Jump to content

had Iminent virus and toolbar/redirect, am I clean?


Recommended Posts

I have ran AV and MBAM scans and removed most of the infection, I would like someone to look over my logs and help me out if I missed something. Thanks in advance!

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows XP Professional

Boot Device: \Device\HarddiskVolume1

Install Date: 3/8/2007 4:46:24 PM

System Uptime: 5/25/2013 10:03:00 AM (2 hours ago)

.

Motherboard: ASUSTek Computer INC. | | LEUCITE3

Processor: Intel® Pentium® D CPU 3.00GHz | Socket 775 | 3000/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 224 GiB total, 187.656 GiB free.

D: is FIXED (NTFS) - 9 GiB total, 9.069 GiB free.

E: is CDROM ()

F: is Removable

G: is Removable

H: is Removable

I: is Removable

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

No restore point in system.

.

==== Installed Programs ======================

.

32-BIT BDE

32 Bit HP CIO Components Installer

4500_G510af_Help

4500G510af

4500G510af_Software_Min

ABBYY FineReader 6.0 Sprint

Adobe AIR

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader XI (11.0.03)

Adobe Shockwave Player 12.0

Advantage Database Server for Windows NT/2000

Apple Mobile Device Support

Apple Software Update

Auslogics Disk Defrag

AutoUpdate

Bonjour

BufferChm

CP_AtenaShokunin1Config

CP_CalendarTemplates1

cp_LightScribeConfig

cp_OnlineProjectsConfig

CP_Package_Basic1

CP_Package_Variety1

CP_Package_Variety2

CP_Package_Variety3

CP_Panorama1Config

cp_PosterPrintConfig

cp_UpdateProjectsConfig

Critical Update for Windows Media Player 11 (KB959772)

Crystal Reports 10 Support Files

CueTour

Data Fax SoftModem with SmartCP

Destinations

DeviceDiscovery

DeviceManagementQFolder

DivX

DocMgr

DocProc

Enhanced Multimedia Keyboard Solution

Fax

FullDPAppQFolder

GemMaster Mystic

Google Chrome

Google Earth

Google Toolbar for Internet Explorer

Google Update Helper

GPBaseService2

High Definition Audio Driver Package - KB888111

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Hotfix for Windows Media Format 11 SDK (KB929399)

Hotfix for Windows Media Player 10 (KB903157)

Hotfix for Windows Media Player 10 (KB910393)

Hotfix for Windows Media Player 11 (KB939683)

Hotfix for Windows XP (KB2158563)

Hotfix for Windows XP (KB2443685)

Hotfix for Windows XP (KB2570791)

Hotfix for Windows XP (KB2633952)

Hotfix for Windows XP (KB2756822)

Hotfix for Windows XP (KB2779562)

Hotfix for Windows XP (KB952287)

Hotfix for Windows XP (KB954550-v5)

Hotfix for Windows XP (KB961118)

Hotfix for Windows XP (KB970653-v3)

Hotfix for Windows XP (KB976098-v2)

Hotfix for Windows XP (KB979306)

Hotfix for Windows XP (KB981793)

HP Boot Optimizer

HP Customer Participation Program 13.0

HP DigitalMedia Archive

HP Document Manager 2.0

HP DVD Play 2.1

HP Imaging Device Functions 13.0

HP Officejet 4500 G510a-f

HP Photosmart for Media Center PC

HP Photosmart Premier Software 6.5

HP Smart Web Printing 4.5

HP Solution Center 13.0

HP Update

HP Web Helper

HPPhotoSmartExpress

HPProductAssistant

HpSdpAppCoreApp

InstantShareAlert

InstantShareDevices

Intel® Graphics Media Accelerator Driver

Intel® PRO Network Connections Drivers

Intel® Quick Resume Technology Drivers

Intel® Viiv™ Software

iTunes

J2SE Runtime Environment 5.0 Update 6

Java 7 Update 21

Java Auto Updater

Java 6 Update 39

Java SE Runtime Environment 6

Lexmark Fax Solutions

Lexmark Toolbar

LightScribe 1.4.105.1

Malwarebytes Anti-Malware version 1.75.0.1300

MarketResearch

Medisoft Advanced Patient Accounting 12

Microsoft .NET Framework 1.0 Hotfix (KB2572066)

Microsoft .NET Framework 1.0 Hotfix (KB2604042)

Microsoft .NET Framework 1.0 Hotfix (KB2656378)

Microsoft .NET Framework 1.0 Hotfix (KB953295)

Microsoft .NET Framework 1.0 Hotfix (KB979904)

Microsoft .NET Framework 1.0 Security Update (KB2698035)

Microsoft .NET Framework 1.0 Security Update (KB2742607)

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1 Security Update (KB2698023)

Microsoft .NET Framework 1.1 Security Update (KB2742597)

Microsoft .NET Framework 1.1 Security Update (KB979906)

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 4 Client Profile

Microsoft Application Error Reporting

Microsoft Compression Client Pack 1.0 for Windows XP

Microsoft Money 2006

Microsoft Office Standard Edition 2003 60 days trial

Microsoft Security Client

Microsoft Security Essentials

Microsoft Silverlight

Microsoft User-Mode Driver Framework Feature Pack 1.0

Microsoft VC9 runtime libraries

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Works

MSXML 4.0 SP2 (KB927978)

MSXML 4.0 SP2 (KB936181)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

muvee autoProducer 5.0

muvee autoProducer unPlugged 2.0

My HP Games

OCR Software by I.R.I.S. 13.0

OptionalContentQFolder

PhotoGallery

PLATO Web Learning Network Clients

Quicken 2006

QuickTime

RandMap

Realtek High Definition Audio Driver

Remove WeatherBug Installer

Scan

Security Update for CAPICOM (KB931906)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft Windows (KB2564958)

Security Update for Step By Step Interactive Training (KB923723)

Security Update for Windows Internet Explorer 8 (KB2183461)

Security Update for Windows Internet Explorer 8 (KB2360131)

Security Update for Windows Internet Explorer 8 (KB2416400)

Security Update for Windows Internet Explorer 8 (KB2482017)

Security Update for Windows Internet Explorer 8 (KB2497640)

Security Update for Windows Internet Explorer 8 (KB2510531)

Security Update for Windows Internet Explorer 8 (KB2530548)

Security Update for Windows Internet Explorer 8 (KB2544521)

Security Update for Windows Internet Explorer 8 (KB2559049)

Security Update for Windows Internet Explorer 8 (KB2586448)

Security Update for Windows Internet Explorer 8 (KB2618444)

Security Update for Windows Internet Explorer 8 (KB2647516)

Security Update for Windows Internet Explorer 8 (KB2675157)

Security Update for Windows Internet Explorer 8 (KB2699988)

Security Update for Windows Internet Explorer 8 (KB2722913)

Security Update for Windows Internet Explorer 8 (KB2744842)

Security Update for Windows Internet Explorer 8 (KB2761465)

Security Update for Windows Internet Explorer 8 (KB2792100)

Security Update for Windows Internet Explorer 8 (KB2797052)

Security Update for Windows Internet Explorer 8 (KB2799329)

Security Update for Windows Internet Explorer 8 (KB2809289)

Security Update for Windows Internet Explorer 8 (KB2817183)

Security Update for Windows Internet Explorer 8 (KB2829530)

Security Update for Windows Internet Explorer 8 (KB2847204)

Security Update for Windows Internet Explorer 8 (KB969897)

Security Update for Windows Internet Explorer 8 (KB971961)

Security Update for Windows Internet Explorer 8 (KB972260)

Security Update for Windows Internet Explorer 8 (KB974455)

Security Update for Windows Internet Explorer 8 (KB976325)

Security Update for Windows Internet Explorer 8 (KB978207)

Security Update for Windows Internet Explorer 8 (KB981332)

Security Update for Windows Internet Explorer 8 (KB982381)

Security Update for Windows Media Player (KB2378111)

Security Update for Windows Media Player (KB952069)

Security Update for Windows Media Player (KB954155)

Security Update for Windows Media Player (KB968816)

Security Update for Windows Media Player (KB973540)

Security Update for Windows Media Player (KB975558)

Security Update for Windows Media Player (KB978695)

Security Update for Windows Media Player 10 (KB911565)

Security Update for Windows Media Player 10 (KB917734)

Security Update for Windows Media Player 10 (KB936782)

Security Update for Windows Media Player 11 (KB936782)

Security Update for Windows Media Player 11 (KB954154)

Security Update for Windows Media Player 6.4 (KB925398)

Security Update for Windows XP (KB2079403)

Security Update for Windows XP (KB2115168)

Security Update for Windows XP (KB2121546)

Security Update for Windows XP (KB2160329)

Security Update for Windows XP (KB2229593)

Security Update for Windows XP (KB2259922)

Security Update for Windows XP (KB2279986)

Security Update for Windows XP (KB2286198)

Security Update for Windows XP (KB2296011)

Security Update for Windows XP (KB2296199)

Security Update for Windows XP (KB2347290)

Security Update for Windows XP (KB2360937)

Security Update for Windows XP (KB2387149)

Security Update for Windows XP (KB2393802)

Security Update for Windows XP (KB2412687)

Security Update for Windows XP (KB2419632)

Security Update for Windows XP (KB2423089)

Security Update for Windows XP (KB2436673)

Security Update for Windows XP (KB2440591)

Security Update for Windows XP (KB2443105)

Security Update for Windows XP (KB2476490)

Security Update for Windows XP (KB2476687)

Security Update for Windows XP (KB2478960)

Security Update for Windows XP (KB2478971)

Security Update for Windows XP (KB2479628)

Security Update for Windows XP (KB2481109)

Security Update for Windows XP (KB2483185)

Security Update for Windows XP (KB2485376)

Security Update for Windows XP (KB2485663)

Security Update for Windows XP (KB2491683)

