

Security Update for Windows Internet Explorer 8 (KB2675157)

Security Update for Windows Internet Explorer 8 (KB2699988)

Security Update for Windows Internet Explorer 8 (KB2722913)

Security Update for Windows Internet Explorer 8 (KB2744842)

Security Update for Windows Internet Explorer 8 (KB971961)

Security Update for Windows Internet Explorer 8 (KB981332)

Security Update for Windows Internet Explorer 8 (KB982381)

Security Update for Windows Media Player (KB2378111)

Security Update for Windows Media Player (KB911564)

Security Update for Windows Media Player (KB952069)

Security Update for Windows Media Player (KB954155)

Security Update for Windows Media Player (KB968816)

Security Update for Windows Media Player (KB973540)

Security Update for Windows Media Player (KB975558)

Security Update for Windows Media Player (KB978695)

Security Update for Windows Media Player 10 (KB911565)

Security Update for Windows Media Player 10 (KB917734)

Security Update for Windows Media Player 11 (KB936782)

Security Update for Windows Media Player 11 (KB954154)

Security Update for Windows Media Player 6.4 (KB925398)

Security Update for Windows XP (KB2079403)

Security Update for Windows XP (KB2115168)

Security Update for Windows XP (KB2121546)

Security Update for Windows XP (KB2160329)

Security Update for Windows XP (KB2229593)

Security Update for Windows XP (KB2259922)

Security Update for Windows XP (KB2279986)

Security Update for Windows XP (KB2286198)

Security Update for Windows XP (KB2296011)

Security Update for Windows XP (KB2296199)

Security Update for Windows XP (KB2347290)

Security Update for Windows XP (KB2360937)

Security Update for Windows XP (KB2387149)

Security Update for Windows XP (KB2393802)

Security Update for Windows XP (KB2412687)

Security Update for Windows XP (KB2419632)

Security Update for Windows XP (KB2423089)

Security Update for Windows XP (KB2436673)

Security Update for Windows XP (KB2440591)

Security Update for Windows XP (KB2443105)

Security Update for Windows XP (KB2476490)

Security Update for Windows XP (KB2476687)

Security Update for Windows XP (KB2478960)

Security Update for Windows XP (KB2478971)

Security Update for Windows XP (KB2479628)

Security Update for Windows XP (KB2479943)

Security Update for Windows XP (KB2481109)

Security Update for Windows XP (KB2483185)

Security Update for Windows XP (KB2485376)

Security Update for Windows XP (KB2485663)

Security Update for Windows XP (KB2503658)

Security Update for Windows XP (KB2503665)

Security Update for Windows XP (KB2506212)

Security Update for Windows XP (KB2506223)

Security Update for Windows XP (KB2507618)

Security Update for Windows XP (KB2507938)

Security Update for Windows XP (KB2508272)

Security Update for Windows XP (KB2508429)

Security Update for Windows XP (KB2509553)

Security Update for Windows XP (KB2511455)

Security Update for Windows XP (KB2524375)

Security Update for Windows XP (KB2535512)

Security Update for Windows XP (KB2536276-v2)

Security Update for Windows XP (KB2536276)

Security Update for Windows XP (KB2544893-v2)

Security Update for Windows XP (KB2544893)

Security Update for Windows XP (KB2555917)

Security Update for Windows XP (KB2562937)

Security Update for Windows XP (KB2566454)

Security Update for Windows XP (KB2567053)

Security Update for Windows XP (KB2567680)

Security Update for Windows XP (KB2570222)

Security Update for Windows XP (KB2570947)

Security Update for Windows XP (KB2584146)

Security Update for Windows XP (KB2585542)

Security Update for Windows XP (KB2592799)

Security Update for Windows XP (KB2598479)

Security Update for Windows XP (KB2603381)

Security Update for Windows XP (KB2618451)

Security Update for Windows XP (KB2619339)

Security Update for Windows XP (KB2620712)

Security Update for Windows XP (KB2621440)

Security Update for Windows XP (KB2624667)

Security Update for Windows XP (KB2631813)

Security Update for Windows XP (KB2633171)

Security Update for Windows XP (KB2639417)

Security Update for Windows XP (KB2641653)

Security Update for Windows XP (KB2646524)

Security Update for Windows XP (KB2647518)

Security Update for Windows XP (KB2653956)

Security Update for Windows XP (KB2655992)

Security Update for Windows XP (KB2659262)

Security Update for Windows XP (KB2660465)

Security Update for Windows XP (KB2661637)

Security Update for Windows XP (KB2676562)

Security Update for Windows XP (KB2685939)

Security Update for Windows XP (KB2686509)

Security Update for Windows XP (KB2691442)

Security Update for Windows XP (KB2695962)

Security Update for Windows XP (KB2698365)

Security Update for Windows XP (KB2705219)

Security Update for Windows XP (KB2707511)

Security Update for Windows XP (KB2709162)

Security Update for Windows XP (KB2712808)

Security Update for Windows XP (KB2718523)

Security Update for Windows XP (KB2719985)

Security Update for Windows XP (KB2723135)

Security Update for Windows XP (KB2724197)

Security Update for Windows XP (KB2731847)

Security Update for Windows XP (KB923561)

Security Update for Windows XP (KB923689)

Security Update for Windows XP (KB938464)

Security Update for Windows XP (KB941569)

Security Update for Windows XP (KB946648)

Security Update for Windows XP (KB950760)

Security Update for Windows XP (KB950762)

Security Update for Windows XP (KB950974)

Security Update for Windows XP (KB951066)

Security Update for Windows XP (KB951376-v2)

Security Update for Windows XP (KB951376)

Security Update for Windows XP (KB951698)

Security Update for Windows XP (KB951748)

Security Update for Windows XP (KB952004)

Security Update for Windows XP (KB952954)

Security Update for Windows XP (KB953839)

Security Update for Windows XP (KB954211)

Security Update for Windows XP (KB954459)

Security Update for Windows XP (KB954600)

Security Update for Windows XP (KB955069)

Security Update for Windows XP (KB956391)

Security Update for Windows XP (KB956572)

Security Update for Windows XP (KB956744)

Security Update for Windows XP (KB956802)

Security Update for Windows XP (KB956803)

Security Update for Windows XP (KB956841)

Security Update for Windows XP (KB956844)

Security Update for Windows XP (KB957095)

Security Update for Windows XP (KB957097)

Security Update for Windows XP (KB958644)

Security Update for Windows XP (KB958687)

Security Update for Windows XP (KB958690)

Security Update for Windows XP (KB958869)

Security Update for Windows XP (KB959426)

Security Update for Windows XP (KB960225)

Security Update for Windows XP (KB960715)

Security Update for Windows XP (KB960803)

Security Update for Windows XP (KB960859)

Security Update for Windows XP (KB961371)

Security Update for Windows XP (KB961373)

Security Update for Windows XP (KB961501)

Security Update for Windows XP (KB968537)

Security Update for Windows XP (KB969059)

Security Update for Windows XP (KB969898)

Security Update for Windows XP (KB969947)

Security Update for Windows XP (KB970238)

Security Update for Windows XP (KB970430)

Security Update for Windows XP (KB971468)

Security Update for Windows XP (KB971486)

Security Update for Windows XP (KB971557)

Security Update for Windows XP (KB971633)

Security Update for Windows XP (KB971657)

Security Update for Windows XP (KB972270)

Security Update for Windows XP (KB973346)

Security Update for Windows XP (KB973354)

Security Update for Windows XP (KB973507)

Security Update for Windows XP (KB973525)

Security Update for Windows XP (KB973869)

Security Update for Windows XP (KB973904)

Security Update for Windows XP (KB974112)

Security Update for Windows XP (KB974318)

Security Update for Windows XP (KB974392)

Security Update for Windows XP (KB974571)

Security Update for Windows XP (KB975025)

Security Update for Windows XP (KB975467)

Security Update for Windows XP (KB975560)

Security Update for Windows XP (KB975561)

Security Update for Windows XP (KB975562)

Security Update for Windows XP (KB975713)

Security Update for Windows XP (KB977165)

Security Update for Windows XP (KB977816)

Security Update for Windows XP (KB977914)

