Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

A virus stopping me getting on the internet except in safe mode,


  • Please log in to reply

#1
QPR

QPR

    Member

  • Member
  • PipPip
  • 20 posts
Hello, any help is welcome, the C and P:
OTL logfile created on: 24/08/2011 20:01:10 - Run 1
OTL by OldTimer - Version 3.2.26.5 Folder = C:\Users\ross\Downloads
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19088)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

955.25 Mb Total Physical Memory | 218.32 Mb Available Physical Memory | 22.86% Memory free
2.12 Gb Paging File | 1.43 Gb Available in Paging File | 67.61% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 74.37 Gb Total Space | 38.72 Gb Free Space | 52.07% Space Free | Partition Type: NTFS
Drive E: | 73.21 Gb Total Space | 68.07 Gb Free Space | 92.97% Space Free | Partition Type: NTFS

Computer Name: FLOYDY2606 | User Name: ross | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/08/24 20:00:56 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\ross\Downloads\OTL.exe
PRC - [2011/06/14 16:31:50 | 001,176,064 | ---- | M] (SRWare) -- C:\Program Files\SRWare Iron\iron.exe
PRC - [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2011/07/17 14:32:24 | 006,271,648 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll
MOD - [2011/06/07 21:38:20 | 001,320,462 | ---- | M] () -- C:\Program Files\SRWare Iron\avcodec-52.dll
MOD - [2011/06/07 21:38:20 | 000,166,926 | ---- | M] () -- C:\Program Files\SRWare Iron\avformat-52.dll
MOD - [2011/06/07 21:38:20 | 000,098,830 | ---- | M] () -- C:\Program Files\SRWare Iron\avutil-50.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/04/18 17:39:42 | 007,398,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2010/01/15 13:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/09/24 11:59:26 | 001,695,368 | ---- | M] (NanJing Nagasoft Co, LTD.) [Auto | Stopped] -- C:\Windows\System32\nagasoft\vjocx.dll -- (vvdsvc)
SRV - [2008/07/18 20:39:30 | 000,083,312 | ---- | M] (TOSHIBA Corporation) [Auto | Stopped] -- C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe -- (TNaviSrv)
SRV - [2008/04/24 10:21:56 | 000,099,720 | ---- | M] (Toshiba Europe GmbH) [Auto | Stopped] -- C:\Program Files\Toshiba TEMPRO\TempoSVC.exe -- (TempoMonitoringService)
SRV - [2008/04/17 00:19:48 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Stopped] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
SRV - [2008/04/16 15:53:00 | 000,954,368 | ---- | M] (Atheros Communications, Inc.) [On_Demand | Stopped] -- C:\Program Files\Jumpstart\jswpsapi.exe -- (jswpsapi)
SRV - [2008/02/06 14:12:56 | 000,126,976 | ---- | M] (TOSHIBA Corporation) [Auto | Stopped] -- C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe -- (TOSHIBA SMART Log Service)
SRV - [2008/01/21 03:33:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/01/17 16:27:34 | 000,431,456 | ---- | M] (TOSHIBA Corporation) [Auto | Stopped] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2007/11/21 17:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) [Auto | Stopped] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)
SRV - [2006/08/23 16:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)


========== Driver Services (SafeList) ==========

DRV - [2011/04/14 21:28:18 | 000,134,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2011/04/05 00:59:56 | 000,297,168 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011/03/16 16:03:20 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/03/01 14:25:18 | 000,034,896 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Stopped] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/02/22 08:12:38 | 000,022,992 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2011/02/10 07:53:30 | 000,028,624 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011/02/10 07:53:28 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011/01/07 06:41:46 | 000,248,656 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2008/07/18 18:52:16 | 000,279,376 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\tos_sps32.sys -- (tos_sps32)
DRV - [2008/05/19 19:42:56 | 000,912,384 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008/04/28 16:59:18 | 000,020,384 | ---- | M] (Atheros Communications, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\jswpslwf.sys -- (jswpslwf)
DRV - [2008/04/15 09:05:08 | 000,118,784 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2007/11/09 14:00:52 | 000,023,640 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\TVALZ_O.SYS -- (TVALZ)
DRV - [2007/10/17 21:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2006/11/20 14:11:14 | 000,007,168 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\FwLnk.sys -- (FwLnk)
DRV - [2006/11/02 08:41:50 | 000,983,552 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006/10/18 11:50:04 | 000,016,128 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co...TSEA&bmod=TSEA;
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpr...1-CC640E27BABE}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co...TSEA&bmod=TSEA;
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpr...1-CC640E27BABE}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:10.0.0.1143
FF - prefs.js..extensions.enabledItems: {64161300-e22b-11db-8314-0800200c9a66}:0.9.5.6
FF - prefs.js..extensions.enabledItems: {d33c2f7c-b1e6-4d46-ab0e-be1f6d05c904}:2.0.2
FF - prefs.js..network.proxy.type: 0


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.1483: C:\Program Files\StormII\Codec\Plugins\nprpjplug.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2321: RealPlayer File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/vbp;version=0.9.17: C:\Program Files\Veetle\VLCBroadcast\npvbp.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\ [2011/08/09 10:22:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/06/23 18:07:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2010/10/25 12:41:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ross\AppData\Roaming\mozilla\Extensions
[2011/08/22 22:09:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ross\AppData\Roaming\mozilla\Firefox\Profiles\wsk5pso3.default\extensions
[2011/07/15 20:31:09 | 000,000,000 | ---D | M] (Reader) -- C:\Users\ross\AppData\Roaming\mozilla\Firefox\Profiles\wsk5pso3.default\extensions\{20068ab2-1901-4140-9f3c-81207d4dacc4}
[2011/07/04 08:38:26 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\ross\AppData\Roaming\mozilla\Firefox\Profiles\wsk5pso3.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011/07/03 20:01:56 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/07/03 20:01:57 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
File not found (No name found) --
[2011/08/09 10:22:12 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES\AVG\AVG10\FIREFOX4
() (No name found) -- C:\USERS\ROSS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WSK5PSO3.DEFAULT\EXTENSIONS\{64161300-E22B-11DB-8314-0800200C9A66}.XPI
() (No name found) -- C:\USERS\ROSS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WSK5PSO3.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\ROSS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WSK5PSO3.DEFAULT\EXTENSIONS\{D33C2F7C-B1E6-4D46-AB0E-BE1F6D05C904}.XPI
() (No name found) -- C:\USERS\ROSS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WSK5PSO3.DEFAULT\EXTENSIONS\[email protected]
[2011/06/23 18:07:40 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010/01/01 09:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