Security Update for Windows XP (KB2503658)

Security Update for Windows XP (KB2503665)

Security Update for Windows XP (KB2506212)

Security Update for Windows XP (KB2506223)

Security Update for Windows XP (KB2507618)

Security Update for Windows XP (KB2507938)

Security Update for Windows XP (KB2508272)

Security Update for Windows XP (KB2508429)

Security Update for Windows XP (KB2509553)

Security Update for Windows XP (KB2511455)

Security Update for Windows XP (KB2524375)

Security Update for Windows XP (KB2535512)

Security Update for Windows XP (KB2536276-v2)

Security Update for Windows XP (KB2536276)

Security Update for Windows XP (KB2544893-v2)

Security Update for Windows XP (KB2544893)

Security Update for Windows XP (KB2555917)

Security Update for Windows XP (KB2562937)

Security Update for Windows XP (KB2566454)

Security Update for Windows XP (KB2567053)

Security Update for Windows XP (KB2567680)

Security Update for Windows XP (KB2570222)

Security Update for Windows XP (KB2570947)

Security Update for Windows XP (KB2584146)

Security Update for Windows XP (KB2585542)

Security Update for Windows XP (KB2592799)

Security Update for Windows XP (KB2598479)

Security Update for Windows XP (KB2603381)

Security Update for Windows XP (KB2618451)

Security Update for Windows XP (KB2620712)

Security Update for Windows XP (KB2621440)

Security Update for Windows XP (KB2624667)

Security Update for Windows XP (KB2631813)

Security Update for Windows XP (KB2633171)

Security Update for Windows XP (KB2639417)

Security Update for Windows XP (KB2641653)

Security Update for Windows XP (KB2646524)

Security Update for Windows XP (KB2647518)

Security Update for Windows XP (KB2653956)

Security Update for Windows XP (KB2655992)

Security Update for Windows XP (KB2659262)

Security Update for Windows XP (KB2660465)

Security Update for Windows XP (KB2661637)

Security Update for Windows XP (KB2676562)

Security Update for Windows XP (KB2685939)

Security Update for Windows XP (KB2686509)

Security Update for Windows XP (KB2691442)

Security Update for Windows XP (KB2695962)

Security Update for Windows XP (KB2698365)

Security Update for Windows XP (KB2705219)

Security Update for Windows XP (KB2707511)

Security Update for Windows XP (KB2709162)

Security Update for Windows XP (KB2712808)

Security Update for Windows XP (KB2718523)

Security Update for Windows XP (KB2719985)

Security Update for Windows XP (KB2723135)

Security Update for Windows XP (KB2724197)

Security Update for Windows XP (KB2727528)

Security Update for Windows XP (KB2731847)

Security Update for Windows XP (KB2753842-v2)

Security Update for Windows XP (KB2753842)

Security Update for Windows XP (KB2757638)

Security Update for Windows XP (KB2758857)

Security Update for Windows XP (KB2761226)

Security Update for Windows XP (KB2770660)

Security Update for Windows XP (KB2778344)

Security Update for Windows XP (KB2779030)

Security Update for Windows XP (KB2780091)

Security Update for Windows XP (KB2799494)

Security Update for Windows XP (KB2802968)

Security Update for Windows XP (KB2807986)

Security Update for Windows XP (KB2808735)

Security Update for Windows XP (KB2813170)

Security Update for Windows XP (KB2813345)

Security Update for Windows XP (KB2820197)

Security Update for Windows XP (KB2820917)

Security Update for Windows XP (KB2829361)

Security Update for Windows XP (KB923561)

Security Update for Windows XP (KB923689)

Security Update for Windows XP (KB938464-v2)

Security Update for Windows XP (KB938464)

Security Update for Windows XP (KB941569)

Security Update for Windows XP (KB946648)

Security Update for Windows XP (KB950759)

Security Update for Windows XP (KB950760)

Security Update for Windows XP (KB950762)

Security Update for Windows XP (KB950974)

Security Update for Windows XP (KB951066)

Security Update for Windows XP (KB951376-v2)

Security Update for Windows XP (KB951376)

Security Update for Windows XP (KB951698)

Security Update for Windows XP (KB951748)

Security Update for Windows XP (KB952004)

Security Update for Windows XP (KB952954)

Security Update for Windows XP (KB954211)

Security Update for Windows XP (KB954459)

Security Update for Windows XP (KB954600)

Security Update for Windows XP (KB955069)

Security Update for Windows XP (KB956391)

Security Update for Windows XP (KB956572)

Security Update for Windows XP (KB956744)

Security Update for Windows XP (KB956802)

Security Update for Windows XP (KB956803)

Security Update for Windows XP (KB956841)

Security Update for Windows XP (KB956844)

Security Update for Windows XP (KB957097)

Security Update for Windows XP (KB958215)

Security Update for Windows XP (KB958644)

Security Update for Windows XP (KB958687)

Security Update for Windows XP (KB958690)

Security Update for Windows XP (KB958869)

Security Update for Windows XP (KB959426)

Security Update for Windows XP (KB960225)

Security Update for Windows XP (KB960714)

Security Update for Windows XP (KB960715)

Security Update for Windows XP (KB960803)

Security Update for Windows XP (KB960859)

Security Update for Windows XP (KB961371)

Security Update for Windows XP (KB961373)

Security Update for Windows XP (KB961501)

Security Update for Windows XP (KB968537)

Security Update for Windows XP (KB969059)

Security Update for Windows XP (KB969897)

Security Update for Windows XP (KB969898)

Security Update for Windows XP (KB969947)

Security Update for Windows XP (KB970238)

Security Update for Windows XP (KB970430)

Security Update for Windows XP (KB971468)

Security Update for Windows XP (KB971486)

Security Update for Windows XP (KB971557)

Security Update for Windows XP (KB971633)

Security Update for Windows XP (KB971657)

Security Update for Windows XP (KB972270)

Security Update for Windows XP (KB973346)

Security Update for Windows XP (KB973354)

Security Update for Windows XP (KB973507)

Security Update for Windows XP (KB973525)

Security Update for Windows XP (KB973869)

Security Update for Windows XP (KB973904)

Security Update for Windows XP (KB974112)

Security Update for Windows XP (KB974318)

Security Update for Windows XP (KB974392)

Security Update for Windows XP (KB974571)

Security Update for Windows XP (KB975025)

Security Update for Windows XP (KB975467)

Security Update for Windows XP (KB975560)

Security Update for Windows XP (KB975561)

Security Update for Windows XP (KB975562)

Security Update for Windows XP (KB975713)

Security Update for Windows XP (KB977165-v2)

Security Update for Windows XP (KB977816)

Security Update for Windows XP (KB977914)

Security Update for Windows XP (KB978037)

Security Update for Windows XP (KB978251)

Security Update for Windows XP (KB978262)

Security Update for Windows XP (KB978338)

Security Update for Windows XP (KB978542)

Security Update for Windows XP (KB978601)

Security Update for Windows XP (KB978706)

Security Update for Windows XP (KB979309)

Security Update for Windows XP (KB979482)

Security Update for Windows XP (KB979559)

Security Update for Windows XP (KB979683)

Security Update for Windows XP (KB979687)

Security Update for Windows XP (KB980195)

Security Update for Windows XP (KB980218)

Security Update for Windows XP (KB980232)

Security Update for Windows XP (KB980436)

Security Update for Windows XP (KB981322)

Security Update for Windows XP (KB981852)

Security Update for Windows XP (KB981957)

Security Update for Windows XP (KB981997)

Security Update for Windows XP (KB982132)

Security Update for Windows XP (KB982214)

Security Update for Windows XP (KB982665)

Security Update for Windows XP (KB982802)

SkinsHP1

Skype™ 5.10

SlideShow

SlideShowMusic

SmartWebPrinting

SolutionCenter

Sonic MyDVD Plus

Sonic RecordNow Audio

Sonic RecordNow Copy

Sonic RecordNow Data

Sonic Update Manager

Sonic_PrimoSDK

Status

Steelers Super Bowl XL Screen Saver

steelers_2008 Screen Saver

swMSM

TeamViewer 8

Toolbox

TrayApp

Unload

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Windows Internet Explorer 8 (KB971180)

Update for Windows Internet Explorer 8 (KB976662)

Update for Windows Internet Explorer 8 (KB976749)

Update for Windows Internet Explorer 8 (KB980182)

Update for Windows Media Player 10 (KB913800)

Update for Windows Media Player 10 (KB926251)

Update for Windows XP (KB2141007)

Update for Windows XP (KB2345886)

Update for Windows XP (KB2467659)

Update for Windows XP (KB2541763)

Update for Windows XP (KB2607712)

Update for Windows XP (KB2616676)

Update for Windows XP (KB2641690)

Update for Windows XP (KB2661254-v2)

Update for Windows XP (KB2718704)

Update for Windows XP (KB2736233)

Update for Windows XP (KB2749655)

Update for Windows XP (KB951978)

Update for Windows XP (KB955759)

Update for Windows XP (KB955839)

Update for Windows XP (KB967715)

Update for Windows XP (KB968389)

Update for Windows XP (KB971029)

Update for Windows XP (KB971737)

Update for Windows XP (KB973687)

Update for Windows XP (KB973815)

Update Rollup 2 for Windows XP Media Center Edition 2005

Viewpoint Media Player

VLC media player 2.0.6

WebFldrs XP

WebReg

Windows Genuine Advantage Validation Tool (KB892130)

Windows Internet Explorer 8

Windows Media Format 11 runtime

Windows Media Player 11

Windows XP Media Center Edition 2005 KB2502898

Windows XP Media Center Edition 2005 KB2619340

Windows XP Media Center Edition 2005 KB2628259

Windows XP Media Center Edition 2005 KB908246

Windows XP Media Center Edition 2005 KB925766

Windows XP Media Center Edition 2005 KB973768

Windows XP Service Pack 3

.