Security Update for Windows XP (KB978037)

Security Update for Windows XP (KB978251)

Security Update for Windows XP (KB978262)

Security Update for Windows XP (KB978338)

Security Update for Windows XP (KB978542)

Security Update for Windows XP (KB978601)

Security Update for Windows XP (KB978706)

Security Update for Windows XP (KB979309)

Security Update for Windows XP (KB979482)

Security Update for Windows XP (KB979559)

Security Update for Windows XP (KB979683)

Security Update for Windows XP (KB979687)

Security Update for Windows XP (KB980195)

Security Update for Windows XP (KB980218)

Security Update for Windows XP (KB980232)

Security Update for Windows XP (KB980436)

Security Update for Windows XP (KB981322)

Security Update for Windows XP (KB981852)

Security Update for Windows XP (KB981957)

Security Update for Windows XP (KB981997)

Security Update for Windows XP (KB982132)

Security Update for Windows XP (KB982214)

Security Update for Windows XP (KB982665)

Security Update for Windows XP (KB982802)

Segoe UI

SiS VGA Utilities

SiSAGP driver

SoundMAX

TeamViewer 7

Tweak UI

UK-Info Disk 2002

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Windows Internet Explorer 8 (KB2362765)

Update for Windows Internet Explorer 8 (KB976662)

Update for Windows XP (KB2141007)

Update for Windows XP (KB2345886)

Update for Windows XP (KB2467659)

Update for Windows XP (KB2541763)

Update for Windows XP (KB2607712)

Update for Windows XP (KB2616676)

Update for Windows XP (KB2641690)

Update for Windows XP (KB2661254-v2)

Update for Windows XP (KB2718704)

Update for Windows XP (KB2736233)

Update for Windows XP (KB2749655)

Update for Windows XP (KB951072-v2)

Update for Windows XP (KB951978)

Update for Windows XP (KB955759)

Update for Windows XP (KB955839)

Update for Windows XP (KB961503)

Update for Windows XP (KB967715)

Update for Windows XP (KB968389)

Update for Windows XP (KB971029)

Update for Windows XP (KB971737)

Update for Windows XP (KB973687)

Update for Windows XP (KB973815)

User Profile Hive Cleanup Service

WebFldrs XP

WinBMD 7

Windows Defender Signatures

Windows Genuine Advantage Notifications (KB905474)

Windows Genuine Advantage Validation Tool (KB892130)

Windows Internet Explorer 7

Windows Internet Explorer 8

Windows Live Call

Windows Live Communications Platform

Windows Live Essentials

Windows Live Mail

Windows Live Messenger

Windows Live Safety Scanner

Windows Live Sign-in Assistant

Windows Live Upload Tool

Windows Media Format 11 runtime

Windows Media Player 11

Windows PowerShell 1.0

Windows XP Service Pack 3

Yahoo! BrowserPlus 2.8.1

Yahoo! Software Update

.

==== Event Viewer Messages From Past Week ========

.

05/11/2012 07:07:55, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Google Update Service (gupdate) service to connect.

05/11/2012 07:07:55, error: Service Control Manager [7000] - The Google Update Service (gupdate) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

05/11/2012 07:07:54, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service gupdate with arguments "/comsvc" in order to run the server: {4EB61BAC-A3B6-4760-9581-655041EF4D69}

02/11/2012 22:49:03, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)

02/11/2012 06:58:34, error: Service Control Manager [7000] - The HTTP SSL service failed to start due to the following error: The executable program that this service is configured to run in does not implement the service.

02/11/2012 06:55:59, error: Service Control Manager [7000] - The ScanDrv service failed to start due to the following error: The system cannot find the file specified.

01/11/2012 22:31:37, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the Netman service.

01/11/2012 07:04:39, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the HTTP SSL service to connect.

01/11/2012 07:04:39, error: Service Control Manager [7000] - The HTTP SSL service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

.

==== End Of File ===========================

Link to post
Share on other sites

Hi and Welcome!! :) My name is Jeff. I would be more than happy to take a look at your malware results logs and help you with solving any malware problems you might have. Logs can take a while to research, so please be patient and know that I am working hard to get you a clean and functional system back in your hands. I'd be grateful if you would note the following:

  • I will be working on your Malware issues, this may or may not, solve other issues you have with your machine.
  • The fixes are specific to your problem and should only be used for the issues on this machine.
  • Please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear.
  • It's often worth reading through these instructions and printing them for ease of reference.
  • If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
  • Please reply to this thread. Do not start a new topic.

IMPORTANT NOTE : Please do not delete anything unless instructed to.

DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision.

Doing so could make your system inoperable and could require a full reinstall of your OS losing all your programs and data.

Vista and Windows 7 users:

These tools MUST be run from the executable (.exe) every time you run them

with Admin Rights (Right click, choose "Run as Administrator")

Stay with this topic until I give you the all clean post.

---------

Please download aswMBR to your desktop.

  • Double click the aswMBR icon to run it.
  • Click the Scan button to start scan.
  • If you are asked to update the Avast Virus database please allow it to do so.
  • When it finishes, press the save log button, save the logfile to your desktop and attach its contents in your next reply.

aswmbrscan.jpg

Click the image to enlarge it

----------

Link to post
Share on other sites

Here's the log Jeff ,thanks very much for trying to help me.

Carol

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software

Run date: 2012-11-06 16:45:19

-----------------------------

16:45:19.093 OS Version: Windows 5.1.2600 Service Pack 3

16:45:19.093 Number of processors: 1 586 0x2C02

16:45:19.093 ComputerName: OFFICE UserName: Owner

16:45:19.671 Initialize success

16:47:26.000 AVAST engine defs: 12110601

16:47:32.437 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3

16:47:32.437 Disk 0 Vendor: ExcelStor_Technology_J880 PF2OA21B Size: 78533MB BusType: 3

16:47:32.468 Disk 0 MBR read successfully

16:47:32.468 Disk 0 MBR scan

16:47:32.531 Disk 0 unknown MBR code

16:47:32.546 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 78528 MB offset 63

16:47:32.562 Disk 0 scanning sectors +160826715

16:47:32.687 Disk 0 scanning C:\WINDOWS\system32\drivers

16:47:56.781 Service scanning

16:48:06.718 Service FXDRV D:\Fxdrv.sys **LOCKED** 21

16:48:33.843 Modules scanning

16:48:56.015 Disk 0 trace - called modules:

16:48:56.015 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS

16:48:56.046 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8697dab8]

16:48:56.046 3 CLASSPNP.SYS[f7656fd7] -> nt!IofCallDriver -> \Device\0000005b[0x869c9f18]

16:48:56.062 5 ACPI.sys[f74ed620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x86933940]

16:48:56.906 AVAST engine scan C:\WINDOWS

16:49:23.453 AVAST engine scan C:\WINDOWS\system32

16:54:14.500 AVAST engine scan C:\WINDOWS\system32\drivers

16:54:42.656 AVAST engine scan C:\Documents and Settings\Owner

17:23:36.546 AVAST engine scan C:\Documents and Settings\All Users

17:26:50.562 Scan finished successfully

17:32:37.359 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Owner\My Documents\MBR.dat"

17:32:37.406 The log file has been saved successfully to "C:\Documents and Settings\Owner\My Documents\aswMBR.txt"

Link to post
Share on other sites

Please download TDSSKiller

  • Double click TDSSKiller.exe
  • When the window opens, click on Change Parameters
  • Under ”Additional options”, put a check mark in the box next to “Detect TDLFS File System”
  • click OK
  • Press Start Scan
  • Do Not Attempt To Fix Anything Now. We just need to look over the report and be sure we are removing the correct
    items.
  • Attach the log in your next reply
    • A copy of the log will be saved automatically to the root of the drive (typically C:\)

----------

Link to post
Share on other sites

Is this it?