O1 HOSTS File: ([2006/09/18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll ()
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll ()
O2 - BHO: (Sopcast Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Sopcast Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Sopcast Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O4 - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [cfFncEnabler.exe] File not found
O4 - HKLM..\Run: [Google EULA Launcher] c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe ( )
O4 - HKLM..\Run: [jswtrayutil] File not found
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NDSTray.exe] File not found
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe (TOSHIBA)
O4 - HKLM..\Run: [Toshiba Registration] C:\Program Files\TOSHIBA\Registration\ToshibaRegistration.exe (Toshiba)
O4 - HKLM..\Run: [Toshiba TEMPO] C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe (Toshiba Europe GmbH)
O4 - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [FlashGet 3] File not found
O4 - HKCU..\Run: [FlashGetBHO] File not found
O4 - HKCU..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe (FreeDownloadManager.ORG)
O4 - HKCU..\Run: [TOSCDSPD] File not found
O4 - HKLM..\RunOnce: [AvgUninstallURL] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O8 - Extra context menu item: Download All By FlashGet3 - C:\Users\ross\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O8 - Extra context menu item: Download all with Free Download Manager - C:\Program Files\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Download By FlashGet3 - C:\Users\ross\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O8 - Extra context menu item: Download selected with Free Download Manager - C:\Program Files\Free Download Manager\dlselected.htm ()
O8 - Extra context menu item: Download video with Free Download Manager - C:\Program Files\Free Download Manager\dlfvideo.htm ()
O8 - Extra context menu item: Download with Free Download Manager - C:\Program Files\Free Download Manager\dllink.htm ()
O9 - Extra Button: eBay.co.uk - Buy It Sell It Love It - {76577871-04EC-495E-A12B-91F7C3600AFA} - File not found
O9 - Extra Button: Amazon.co.uk - {8A918C1D-E123-4E36-B562-5C1519E434CE} - File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {05C1004E-2596-48E5-8E26-39362985EEB9} http://p3p.sogou.com/MMCShell.cab (MMCPlayer Class)
O16 - DPF: {69731714-6886-4587-A9AA-D80C2763884D} http://dl.google.com...PluginIEWin.cab (Google Gadget Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {AC414988-E5BB-4C2C-873B-EA53D2F3D23A} http://t.live.cctv.c...dateInstall.dll (CCTVUpdateInstall)
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D4003189-95B1-4A2F-9A87-F2B03665960D} http://vexcast.com/d...oad/vexcast.cab (VodClient Control Class)
O16 - DPF: {EF0D1A14-1033-41A2-A589-240C01EDC078} http://dl.pplive.com/PluginSetup.cab (PPLive Lite Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\vsharechrome {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - C:\Program Files\vShare\vshare_toolbar.dll ()
O20 - AppInit_DLLs: (C:\PROGRA~1\GOOGLE\GOOGLE~2\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\ross\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
O24 - Desktop BackupWallPaper: C:\Users\ross\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{0bd228a8-9730-11de-a17a-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{0bd228a8-9730-11de-a17a-806e6f6e6963}\Shell\AutoRun\command - "" = F:\presetup.EXE
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) - C:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - C:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKCU\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/08/24 15:40:12 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011/08/23 15:27:03 | 000,000,000 | ---D | C] -- C:\ProgramData\PCPitstop
[2011/08/23 09:58:41 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2011/08/21 21:50:00 | 000,000,000 | ---D | C] -- C:\Windows\Temp
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/08/24 18:40:25 | 000,000,680 | ---- | M] () -- C:\Users\ross\AppData\Local\d3d9caps.dat
[2011/08/24 17:05:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/08/24 15:42:05 | 000,000,416 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{B47339CA-7745-4F6B-BF83-E9EB27DE643B}.job
[2011/08/24 15:41:26 | 104,631,884 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm.prepare
[2011/08/24 15:38:33 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/08/24 15:38:33 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/08/24 15:37:12 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/08/11 21:09:43 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/08/11 18:45:58 | 127,668,256 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2011/08/09 10:22:24 | 000,000,835 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2011.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/08/22 22:05:06 | 000,000,680 | ---- | C] () -- C:\Users\ross\AppData\Local\d3d9caps.dat
[2011/05/22 21:59:28 | 000,012,910 | -HS- | C] () -- C:\ProgramData\mssfsi1vlq8g1bx8lmkcbl8
[2011/05/22 21:59:27 | 000,012,910 | -HS- | C] () -- C:\Users\ross\AppData\Local\mssfsi1vlq8g1bx8lmkcbl8
[2011/05/21 16:49:07 | 000,011,204 | -HS- | C] () -- C:\Users\ross\AppData\Local\e4p658450oy660al14dx
[2011/05/21 16:49:07 | 000,011,204 | -HS- | C] () -- C:\ProgramData\e4p658450oy660al14dx
[2010/12/14 16:18:15 | 000,026,340 | ---- | C] () -- C:\Users\ross\AppData\Roaming\UserTile.png
[2010/02/07 17:40:06 | 000,151,552 | R--- | C] () -- C:\Windows\UnUSBDrv.exe
[2009/11/25 14:04:42 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/11/25 14:02:39 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/10/19 16:03:29 | 000,000,025 | ---- | C] () -- C:\Windows\libem.INI
[2009/10/19 16:02:53 | 000,000,248 | ---- | C] () -- C:\Windows\System32\secustat.dat
[2009/09/22 19:21:25 | 000,517,638 | ---- | C] () -- C:\Users\ross\AppData\Local\lkifgctr_nav.dat
[2009/09/22 19:21:25 | 000,003,408 | ---- | C] () -- C:\Users\ross\AppData\Local\lkifgctr.dat
[2009/09/22 19:21:25 | 000,001,484 | ---- | C] () -- C:\Users\ross\AppData\Local\lkifgctr_navps.dat
[2009/09/15 16:57:45 | 000,008,192 | ---- | C] () -- C:\Users\ross\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/09/14 03:33:18 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009/09/01 20:49:47 | 000,128,113 | ---- | C] () -- C:\Windows\System32\csellang.ini
[2009/09/01 20:49:47 | 000,045,056 | ---- | C] () -- C:\Windows\System32\csellang.dll
[2009/09/01 20:49:47 | 000,009,484 | ---- | C] () -- C:\Windows\System32\tosmreg.ini
[2009/09/01 20:49:47 | 000,007,671 | ---- | C] () -- C:\Windows\System32\cseltbl.ini
[2009/08/03 16:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 16:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009/02/04 10:50:32 | 000,024,576 | ---- | C] () -- C:\Windows\System32\nsis_loader.dll
[2008/08/11 16:43:04 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll
[2008/08/11 16:43:04 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll
[2008/08/11 16:43:04 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll
[2008/08/11 16:43:04 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll
[2008/08/11 16:43:04 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll
[2008/08/11 16:43:04 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll
[2008/08/11 16:34:39 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2008/08/11 16:20:16 | 002,192,024 | ---- | C] () -- C:\Windows\System32\igkrng500.bin
[2008/08/11 16:20:16 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1502.dll
[2008/08/11 16:20:13 | 000,492,496 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin
[2008/08/11 16:20:13 | 000,147,172 | ---- | C] () -- C:\Windows\System32\igfcg550.bin
[2008/08/11 15:36:22 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2006/11/02 13:53:49 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 13:44:53 | 000,321,200 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 11:33:01 | 000,587,178 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 11:33:01 | 000,101,250 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat

< End of report >
OTL Extras logfile created on: 24/08/2011 20:01:10 - Run 1
OTL by OldTimer - Version 3.2.26.5 Folder = C:\Users\ross\Downloads
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19088)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

955.25 Mb Total Physical Memory | 218.32 Mb Available Physical Memory | 22.86% Memory free
2.12 Gb Paging File | 1.43 Gb Available in Paging File | 67.61% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 74.37 Gb Total Space | 38.72 Gb Free Space | 52.07% Space Free | Partition Type: NTFS
Drive E: | 73.21 Gb Total Space | 68.07 Gb Free Space | 92.97% Space Free | Partition Type: NTFS

Computer Name: FLOYDY2606 | User Name: ross | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- Reg Error: Key error. File not found

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\SogouExplorer\SogouExplorer.exe" "%1"
http [open] -- "C:\Program Files\Opera\Opera.exe" "%1"
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"$INSTDIR\FlvDetector.exe" = C:\Program Files\FlashGet Network\FlashGet 3\FlvDetector.exe:*:Enabled:FGFlvDetector
"C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe" = C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{229A2127-EB73-4715-9604-8AE3FBAFF36E}" = lport=138 | protocol=17 | dir=in | app=system |
"{3F50E02C-84CB-4C1D-8AE2-9E989B1A14F6}" = lport=139 | protocol=6 | dir=in | app=system |
"{51C8CA8F-9F55-4B5F-9370-660701AC18AD}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{632BD932-C791-4388-90FA-D0BE02194F54}" = rport=139 | protocol=6 | dir=out | app=system |
"{69516E60-1F20-4D67-B182-F632351642F2}" = rport=445 | protocol=6 | dir=out | app=system |
"{75D81E4D-A969-48E8-8395-1D8BC28C3790}" = rport=138 | protocol=17 | dir=out | app=system |
"{8F46B38B-2F85-4033-937B-D1B9C0BC09A9}" = rport=137 | protocol=17 | dir=out | app=system |
"{B040D2ED-4D92-4190-AB24-833BE785C9EF}" = lport=137 | protocol=17 | dir=in | app=system |
"{B2D9BA70-016F-416B-9E8B-999914A704AD}" = lport=445 | protocol=6 | dir=in | app=system |
"{B45CE2DB-242B-44FA-8771-091C15C81076}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0A866DB3-B8E0-4535-B33E-BF40B2F58DA8}" = protocol=6 | dir=in | app=c:\program files\common files\pplivenetwork\ppap.exe |
"{0F13D6C6-DC82-4F19-8F9E-8EF371113DEA}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe |
"{10BF3261-2DC9-4F87-9B84-562182CFE808}" = protocol=1 | dir=in | [email protected],-28543 |
"{232F2929-96F4-4237-BFD5-7091D1B6E956}" = protocol=1 | dir=out | [email protected],-28544 |
"{281AE859-6D54-4ADC-AA9D-D57D39200D8A}" = protocol=17 | dir=in | app=c:\program files\pplive\pptv\pplive.exe |
"{292225C5-7D8B-439A-B215-9FA600202706}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |
"{2C78FD2C-7B5B-4E7E-9010-6E5181D75C3E}" = protocol=17 | dir=in | app=c:\program files\common files\pplivenetwork\ppap.exe |
"{431E95C5-0267-4FCF-B97F-7C9E96AB9AB6}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe |
"{46D200A4-B4C0-4B1E-82F5-1E9A86751AAA}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{47E24441-8E57-4F7C-A213-BCC23D5D07F5}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgdiagex.exe |
"{4B2E5B4C-C58F-44DB-A85E-7ECB4B0920EC}" = protocol=6 | dir=in | app=c:\program files\pplive\pptv\ppliveu.exe |
"{52AF3D22-04CE-44C8-91E8-A30B94B48D17}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{5DFED821-4D47-492D-86F6-1BD3DD6434DB}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{63E64CCD-9EAA-4469-9A3A-EF4F00BF8FD2}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgemcx.exe |
"{66D6F354-EA47-4834-A07C-BDB2A75DE75F}" = protocol=17 | dir=in | app=c:\program files\sogouexplorer\sogouexplorer.exe |
"{6BE05A0F-999E-49A6-AE4C-2FEB77CD363E}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe |
"{766910D8-DB4C-41D3-9910-87CE45EC81C3}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{7736701D-CB7C-41F1-A066-C1A016B9A0E5}" = protocol=17 | dir=in | app=c:\program files\ppliveva\crashupload.exe |
"{79F7CEED-E191-4EDC-9A94-27E22C78AE78}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgdiagex.exe |
"{7B9834B0-65A7-40DC-A8C7-096CCC929CEF}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |
"{7BF38752-43CE-4AAF-A32B-A0B0B5F85DA4}" = protocol=6 | dir=in | app=c:\program files\ppliveva\crashupload.exe |
"{7EF7DDBE-2889-4ECE-84F4-BFC9FFDF81BF}" = protocol=6 | dir=in | app=c:\program files\pplive\pptv\pplive.exe |
"{85032057-D371-4316-AC9F-F86EEBBC2CE0}" = protocol=6 | dir=in | app=c:\program files\ppliveva\flvpick.exe |
"{85DBC648-B4E8-43EC-96D3-302731DBBD77}" = protocol=17 | dir=in | app=c:\program files\pplive\pptv\ppliveu.exe |
"{8B254F39-D5CE-4E5A-B8C2-DA12DE8C7F59}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgdiagex.exe |
"{8CAEEFDD-3698-44F8-B784-2BC1B0D52244}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgemcx.exe |
"{916BBA0E-8B20-411F-9AB7-57A18A60B94F}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe |
"{9791FB74-F1DB-4206-A819-14CE79AD601D}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgemcx.exe |
"{A1AE2F00-F985-4B14-B965-A0FEA313B308}" = protocol=6 | dir=in | app=c:\program files\ppliveva\download.exe |
"{BBC1C6A2-E367-4D3B-9488-A778C23D9EEE}" = protocol=17 | dir=in | app=c:\program files\ppliveva\download.exe |
"{C309903A-F7F4-495D-A1DA-EF342F06795E}" = protocol=58 | dir=out | [email protected],-28546 |
"{C4B96218-6345-4F10-8009-00744D732BD1}" = protocol=17 | dir=in | app=c:\program files\ppliveva\flvpick.exe |
"{D1415815-7B73-4954-9D1C-6744D6C9E224}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgemcx.exe |
"{DA3D0821-9AFC-467A-9833-5586B0F05ABB}" = protocol=17 | dir=in | app=c:\downloads\sopcast-3.2.4\setup-sopcast-3.2.4-2009-7-9.exe |
"{DAB41063-A93B-49BB-9FF2-2B3E913A6A29}" = protocol=58 | dir=in | [email protected],-28545 |
"{DAFDA231-36C0-4B6E-82D2-FC5EF396E893}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgdiagex.exe |
"{DD156D9A-706F-4581-AE7B-2718E45C9C87}" = protocol=6 | dir=in | app=c:\program files\sogouexplorer\sogouexplorer.exe |
"{DD5DAB70-8BEE-4866-9F61-E92F31F3EF6D}" = protocol=6 | dir=in | app=c:\program files\ppliveva\downloadprogress.exe |
"{DE0C7CA4-0417-42E1-BB5E-B9A05E778F02}" = protocol=6 | dir=in | app=c:\downloads\sopcast-3.2.4\setup-sopcast-3.2.4-2009-7-9.exe |
"{E04AED22-30E6-4F3C-906B-6CC53A1C943C}" = protocol=17 | dir=in | app=c:\program files\ppliveva\downloadprogress.exe |
"{E95B7918-7CBE-4BDB-B9F1-277EAC642A7E}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{EBC6FD4A-485B-4321-A76A-A1EE9CEF100E}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"TCP Query User{0C7EC348-4DAD-4E90-8190-8E13CC7C3437}C:\program files\streamtorrent 1.0\streamtorrent.exe" = protocol=6 | dir=in | app=c:\program files\streamtorrent 1.0\streamtorrent.exe |
"TCP Query User{0CF06D61-DCC6-4DCF-8FEF-0A6C7102185F}C:\program files\safari\safari.exe" = protocol=6 | dir=in | app=c:\program files\safari\safari.exe |
"TCP Query User{0D6DCF91-FFF7-41D4-81C3-F2A134582E8A}C:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
"TCP Query User{32E780AD-0B32-47A6-88B4-1A4756262BD6}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{56B8467F-70A0-47E5-9FF5-4CF847C6844A}C:\users\ross\appdata\local\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\users\ross\appdata\local\google\chrome\application\chrome.exe |