==== Event Viewer Messages From Past Week ========

.

5/23/2013 2:37:49 PM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

5/23/2013 2:37:37 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Fips intelppm MpFilter

5/23/2013 2:37:16 PM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

5/23/2013 2:36:24 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

5/23/2013 1:58:40 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the Spooler service.

5/23/2013 1:11:48 PM, error: Service Control Manager [7034] - The Computer Backup (MyPC Backup) service terminated unexpectedly. It has done this 1 time(s).

5/22/2013 7:21:14 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Adobe Flash Player Update Service service to connect.

5/22/2013 7:21:14 PM, error: Service Control Manager [7000] - The Adobe Flash Player Update Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

5/22/2013 11:18:30 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Google Update Service (gupdate) service to connect.

5/22/2013 11:18:30 PM, error: Service Control Manager [7000] - The Google Update Service (gupdate) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

5/22/2013 11:18:29 PM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service gupdate with arguments "/comsvc" in order to run the server: {4EB61BAC-A3B6-4760-9581-655041EF4D69}

5/21/2013 1:39:23 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Net Driver HPZ12 service to connect.

5/21/2013 1:39:23 PM, error: Service Control Manager [7000] - The Net Driver HPZ12 service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

5/20/2013 3:36:17 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Windows Installer service to connect.

5/20/2013 3:36:17 PM, error: Service Control Manager [7000] - The Windows Installer service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

5/20/2013 3:36:14 PM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}

5/20/2013 1:14:26 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Updater By SweetPacks service to connect.

5/20/2013 1:14:26 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the SProtection service to connect.

5/20/2013 1:14:26 PM, error: Service Control Manager [7000] - The SProtection service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

5/20/2013 1:14:26 PM, error: Service Control Manager [7000] - The MCSTRM service failed to start due to the following error: The system cannot find the file specified.

5/19/2013 6:34:13 PM, error: Service Control Manager [7000] - The Symantec Eraser Control driver service failed to start due to the following error: The system cannot find message text for message number 0x%1 in the message file for %2.

.

==== End Of File ===========================

DDS (Ver_2012-11-20.01) - NTFS_x86

Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.21.2

Run by HP_Administrator at 12:37:19 on 2013-05-25

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.502.76 [GMT -4:00]

.

AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}

AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}

.

============== Running Processes ================

.

c:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\WINDOWS\eHome\ehRecvr.exe

C:\WINDOWS\eHome\ehSched.exe

C:\Program Files\Java\jre7\bin\jqs.exe

C:\Program Files\Common Files\LightScribe\LSSrvc.exe

C:\WINDOWS\system32\lxczcoms.exe

C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe

C:\Program Files\Viewpoint\Common\ViewpointService.exe

C:\Advantage\ADS.EXE

C:\WINDOWS\ehome\mcrdsvc.exe

C:\Program Files\Intel\IntelDH\Intel® Quick Resume Technology Drivers\Elservice.exe

C:\WINDOWS\system32\dllhost.exe

C:\WINDOWS\System32\alg.exe

c:\program files\teamviewer\version8\TeamViewer_Desktop.exe

c:\program files\teamviewer\version8\TeamViewer.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\TeamViewer\Version8\tv_w32.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe

C:\WINDOWS\ehome\ehtray.exe

C:\WINDOWS\eHome\ehmsas.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\IMinent Toolbar\TbHelper2.exe

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k NetworkService

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\system32\svchost.exe -k hpdevmgmt

C:\WINDOWS\System32\svchost.exe -k HPZ12

C:\WINDOWS\System32\svchost.exe -k HPZ12

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\system32\svchost.exe -k imgsvc

.

============== Pseudo HJT Report ===============

.

uStart Page = about:blank

mStart Page = hxxp://start.sweetpacks.com/?src=10&st=12&crg=3.5000006.10042&barid={CA33F846-A133-11E2-B365-0018F3ADB9A5}

uInternet Connection Wizard,ShellNext = iexplore

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com

mCustomizeSearch = hxxp://toolbar.inbox.com/help/sa_customize.aspx?tbid=80273

BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>

BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll

BHO: {094133C8-1D3D-4785-8A56-531CC89612EF} - <orphaned>

BHO: Lexmark Toolbar: {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - c:\program files\lexmark toolbar\toolband.dll

BHO: WhiteSmoke US New Toolbar: {462be121-2b54-4218-bf00-b9bf8135b23f} -

BHO: {6202C0F7-B3FA-4A7C-9E5E-581B33AEAC81} - <orphaned>

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll

BHO: {76cb92f1-a33a-de51-851c-8c771b0ec26a} - <orphaned>

BHO: {7F0D1863-1B3E-46E5-93FB-F6AE21C878B0} - <orphaned>

BHO: Vafmusic2 Toolbar: {7f3f960e-a836-45ca-8911-0accb522246e} -

BHO: DefaultTab Browser Helper: {7F6AFBF1-E065-4627-A2FD-810366367D01} -

BHO: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} -

BHO: {A40DC6C5-79D0-4ca8-A185-8FF989AF1115} - <orphaned>

BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar.dll

BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.0.926.3450\swg.dll

BHO: Google Dictionary Compression sdch: {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - c:\program files\google\google toolbar\component\fastsearch_219B3E1547538286.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll

BHO: BandooIEPlugin Class: {EB5CEE80-030A-4ED8-8E20-454E9C68380F} -

BHO: Search Assistant: {F0626A63-410B-45E2-99A1-3F2475B2D695} -

BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll

TB: &Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar.dll

TB: WhiteSmoke US New Toolbar: {462BE121-2B54-4218-BF00-B9BF8135B23F} -

TB: Vafmusic2 Toolbar: {7F3F960E-A836-45CA-8911-0ACCB522246E} -

TB: &Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar.dll

TB: Lexmark Toolbar: {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - c:\program files\lexmark toolbar\toolband.dll

TB: Vafmusic2 Toolbar: {7f3f960e-a836-45ca-8911-0accb522246e} -

EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll

EB: {A55613A5-19B2-7F6A-E807-A0F03399A764} - <orphaned>

EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll

mRun: [Recguard] c:\windows\sminst\RECGUARD.EXE

mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey

mRun: [lxczbmgr.exe] "c:\program files\lexmark 1200 series\lxczbmgr.exe"

mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe

mRun: [FaxCenterServer] "c:\program files\lexmark fax solutions\fm3032.exe" /s

mRun: [ehTray] c:\windows\ehome\ehtray.exe

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t

uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

mPolicies-Explorer: NoDriveTypeAutoRun = dword:149

mPolicies-System: EnableLUA = dword:0

mPolicies-System: ConsentPromptBehaviorAdmin = dword:0

mPolicies-System: ConsentPromptBehaviorUser = dword:0

mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1

mPolicies-Explorer: NoDriveTypeAutoRun = dword:145

IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll

IE: {E2D4D26B-0180-43a4-B05F-462D6D54C789} - c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\iebutton\support.htm

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

DPF: {106E49CF-797A-11D2-81A2-00E02C015623} - hxxp://www.alternatiff.com/install-ie/alttiff.cab

DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204

DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} - hxxp://fb.familylink.com/we_are_related/stream/core/lib/AurigmaImageUploader/ImageUploader5.cab

DPF: {601B418B-E6A6-47FC-A094-07248741CEB3} - file://e:\vwr_data\WebVwr.cab

DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab

DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab

DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab

DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://aolsvc.aol.com/onlinegames/free-trial-yahtzee/zylomplayer.cab

DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

DPF: {E5168F0C-8591-11D4-BCDF-006008B7FEA4} - hxxp://www.platoweb01.com/pathways/pway_iis.dll/pwln/02040611/fullcab/pwlninst.cab

TCP: NameServer = 209.18.47.61 209.18.47.62

TCP: Interfaces\{0B078F58-CFBF-4B41-8B7F-06E95EB0C7CD} : DHCPNameServer = 209.18.47.61 209.18.47.62

TCP: Interfaces\{892900FC-9814-4488-99C0-81491C1EE93D} : DHCPNameServer = 16.92.3.242 16.92.3.243 16.81.3.243 16.118.3.243

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll

Notify: hgGayyaX - hgGayyaX.dll

Notify: igfxcui - igfxdev.dll

Notify: tuvuTKCV - tuvuTKCV.dll

AppInit_DLLs= c:\progra~1\bandoo\bndhook.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

SEH: {094133C8-1D3D-4785-8A56-531CC89612EF} - <orphaned>

LSA: Authentication Packages = msv1_0 c:\windows\system32\ddcBUmME

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\27.0.1453.94\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

.

============= SERVICES / DRIVERS ===============

.

R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2012-3-20 195296]

R1 MpKsl7c587056;MpKsl7c587056;c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{f7a87dc5-b7c7-4c2a-9473-ec6189e75312}\MpKsl7c587056.sys [2013-5-25 29904]

R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]

R2 TeamViewer8;TeamViewer 8;c:\program files\teamviewer\version8\TeamViewer_Service.exe [2013-5-24 3574624]

R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2008-7-9 24652]

S0 neawvsy;neawvsy;c:\windows\system32\drivers\hnwjrgpz.sys --> c:\windows\system32\drivers\hnwjrgpz.sys [?]

S1 eshyhmlt;eshyhmlt;\??\c:\windows\system32\drivers\eshyhmlt.sys --> c:\windows\system32\drivers\eshyhmlt.sys [?]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S3 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys [2012-5-30 32072]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

S4 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-7-13 160944]

UnknownUnknown MpKsl626db6b3;MpKsl626db6b3; [x]

.

=============== Created Last 30 ================

.