07:42:54.0281 2396 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35

07:42:55.0250 2396 ============================================================

07:42:55.0250 2396 Current date / time: 2012/11/07 07:42:55.0250

07:42:55.0250 2396 SystemInfo:

07:42:55.0250 2396

07:42:55.0250 2396 OS Version: 5.1.2600 ServicePack: 3.0

07:42:55.0250 2396 Product type: Workstation

07:42:55.0250 2396 ComputerName: OFFICE

07:42:55.0250 2396 UserName: Owner

07:42:55.0250 2396 Windows directory: C:\WINDOWS

07:42:55.0250 2396 System windows directory: C:\WINDOWS

07:42:55.0250 2396 Processor architecture: Intel x86

07:42:55.0250 2396 Number of processors: 1

07:42:55.0250 2396 Page size: 0x1000

07:42:55.0250 2396 Boot type: Normal boot

07:42:55.0250 2396 ============================================================

07:42:57.0968 2396 Drive \Device\Harddisk0\DR0 - Size: 0x132C570000 (76.69 Gb), SectorSize: 0x200, Cylinders: 0x271B, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054

07:42:58.0031 2396 ============================================================

07:42:58.0031 2396 \Device\Harddisk0\DR0:

07:42:58.0031 2396 MBR partitions:

07:42:58.0031 2396 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x996051C

07:42:58.0031 2396 ============================================================

07:42:58.0078 2396 C: <-> \Device\Harddisk0\DR0\Partition1

07:42:58.0078 2396 ============================================================

07:42:58.0078 2396 Initialize success

07:42:58.0078 2396 ============================================================

07:43:41.0828 3004 ============================================================

07:43:41.0828 3004 Scan started

07:43:41.0828 3004 Mode: Manual; TDLFS;

07:43:41.0828 3004 ============================================================

07:43:43.0250 3004 ================ Scan system memory ========================

07:43:45.0828 3004 System memory - ok

07:43:45.0828 3004 ================ Scan services =============================

07:43:45.0953 3004 Abiosdsk - ok

07:43:45.0968 3004 abp480n5 - ok

07:43:46.0031 3004 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys

07:43:46.0046 3004 ACPI - ok

07:43:46.0093 3004 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys

07:43:46.0093 3004 ACPIEC - ok

07:43:46.0234 3004 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

07:43:46.0250 3004 AdobeFlashPlayerUpdateSvc - ok

07:43:46.0265 3004 adpu160m - ok

07:43:46.0328 3004 [ 9F59AE2DE835641FBB0C6AFD80D8FA9B ] aeaudio C:\WINDOWS\system32\drivers\aeaudio.sys

07:43:46.0328 3004 aeaudio - ok

07:43:46.0390 3004 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys

07:43:46.0406 3004 aec - ok

07:43:46.0468 3004 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys

07:43:46.0468 3004 AFD - ok

07:43:46.0515 3004 [ 0EBB674888CBDEFD5773341C16DD6A07 ] AFS2K C:\WINDOWS\system32\drivers\AFS2K.sys

07:43:46.0531 3004 AFS2K - ok

07:43:46.0578 3004 [ F20D3CEAE69F409A7775A8B8B36CEC58 ] afw C:\WINDOWS\system32\DRIVERS\afw.sys

07:43:46.0578 3004 afw - ok

07:43:46.0625 3004 [ 335A00B9B984069AF6C10EC9C6340324 ] afwcore C:\WINDOWS\system32\DRIVERS\afwcore.sys

07:43:46.0625 3004 afwcore - ok

07:43:46.0640 3004 Aha154x - ok

07:43:46.0671 3004 aic78u2 - ok

07:43:46.0687 3004 aic78xx - ok

07:43:46.0734 3004 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll

07:43:46.0734 3004 Alerter - ok

07:43:46.0781 3004 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe

07:43:46.0781 3004 ALG - ok

07:43:46.0796 3004 AliIde - ok

07:43:46.0812 3004 amsint - ok

07:43:46.0843 3004 AppMgmt - ok

07:43:46.0859 3004 asc - ok

07:43:46.0890 3004 asc3350p - ok

07:43:46.0906 3004 asc3550 - ok

07:43:47.0062 3004 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe

07:43:47.0187 3004 aspnet_state - ok

07:43:47.0234 3004 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys

07:43:47.0234 3004 AsyncMac - ok

07:43:47.0281 3004 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys

07:43:47.0281 3004 atapi - ok

07:43:47.0328 3004 Atdisk - ok

07:43:47.0375 3004 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys

07:43:47.0375 3004 Atmarpc - ok

07:43:47.0421 3004 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll

07:43:47.0421 3004 AudioSrv - ok

07:43:47.0468 3004 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys

07:43:47.0484 3004 audstub - ok

07:43:47.0546 3004 [ 42175A3B56922A8C9A294FA6F0B18344 ] BdSpy C:\WINDOWS\system32\DRIVERS\BdSpy.sys

07:43:47.0546 3004 BdSpy - ok

07:43:47.0609 3004 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys

07:43:47.0656 3004 Beep - ok

07:43:47.0734 3004 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll

07:43:47.0750 3004 BITS - ok

07:43:47.0796 3004 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll

07:43:47.0796 3004 Browser - ok

07:43:47.0937 3004 [ 0271B8667BCDE590A6F6205209359EEF ] BsBackup C:\Program Files\BullGuard Ltd\BullGuard\BsBackup.dll

07:43:47.0937 3004 BsBackup - ok

07:43:48.0000 3004 [ FB283DFF8DB224359AC43BE70BB8902B ] BsBhvScan C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe

07:43:48.0015 3004 BsBhvScan - ok

07:43:48.0031 3004 [ A1FB74B2CBBF373AFCFB647894341F73 ] BsFileScan C:\Program Files\BullGuard Ltd\BullGuard\BsFileScan.dll

07:43:48.0046 3004 BsFileScan - ok

07:43:48.0093 3004 [ C42A4EF09D8539F1CFA2676579F44987 ] BsFire C:\Program Files\BullGuard Ltd\BullGuard\BsFire.dll

07:43:48.0109 3004 BsFire - ok

07:43:48.0187 3004 [ 9060850E3EFC91D40A157B347A03D6FB ] BsMailProxy C:\Program Files\BullGuard Ltd\BullGuard\BsMailProxy\BsMailProxy.dll

07:43:48.0203 3004 BsMailProxy - ok

07:43:48.0281 3004 [ EE6A1DBC67AE54C260304676B9E7B439 ] BsMain C:\Program Files\BullGuard Ltd\BullGuard\BsMain.dll

07:43:48.0281 3004 BsMain - ok

07:43:48.0328 3004 [ 69D38B2E736F8E8BC97D4638B682DEEF ] BsScanner C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe

07:43:48.0328 3004 BsScanner - ok

07:43:48.0406 3004 [ 0AEC20CDC63860592ACAFA886B01599A ] BsUpdate C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe

07:43:48.0406 3004 BsUpdate - ok

07:43:48.0453 3004 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys

07:43:48.0484 3004 cbidf2k - ok

07:43:48.0500 3004 cd20xrnt - ok

07:43:48.0562 3004 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys

07:43:48.0687 3004 Cdaudio - ok

07:43:48.0734 3004 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys

07:43:48.0765 3004 Cdfs - ok

07:43:48.0796 3004 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys

07:43:48.0796 3004 Cdrom - ok

07:43:48.0812 3004 Changer - ok

07:43:48.0875 3004 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe

07:43:48.0875 3004 CiSvc - ok

07:43:48.0906 3004 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe

07:43:48.0906 3004 ClipSrv - ok

07:43:48.0953 3004 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

07:43:49.0062 3004 clr_optimization_v2.0.50727_32 - ok

07:43:49.0078 3004 CmdIde - ok

07:43:49.0109 3004 COMSysApp - ok

07:43:49.0140 3004 Cpqarray - ok

07:43:49.0156 3004 Crypkey License - ok

07:43:49.0218 3004 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll

07:43:49.0218 3004 CryptSvc - ok

07:43:49.0234 3004 dac2w2k - ok

07:43:49.0265 3004 dac960nt - ok

07:43:49.0359 3004 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll

07:43:49.0375 3004 DcomLaunch - ok

07:43:49.0421 3004 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll

07:43:49.0437 3004 Dhcp - ok

07:43:49.0453 3004 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys

07:43:49.0453 3004 Disk - ok

07:43:49.0484 3004 dmadmin - ok

07:43:49.0546 3004 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys

07:43:49.0562 3004 dmboot - ok

07:43:49.0593 3004 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys

07:43:49.0609 3004 dmio - ok

07:43:49.0640 3004 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys

07:43:49.0656 3004 dmload - ok

07:43:49.0687 3004 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll

07:43:49.0687 3004 dmserver - ok

07:43:49.0718 3004 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys

07:43:49.0718 3004 DMusic - ok

07:43:49.0781 3004 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll

07:43:49.0781 3004 Dnscache - ok

07:43:49.0828 3004 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll

07:43:49.0843 3004 Dot3svc - ok

07:43:49.0843 3004 dpti2o - ok

07:43:49.0890 3004 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys

07:43:49.0890 3004 drmkaud - ok

07:43:49.0921 3004 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll

07:43:49.0937 3004 EapHost - ok

07:43:50.0031 3004 [ 8FE6AB59CAB8F2C038FEA9522A5EEBA7 ] EPSON_PM_RPCV4_01 C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40RP7.EXE