"TCP Query User{58212545-D44C-4E17-B79F-AB6EC8F79F76}C:\users\ross\appdata\local\temp\fgcn_548.exe" = protocol=6 | dir=in | app=c:\users\ross\appdata\local\temp\fgcn_548.exe |
"TCP Query User{62E9814B-F2F1-4353-AA2E-C859ED6E0C26}C:\program files\flashget network\flashget 3\flashget3.exe" = protocol=6 | dir=in | app=c:\program files\flashget network\flashget 3\flashget3.exe |
"TCP Query User{6DF515D0-6D67-461D-8FB1-5C7102874A00}C:\program files\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe |
"TCP Query User{74AF3B99-12F2-48D3-8F33-EE4E0F7C85F9}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"TCP Query User{8C093B79-9C30-41CD-B440-028D4A4BD7D6}C:\program files\srware iron\iron.exe" = protocol=6 | dir=in | app=c:\program files\srware iron\iron.exe |
"TCP Query User{9EE4D575-80E9-47FC-A335-C1FCFB30AB04}C:\program files\streamtorrent 1.0\streamtorrent.exe" = protocol=6 | dir=in | app=c:\program files\streamtorrent 1.0\streamtorrent.exe |
"TCP Query User{B8867DF9-F215-4213-AD4A-1AA982E2C3B4}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"TCP Query User{BEE56847-0BF7-45DA-9D95-FA47C2364F57}C:\program files\srware iron\iron.exe" = protocol=6 | dir=in | app=c:\program files\srware iron\iron.exe |
"TCP Query User{CD24774A-B0A5-4C81-A675-5BD92930AA01}C:\program files\stormii\stormpop.exe" = protocol=6 | dir=in | app=c:\program files\stormii\stormpop.exe |
"TCP Query User{D09C4D4F-33E3-44CA-AEFF-B78E1851D782}C:\program files\safari\safari.exe" = protocol=6 | dir=in | app=c:\program files\safari\safari.exe |
"TCP Query User{E2C6DEE6-A281-4033-BF87-FCE8A6406DBC}C:\program files\vuze\azureus.exe" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe |
"TCP Query User{F8541D02-C90E-442B-8722-52DB07508E83}C:\program files\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe |
"TCP Query User{FFA9E6E5-68F9-408D-91ED-2C519B747227}C:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
"UDP Query User{06A5839A-8B4D-46E2-8CF7-959C5FE094E8}C:\program files\stormii\stormpop.exe" = protocol=17 | dir=in | app=c:\program files\stormii\stormpop.exe |
"UDP Query User{0DB53F9B-CB4A-4005-9EE6-4766D9BBCF80}C:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
"UDP Query User{18C88ACE-71F6-47AE-AACE-3CA85616FDD0}C:\program files\flashget network\flashget 3\flashget3.exe" = protocol=17 | dir=in | app=c:\program files\flashget network\flashget 3\flashget3.exe |
"UDP Query User{1905A590-1AE7-46E2-8617-BEC61750DF28}C:\program files\streamtorrent 1.0\streamtorrent.exe" = protocol=17 | dir=in | app=c:\program files\streamtorrent 1.0\streamtorrent.exe |
"UDP Query User{249683A8-CE89-4CEE-A825-500C21C38B2F}C:\program files\vuze\azureus.exe" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe |
"UDP Query User{4838F029-B291-4746-8070-95E818595C16}C:\program files\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe |
"UDP Query User{6935BF01-B557-4308-8EF5-890C1CF20AF8}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{786994AA-0489-42A7-8D2F-CAFE87E7A60A}C:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
"UDP Query User{7D07A1A3-96AB-49A3-BD77-DEAFFE8B3B7E}C:\program files\safari\safari.exe" = protocol=17 | dir=in | app=c:\program files\safari\safari.exe |
"UDP Query User{8D319CF1-29F7-4E5A-84E4-4BCF1D531B3D}C:\program files\streamtorrent 1.0\streamtorrent.exe" = protocol=17 | dir=in | app=c:\program files\streamtorrent 1.0\streamtorrent.exe |
"UDP Query User{B3CD803D-190D-4AC9-AED5-9FEBE3BFA43B}C:\program files\safari\safari.exe" = protocol=17 | dir=in | app=c:\program files\safari\safari.exe |
"UDP Query User{BA6FD346-8CE5-4BA7-BF11-282A9DF3A065}C:\users\ross\appdata\local\temp\fgcn_548.exe" = protocol=17 | dir=in | app=c:\users\ross\appdata\local\temp\fgcn_548.exe |
"UDP Query User{C3BDBDEB-116F-47C3-B68F-88E7964F73CE}C:\program files\srware iron\iron.exe" = protocol=17 | dir=in | app=c:\program files\srware iron\iron.exe |
"UDP Query User{D1843E1C-7FC1-45C9-A908-B2009A997071}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"UDP Query User{EC6A5F43-73AB-4932-B6E3-195EE3D2E002}C:\program files\srware iron\iron.exe" = protocol=17 | dir=in | app=c:\program files\srware iron\iron.exe |
"UDP Query User{EDC25D06-86D2-4A5C-B882-2B8BD1BFCB0B}C:\users\ross\appdata\local\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\users\ross\appdata\local\google\chrome\application\chrome.exe |
"UDP Query User{F1B5DF64-62ED-442D-BC2C-A6C413DD36F5}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"UDP Query User{F55C54CF-3D3F-41C6-BEBC-C5C21B4A5553}C:\program files\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03FAA727-E2B7-471C-AC41-2E1C7F29C7EA}" = Toshiba TEMPRO
"{0D5D0BEE-FBA9-4928-A50D-6CDFAB827755}" = TOSHIBA ConfigFree
"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20EAC554-95F9-4926-8D9A-C4FF3EC44C72}" = AVG 2011
"{2290A680-4083-410A-ADCC-7092C67FC052}" = Toshiba Online Product Information
"{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java™ 6 Update 26
"{2883F6F5-0509-43F3-868C-D50330DD9DD3}" = TOSHIBA Hardware Setup
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{3248F0A8-6813-11D6-A77B-00B0D0160060}" = Java™ 6 Update 6
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{415B2719-AD3A-4944-B404-C472DB6085B3}" = Cisco EAP-FAST Module
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B1E87C3-00DE-4898-8E39-E390AAEF2391}" = TOSHIBA Supervisor Password
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module
"{695B13B2-7919-4EC5-8601-092F0D2DE069}" = AVG 2011
"{6C1E7AA1-44E9-446D-AAB2-0DE6D9EFEAB1}" = Safari
"{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA DVD PLAYER
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TRDCReminder
"{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module
"{853A4763-6643-4604-8D64-28BDD8925F4C}" = Apple Application Support
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = CD/DVD Drive Acoustic Silencer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A81200000003}" = Adobe Reader 8.1.2
"{B0BCDCBD-863D-4CAB-BF68-8D1F6B1BDC13}" = Atheros Wi-Fi Protected Setup Library
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Disc Creator
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C59CF2CE-B302-4833-AA35-E0E07D8EBC52}_is1" = SRWare Iron 12.0.750.0
"{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORDCLauncher
"{E7271ABF-69D3-4E9D-AA0A-2DE34C10A93D}" = TOSHIBA Manuals
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}" = DVD MovieFactory for TOSHIBA
"{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AVG" = AVG 2011
"CNXT_MODEM_PCI_VEN_14F1&DEV_2C06&SUBSYS_14F10000" = HDAUDIO Soft Data Fax Modem with SmartCP
"Google Desktop" = Google Desktop
"HDMI" = Intel® Graphics Media Accelerator Driver
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TRDCReminder
"InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORDCLauncher
"InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.1.1800
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mira3_00" = Remove MiraScan USB Driver
"Mozilla Firefox 5.0 (x86 en-US)" = Mozilla Firefox 5.0 (x86 en-US)
"myphotobook" = myphotobook 3.6
"Picasa2" = Picasa 2
"SopCast" = SopCast 3.2.9
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Temp File Cleaner" = Temp File Cleaner
"TVAnts 1.0" = TVAnts 1.0
"Veetle TV" = Veetle TV 0.9.18
"vShare" = vShare Plugin
"Windows Media Encoder 9" = Windows Media Encoder 9 Series