2013-05-25 14:04:22 29904 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{f7a87dc5-b7c7-4c2a-9473-ec6189e75312}\MpKsl7c587056.sys

2013-05-25 13:52:46 -------- d-----w- c:\program files\VideoLAN

2013-05-25 13:52:29 -------- d-----w- c:\program files\Auslogics

2013-05-25 13:49:19 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

2013-05-24 23:06:24 7016152 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{f7a87dc5-b7c7-4c2a-9473-ec6189e75312}\mpengine.dll

2013-05-24 22:58:50 -------- d-----w- c:\program files\TeamViewer

2013-05-24 22:51:01 116224 ----a-w- c:\windows\system32\dllcache\xrxwiadr.dll

2013-05-24 22:50:58 23040 ----a-w- c:\windows\system32\dllcache\xrxwbtmp.dll

2013-05-24 22:50:56 18944 ----a-w- c:\windows\system32\dllcache\xrxscnui.dll

2013-05-24 22:50:53 27648 ----a-w- c:\windows\system32\dllcache\xrxftplt.exe

2013-05-24 22:50:49 4608 ----a-w- c:\windows\system32\dllcache\xrxflnch.exe

2013-05-24 22:50:35 99865 ----a-w- c:\windows\system32\dllcache\xlog.exe

2013-05-24 22:50:31 16970 ----a-w- c:\windows\system32\dllcache\xem336n5.sys

2013-05-24 22:50:29 19455 ----a-w- c:\windows\system32\dllcache\wvchntxx.sys

2013-05-24 22:50:25 19200 ----a-w- c:\windows\system32\dllcache\wstcodec.sys

2013-05-24 22:50:24 12063 ----a-w- c:\windows\system32\dllcache\wsiintxx.sys

2013-05-24 22:50:22 8192 ----a-w- c:\windows\system32\dllcache\wshirda.dll

2013-05-24 22:50:05 8832 ----a-w- c:\windows\system32\dllcache\wmiacpi.sys

2013-05-24 22:50:03 154624 ----a-w- c:\windows\system32\dllcache\wlluc48.sys

2013-05-24 22:48:56 604253 ----a-w- c:\windows\system32\dllcache\vmodem.sys

2013-05-24 22:47:59 28160 ----a-w- c:\windows\system32\dllcache\umaxu40.dll

2013-05-24 22:46:59 315520 ----a-w- c:\windows\system32\dllcache\trid3d.dll

2013-05-24 22:45:59 7040 ----a-w- c:\windows\system32\dllcache\tandqic.sys

2013-05-24 22:44:59 16896 ----a-w- c:\windows\system32\dllcache\stcusb.sys

2013-05-24 22:43:58 147200 ----a-w- c:\windows\system32\dllcache\smidispb.dll

2013-05-24 22:42:59 150144 ----a-w- c:\windows\system32\dllcache\sis6306v.dll

2013-05-24 22:41:59 23936 ----a-w- c:\windows\system32\dllcache\sccmn50m.sys

2013-05-24 22:40:57 30720 ----a-w- c:\windows\system32\dllcache\rthwcls.sys

2013-05-24 22:39:59 40320 ----a-w- c:\windows\system32\dllcache\ql1080.sys

2013-05-24 22:38:59 259328 ----a-w- c:\windows\system32\dllcache\perm3dd.dll

2013-05-24 22:37:59 28032 ----a-w- c:\windows\system32\dllcache\ovcd.sys

2013-05-24 22:36:59 132695 ----a-w- c:\windows\system32\dllcache\netwlan5.sys

2013-05-24 22:35:58 103296 ----a-w- c:\windows\system32\dllcache\mtxvideo.sys

2013-05-24 22:35:48 5504 ----a-w- c:\windows\system32\dllcache\mstee.sys

2013-05-24 22:35:47 49024 ----a-w- c:\windows\system32\dllcache\mstape.sys

2013-05-24 22:35:43 12416 ----a-w- c:\windows\system32\dllcache\msriffwv.sys

2013-05-24 22:35:37 2944 ----a-w- c:\windows\system32\dllcache\msmpu401.sys

2013-05-24 22:35:35 22016 ----a-w- c:\windows\system32\dllcache\msircomm.sys

2013-05-24 22:35:34 98304 ----a-w- c:\windows\system32\dllcache\msir3jp.dll

2013-05-24 22:35:27 35200 ----a-w- c:\windows\system32\dllcache\msgame.sys

2013-05-24 22:35:24 6016 ----a-w- c:\windows\system32\dllcache\msfsio.sys

2013-05-24 22:35:23 51200 ----a-w- c:\windows\system32\dllcache\msdv.sys

2013-05-24 22:35:16 17280 ----a-w- c:\windows\system32\dllcache\mraid35x.sys

2013-05-24 22:35:08 15232 ----a-w- c:\windows\system32\dllcache\mpe.sys

2013-05-24 22:35:03 16128 ----a-w- c:\windows\system32\dllcache\modemcsa.sys

2013-05-24 22:33:58 20573 ----a-w- c:\windows\system32\dllcache\lne100.sys

2013-05-24 22:32:57 23552 ----a-w- c:\windows\system32\dllcache\irmk7.sys

2013-05-24 22:31:59 26624 ----a-w- c:\windows\system32\dllcache\icam3ext.dll

2013-05-24 22:30:57 19456 ----a-w- c:\windows\system32\dllcache\hr1w.dll

2013-05-24 22:29:58 322432 ----a-w- c:\windows\system32\dllcache\g400m.sys

2013-05-24 22:28:59 45568 ----a-w- c:\windows\system32\dllcache\esuni.dll

2013-05-24 22:27:59 55999 ----a-w- c:\windows\system32\dllcache\el556nd5.sys

2013-05-24 22:26:58 419357 ----a-w- c:\windows\system32\dllcache\dgconfig.dll

2013-05-24 22:25:58 42112 ----a-w- c:\windows\system32\dllcache\crtaud.sys

2013-05-24 22:24:33 13824 ----a-w- c:\windows\system32\dllcache\bulltlp3.sys

2013-05-24 22:23:59 102400 ----a-w- c:\windows\system32\dllcache\binlsvc.dll

2013-05-24 22:22:59 747392 ----a-w- c:\windows\system32\dllcache\adm8830.sys

2013-05-24 22:19:48 66048 ----a-w- c:\windows\system32\dllcache\s3legacy.dll

2013-05-23 17:59:09 -------- d-----w- c:\documents and settings\hp_administrator\application data\PriceGong

2013-05-23 17:11:41 -------- d-----w- c:\documents and settings\hp_administrator\SyncFolder

2013-05-22 17:49:09 7016152 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll

2013-05-20 19:45:36 -------- d-----w- c:\documents and settings\hp_administrator\local settings\application data\Vafmusic2

2013-05-20 19:42:59 -------- d-----w- c:\documents and settings\hp_administrator\local settings\application data\CRE

2013-05-15 19:18:32 0 ----a-w- c:\windows\system32\TempWmicBatchFile.bat

2013-05-15 19:18:29 -------- d-----w- c:\windows\system32\Extensions

2013-05-15 19:18:28 -------- d-----w- c:\windows\system32\searchplugins

2013-05-15 19:16:20 -------- d-----w- c:\documents and settings\all users\application data\Babylon

2013-05-15 19:16:14 -------- d-----w- c:\documents and settings\hp_administrator\application data\Babylon

2013-05-11 10:37:28 209472 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll

2013-05-05 04:00:00 14056 ----a-w- c:\windows\system32\rkeyds.sys

2013-05-05 04:00:00 14056 ----a-w- c:\windows\system32\jrdgl.dll

.

==================== Find3M ====================

.

2013-05-25 13:47:16 144896 ----a-w- c:\windows\system32\javacpl.cpl

2013-05-25 13:47:08 866720 ----a-w- c:\windows\system32\npdeployJava1.dll

2013-05-25 13:47:06 788896 ----a-w- c:\windows\system32\deployJava1.dll

2013-05-14 21:21:25 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2013-05-14 21:21:25 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2013-05-02 15:28:50 238872 ------w- c:\windows\system32\MpSigStub.exe

2013-04-19 04:00:00 14056 ----a-w- c:\windows\system32\emlks.dll

2013-04-16 22:17:15 920064 ----a-w- c:\windows\system32\wininet.dll

2013-04-16 22:17:14 43520 ----a-w- c:\windows\system32\licmgr10.dll

2013-04-16 22:17:14 1469440 ----a-w- c:\windows\system32\inetcpl.cpl

2013-04-12 23:28:55 385024 ----a-w- c:\windows\system32\html.iec

2013-04-10 01:31:19 1876352 ----a-w- c:\windows\system32\win32k.sys

2013-04-04 18:50:32 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

2013-03-13 10:26:54 126296 ----a-w- c:\windows\system32\gotomon.dll

2013-03-12 04:00:00 14056 ----a-w- c:\windows\vmdcr.dll

2013-03-08 08:36:22 293376 ----a-w- c:\windows\system32\winsrv.dll

2013-03-07 01:32:25 2149888 ----a-w- c:\windows\system32\ntoskrnl.exe

2013-03-07 00:50:30 2028544 ----a-w- c:\windows\system32\ntkrnlpa.exe

2013-02-27 07:56:51 2067456 ----a-w- c:\windows\system32\mstscax.dll

2013-02-25 04:00:00 14056 ----a-w- c:\windows\amcdr.dll

.

============= FINISH: 12:40:34.70 ===============

Link to post
Share on other sites

Hy

my name is Daniel and I will be assisting you with your Malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.
  • I am currently visiting an evening school and working nightshift only which might be evening for you. In this time I am mostly online with my mobile devices and won't be able to reply.

I still see a few things which needs our attention but first of all. Could you post the logfiles where I can see what has been found ?

Please read and follow these instructions carefully. We do not want it to fix anything yet (if found), we need to see a report first.

Download TDSSKiller.exe and save it to your desktop

  • Execute TDSSKiller.exe by doubleclicking on it.
  • Press Start Scan
  • If Malicious objects are found, do NOT select Cure. Change the action to Skip, and save the log.
  • Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt

Please post the contents of that log in your next reply.