07:43:50.0031 3004 EPSON_PM_RPCV4_01 - ok

07:43:50.0093 3004 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll

07:43:50.0093 3004 ERSvc - ok

07:43:50.0171 3004 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe

07:43:50.0171 3004 Eventlog - ok

07:43:50.0218 3004 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll

07:43:50.0234 3004 EventSystem - ok

07:43:50.0312 3004 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys

07:43:50.0328 3004 Fastfat - ok

07:43:50.0375 3004 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll

07:43:50.0390 3004 FastUserSwitchingCompatibility - ok

07:43:50.0406 3004 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys

07:43:50.0421 3004 Fdc - ok

07:43:50.0437 3004 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys

07:43:50.0437 3004 Fips - ok

07:43:50.0500 3004 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys

07:43:50.0500 3004 Flpydisk - ok

07:43:50.0562 3004 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys

07:43:50.0562 3004 FltMgr - ok

07:43:50.0656 3004 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

07:43:50.0656 3004 FontCache3.0.0.0 - ok

07:43:50.0687 3004 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys

07:43:50.0703 3004 Fs_Rec - ok

07:43:50.0734 3004 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys

07:43:50.0734 3004 Ftdisk - ok

07:43:50.0750 3004 FXDRV - ok

07:43:50.0781 3004 [ 3A74C423CF6BCCA6982715878F450A3B ] gagp30kx C:\WINDOWS\system32\DRIVERS\gagp30kx.sys

07:43:50.0781 3004 gagp30kx - ok

07:43:50.0859 3004 [ 5CC2B1D06AC1962AF5FBBCF88D781DD8 ] GoToAssist C:\Program Files\Citrix\GoToAssist\570\g2aservice.exe

07:43:50.0875 3004 GoToAssist - ok

07:43:50.0906 3004 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys

07:43:50.0921 3004 Gpc - ok

07:43:51.0031 3004 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe

07:43:51.0031 3004 gupdate - ok

07:43:51.0046 3004 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe

07:43:51.0046 3004 gupdatem - ok

07:43:51.0140 3004 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll

07:43:51.0140 3004 helpsvc - ok

07:43:51.0187 3004 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll

07:43:51.0187 3004 HidServ - ok

07:43:51.0218 3004 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys

07:43:51.0218 3004 HidUsb - ok

07:43:51.0281 3004 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll

07:43:51.0296 3004 hkmsvc - ok

07:43:51.0312 3004 hpn - ok

07:43:51.0406 3004 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys

07:43:51.0406 3004 HTTP - ok

07:43:51.0468 3004 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll

07:43:51.0468 3004 HTTPFilter - ok

07:43:51.0484 3004 i2omgmt - ok

07:43:51.0500 3004 i2omp - ok

07:43:51.0562 3004 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys

07:43:51.0562 3004 i8042prt - ok

07:43:51.0656 3004 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

07:43:51.0687 3004 idsvc - ok

07:43:51.0734 3004 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys

07:43:51.0734 3004 Imapi - ok

07:43:51.0796 3004 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe

07:43:51.0812 3004 ImapiService - ok

07:43:51.0828 3004 ini910u - ok

07:43:51.0968 3004 [ 874DB5E07FE2A7F1B22F7C760736F6F4 ] IntelC51 C:\WINDOWS\system32\DRIVERS\IntelC51.sys

07:43:52.0046 3004 IntelC51 - ok

07:43:52.0093 3004 [ 4C0F190119EBC5CE728C9D060D8AE3E7 ] IntelC52 C:\WINDOWS\system32\DRIVERS\IntelC52.sys

07:43:52.0109 3004 IntelC52 - ok

07:43:52.0156 3004 [ 85B36BC9E8FA579C64DE88FFECECCE6C ] IntelC53 C:\WINDOWS\system32\DRIVERS\IntelC53.sys

07:43:52.0171 3004 IntelC53 - ok

07:43:52.0187 3004 IntelIde - ok

07:43:52.0234 3004 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys

07:43:52.0234 3004 Ip6Fw - ok

07:43:52.0281 3004 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

07:43:52.0296 3004 IpFilterDriver - ok

07:43:52.0328 3004 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys

07:43:52.0328 3004 IpInIp - ok

07:43:52.0375 3004 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys

07:43:52.0375 3004 IpNat - ok

07:43:52.0437 3004 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys

07:43:52.0453 3004 IPSec - ok

07:43:52.0484 3004 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys

07:43:52.0484 3004 IRENUM - ok

07:43:52.0531 3004 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys

07:43:52.0531 3004 isapnp - ok

07:43:52.0625 3004 [ 691B9B7C0CC1653732717D292D6B305D ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe

07:43:52.0625 3004 JavaQuickStarterService - ok

07:43:52.0671 3004 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys

07:43:52.0671 3004 Kbdclass - ok

07:43:52.0734 3004 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys

07:43:52.0734 3004 kbdhid - ok

07:43:52.0765 3004 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys

07:43:52.0765 3004 kmixer - ok

07:43:52.0812 3004 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys

07:43:52.0812 3004 KSecDD - ok

07:43:52.0875 3004 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll

07:43:52.0890 3004 lanmanserver - ok

07:43:52.0953 3004 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll

07:43:52.0953 3004 lanmanworkstation - ok

07:43:52.0984 3004 lbrtfdc - ok

07:43:53.0046 3004 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll

07:43:53.0046 3004 LmHosts - ok

07:43:53.0109 3004 [ 500D089CE760D83DA2B6CBA681AA9949 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys

07:43:53.0156 3004 MBAMProtector - ok

07:43:53.0250 3004 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

07:43:53.0343 3004 MBAMScheduler - ok

07:43:53.0390 3004 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

07:43:53.0453 3004 MBAMService - ok

07:43:53.0500 3004 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll

07:43:53.0500 3004 Messenger - ok

07:43:53.0546 3004 [ 8C7D037A53B495E7C250FD70B158B581 ] MidiSyn C:\WINDOWS\system32\drivers\MidiSyn.sys

07:43:53.0546 3004 MidiSyn - ok

07:43:53.0609 3004 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys

07:43:53.0625 3004 mnmdd - ok

07:43:53.0671 3004 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe

07:43:53.0687 3004 mnmsrvc - ok

07:43:53.0734 3004 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys

07:43:53.0734 3004 Modem - ok

07:43:53.0781 3004 [ 1992E0D143B09653AB0F9C5E04B0FD65 ] MODEMCSA C:\WINDOWS\system32\drivers\MODEMCSA.sys

07:43:53.0781 3004 MODEMCSA - ok

07:43:53.0812 3004 [ F2CC6273E7DE087DC0FD701F753461CA ] mohfilt C:\WINDOWS\system32\DRIVERS\mohfilt.sys