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 24/08/2011 07:15:00 | Computer Name = floydy2606 | Source = WinMgmt | ID = 10
Description =

Error - 24/08/2011 07:21:00 | Computer Name = floydy2606 | Source = EventSystem | ID = 4609
Description =

Error - 24/08/2011 07:21:49 | Computer Name = floydy2606 | Source = WinMgmt | ID = 10
Description =

Error - 24/08/2011 07:55:17 | Computer Name = floydy2606 | Source = WinMgmt | ID = 10
Description =

Error - 24/08/2011 08:08:05 | Computer Name = floydy2606 | Source = WinMgmt | ID = 10
Description =

Error - 24/08/2011 08:13:27 | Computer Name = floydy2606 | Source = EventSystem | ID = 4609
Description =

Error - 24/08/2011 08:14:18 | Computer Name = floydy2606 | Source = WinMgmt | ID = 10
Description =

Error - 24/08/2011 10:37:34 | Computer Name = floydy2606 | Source = WinMgmt | ID = 10
Description =

Error - 24/08/2011 12:06:24 | Computer Name = floydy2606 | Source = EventSystem | ID = 4609
Description =

Error - 24/08/2011 12:07:03 | Computer Name = floydy2606 | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 24/08/2011 08:14:19 | Computer Name = floydy2606 | Source = Service Control Manager | ID = 7026
Description =

Error - 24/08/2011 10:29:35 | Computer Name = floydy2606 | Source = DCOM | ID = 10005
Description =

Error - 24/08/2011 12:05:40 | Computer Name = floydy2606 | Source = EventLog | ID = 6008
Description = The previous system shutdown at 15:41:44 on 24/08/2011 was unexpected.

Error - 24/08/2011 12:06:05 | Computer Name = floydy2606 | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description =

Error - 24/08/2011 12:06:17 | Computer Name = floydy2606 | Source = DCOM | ID = 10005
Description =

Error - 24/08/2011 12:06:24 | Computer Name = floydy2606 | Source = DCOM | ID = 10005
Description =

Error - 24/08/2011 12:06:29 | Computer Name = floydy2606 | Source = DCOM | ID = 10005
Description =

Error - 24/08/2011 12:06:29 | Computer Name = floydy2606 | Source = DCOM | ID = 10005
Description =

Error - 24/08/2011 12:07:04 | Computer Name = floydy2606 | Source = Service Control Manager | ID = 7001
Description =

Error - 24/08/2011 12:07:04 | Computer Name = floydy2606 | Source = Service Control Manager | ID = 7026
Description =


< End of report >
  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,031 posts
  • MVP
Clear the Java Cache by following the instructions on
http://www.java.com/...lugin_cache.xml



Uninstall
Java™ 6 Update 6
Ask Toolbar
McAfee Security Scan Plus
vShare Plugin


Copy the text in the code box by highlighting and Ctrl + c

:processes
killallprocesses

:OTL
O2 - BHO: (Sopcast Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Sopcast Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (Sopcast Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O4 - HKLM..\Run: [cfFncEnabler.exe] File not found
O4 - HKLM..\Run: [Google EULA Launcher] c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe ( )
O4 - HKLM..\Run: [jswtrayutil] File not found
O4 - HKLM..\Run: [NDSTray.exe] File not found
O4 - HKCU..\Run: [FlashGet 3] File not found
O4 - HKCU..\Run: [FlashGetBHO] File not found
O4 - HKCU..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe (FreeDownloadManager.ORG)
O4 - HKCU..\Run: [TOSCDSPD] File not found
O4 - HKLM..\RunOnce: [AvgUninstallURL] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O8 - Extra context menu item: Download All By FlashGet3 - C:\Users\ross\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O8 - Extra context menu item: Download all with Free Download Manager - C:\Program Files\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Download By FlashGet3 - C:\Users\ross\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O8 - Extra context menu item: Download selected with Free Download Manager - C:\Program Files\Free Download Manager\dlselected.htm ()
O8 - Extra context menu item: Download video with Free Download Manager - C:\Program Files\Free Download Manager\dlfvideo.htm ()
O8 - Extra context menu item: Download with Free Download Manager - C:\Program Files\Free Download Manager\dllink.htm ()
O9 - Extra Button: eBay.co.uk - Buy It Sell It Love It - {76577871-04EC-495E-A12B-91F7C3600AFA} - File not found
O9 - Extra Button: Amazon.co.uk - {8A918C1D-E123-4E36-B562-5C1519E434CE} - File not found
O33 - MountPoints2\{0bd228a8-9730-11de-a17a-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{0bd228a8-9730-11de-a17a-806e6f6e6963}\Shell\AutoRun\command - "" = F:\presetup.EXE
[2011/05/22 21:59:28 | 000,012,910 | -HS- | C] () -- C:\ProgramData\mssfsi1vlq8g1bx8lmkcbl8
[2011/05/22 21:59:27 | 000,012,910 | -HS- | C] () -- C:\Users\ross\AppData\Local\mssfsi1vlq8g1bx8lmkcbl8
[2011/05/21 16:49:07 | 000,011,204 | -HS- | C] () -- C:\Users\ross\AppData\Local\e4p658450oy660al14dx
[2011/05/21 16:49:07 | 000,011,204 | -HS- | C] () -- C:\ProgramData\e4p658450oy660al14dx