Link to post
Share on other sites

Malwarebytes Anti-Malware 1.75.0.1300

www.malwarebytes.org

Database version: v2013.05.24.09

Windows XP Service Pack 3 x86 NTFS

Internet Explorer 8.0.6001.18702

HP_Administrator :: DDBWLT21 [administrator]

5/24/2013 7:24:08 PM

mbam-log-2013-05-24 (19-24-08).txt

Scan type: Full scan (C:\|D:\|)

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 362560

Time elapsed: 1 hour(s), 42 minute(s), 41 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 7

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE146ACC-D881-1414-2148-B1D008B47ADB} (PUP.ShopToWin) -> Quarantined and deleted successfully.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE146ACC-D881-1414-2148-B1D008B47ADB} (PUP.ShopToWin) -> Quarantined and deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EE146ACC-D881-1414-2148-B1D008B47ADB} (PUP.ShopToWin) -> Quarantined and deleted successfully.

HKCU\Software\PlayVolcanoSA (Adware.HotBar.PV) -> Quarantined and deleted successfully.

HKCU\SOFTWARE\CROSSRIDER (Adware.GamePlayLab) -> Quarantined and deleted successfully.

HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GUARDXKICKOFF.EXE (Security.Hijack) -> Quarantined and deleted successfully.

HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MCMPENG.EXE (Security.Hijack) -> Quarantined and deleted successfully.

Registry Values Detected: 3

HKCU\Software\Crossrider|215AppVerifier (Adware.GamePlayLab) -> Data: 99204749dee52b639e17d0a204daabc0 -> Quarantined and deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\guardxkickoff.exe|Debugger (Security.Hijack) -> Data: svchost.exe -> Quarantined and deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcmpeng.exe|Debugger (Security.Hijack) -> Data: svchost.exe -> Quarantined and deleted successfully.

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 4

C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\PlayVolcanoSA (Adware.HotBar.PV) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\PlayVolcanoSA\bin (Adware.HotBar.PV) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\PlayVolcanoSA\bin\1.0.10.0 (Adware.HotBar.PV) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\PlayVolcanoSA\data (Adware.HotBar.PV) -> Quarantined and deleted successfully.

Files Detected: 7

C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\PlayVolcanoSA\bin\1.0.10.0\PlayVolcanoUninstaller.exe (Adware.Shopper) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Local Settings\Temp\DIQ\FlashPlayer_151\software\SupremeSavings.exe (Heuristics.Shuriken) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\PlayVolcanoSA\bin\1.0.10.0\copyright.txt (Adware.HotBar.PV) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\PlayVolcanoSA\data\PlayVolcanoSA.dat (Adware.HotBar.PV) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\PlayVolcanoSA\data\PlayVolcanoSAau.dat (Adware.HotBar.PV) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\PlayVolcanoSA\data\PlayVolcanoSA_kyf.dat (Adware.HotBar.PV) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\PlayVolcanoSA\data\PlayVolcanoSA_kyf_update.dat (Adware.HotBar.PV) -> Quarantined and deleted successfully.

(end)

13:31:48.0578 1912 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42

13:31:49.0828 1912 ============================================================

13:31:49.0828 1912 Current date / time: 2013/05/25 13:31:49.0828

13:31:49.0843 1912 SystemInfo:

13:31:49.0843 1912

13:31:49.0859 1912 OS Version: 5.1.2600 ServicePack: 3.0

13:31:49.0859 1912 Product type: Workstation

13:31:49.0859 1912 ComputerName: DDBWLT21

13:31:49.0859 1912 UserName: HP_Administrator

13:31:49.0859 1912 Windows directory: C:\WINDOWS

13:31:49.0859 1912 System windows directory: C:\WINDOWS

13:31:49.0859 1912 Processor architecture: Intel x86

13:31:49.0859 1912 Number of processors: 2

13:31:49.0859 1912 Page size: 0x1000

13:31:49.0859 1912 Boot type: Normal boot

13:31:49.0859 1912 ============================================================

13:32:02.0734 1912 BG loaded

13:32:03.0953 1912 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054

13:32:04.0187 1912 ============================================================

13:32:04.0187 1912 \Device\Harddisk0\DR0:

13:32:04.0218 1912 MBR partitions:

13:32:04.0218 1912 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1BF79518

13:32:04.0218 1912 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1BF79557, BlocksNum 0x124B02A

13:32:04.0218 1912 ============================================================

13:32:04.0406 1912 C: <-> \Device\Harddisk0\DR0\Partition1

13:32:04.0562 1912 D: <-> \Device\Harddisk0\DR0\Partition2

13:32:04.0656 1912 ============================================================

13:32:04.0656 1912 Initialize success

13:32:04.0656 1912 ============================================================

13:32:10.0515 2572 ============================================================

13:32:10.0515 2572 Scan started

13:32:10.0515 2572 Mode: Manual;

13:32:10.0515 2572 ============================================================

13:32:12.0046 2572 ================ Scan system memory ========================

13:32:12.0046 2572 System memory - ok

13:32:12.0078 2572 ================ Scan services =============================

13:32:12.0953 2572 Abiosdsk - ok

13:32:13.0031 2572 abp480n5 - ok

13:32:13.0109 2572 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys

13:32:13.0109 2572 ACPI - ok

13:32:13.0218 2572 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys

13:32:13.0234 2572 ACPIEC - ok

13:32:13.0531 2572 [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

13:32:13.0562 2572 AdobeFlashPlayerUpdateSvc - ok

13:32:13.0640 2572 adpu160m - ok

13:32:13.0890 2572 [ 9FDD39BCB4559102B3A3C9E26DFDA77E ] Advantage C:\Advantage\ADS.EXE

13:32:14.0046 2572 Advantage - ok

13:32:14.0187 2572 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys

13:32:14.0234 2572 aec - ok

13:32:14.0406 2572 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys

13:32:14.0406 2572 AFD - ok

13:32:14.0468 2572 Aha154x - ok

13:32:14.0468 2572 aic78u2 - ok

13:32:14.0484 2572 aic78xx - ok

13:32:14.0640 2572 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll

13:32:14.0640 2572 Alerter - ok

13:32:14.0812 2572 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe

13:32:14.0812 2572 ALG - ok

13:32:14.0843 2572 AliIde - ok

13:32:14.0859 2572 amsint - ok

13:32:15.0156 2572 [ A8AA9D47F971570A5162B862B80F87E8 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

13:32:15.0171 2572 Apple Mobile Device - ok

13:32:15.0328 2572 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll

13:32:15.0328 2572 AppMgmt - ok

13:32:15.0562 2572 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys

13:32:15.0562 2572 Arp1394 - ok

13:32:15.0687 2572 asc - ok

13:32:15.0703 2572 asc3350p - ok

13:32:15.0781 2572 asc3550 - ok

13:32:16.0171 2572 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe

13:32:16.0312 2572 aspnet_state - ok

13:32:16.0500 2572 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys

13:32:16.0515 2572 AsyncMac - ok

13:32:16.0625 2572 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys

13:32:16.0625 2572 atapi - ok

13:32:16.0687 2572 Atdisk - ok

13:32:16.0875 2572 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys

13:32:16.0906 2572 Atmarpc - ok

13:32:16.0953 2572 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll

13:32:16.0953 2572 AudioSrv - ok

13:32:17.0203 2572 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys

13:32:17.0203 2572 audstub - ok

13:32:17.0375 2572 Bandoo Coordinator - ok

13:32:17.0593 2572 [ 7270D070173B20AC9487EA16BB08B45F ] bb-run C:\WINDOWS\system32\DRIVERS\bb-run.sys

13:32:17.0593 2572 bb-run - ok

13:32:17.0625 2572 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys

13:32:17.0640 2572 Beep - ok

13:32:17.0812 2572 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll

13:32:17.0859 2572 BITS - ok

13:32:17.0984 2572 [ 9EFE4236F8670846B6E7C5B0EFF6E715 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

13:32:18.0000 2572 Bonjour Service - ok

13:32:18.0109 2572 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll

13:32:18.0109 2572 Browser - ok

13:32:18.0328 2572 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys

13:32:18.0343 2572 cbidf2k - ok

13:32:18.0453 2572 cd20xrnt - ok

13:32:18.0640 2572 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys

13:32:18.0640 2572 Cdaudio - ok

13:32:18.0703 2572 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys

13:32:18.0703 2572 Cdfs - ok

13:32:18.0781 2572 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys

13:32:18.0781 2572 Cdrom - ok

13:32:18.0984 2572 Changer - ok

13:32:19.0031 2572 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe

13:32:19.0031 2572 CiSvc - ok

13:32:19.0140 2572 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe

13:32:19.0140 2572 ClipSrv - ok

13:32:19.0250 2572 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

13:32:19.0343 2572 clr_optimization_v2.0.50727_32 - ok

13:32:19.0703 2572 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

13:32:19.0734 2572 clr_optimization_v4.0.30319_32 - ok

13:32:19.0812 2572 CmdIde - ok

13:32:19.0906 2572 COMSysApp - ok

13:32:20.0125 2572 Cpqarray - ok

13:32:20.0203 2572 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll

13:32:20.0218 2572 CryptSvc - ok

13:32:20.0265 2572 dac2w2k - ok

13:32:20.0359 2572 dac960nt - ok

13:32:20.0406 2572 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll

13:32:20.0421 2572 DcomLaunch - ok

13:32:20.0531 2572 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll

13:32:20.0546 2572 Dhcp - ok

13:32:20.0765 2572 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys

13:32:20.0781 2572 Disk - ok

13:32:20.0890 2572 dmadmin - ok

13:32:20.0968 2572 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys

13:32:21.0171 2572 dmboot - ok

13:32:21.0234 2572 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys

13:32:21.0234 2572 dmio - ok

13:32:21.0453 2572 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys

13:32:21.0453 2572 dmload - ok

13:32:21.0546 2572 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll

13:32:21.0562 2572 dmserver - ok

13:32:21.0640 2572 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys

13:32:21.0640 2572 DMusic - ok

13:32:21.0796 2572 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll

13:32:21.0796 2572 Dnscache - ok

13:32:21.0953 2572 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll

13:32:21.0953 2572 Dot3svc - ok

13:32:22.0000 2572 dpti2o - ok

13:32:22.0031 2572 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys

13:32:22.0031 2572 drmkaud - ok

13:32:22.0171 2572 [ 83403675CAB29E7A4B885B11E7C855D8 ] E100B C:\WINDOWS\system32\DRIVERS\e100b325.sys