07:43:53.0812 3004 mohfilt - ok

07:43:53.0843 3004 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys

07:43:53.0843 3004 Mouclass - ok

07:43:53.0906 3004 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys

07:43:53.0906 3004 mouhid - ok

07:43:53.0921 3004 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys

07:43:53.0937 3004 MountMgr - ok

07:43:54.0000 3004 [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

07:43:54.0046 3004 MozillaMaintenance - ok

07:43:54.0062 3004 mraid35x - ok

07:43:54.0140 3004 [ 9BD4DCB5412921864A7AACDEDFBD1923 ] MREMP50 C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS

07:43:54.0187 3004 MREMP50 - ok

07:43:54.0203 3004 MREMPR5 - ok

07:43:54.0218 3004 MRENDIS5 - ok

07:43:54.0281 3004 [ 07C02C892E8E1A72D6BF35004F0E9C5E ] MRESP50 C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS

07:43:54.0296 3004 MRESP50 - ok

07:43:54.0343 3004 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys

07:43:54.0343 3004 MRxDAV - ok

07:43:54.0421 3004 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

07:43:54.0437 3004 MRxSmb - ok

07:43:54.0484 3004 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe

07:43:54.0484 3004 MSDTC - ok

07:43:54.0515 3004 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys

07:43:54.0531 3004 Msfs - ok

07:43:54.0546 3004 MSIServer - ok

07:43:54.0593 3004 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys

07:43:54.0593 3004 MSKSSRV - ok

07:43:54.0609 3004 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys

07:43:54.0609 3004 MSPCLOCK - ok

07:43:54.0656 3004 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys

07:43:54.0656 3004 MSPQM - ok

07:43:54.0687 3004 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys

07:43:54.0687 3004 mssmbios - ok

07:43:54.0750 3004 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys

07:43:54.0750 3004 Mup - ok

07:43:54.0812 3004 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll

07:43:54.0828 3004 napagent - ok

07:43:54.0890 3004 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys

07:43:54.0937 3004 NDIS - ok

07:43:55.0000 3004 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys

07:43:55.0000 3004 NdisTapi - ok

07:43:55.0031 3004 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys

07:43:55.0031 3004 Ndisuio - ok

07:43:55.0046 3004 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys

07:43:55.0046 3004 NdisWan - ok

07:43:55.0109 3004 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys

07:43:55.0109 3004 NDProxy - ok

07:43:55.0171 3004 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys

07:43:55.0171 3004 NetBIOS - ok

07:43:55.0203 3004 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys

07:43:55.0203 3004 NetBT - ok

07:43:55.0265 3004 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe

07:43:55.0265 3004 NetDDE - ok

07:43:55.0296 3004 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe

07:43:55.0296 3004 NetDDEdsdm - ok

07:43:55.0328 3004 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe

07:43:55.0343 3004 Netlogon - ok

07:43:55.0375 3004 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll

07:43:55.0390 3004 Netman - ok

07:43:55.0437 3004 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

07:43:55.0437 3004 NetTcpPortSharing - ok

07:43:55.0484 3004 [ 2643E42EED808AAEB147877FEBD110A6 ] NetworkX C:\WINDOWS\system32\ckldrv.sys

07:43:55.0546 3004 NetworkX - ok

07:43:55.0609 3004 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll

07:43:55.0625 3004 Nla - ok

07:43:55.0718 3004 [ CB9751585223A77785B915B0591D71F0 ] NovaShieldFilterDriver C:\WINDOWS\system32\DRIVERS\NSKernel.sys

07:43:55.0734 3004 NovaShieldFilterDriver - ok

07:43:55.0765 3004 [ ED6AF59B384A092E1C42DF79B483B952 ] NovaShieldTDIDriver C:\WINDOWS\system32\DRIVERS\NSNetmon.sys

07:43:55.0765 3004 NovaShieldTDIDriver - ok

07:43:55.0796 3004 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys

07:43:55.0843 3004 Npfs - ok

07:43:55.0890 3004 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys

07:43:55.0921 3004 Ntfs - ok

07:43:55.0953 3004 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe

07:43:55.0953 3004 NtLmSsp - ok

07:43:56.0015 3004 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll

07:43:56.0015 3004 NtmsSvc - ok

07:43:56.0062 3004 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys

07:43:56.0078 3004 Null - ok

07:43:56.0125 3004 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

07:43:56.0125 3004 NwlnkFlt - ok

07:43:56.0156 3004 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

07:43:56.0156 3004 NwlnkFwd - ok

07:43:56.0218 3004 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys

07:43:56.0218 3004 ohci1394 - ok

07:43:56.0312 3004 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

07:43:56.0312 3004 ose - ok

07:43:56.0359 3004 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys

07:43:56.0359 3004 Parport - ok

07:43:56.0390 3004 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys

07:43:56.0406 3004 PartMgr - ok

07:43:56.0453 3004 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys

07:43:56.0468 3004 ParVdm - ok

07:43:56.0531 3004 [ C96C14987F167F461266A6C6028B698B ] pcCMService C:\Program Files\Common Files\Motive\pcCMService.exe

07:43:56.0625 3004 pcCMService - ok

07:43:56.0687 3004 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys

07:43:56.0687 3004 PCI - ok

07:43:56.0718 3004 PCIDump - ok

07:43:56.0734 3004 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys

07:43:56.0734 3004 PCIIde - ok

07:43:56.0765 3004 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys

07:43:56.0781 3004 Pcmcia - ok

07:43:56.0796 3004 PDCOMP - ok

07:43:56.0812 3004 PDFRAME - ok

07:43:56.0828 3004 PDRELI - ok

07:43:56.0843 3004 PDRFRAME - ok

07:43:56.0875 3004 perc2 - ok

07:43:56.0890 3004 perc2hib - ok

07:43:56.0968 3004 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe

07:43:56.0968 3004 PlugPlay - ok

07:43:57.0031 3004 [ 5C71F7CDD1B4BA5F00B87CA05E414AEA ] Point32 C:\WINDOWS\system32\DRIVERS\point32.sys

07:43:57.0031 3004 Point32 - ok

07:43:57.0046 3004 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe

07:43:57.0046 3004 PolicyAgent - ok

07:43:57.0093 3004 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys

07:43:57.0093 3004 PptpMiniport - ok

07:43:57.0140 3004 [ A32BEBAF723557681BFC6BD93E98BD26 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys

07:43:57.0140 3004 Processor - ok

07:43:57.0187 3004 [ DE11F5C3E9BDA993B65E1518D46BC438 ] Profos C:\Program Files\BullGuard Ltd\BullGuard\antirootkit\profos.sys

07:43:57.0218 3004 Profos - ok

07:43:57.0250 3004 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe

07:43:57.0250 3004 ProtectedStorage - ok

07:43:57.0296 3004 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys

07:43:57.0296 3004 PSched - ok

07:43:57.0328 3004 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys

07:43:57.0328 3004 Ptilink - ok

07:43:57.0359 3004 ql1080 - ok

07:43:57.0375 3004 Ql10wnt - ok

07:43:57.0406 3004 ql12160 - ok

07:43:57.0421 3004 ql1240 - ok

07:43:57.0437 3004 ql1280 - ok

07:43:57.0484 3004 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys

07:43:57.0484 3004 RasAcd - ok

07:43:57.0515 3004 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll

07:43:57.0531 3004 RasAuto - ok

07:43:57.0562 3004 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

07:43:57.0578 3004 Rasl2tp - ok

07:43:57.0640 3004 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll

07:43:57.0656 3004 RasMan - ok

07:43:57.0671 3004 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys

07:43:57.0671 3004 RasPppoe - ok

07:43:57.0703 3004 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys

07:43:57.0703 3004 Raspti - ok

07:43:57.0734 3004 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys

07:43:57.0750 3004 Rdbss - ok

07:43:57.0765 3004 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

07:43:57.0765 3004 RDPCDD - ok

07:43:57.0843 3004 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys

07:43:57.0843 3004 RDPWD - ok

07:43:57.0890 3004 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe

07:43:57.0921 3004 RDSessMgr - ok

07:43:57.0953 3004 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys

07:43:57.0968 3004 redbook - ok

07:43:58.0015 3004 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll

07:43:58.0015 3004 RemoteAccess - ok

07:43:58.0046 3004 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe

07:43:58.0062 3004 RpcLocator - ok

07:43:58.0125 3004 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\system32\rpcss.dll