:files
C:\Program Files\FlashGet Network
C:\Program Files\Free Download Manager
xcopy %Temp%\smtmp\1 "%AllUsersProfile%\Start Menu" /H /I /S /Y /C
xcopy %Temp%\smtmp\2 "%UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch" /H /I /S /Y /C
xcopy %Temp%\smtmp\3 "%AppData%\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar" /H /I /S /Y /C
xcopy %Temp%\smtmp\4 "%AllUsersProfile%\Desktop" /H /I /S /Y /C
   
:Commands
[purity]
[Reboot]


then Rightclick on OTL and select Run As Administrator to start. Under the Custom Scans/Fixes box at the bottom, paste (ctrl +v) the text. Verify that you got it all and Then click the RUN FIX button (NOT THE QUICK SCAN button!) at the top
Let the program run unhindered, OTL will reboot the PC when it is done.

Malwarebytes' Anti-Malware
:!: If you have a previous version of MalwareBytes', remove it via Add or Remove Programs and download a fresh copy. :!:

http://www.malwarebytes.org/mbam.php

SAVE Malwarebytes' Anti-Malware to your desktop.

Rightclick on Malwarebytes' Anti-Malware and select Run As Administrator and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.

* Once the program has loaded, select Perform Quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.

* Be sure that everything is checked, and click Remove Selected.

* When completed, a log will open in Notepad. Please save it to a convenient location.
* The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
* Post that log back here.

We need to uninstall AVG in order to run the next scan. We will replace it with the free Avast.
Download and save the AVG removal tool
http://download.avg....6_2011_1184.exe
Download and save the free Avast installer.
http://www.avast.com...ivirus-download

Uninstall AVG9

Run the Avg Remover
Reboot

Install Avast. (Register when it asks you - they will try to talk you in to buying the full product but the free version is what we want.)



ComboFix





:!: If you have a previous version of Combofix.exe, delete it and download a fresh copy. :!:

:!: It must be saved to your desktop, do not run it :!:

:!: Disable your Antivirus software when downloading or running Combofix. If it has Script Blocking features, please disable these as well. See: http://www.bleepingc...opic114351.html


Download and Save this file -- to your Desktop -- from either of these two sources:
http://download.blee...Bs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe

Rightclick on ComboFix and select Run As Administrator to start the program.



* :!: Important: Have no other programs running. Your Task Bar should be clear of any program entries including your Browser.


* A window may open with a series of Disclaimers. Accept the Disclaimers to start the fix. Allow it to install the Recovery Console then Continue. When the scan completes Notepad will open with with your results log open. Do a File, Exit and answer 'Yes' to save changes.


A caution - Do not run Combofix more than once. Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop. Even when ComboFix appears to be doing nothing, look at your Drive light. If it is flashing, Combofix is still at work.

A file will be created at => C:\Combofix.txt. I'll need to see that in your reply.


Download TDSSKiller:
http://support.kaspe.../tdsskiller.exe
Save it to your desktop then right click and Run as Administrator

If TDSSKiller alerts you that the system needs to reboot, please consent.
When done, a log file should be created on your C: drive named "TDSSKiller.txt" please copy and paste the contents in your next reply.


Download aswMBR.exe ( 511KB ) to your desktop.

Right click and Run As Administrator the aswMBR.exe to run it

Click the "Scan" button to start scan

On completion of the scan (Note if the Fix button is enabled and tell me) click save log, save it to your desktop and post in your next reply

If aswMBR crashes, run it again as before but change the a-v scan to None.
Uncheck trace disk IO calls then hit Scan.

Download

http://ad13.geekstogo.com/MBRCheck.exe

Save it and run it by right clicking and Run As Administrator. It will produce a log MBRCheck(date).txt on your desktop. Copy and paste it into a reply.

Open OTL again and post the log.

1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.


Please post the Output log in your next reply then repeat but select Application.

Ron
  • 0

#3
QPR

QPR

    Member

  • Topic Starter
  • Member
  • PipPip
  • 20 posts
Thanks for that reply, but I didn't get very far with it.
I cannot find the java icon in the control panel!
  • 0

#4
QPR

QPR

    Member

  • Topic Starter
  • Member
  • PipPip
  • 20 posts

Thanks for that reply, but I didn't get very far with it.
I cannot find the java icon in the control panel!


Is it because I can only use in safe mode?
  • 0

#5
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,031 posts
  • MVP
Maybe Java has been removed. Just go on with the next step. If something doesn't work try the next one.

Ron
  • 0

#6
QPR

QPR

    Member

  • Topic Starter
  • Member
  • PipPip
  • 20 posts
Ron, I didn't understand the C and P so did the malware download, on full scan it gets to 8 mins with 8 infections showing and then it either freezes or blue screen then shut down. What do you recommend? Cheers.
  • 0

#7
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,031 posts
  • MVP
I'm not sure what the problem is with the C&P. You just copy the stuff in the grey box (highlight the by putting your mouse at the top left then hold down the mouse button and move the mouse to the bottom right. Let go of the mouse. Then Hold down the Ctrl key and press the c key. Let go of both keys. Now open OTL. See the box at the bottom labeled Custom Scans/Fixes? Click on it then hold down the Ctrl key and press the v key. The text you copied should appear. Press the Run Fix button.)

The key thing the the C&P was trying to do was to delete these files:

C:\ProgramData\mssfsi1vlq8g1bx8lmkcbl8
C:\Users\ross\AppData\Local\mssfsi1vlq8g1bx8lmkcbl8
C:\Users\ross\AppData\Local\e4p658450oy660al14dx
C:\ProgramData\e4p658450oy660al14dx

Try to delete them manually if you can get the the C&P to work.

You can try booting into Safe Mode with networking and see if your other scans work better there:
(Reboot and when you see the maker's logo, hear a beep or it talks about F8, start tapping the F8 key slowly. Keep tapping until the Safe Mode Menu appears and choose Safe Mode with Networking. Login with your usual login.)