13:32:22.0171 2572 E100B - ok

13:32:22.0375 2572 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll

13:32:22.0390 2572 EapHost - ok

13:32:22.0515 2572 [ 5D1347AA5AE6E2F77D7F4F8372D95AC9 ] ehRecvr C:\WINDOWS\eHome\ehRecvr.exe

13:32:22.0515 2572 ehRecvr - ok

13:32:22.0718 2572 [ A53243709439AC2A4C216B817F8D7411 ] ehSched C:\WINDOWS\eHome\ehSched.exe

13:32:22.0734 2572 ehSched - ok

13:32:22.0984 2572 [ 0923AEC043F5D355B4EF0C2B29A362DE ] ELacpi C:\WINDOWS\system32\DRIVERS\ELacpi.sys

13:32:22.0984 2572 ELacpi - ok

13:32:23.0109 2572 [ CBD71E7772F92BFB85CCC302B2DEEFBA ] ELhid C:\WINDOWS\System32\Drivers\Elhid.sys

13:32:23.0125 2572 ELhid - ok

13:32:23.0218 2572 [ AC75B576C45D144E146FD1F0576A1F53 ] ELkbd C:\WINDOWS\System32\Drivers\Elkbd.sys

13:32:23.0218 2572 ELkbd - ok

13:32:23.0343 2572 [ 483CCE5E40137D4E437F4DEF55C80007 ] ELmon C:\WINDOWS\System32\Drivers\Elmon.sys

13:32:23.0343 2572 ELmon - ok

13:32:23.0468 2572 [ 8E88CAFEAC0812BF2D15BEEEDFCCE8BD ] ELmou C:\WINDOWS\System32\Drivers\Elmou.sys

13:32:23.0468 2572 ELmou - ok

13:32:23.0609 2572 [ 47FCF6628E1A221C41F3F0130FBF258E ] ELService C:\Program Files\Intel\IntelDH\Intel® Quick Resume Technology Drivers\Elservice.exe

13:32:23.0625 2572 ELService - ok

13:32:23.0687 2572 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll

13:32:23.0687 2572 ERSvc - ok

13:32:23.0796 2572 eshyhmlt - ok

13:32:24.0046 2572 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe

13:32:24.0093 2572 Eventlog - ok

13:32:24.0234 2572 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll

13:32:24.0234 2572 EventSystem - ok

13:32:24.0296 2572 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys

13:32:24.0312 2572 Fastfat - ok

13:32:24.0437 2572 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll

13:32:24.0437 2572 FastUserSwitchingCompatibility - ok

13:32:24.0531 2572 [ E97D6A8684466DF94FF3BC24FB787A07 ] Fax C:\WINDOWS\system32\fxssvc.exe

13:32:24.0546 2572 Fax - ok

13:32:24.0640 2572 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys

13:32:24.0656 2572 Fdc - ok

13:32:24.0796 2572 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys

13:32:24.0796 2572 Fips - ok

13:32:24.0890 2572 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys

13:32:24.0906 2572 Flpydisk - ok

13:32:25.0140 2572 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys

13:32:25.0140 2572 FltMgr - ok

13:32:25.0359 2572 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

13:32:25.0375 2572 FontCache3.0.0.0 - ok

13:32:25.0437 2572 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys

13:32:25.0437 2572 Fs_Rec - ok

13:32:25.0500 2572 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys

13:32:25.0515 2572 Ftdisk - ok

13:32:25.0671 2572 [ 22399D3CE5840C6082844679CCA5D2FC ] ftsata2 C:\WINDOWS\system32\DRIVERS\ftsata2.sys

13:32:25.0671 2572 ftsata2 - ok

13:32:25.0796 2572 [ AB8A6A87D9D7255C3884D5B9541A6E80 ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys

13:32:25.0796 2572 GEARAspiWDM - ok

13:32:25.0937 2572 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys

13:32:25.0968 2572 Gpc - ok

13:32:26.0171 2572 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe

13:32:26.0171 2572 gupdate - ok

13:32:26.0203 2572 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe

13:32:26.0203 2572 gupdatem - ok

13:32:26.0375 2572 [ 1BF044E23206FDDC16891A32922D571B ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

13:32:26.0375 2572 gusvc - ok

13:32:26.0421 2572 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys

13:32:26.0437 2572 HDAudBus - ok

13:32:26.0703 2572 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll

13:32:26.0703 2572 helpsvc - ok

13:32:26.0875 2572 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll

13:32:26.0906 2572 HidServ - ok

13:32:27.0015 2572 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys

13:32:27.0015 2572 HidUsb - ok

13:32:27.0203 2572 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll

13:32:27.0203 2572 hkmsvc - ok

13:32:27.0234 2572 hpn - ok

13:32:27.0500 2572 [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05 ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll

13:32:27.0531 2572 hpqcxs08 - ok

13:32:27.0578 2572 [ F3F72A2A86C22610BCA5439FA789DD52 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll

13:32:27.0578 2572 hpqddsvc - ok

13:32:27.0718 2572 [ D03D10F7DED688FECF50F8FBF1EA9B8A ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys

13:32:27.0750 2572 HPZid412 - ok

13:32:27.0796 2572 [ 89F41658929393487B6B7D13C8528CE3 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys

13:32:27.0796 2572 HPZipr12 - ok

13:32:27.0937 2572 [ ABCB05CCDBF03000354B9553820E39F8 ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys

13:32:27.0937 2572 HPZius12 - ok

13:32:28.0078 2572 [ 1F5C64B0C6B2E2F48735A77AE714CCB8 ] HSXHWBS2 C:\WINDOWS\system32\DRIVERS\HSXHWBS2.sys

13:32:28.0093 2572 HSXHWBS2 - ok

13:32:28.0171 2572 [ A7F8C9228898A1E871D2AE7082F50AC3 ] HSX_DP C:\WINDOWS\system32\DRIVERS\HSX_DP.sys

13:32:28.0203 2572 HSX_DP - ok

13:32:28.0281 2572 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys

13:32:28.0281 2572 HTTP - ok

13:32:28.0515 2572 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll

13:32:28.0515 2572 HTTPFilter - ok

13:32:28.0609 2572 i2omgmt - ok

13:32:28.0625 2572 i2omp - ok

13:32:28.0671 2572 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys

13:32:28.0671 2572 i8042prt - ok

13:32:28.0968 2572 [ 0F0194C4B635C10C3F785E4FEE52D641 ] ialm C:\WINDOWS\system32\DRIVERS\ialmnt5.sys

13:32:29.0015 2572 ialm - ok

13:32:29.0109 2572 [ 88B1943ECFF661F765228099138CF6AB ] iaStor C:\WINDOWS\system32\DRIVERS\iastor.sys

13:32:29.0109 2572 iaStor - ok

13:32:29.0296 2572 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

13:32:29.0296 2572 IDriverT - ok

13:32:29.0515 2572 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

13:32:29.0562 2572 idsvc - ok

13:32:29.0671 2572 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys

13:32:29.0687 2572 Imapi - ok

13:32:29.0765 2572 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe

13:32:29.0843 2572 ImapiService - ok

13:32:29.0968 2572 ini910u - ok

13:32:30.0578 2572 [ AB2FE0FAA519880BD16E4A0792D633D2 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys

13:32:30.0875 2572 IntcAzAudAddService - ok

13:32:31.0000 2572 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys

13:32:31.0000 2572 IntelIde - ok

13:32:31.0171 2572 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys

13:32:31.0171 2572 intelppm - ok

13:32:31.0265 2572 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys

13:32:31.0281 2572 Ip6Fw - ok

13:32:31.0593 2572 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

13:32:31.0609 2572 IpFilterDriver - ok

13:32:31.0640 2572 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys

13:32:31.0656 2572 IpInIp - ok

13:32:31.0718 2572 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys

13:32:31.0718 2572 IpNat - ok

13:32:31.0890 2572 [ 62937A89470AF8FF172F0980CA8AEFC9 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe

13:32:31.0921 2572 iPod Service - ok

13:32:32.0062 2572 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys

13:32:32.0062 2572 IPSec - ok

13:32:32.0109 2572 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys

13:32:32.0109 2572 IRENUM - ok

13:32:32.0218 2572 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys

13:32:32.0218 2572 isapnp - ok

13:32:32.0453 2572 [ 5739F2821D49975CEDE6BF0153D0CF01 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe

13:32:32.0468 2572 JavaQuickStarterService - ok

13:32:32.0562 2572 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys

13:32:32.0562 2572 Kbdclass - ok

13:32:32.0656 2572 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys

13:32:32.0656 2572 kbdhid - ok

13:32:32.0921 2572 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys

13:32:32.0921 2572 kmixer - ok

13:32:33.0031 2572 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys

13:32:33.0031 2572 KSecDD - ok

13:32:33.0140 2572 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll

13:32:33.0156 2572 lanmanserver - ok

13:32:33.0312 2572 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll

13:32:33.0312 2572 lanmanworkstation - ok

13:32:33.0328 2572 lbrtfdc - ok

13:32:33.0421 2572 [ 5D4B38A8D8525356798F5E560C3A3090 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe

13:32:33.0484 2572 LightScribeService - ok

13:32:33.0687 2572 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll

13:32:33.0703 2572 LmHosts - ok

13:32:33.0828 2572 lxcz_device - ok

13:32:33.0890 2572 [ E0E22C8A2C5528919C45B834CA68E5EF ] mbamchameleon C:\WINDOWS\system32\drivers\mbamchameleon.sys

13:32:33.0890 2572 mbamchameleon - ok

13:32:34.0000 2572 [ DF0A511F38F16016BF658FCA0090CB87 ] McrdSvc C:\WINDOWS\ehome\mcrdsvc.exe

13:32:34.0031 2572 McrdSvc - ok

13:32:34.0078 2572 MCSTRM - ok

13:32:34.0187 2572 [ E246A32C445056996074A397DA56E815 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys

13:32:34.0203 2572 mdmxsdk - ok

13:32:34.0328 2572 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll

13:32:34.0328 2572 Messenger - ok

13:32:34.0546 2572 [ B7521F69C0A9B29D356157229376FB21 ] MHN C:\WINDOWS\System32\mhn.dll

13:32:34.0562 2572 MHN - ok

13:32:34.0671 2572 [ 7F2F1D2815A6449D346FCCCBC569FBD6 ] MHNDRV C:\WINDOWS\system32\DRIVERS\mhndrv.sys

13:32:34.0687 2572 MHNDRV - ok

13:32:34.0750 2572 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys

13:32:34.0750 2572 mnmdd - ok

13:32:34.0875 2572 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe

13:32:34.0875 2572 mnmsrvc - ok

13:32:35.0015 2572 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys

13:32:35.0015 2572 Modem - ok

13:32:35.0187 2572 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys

13:32:35.0187 2572 Mouclass - ok

13:32:35.0250 2572 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys

13:32:35.0265 2572 mouhid - ok

13:32:35.0453 2572 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys

13:32:35.0453 2572 MountMgr - ok

13:32:35.0500 2572 [ CF105EE42E3F71E648CEBB3F666E1CF0 ] MpFilter C:\WINDOWS\system32\DRIVERS\MpFilter.sys

13:32:35.0500 2572 MpFilter - ok

13:32:35.0796 2572 [ A69630D039C38018689190234F866D77 ] MpKsl7c587056 c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{F7A87DC5-B7C7-4C2A-9473-EC6189E75312}\MpKsl7c587056.sys

13:32:35.0796 2572 MpKsl7c587056 - ok

13:32:35.0875 2572 mraid35x - ok

13:32:35.0968 2572 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys

13:32:35.0968 2572 MRxDAV - ok

13:32:36.0250 2572 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

13:32:36.0296 2572 MRxSmb - ok

13:32:36.0531 2572 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys

13:32:36.0531 2572 Msfs - ok

13:32:36.0687 2572 MSIServer - ok

13:32:36.0734 2572 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys

13:32:36.0734 2572 MSKSSRV - ok

13:32:36.0890 2572 [ C1F19D2BACBEE9AB64D9AE69E9859AC0 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe

13:32:36.0890 2572 MsMpSvc - ok

13:32:36.0953 2572 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys

13:32:36.0953 2572 MSPCLOCK - ok

13:32:37.0093 2572 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys

13:32:37.0093 2572 MSPQM - ok

13:32:37.0187 2572 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys

13:32:37.0187 2572 mssmbios - ok

13:32:37.0343 2572 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys

13:32:37.0343 2572 Mup - ok

13:32:37.0531 2572 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll

13:32:37.0593 2572 napagent - ok

13:32:37.0718 2572 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys

13:32:37.0734 2572 NDIS - ok

13:32:37.0781 2572 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys

13:32:37.0781 2572 NdisTapi - ok

13:32:37.0875 2572 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys

13:32:37.0875 2572 Ndisuio - ok

13:32:38.0109 2572 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys

13:32:38.0125 2572 NdisWan - ok

13:32:38.0265 2572 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys

13:32:38.0265 2572 NDProxy - ok

13:32:38.0359 2572 neawvsy - ok

13:32:38.0406 2572 [ A081CB6FB9A12668F233EB5414BE3A0E ] Net Driver HPZ12 C:\WINDOWS\system32\HPZinw12.dll

13:32:38.0406 2572 Net Driver HPZ12 - ok

13:32:38.0484 2572 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys

13:32:38.0484 2572 NetBIOS - ok

13:32:38.0625 2572 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys

13:32:38.0640 2572 NetBT - ok

13:32:38.0718 2572 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe

13:32:38.0718 2572 NetDDE - ok

13:32:38.0859 2572 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe

13:32:38.0859 2572 NetDDEdsdm - ok

13:32:38.0968 2572 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe

13:32:38.0984 2572 Netlogon - ok

13:32:39.0171 2572 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll

13:32:39.0187 2572 Netman - ok

13:32:39.0390 2572 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

13:32:39.0390 2572 NetTcpPortSharing - ok

13:32:39.0546 2572 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys

13:32:39.0578 2572 NIC1394 - ok

13:32:39.0703 2572 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll

13:32:39.0703 2572 Nla - ok

13:32:39.0781 2572 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys

13:32:39.0781 2572 Npfs - ok

13:32:39.0937 2572 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys

13:32:39.0968 2572 Ntfs - ok

13:32:40.0000 2572 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe

13:32:40.0000 2572 NtLmSsp - ok

13:32:40.0296 2572 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll

13:32:40.0328 2572 NtmsSvc - ok

13:32:40.0406 2572 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys

13:32:40.0421 2572 Null - ok

13:32:40.0484 2572 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

13:32:40.0484 2572 NwlnkFlt - ok

13:32:40.0625 2572 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

13:32:40.0625 2572 NwlnkFwd - ok

13:32:40.0796 2572 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys

13:32:40.0812 2572 ohci1394 - ok

13:32:40.0843 2572 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys

13:32:40.0843 2572 Parport - ok

13:32:41.0031 2572 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys

13:32:41.0031 2572 PartMgr - ok

13:32:41.0250 2572 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys

13:32:41.0265 2572 ParVdm - ok

13:32:41.0375 2572 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys

13:32:41.0390 2572 PCI - ok

13:32:41.0453 2572 PCIDump - ok

13:32:41.0500 2572 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys

13:32:41.0515 2572 PCIIde - ok

13:32:41.0625 2572 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys

13:32:41.0625 2572 Pcmcia - ok

13:32:41.0687 2572 PDCOMP - ok

13:32:41.0921 2572 PDFRAME - ok

13:32:41.0921 2572 PDRELI - ok

13:32:42.0218 2572 PDRFRAME - ok

13:32:42.0296 2572 perc2 - ok

13:32:42.0312 2572 perc2hib - ok

13:32:42.0578 2572 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe

13:32:42.0578 2572 PlugPlay - ok

13:32:42.0750 2572 [ 65BC271F337637731D3C71455AE1F476 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.dll

13:32:42.0765 2572 Pml Driver HPZ12 - ok

13:32:42.0828 2572 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe

13:32:42.0828 2572 PolicyAgent - ok

13:32:42.0984 2572 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys

13:32:42.0984 2572 PptpMiniport - ok

13:32:43.0093 2572 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe

13:32:43.0093 2572 ProtectedStorage - ok

13:32:43.0125 2572 [ 390C204CED3785609AB24E9C52054A84 ] Ps2 C:\WINDOWS\system32\DRIVERS\PS2.sys

13:32:43.0125 2572 Ps2 - ok

13:32:43.0203 2572 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys

13:32:43.0218 2572 PSched - ok

13:32:43.0359 2572 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys

13:32:43.0375 2572 Ptilink - ok

13:32:43.0484 2572 [ 97B735DE4E3CD44C71C8CB09BDBF07B7 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys

13:32:43.0484 2572 PxHelp20 - ok

13:32:43.0593 2572 ql1080 - ok

13:32:43.0687 2572 Ql10wnt - ok

13:32:43.0828 2572 ql12160 - ok

13:32:43.0843 2572 ql1240 - ok

13:32:43.0921 2572 ql1280 - ok

13:32:43.0953 2572 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys

13:32:43.0953 2572 RasAcd - ok

13:32:44.0109 2572 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll

13:32:44.0125 2572 RasAuto - ok

13:32:44.0187 2572 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

13:32:44.0187 2572 Rasl2tp - ok

13:32:44.0359 2572 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll

13:32:44.0375 2572 RasMan - ok

13:32:44.0468 2572 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys

13:32:44.0500 2572 RasPppoe - ok

13:32:44.0609 2572 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys

13:32:44.0625 2572 Raspti - ok

13:32:44.0750 2572 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys

13:32:44.0781 2572 Rdbss - ok

13:32:44.0968 2572 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

13:32:44.0968 2572 RDPCDD - ok

13:32:45.0140 2572 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys

13:32:45.0156 2572 rdpdr - ok

13:32:45.0312 2572 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys

13:32:45.0328 2572 RDPWD - ok

13:32:45.0421 2572 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe

13:32:45.0437 2572 RDSessMgr - ok

13:32:45.0546 2572 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys

13:32:45.0546 2572 redbook - ok

13:32:45.0640 2572 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll

13:32:45.0640 2572 RemoteAccess - ok

13:32:45.0781 2572 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll

13:32:45.0796 2572 RemoteRegistry - ok

13:32:45.0968 2572 [ F17713D108ACA124A139FDE877EEF68A ] RimUsb C:\WINDOWS\system32\Drivers\RimUsb.sys