07:43:58.0125 3004 RpcSs - ok

07:43:58.0171 3004 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe

07:43:58.0187 3004 RSVP - ok

07:43:58.0218 3004 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe

07:43:58.0218 3004 SamSs - ok

07:43:58.0250 3004 ScanDrv - ok

07:43:58.0281 3004 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe

07:43:58.0281 3004 SCardSvr - ok

07:43:58.0343 3004 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll

07:43:58.0343 3004 Schedule - ok

07:43:58.0421 3004 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys

07:43:58.0421 3004 Secdrv - ok

07:43:58.0468 3004 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll

07:43:58.0468 3004 seclogon - ok

07:43:58.0515 3004 [ BB596A578330AD794C6769B588AF6BB4 ] senfilt C:\WINDOWS\system32\drivers\senfilt.sys

07:43:58.0515 3004 senfilt - ok

07:43:58.0562 3004 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll

07:43:58.0562 3004 SENS - ok

07:43:58.0609 3004 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys

07:43:58.0609 3004 serenum - ok

07:43:58.0640 3004 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys

07:43:58.0640 3004 Serial - ok

07:43:58.0687 3004 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys

07:43:58.0703 3004 Sfloppy - ok

07:43:58.0781 3004 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll

07:43:58.0781 3004 SharedAccess - ok

07:43:58.0828 3004 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll

07:43:58.0828 3004 ShellHWDetection - ok

07:43:58.0843 3004 Simbad - ok

07:43:58.0906 3004 [ 20659BC41D142236F0DCFCE519A9F2B7 ] SiS315 C:\WINDOWS\system32\DRIVERS\sisgrp.sys

07:43:58.0937 3004 SiS315 - ok

07:43:58.0968 3004 [ 882382BA1743729484665F19A7DC9E9F ] SiSkp C:\WINDOWS\system32\DRIVERS\srvkp.sys

07:43:58.0984 3004 SiSkp - ok

07:43:59.0046 3004 [ 3FBB6EF8B5A71A2FA11F5F461BB73219 ] SISNIC C:\WINDOWS\system32\DRIVERS\sisnic.sys

07:43:59.0046 3004 SISNIC - ok

07:43:59.0171 3004 [ 1319EA66A96250D59665D133C0FF7CD0 ] smwdm C:\WINDOWS\system32\drivers\smwdm.sys

07:43:59.0218 3004 smwdm - ok

07:43:59.0265 3004 [ 3978F082274F723AD5A0A8058C2417DD ] SoundMAX Agent Service (default) C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

07:43:59.0375 3004 SoundMAX Agent Service (default) - ok

07:43:59.0406 3004 Sparrow - ok

07:43:59.0468 3004 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys

07:43:59.0468 3004 splitter - ok

07:43:59.0546 3004 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe

07:43:59.0546 3004 Spooler - ok

07:43:59.0609 3004 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys

07:43:59.0609 3004 sr - ok

07:43:59.0687 3004 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll

07:43:59.0703 3004 srservice - ok

07:43:59.0781 3004 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys

07:43:59.0781 3004 Srv - ok

07:43:59.0859 3004 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll

07:43:59.0859 3004 SSDPSRV - ok

07:43:59.0890 3004 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll

07:43:59.0906 3004 stisvc - ok

07:43:59.0953 3004 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys

07:43:59.0953 3004 swenum - ok

07:43:59.0984 3004 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys

07:43:59.0984 3004 swmidi - ok

07:44:00.0015 3004 SwPrv - ok

07:44:00.0031 3004 symc810 - ok

07:44:00.0062 3004 symc8xx - ok

07:44:00.0078 3004 sym_hi - ok

07:44:00.0093 3004 sym_u3 - ok

07:44:00.0125 3004 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys

07:44:00.0125 3004 sysaudio - ok

07:44:00.0187 3004 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe

07:44:00.0187 3004 SysmonLog - ok

07:44:00.0234 3004 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll

07:44:00.0250 3004 TapiSrv - ok

07:44:00.0359 3004 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys

07:44:00.0375 3004 Tcpip - ok

07:44:00.0421 3004 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys

07:44:00.0437 3004 TDPIPE - ok

07:44:00.0468 3004 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys

07:44:00.0484 3004 TDTCP - ok

07:44:00.0531 3004 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys

07:44:00.0531 3004 TermDD - ok

07:44:00.0609 3004 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll

07:44:00.0609 3004 TermService - ok

07:44:00.0640 3004 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll

07:44:00.0656 3004 Themes - ok

07:44:00.0671 3004 TosIde - ok

07:44:00.0703 3004 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll

07:44:00.0703 3004 TrkWks - ok

07:44:00.0781 3004 [ B1F9B01F90F08ED91AF5A7D3ED66148C ] Trufos C:\WINDOWS\system32\DRIVERS\Trufos.sys

07:44:00.0781 3004 Trufos - ok

07:44:00.0828 3004 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys

07:44:00.0859 3004 Udfs - ok

07:44:00.0875 3004 ultra - ok

07:44:00.0937 3004 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys

07:44:00.0953 3004 Update - ok

07:44:01.0015 3004 [ 325FB38C323C63C7F57885B4DFB1B91E ] UPHClean C:\Program Files\UPHClean\uphclean.exe

07:44:01.0140 3004 UPHClean - ok

07:44:01.0203 3004 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll

07:44:01.0203 3004 upnphost - ok

07:44:01.0234 3004 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe

07:44:01.0234 3004 UPS - ok

07:44:01.0312 3004 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys

07:44:01.0312 3004 usbaudio - ok

07:44:01.0328 3004 USBCamera - ok

07:44:01.0375 3004 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys

07:44:01.0375 3004 usbccgp - ok

07:44:01.0453 3004 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys

07:44:01.0453 3004 usbehci - ok

07:44:01.0484 3004 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys

07:44:01.0484 3004 usbhub - ok

07:44:01.0500 3004 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys

07:44:01.0500 3004 usbohci - ok

07:44:01.0515 3004 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys

07:44:01.0531 3004 usbprint - ok

07:44:01.0546 3004 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys

07:44:01.0546 3004 usbscan - ok

07:44:01.0578 3004 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

07:44:01.0593 3004 USBSTOR - ok

07:44:01.0625 3004 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys

07:44:01.0640 3004 VgaSave - ok

07:44:01.0671 3004 ViaIde - ok

07:44:01.0703 3004 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys

07:44:01.0718 3004 VolSnap - ok

07:44:01.0765 3004 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe

07:44:01.0781 3004 VSS - ok

07:44:01.0828 3004 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll

07:44:01.0828 3004 W32Time - ok

07:44:01.0859 3004 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys

07:44:01.0890 3004 Wanarp - ok

07:44:01.0906 3004 WDICA - ok

07:44:01.0953 3004 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys

07:44:01.0953 3004 wdmaud - ok

07:44:02.0015 3004 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll

07:44:02.0031 3004 WebClient - ok

07:44:02.0156 3004 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll

07:44:02.0156 3004 winmgmt - ok

07:44:02.0234 3004 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll

07:44:02.0234 3004 WmdmPmSN - ok

07:44:02.0296 3004 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe

07:44:02.0343 3004 WmiApSrv - ok

07:44:02.0437 3004 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe

07:44:02.0453 3004 WMPNetworkSvc - ok

07:44:02.0500 3004 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys

07:44:02.0500 3004 WS2IFSL - ok

07:44:02.0562 3004 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll

07:44:02.0562 3004 wscsvc - ok

07:44:02.0578 3004 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll

07:44:02.0593 3004 wuauserv - ok

07:44:02.0640 3004 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys

07:44:02.0640 3004 WudfPf - ok

07:44:02.0671 3004 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys

07:44:02.0687 3004 WudfRd - ok

07:44:02.0718 3004 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll

07:44:02.0718 3004 WudfSvc - ok

07:44:02.0781 3004 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll

07:44:02.0796 3004 WZCSVC - ok

07:44:02.0843 3004 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll

07:44:02.0859 3004 xmlprov - ok

07:44:02.0953 3004 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

07:44:02.0968 3004 YahooAUService - ok

07:44:02.0984 3004 ================ Scan global ===============================

07:44:03.0000 3004 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll

07:44:03.0062 3004 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll

07:44:03.0093 3004 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll

07:44:03.0125 3004 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe

07:44:03.0125 3004 [Global] - ok

07:44:03.0140 3004 ================ Scan MBR ==================================

07:44:03.0156 3004 [ 671B81004FDD1588FA9ED1331C9CECA9 ] \Device\Harddisk0\DR0

07:44:03.0375 3004 \Device\Harddisk0\DR0 - ok

07:44:03.0390 3004 ================ Scan VBR ==================================

07:44:03.0390 3004 [ 782ED474EC6A940D0D889C9ABC5866E5 ] \Device\Harddisk0\DR0\Partition1