Ron
  • 0

#8
QPR

QPR

    Member

  • Topic Starter
  • Member
  • PipPip
  • 20 posts
Nothing happens when I hold down the Ctrl key and press the c key.
What is OTL, and how would I get rid manually?
Cheers.
  • 0

#9
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,031 posts
  • MVP
Nothing is supposed to happen. It just copies the selected text to a section of memory called the clipboard. OTL is the program you ran in order to create the two logs. You need to run it again. If you have lost it you can download it from:
http://www.geekstogo...timers-list-it/
and Save it to your desktop.
  • 0

#10
QPR

QPR

    Member

  • Topic Starter
  • Member
  • PipPip
  • 20 posts
Did the quick scan after deleting those files:
=================================================
Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Database version: 7569

Windows 6.0.6002 Service Pack 2 (Safe Mode)
Internet Explorer 8.0.6001.19088

26/08/2011 10:18:57
mbam-log-2011-08-26 (10-18-57).txt

Scan type: Quick scan
Objects scanned: 156887
Time elapsed: 5 minute(s), 45 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
  • 0

Advertisements


#11
QPR

QPR

    Member

  • Topic Starter
  • Member
  • PipPip
  • 20 posts
I installed Avast after uninstalling AVG, but it says it isn't working, but I turned it off anyway.
And when I tried to start ComboFix it said 2 AVG programs were still on and NOT to click OK, so I ran that AVG tool again and I can't see the program still in the control panel, shall I run the Combofix.
Cheers for helping me.
  • 0

#12
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,031 posts
  • MVP
Yse. Sometimes WMI gets confused and still reports that AVG is installed when it isn't.
  • 0