13:32:45.0968 2572 RimUsb - ok

13:32:46.0031 2572 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe

13:32:46.0031 2572 RpcLocator - ok

13:32:46.0156 2572 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\system32\rpcss.dll

13:32:46.0171 2572 RpcSs - ok

13:32:46.0265 2572 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe

13:32:46.0296 2572 RSVP - ok

13:32:46.0390 2572 [ D507C1400284176573224903819FFDA3 ] rtl8139 C:\WINDOWS\system32\DRIVERS\RTL8139.SYS

13:32:46.0390 2572 rtl8139 - ok

13:32:46.0531 2572 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe

13:32:46.0531 2572 SamSs - ok

13:32:46.0656 2572 [ AAF28AB6EFFD8990BFE20398E92F101E ] SbcpHid C:\WINDOWS\system32\Drivers\SbcpHid.sys

13:32:46.0703 2572 SbcpHid - ok

13:32:46.0781 2572 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe

13:32:46.0796 2572 SCardSvr - ok

13:32:46.0906 2572 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll

13:32:46.0937 2572 Schedule - ok

13:32:47.0140 2572 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys

13:32:47.0140 2572 Secdrv - ok

13:32:47.0234 2572 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll

13:32:47.0250 2572 seclogon - ok

13:32:47.0406 2572 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll

13:32:47.0406 2572 SENS - ok

13:32:47.0468 2572 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\drivers\Serial.sys

13:32:47.0484 2572 Serial - ok

13:32:47.0843 2572 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\DRIVERS\sfloppy.sys

13:32:47.0843 2572 Sfloppy - ok

13:32:48.0000 2572 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll

13:32:48.0015 2572 SharedAccess - ok

13:32:48.0078 2572 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll

13:32:48.0078 2572 ShellHWDetection - ok

13:32:48.0203 2572 Simbad - ok

13:32:48.0281 2572 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe

13:32:48.0328 2572 SkypeUpdate - ok

13:32:48.0453 2572 Sparrow - ok

13:32:48.0593 2572 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys

13:32:48.0593 2572 splitter - ok

13:32:48.0734 2572 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe

13:32:48.0750 2572 Spooler - ok

13:32:48.0812 2572 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys

13:32:48.0812 2572 sr - ok

13:32:49.0046 2572 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll

13:32:49.0046 2572 srservice - ok

13:32:49.0203 2572 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys

13:32:49.0234 2572 Srv - ok

13:32:49.0281 2572 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll

13:32:49.0281 2572 SSDPSRV - ok

13:32:49.0437 2572 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll

13:32:49.0468 2572 stisvc - ok

13:32:49.0531 2572 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys

13:32:49.0546 2572 swenum - ok

13:32:49.0625 2572 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys

13:32:49.0640 2572 swmidi - ok

13:32:49.0718 2572 SwPrv - ok

13:32:49.0734 2572 symc810 - ok

13:32:49.0812 2572 symc8xx - ok

13:32:49.0953 2572 SYMIDSCO - ok

13:32:49.0984 2572 sym_hi - ok

13:32:50.0000 2572 sym_u3 - ok

13:32:50.0234 2572 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys

13:32:50.0234 2572 sysaudio - ok

13:32:50.0390 2572 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe

13:32:50.0437 2572 SysmonLog - ok

13:32:50.0515 2572 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll

13:32:50.0515 2572 TapiSrv - ok

13:32:50.0640 2572 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys

13:32:50.0671 2572 Tcpip - ok

13:32:50.0828 2572 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys

13:32:50.0843 2572 TDPIPE - ok

13:32:50.0953 2572 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys

13:32:50.0968 2572 TDTCP - ok

13:32:51.0406 2572 [ 7C8DD5576695B3362202EF09B20C425E ] TeamViewer8 C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe

13:32:51.0687 2572 TeamViewer8 - ok

13:32:51.0781 2572 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys

13:32:51.0796 2572 TermDD - ok

13:32:52.0046 2572 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll

13:32:52.0062 2572 TermService - ok

13:32:52.0234 2572 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll

13:32:52.0234 2572 Themes - ok

13:32:52.0359 2572 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe

13:32:52.0359 2572 TlntSvr - ok

13:32:52.0421 2572 TosIde - ok

13:32:52.0593 2572 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll

13:32:52.0593 2572 TrkWks - ok

13:32:52.0687 2572 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys

13:32:52.0703 2572 Udfs - ok

13:32:52.0875 2572 ultra - ok

13:32:52.0968 2572 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys

13:32:52.0984 2572 Update - ok

13:32:53.0062 2572 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll

13:32:53.0078 2572 upnphost - ok

13:32:53.0140 2572 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe

13:32:53.0171 2572 UPS - ok

13:32:53.0312 2572 [ C1CA131F4E3ED63D6BC89A35FFAD4CDA ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys

13:32:53.0328 2572 USBAAPL - ok

13:32:53.0406 2572 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys

13:32:53.0468 2572 usbccgp - ok

13:32:53.0656 2572 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys

13:32:53.0687 2572 usbehci - ok

13:32:53.0781 2572 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys

13:32:53.0796 2572 usbhub - ok

13:32:54.0031 2572 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys

13:32:54.0031 2572 usbprint - ok

13:32:54.0140 2572 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys

13:32:54.0140 2572 usbscan - ok

13:32:54.0171 2572 [ A32426D9B14A089EAA1D922E0C5801A9 ] usbstor C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

13:32:54.0296 2572 usbstor - ok

13:32:54.0500 2572 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys

13:32:54.0531 2572 usbuhci - ok

13:32:54.0781 2572 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys

13:32:54.0796 2572 VgaSave - ok

13:32:55.0093 2572 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys

13:32:55.0093 2572 ViaIde - ok

13:32:55.0312 2572 [ 5F974FDE801C73952770736BECDE11E7 ] Viewpoint Manager Service C:\Program Files\Viewpoint\Common\ViewpointService.exe

13:32:55.0328 2572 Viewpoint Manager Service - ok

13:32:55.0468 2572 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys

13:32:55.0484 2572 VolSnap - ok

13:32:55.0578 2572 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe

13:32:55.0593 2572 VSS - ok

13:32:55.0687 2572 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll

13:32:55.0703 2572 W32Time - ok

13:32:55.0781 2572 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys

13:32:55.0781 2572 Wanarp - ok

13:32:55.0890 2572 WDICA - ok

13:32:55.0968 2572 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys

13:32:55.0984 2572 wdmaud - ok

13:32:56.0140 2572 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll

13:32:56.0156 2572 WebClient - ok

13:32:56.0375 2572 [ 11EC1AFCEB5C917CE73D3C301FF4291E ] winachsx C:\WINDOWS\system32\DRIVERS\HSX_CNXT.sys

13:32:56.0406 2572 winachsx - ok

13:32:56.0609 2572 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll

13:32:56.0687 2572 winmgmt - ok

13:32:56.0937 2572 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll

13:32:56.0953 2572 WmdmPmSN - ok

13:32:57.0093 2572 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll

13:32:57.0171 2572 Wmi - ok

13:32:57.0234 2572 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe

13:32:57.0281 2572 WmiApSrv - ok

13:32:57.0562 2572 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe

13:32:57.0656 2572 WMPNetworkSvc - ok

13:32:57.0906 2572 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe

13:32:57.0937 2572 WPFFontCache_v0400 - ok

13:32:58.0000 2572 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll

13:32:58.0015 2572 wscsvc - ok

13:32:58.0078 2572 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll

13:32:58.0078 2572 wuauserv - ok

13:32:58.0234 2572 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys

13:32:58.0296 2572 WudfPf - ok

13:32:58.0468 2572 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys

13:32:58.0484 2572 WudfRd - ok

13:32:58.0609 2572 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll

13:32:58.0609 2572 WudfSvc - ok

13:32:58.0750 2572 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll

13:32:58.0781 2572 WZCSVC - ok

13:32:58.0921 2572 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll

13:32:58.0921 2572 xmlprov - ok

13:32:59.0125 2572 ================ Scan global ===============================

13:32:59.0250 2572 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll

13:32:59.0390 2572 [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll

13:32:59.0500 2572 [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll

13:32:59.0531 2572 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe

13:32:59.0531 2572 [Global] - ok

13:32:59.0578 2572 ================ Scan MBR ==================================

13:32:59.0593 2572 [ ED18B096BC416BFB306882A7C2EBA877 ] \Device\Harddisk0\DR0

13:33:01.0031 2572 \Device\Harddisk0\DR0 - ok

13:33:01.0046 2572 ================ Scan VBR ==================================

13:33:01.0062 2572 [ 9099A5F4D9E61C5B3286EA23DD12378E ] \Device\Harddisk0\DR0\Partition1

13:33:01.0078 2572 \Device\Harddisk0\DR0\Partition1 - ok

13:33:01.0234 2572 [ D252EB0AD0A6F6087601E99A8CD29492 ] \Device\Harddisk0\DR0\Partition2

13:33:01.0234 2572 \Device\Harddisk0\DR0\Partition2 - ok

13:33:01.0281 2572 ============================================================

13:33:01.0281 2572 Scan finished

13:33:01.0281 2572 ============================================================

13:33:01.0437 3316 Detected object count: 0

13:33:01.0437 3316 Actual detected object count: 0

13:33:07.0546 3392 Deinitialize success

Link to post
Share on other sites

thanks

Download ComboFix from this location:

Link 1

* IMPORTANT- Save ComboFix.exe to your Desktop

====================================================

Disable your AntiVirus and AntiSpyware applications as they will interfere with our tools and the removal. If you are unsure how to do this, please refer to this topic How to disable your security applications

====================================================

Double click on ComboFix.exe & follow the prompts.

  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

RC_update.png

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

cfRC_screen_2.png

Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply for further review.

Link to post
Share on other sites

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.