07:44:03.0406 3004 \Device\Harddisk0\DR0\Partition1 - ok

07:44:03.0406 3004 ============================================================

07:44:03.0406 3004 Scan finished

07:44:03.0406 3004 ============================================================

07:44:03.0453 1224 Detected object count: 0

07:44:03.0453 1224 Actual detected object count: 0

07:46:57.0390 3460 Deinitialize success

Link to post
Share on other sites

Yes that's it. Great job!

Please read through these instructions to familarize yourself with what to expect when this tool runs

Download ComboFix from one of these locations:

Link 1

Link 2

* IMPORTANT !!! Save ComboFix.exe to your Desktop

  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. Note: If you are having difficulty properly disabling your protective programs, or are unsure as to what programs need to be disabled, please refer to the information available through this link : How to Disable your Security Programs
  • Double click on ComboFix.exe & follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

RCUpdate1.png

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

RC2-1.png

Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.

Notes:

1.Do not mouse-click Combofix's window while it is running. That may cause it to stall.

2. ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser.

3. CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.

4. If you get a message saying "Illegal operation attempted on a registry key that has been marked for deletion", please restart your computer.

----------

Link to post
Share on other sites

Oh well here we go again !!! LOL

Hope this all means something to you?

ComboFix 12-11-06.03 - Owner 07/11/2012 17:23:37.1.1 - x86

Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.990.372 [GMT 0:00]

Running from: c:\documents and settings\Owner\My Documents\ComboFix.exe

AV: BullGuard Antivirus *Enabled/Updated* {7A9BB333-8EDF-4FDC-A2A5-1A30FA021913}

FW: BullGuard Firewall *Disabled* {2AEF4CB6-61B5-4E60-AF22-D95E75B63FA1}

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\documents and settings\All Users\Application Data\TEMP

c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc10.tmp

c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc11.tmp

c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc12.tmp

c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc120.tmp

c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc13.tmp

c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc139.tmp

c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc13B.tmp

c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc13F.tmp

c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc147.tmp

c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc14F.tmp

c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc16A.tmp

c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc16C.tmp

c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc183.tmp

c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc189.tmp

c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc1D6.tmp

c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc1E5.tmp

c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc1FE.tmp

c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc222.tmp

c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc22B.tmp

c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc23.tmp

c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc26.tmp

c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc2A.tmp

c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc2B.tmp

c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc2B9.tmp

c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc2BF.tmp

c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc2D6.tmp

c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc2E.tmp

c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc2F.tmp

c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc3.tmp

c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc311.tmp

c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc32F.tmp

c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc35.tmp

c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc36.tmp

c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc37.tmp

c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc39D.tmp

c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc3B.tmp

c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc3D.tmp

c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc40.tmp

c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc41.tmp

c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc43.tmp

c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc44.tmp

c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc45.tmp

c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc47C.tmp

c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc4A.tmp

c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc4B.tmp

c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc4C.tmp

c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc4C1.tmp

c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc51.tmp

c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc5C.tmp

c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc60.tmp

c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc67.tmp

c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc7.tmp

c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc79.tmp

c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc8.tmp

c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc9.tmp

c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc90.tmp

c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc91.tmp

c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc92.tmp

c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc93.tmp

c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc95.tmp

c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc9E.tmp

c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc9F.tmp

c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mccA.tmp

c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mccA0.tmp

c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mccB.tmp

c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mccB3.tmp

c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mccB4.tmp

c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mccBC.tmp

c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mccBE.tmp

c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mccC.tmp

c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mccC2.tmp

c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mccC3.tmp

c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mccCD.tmp

c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mccD.tmp

c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mccD1.tmp

c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mccD7.tmp

c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mccF.tmp

c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mccF0.tmp

c:\documents and settings\Owner\WINDOWS

c:\windows\AutoRun.ini

c:\windows\system\oeminfo.ini

.

.

((((((((((((((((((((((((( Files Created from 2012-10-07 to 2012-11-07 )))))))))))))))))))))))))))))))

.

.

2012-10-25 11:55 . 2012-10-25 11:55 -------- d-----w- c:\documents and settings\Owner\Application Data\EPSON

2012-10-17 08:44 . 2012-10-17 08:44 -------- d-----w- c:\program files\Common Files\Java

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-10-09 21:58 . 2012-03-30 05:59 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-10-09 21:58 . 2011-05-18 06:13 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-09-29 18:54 . 2009-12-28 12:48 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-09-24 14:32 . 2012-07-03 15:23 477168 ----a-w- c:\windows\system32\npdeployJava1.dll

2012-09-24 14:32 . 2010-04-20 08:36 473072 ----a-w- c:\windows\system32\deployJava1.dll

2012-09-24 12:51 . 2012-07-03 15:23 73728 ----a-w- c:\windows\system32\javacpl.cpl

2012-08-28 15:14 . 2004-08-04 12:00 916992 ----a-w- c:\windows\system32\wininet.dll

2012-08-28 15:14 . 2004-08-04 12:00 43520 ------w- c:\windows\system32\licmgr10.dll

2012-08-28 15:14 . 2004-08-04 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl

2012-08-28 12:07 . 2004-08-04 12:00 385024 ----a-w- c:\windows\system32\html.iec

2012-08-27 11:29 . 2010-03-18 16:03 100216 ----a-w- c:\windows\system32\BgGamingMonitor.dll

2012-08-24 13:53 . 2004-08-04 12:00 177664 ----a-w- c:\windows\system32\wintrust.dll

2012-08-21 13:29 . 2004-08-04 12:00 2192896 ----a-w- c:\windows\system32\ntoskrnl.exe

2012-08-21 12:58 . 2004-08-03 22:59 2069632 ----a-w- c:\windows\system32\ntkrnlpa.exe

2012-08-17 16:33 . 2010-04-19 12:16 54624 ----a-w- c:\windows\system32\BGLsp.dll

2012-10-27 16:40 . 2012-10-27 16:39 261600 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SiSPower"="SiSPower.dll" [2005-05-13 49152]

"BullGuard"="c:\program files\BullGuard Ltd\BullGuard\BullGuard.exe" [2012-09-11 1756512]

"SoundMAXPnP"="c:\program files\Analog Devices\SoundMAX\SMax4PNP.exe" [2004-10-14 1388544]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-09-17 254896]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist]

2011-02-07 18:52 16680 ----a-w- c:\program files\Citrix\GoToAssist\570\g2awinlogon.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=c:\windows\system32\BgGamingMonitor.dll

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsMain]

@="Service"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsScanner]

@="Service"

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

2012-07-11 19:00 919008 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

2012-07-31 11:20 38872 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\btbb_McciTrayApp]

2012-07-05 05:58 1988608 ----a-w- c:\program files\BT Broadband Desktop Help\btbb\BTHelpNotifier.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelliPoint]

2006-07-07 23:15 600896 ----a-w- c:\program files\Microsoft IntelliPoint\ipoint.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\itype]

2006-07-07 23:14 576320 ----a-w- c:\program files\Microsoft IntelliType Pro\itype.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

2001-07-09 10:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

2008-03-10 17:47 385024 ----a-w- c:\program files\QuickTime\qttask.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

2012-09-17 11:41 254896 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"AntiVirusOverride"=dword:00000001

"FirewallOverride"=dword:00000001

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\Messenger\\msmsgs.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\WINDOWS\\system32\\rtcshare.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\Program Files\\BT Broadband Desktop Help\\btbb\\BTHelpBrowser.exe"=

"c:\\Program Files\\BT Broadband Desktop Help\\btbb\\BTHelpNotifier.exe"=

"c:\\Program Files\\TeamViewer\\Version7\\TeamViewer.exe"=

"c:\\Program Files\\TeamViewer\\Version7\\TeamViewer_Service.exe"=

.

R1 BdSpy;BdSpy;c:\windows\system32\drivers\BdSpy.sys [12/03/2010 09:34 64608]

R1 NovaShieldFilterDriver;NovaShieldFilterDriver;c:\windows\system32\drivers\NSKernel.sys [27/01/2011 07:13 789960]

R1 NovaShieldTDIDriver;NovaShieldTDIDriver;c:\windows\system32\drivers\NSNetmon.sys [27/01/2011 07:13 19272]

R2 BsBackup;BullGuard backup service;c:\windows\System32\SvcHost.exe -k BullGuard_Backup [04/08/2004 12:00 14336]

R2 BsBhvScan;BullGuard Behavioural Detection;c:\program files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe [27/01/2011 07:13 321376]

R2 BsFileScan;BullGuard on-access service;c:\windows\System32\SvcHost.exe -k BullGuard [04/08/2004 12:00 14336]

R2 BsFire;BullGuard firewall service;c:\windows\System32\SvcHost.exe -k BullGuard [04/08/2004 12:00 14336]

R2 BsMailProxy;BullGuard e-mail monitoring service;c:\windows\System32\SvcHost.exe -k BullGuard_Proxy [04/08/2004 12:00 14336]

R2 BsMain;BullGuard main service;c:\windows\System32\SvcHost.exe -k BullGuard_Main [04/08/2004 12:00 14336]

R2 BsScanner;BullGuard scanning service;c:\program files\BullGuard Ltd\BullGuard\BullGuardScanner.exe [03/03/2010 20:07 178528]

R2 BsUpdate;BullGuard update service;c:\program files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe [27/08/2012 11:26 304480]

R2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [18/09/2012 17:22 399432]

R2 pcCMService;pcCMService;c:\program files\Common Files\Motive\pcCMService.exe [31/07/2012 07:21 361472]

R3 afw;Agnitum firewall driver;c:\windows\system32\drivers\Afw.sys [04/12/2009 10:00 32512]

R3 afwcore;afwcore;c:\windows\system32\drivers\AfwCore.sys [04/12/2009 10:00 284928]

S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [28/12/2009 12:48 676936]

S2 ScanDrv;ScanDrv; [x]

S3 FXDRV;FXDRV;\??\d:\fxdrv.sys --> d:\Fxdrv.sys [?]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [28/12/2009 12:48 22856]

.

--- Other Services/Drivers In Memory ---

.

*Deregistered* - uphcleanhlp

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

BullGuard_Main REG_MULTI_SZ BsMain

BullGuard REG_MULTI_SZ BsFileScan BsFire

BullGuard_LowPriv REG_MULTI_SZ BsBrowser

BullGuard_Backup REG_MULTI_SZ BsBackup

BullGuard_Proxy REG_MULTI_SZ BsMailProxy

.

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A509B1FF-37FF-4bFF-8CFF-4F3A747040FF}]

2009-03-08 04:32 128512 ----a-w- c:\windows\system32\advpack.dll

.

Contents of the 'Scheduled Tasks' folder

.

2012-11-07 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 21:58]

.

2012-11-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2012-07-08 16:52]

.

2012-11-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2012-07-08 16:52]

.

2012-11-06 c:\windows\Tasks\User_Feed_Synchronization-{ECE78649-45F4-47A2-A1F7-0CF98E5AC97F}.job

- c:\windows\system32\msfeedssync.exe [2006-10-17 04:31]

.

.

------- Supplementary Scan -------

.

uStart Page = hxxp://www.yahoo.com/?fr=fp-yie8

mStart Page = hxxp://www.yahoo.com/?fr=fp-yie8

uInternet Settings,ProxyOverride = <local>

TCP: DhcpNameServer = 192.168.1.254

DPF: {071582AE-C7F9-11D2-A742-0080C8129F3E} - hxxp://traptestsrv.east-northamptonshire.gov.uk/trpzx1.cab

DPF: {3E82BB3F-ABE4-458D-9281-0187286A4E51} - hxxp://contacts.orange.co.uk/wuk_webab/VoxsyncX.cab

DPF: {6218F7B5-0D3A-48BA-AE4C-49DCFA63D400} - hxxp://www.myheritage.com/Genoogle/Components/ActiveX/SearchEngineQuery.dll

DPF: {71057C18-0507-4747-86BC-E11CE7512C5F} - hxxps://register.btinternet.com/templates/btmailcontrol013.cab

FF - ProfilePath - c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\uorzh9uj.default\

FF - prefs.js: browser.startup.homepage - hxxp://uk.yahoo.com/

FF - ExtSQL: 2012-10-17 09:43; {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}; c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}

.

- - - - ORPHANS REMOVED - - - -

.

Toolbar-Locked - (no file)

MSConfigStartUp-Loaris Trojan Remover - c:\program files\Loaris Trojan Remover\TrojanRemover.exe

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2012-11-07 17:37

Windows 5.1.2600 Service Pack 3 NTFS

.

scanning hidden processes ...

.

scanning hidden autostart entries ...

.

scanning hidden files ...

.

scan completed successfully

hidden files: 0

.

**************************************************************************

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

--------------------- DLLs Loaded Under Running Processes ---------------------

.

- - - - - - - > 'winlogon.exe'(416)

c:\windows\system32\BgGamingMonitor.dll

c:\program files\Citrix\GoToAssist\570\G2AWinLogon.dll

.

- - - - - - - > 'lsass.exe'(472)

c:\windows\system32\BgGamingMonitor.dll

.

Completion time: 2012-11-07 17:41:18

ComboFix-quarantined-files.txt 2012-11-07 17:41

.

Pre-Run: 59,311,816,704 bytes free

Post-Run: 59,534,917,632 bytes free

.

WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

UnsupportedDebug="do not select this" /debug

multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

.

- - End Of File - - 3F538FADE40CF55512041C25685DF71B

Link to post
Share on other sites

Oh Wow this is so much better-thanks.
:)

--------------

I see that your Java software is out of date. Please go to Start >> Control Panel >> Programs and Features >> uninstall all versions of Java.

Now download and install the newest version from here >> http://java.com/en/download/index.jsp

-------------

Clear Java Cache

See this page for instructions on how to clear java's cache.

Go into the Control Panel and double-click the Java Icon. (looks like a coffee cup)

  • Under Temporary Internet Files, click the Delete Files button.
  • There are three options in the window to clear the cache - Leave ALL 3 Checked

    • Downloaded Applets
      Downloaded Applications
      Other Files

    [*]Click OK on Delete Temporary Files Window

    Note: This deletes ALL the Downloaded Applications and Applets from the CACHE.

    [*]Click OK to leave the Java Control Panel.

----------

Malwarebytes

Please open Malwarebytes, update it and then run a Quick Scan. Save the log that is created for your next reply.

----------

ESET Online Scanner

Go here to run an online scannner from ESET. Windows Vista/Windows 7 users will need to right click on their Internet Explorer shortcut, and select Run as Administrator

  • Note: For browsers other than Internet Explorer, you will be prompted to download and install esetsmartinstaller_enu.exe. Click on the link and save the file to a convenient location. Double click on it to install and a new window will open. Follow the prompts.
  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked and the Scan Archives option is ticked.
  • Click on Advanced Settings, ensure the options Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
  • Click Scan
  • Wait for the scan to finish
  • When the scan is done, if it shows a screen that says "Threats found!", then click "List of found threats", and then click "Export to text file..."
  • Save that text file on your desktop. Copy and paste the contents of that log as a reply to this topic.
  • Close the ESET online scan, and let me know how things are now.

----------

Link to post
Share on other sites

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.