#13
QPR

QPR

    Member

  • Topic Starter
  • Member
  • PipPip
  • 20 posts
ComboFix 11-08-26.04 - ross 26/08/2011 15:09:17.1.2 - x86 NETWORK
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.44.1033.18.955.279 [GMT 1:00]
Running from: c:\users\ross\Downloads\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: STOPzilla Anti-Spyware *Disabled/Updated* {B2E69928-50DC-94CA-6A80-AAB054008761}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\360Rec
c:\program files\StormII
c:\program files\StormII\Codec\QTSystem\QuickTime.qtp
c:\users\ross\AppData\Local\lkifgctr.dat
c:\users\ross\AppData\Local\lkifgctr_nav.dat
c:\users\ross\AppData\Local\lkifgctr_navps.dat
c:\users\ross\AppData\Roaming\BITS
c:\users\ross\AppData\Roaming\BITS\BITS.ini
c:\users\ross\AppData\Roaming\BITS\UPnP.ini
c:\windows\Downloaded Program Files\Install.inf
c:\windows\system32\Nagasoft
c:\windows\system32\Nagasoft\Codecs\asyncflt.ax
c:\windows\system32\Nagasoft\Codecs\atrc.dll
c:\windows\system32\Nagasoft\Codecs\cook.dll
c:\windows\system32\Nagasoft\Codecs\drvc.dll
c:\windows\system32\Nagasoft\Codecs\raac.dll
c:\windows\system32\Nagasoft\Codecs\RealMediaSplitter.ax
c:\windows\system32\Nagasoft\Codecs\WMFDemux.dll
c:\windows\system32\Nagasoft\GifShower.dll
c:\windows\system32\Nagasoft\vjocx.dll
c:\windows\system32\no
c:\windows\system32\no\toscdspd.cpl.mui
c:\windows\system32\nsis_loader.dll
c:\windows\system32\SV
c:\windows\system32\SV\toscdspd.cpl.mui
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_vvdsvc
-------\Service_vvdsvc
.
.
((((((((((((((((((((((((( Files Created from 2011-07-26 to 2011-08-26 )))))))))))))))))))))))))))))))
.
.
2011-08-26 14:14 . 2011-08-26 14:19 -------- d-----w- c:\users\ross\AppData\Local\temp
2011-08-26 09:44 . 2011-07-04 11:36 309848 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-08-26 09:44 . 2011-07-04 11:32 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-08-26 09:44 . 2011-07-04 11:35 43608 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-08-26 09:44 . 2011-07-04 11:32 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-08-26 09:44 . 2011-07-04 11:36 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-08-26 09:44 . 2011-07-04 11:32 54104 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-08-26 09:43 . 2011-07-04 11:43 40112 ----a-w- c:\windows\avastSS.scr
2011-08-26 09:43 . 2011-07-04 11:43 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-08-26 09:43 . 2011-08-26 09:43 -------- d-----w- c:\programdata\AVAST Software
2011-08-26 09:43 . 2011-08-26 09:43 -------- d-----w- c:\program files\AVAST Software
2011-08-26 08:52 . 2011-08-26 08:52 -------- d-----w- C:\_OTL
2011-08-25 22:15 . 2011-08-26 00:47 -------- d-----w- c:\program files\Emsisoft Anti-Malware
2011-08-25 21:36 . 2011-08-26 09:37 -------- d-----w- c:\programdata\STOPzilla!
2011-08-23 14:27 . 2011-08-23 14:42 -------- d-----w- c:\programdata\PCPitstop
2011-08-23 08:58 . 2011-08-23 08:58 -------- d-----w- c:\program files\Trend Micro
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-17 13:32 . 2011-07-17 13:27 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-07-06 18:52 . 2011-04-21 11:30 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-07-06 18:52 . 2011-04-21 11:30 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-06-02 13:34 . 2011-07-13 09:43 2043392 ----a-w- c:\windows\system32\win32k.sys
2011-06-23 17:07 . 2011-04-22 07:47 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-07-04 11:43 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-12-06 1029416]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-08-25 30192]
"Toshiba TEMPO"="c:\program files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe" [2008-04-24 103824]
"topi"="c:\program files\TOSHIBA\Toshiba Online Product Information\topi.exe" [2007-07-10 581632]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-06-25 150040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-06-25 170520]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-06-25 145944]
"RtHDVCpl"="RtHDVCpl.exe" [2008-04-08 6037504]
"Skytel"="Skytel.exe" [2007-11-20 1826816]
"TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2008-01-17 431456]
"SmoothView"="c:\program files\Toshiba\SmoothView\SmoothView.exe" [2008-06-24 509816]
"00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2008-05-09 716800]
"Toshiba Registration"="c:\program files\Toshiba\Registration\ToshibaRegistration.exe" [2008-01-11 574864]
"Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2011-07-06 1047656]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-07-04 3493720]
.
c:\users\ross\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TRDCReminder.lnk - c:\program files\TOSHIBA\TRDCReminder\TRDCReminder.exe [2008-3-5 393216]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
.
R1 MpKsl3c25b474;MpKsl3c25b474;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{EDCAF631-F3EF-482E-BEFF-7DB68E41D53C}\MpKsl3c25b474.sys [x]
R1 MpKsl44ea8968;MpKsl44ea8968;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6B944173-9709-488B-A777-60B11DCECF54}\MpKsl44ea8968.sys [x]
R1 MpKsl4991b58e;MpKsl4991b58e;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A63E2EF4-72E0-4B0E-8B43-AF36BD05EEFB}\MpKsl4991b58e.sys [x]
R1 MpKsl4cc73f51;MpKsl4cc73f51;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F5EC5E18-CA4D-4E50-BE4F-77665CD3FEC8}\MpKsl4cc73f51.sys [x]
R1 MpKsl534adb35;MpKsl534adb35;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9C2257FC-8847-47E9-88B2-B1A035AFCE16}\MpKsl534adb35.sys [x]
R1 MpKsl5925202e;MpKsl5925202e;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{AE70E563-CF33-4FFF-AFAD-6BD7C0E1A6EF}\MpKsl5925202e.sys [x]
R1 MpKsl66c1280a;MpKsl66c1280a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B67871A6-513D-456E-BEA7-63E5AE7E00E6}\MpKsl66c1280a.sys [x]
R1 MpKsl7353d07b;MpKsl7353d07b;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{DA90BD97-522E-4251-832D-5E97C914C363}\MpKsl7353d07b.sys [x]
R1 MpKsl798f7c79;MpKsl798f7c79;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8A350502-24CA-4287-A38B-D442CD471790}\MpKsl798f7c79.sys [x]
R1 MpKsl81885dd5;MpKsl81885dd5;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C350655C-900C-4FE7-BF64-1853F4AEFE20}\MpKsl81885dd5.sys [x]
R1 MpKsl864b5044;MpKsl864b5044;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{12355509-673C-4CCF-89F0-F2A6690B952A}\MpKsl864b5044.sys [x]
R1 MpKsl87ed1aa5;MpKsl87ed1aa5;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{EDCAF631-F3EF-482E-BEFF-7DB68E41D53C}\MpKsl87ed1aa5.sys [x]
R1 MpKsl9277ada3;MpKsl9277ada3;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{12355509-673C-4CCF-89F0-F2A6690B952A}\MpKsl9277ada3.sys [x]
R1 MpKsla5955697;MpKsla5955697;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{DA90BD97-522E-4251-832D-5E97C914C363}\MpKsla5955697.sys [x]
R1 MpKslabc9583c;MpKslabc9583c;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B67871A6-513D-456E-BEA7-63E5AE7E00E6}\MpKslabc9583c.sys [x]
R1 MpKslada6544c;MpKslada6544c;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B67871A6-513D-456E-BEA7-63E5AE7E00E6}\MpKslada6544c.sys [x]
R1 MpKslcd39b728;MpKslcd39b728;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{432918B1-B424-422C-8698-A673BA1C7D8C}\MpKslcd39b728.sys [x]
R1 MpKsld1f02457;MpKsld1f02457;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8A350502-24CA-4287-A38B-D442CD471790}\MpKsld1f02457.sys [x]
R1 MpKsldd0d01d6;MpKsldd0d01d6;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{EDCAF631-F3EF-482E-BEFF-7DB68E41D53C}\MpKsldd0d01d6.sys [x]
R1 MpKsldf12c5a5;MpKsldf12c5a5;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F5EC5E18-CA4D-4E50-BE4F-77665CD3FEC8}\MpKsldf12c5a5.sys [x]
R1 MpKsle1031b13;MpKsle1031b13;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{432918B1-B424-422C-8698-A673BA1C7D8C}\MpKsle1031b13.sys [x]
R1 MpKslf44edd9e;MpKslf44edd9e;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6B944173-9709-488B-A777-60B11DCECF54}\MpKslf44edd9e.sys [x]
R1 MpKslfd82124c;MpKslfd82124c;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B67871A6-513D-456E-BEA7-63E5AE7E00E6}\MpKslfd82124c.sys [x]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-01-31 135664]
R3 a2acc;a2acc;c:\program files\EMSISOFT ANTI-MALWARE\a2accx86.sys [2011-02-20 73728]
R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2010-08-25 30192]
R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-01-31 135664]
R3 jswpsapi;Jumpstart Wifi Protected Setup;c:\program files\Jumpstart\jswpsapi.exe [2008-04-16 954368]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 jswpslwf;JumpStart Wireless Filter Driver;c:\windows\system32\DRIVERS\jswpslwf.sys [2008-04-28 20384]
S2 a2AntiMalware;Emsisoft Anti-Malware 5.1 - Service;c:\program files\Emsisoft Anti-Malware\a2service.exe [2011-06-30 3029208]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-07-04 54104]
S2 ConfigFree Service;ConfigFree Service;c:\program files\TOSHIBA\ConfigFree\CFSvcs.exe [2008-04-16 40960]
S2 TempoMonitoringService;Notebook Performance Tuning Service ;c:\program files\Toshiba TEMPRO\TempoSVC.exe [2008-04-24 99720]
S2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service;c:\program files\TOSHIBA\SMARTLogService\TosIPCSrv.exe [2008-02-06 126976]
S3 FwLnk;FwLnk Driver;c:\windows\system32\DRIVERS\FwLnk.sys [2006-11-20 7168]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
vvdsvc REG_MULTI_SZ vvdsvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Contents of the 'Scheduled Tasks' folder
.
2011-08-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-31 08:35]
.
2011-08-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-31 08:35]
.
2011-08-26 c:\windows\Tasks\User_Feed_Synchronization-{B47339CA-7745-4F6B-BF83-E9EB27DE643B}.job
- c:\windows\system32\msfeedssync.exe [2011-06-16 04:32]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.bigseekpro.com/tempcleaner/{A0097B9C-6F50-4E17-8411-CC640E27BABE}
mStart Page = hxxp://www.bigseekpro.com/tempcleaner/{A0097B9C-6F50-4E17-8411-CC640E27BABE}
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
TCP: DhcpNameServer = 192.168.1.254
DPF: {05C1004E-2596-48E5-8E26-39362985EEB9} - hxxp://p3p.sogou.com/MMCShell.cab
DPF: {69731714-6886-4587-A9AA-D80C2763884D} - hxxp://dl.google.com/dl/desktop/nv/GoogleGadgetPluginIEWin.cab
DPF: {AC414988-E5BB-4C2C-873B-EA53D2F3D23A} - hxxp://t.live.cctv.com/ieocx/CCTVUpdateInstall.dll
DPF: {EF0D1A14-1033-41A2-A589-240C01EDC078} - hxxp://dl.pplive.com/PluginSetup.cab
FF - ProfilePath - c:\users\ross\AppData\Roaming\Mozilla\Firefox\Profiles\wsk5pso3.default\
FF - prefs.js: network.proxy.type - 0
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{00000000-6E41-4FD3-8538-502F5495E5FC} - c:\program files\Ask.com\GenericAskToolbar.dll
SafeBoot-mcmscsvc
SafeBoot-MCODS
.
.
.
**************************************************************************
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files:
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
------------------------ Other Running Processes ------------------------
.
c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
c:\windows\system32\WLANExt.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
c:\windows\system32\TODDSrv.exe
c:\program files\TOSHIBA\Power Saver\TosCoSrv.exe
c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
c:\windows\system32\DRIVERS\xaudio.exe
c:\windows\servicing\TrustedInstaller.exe
c:\windows\system32\RacAgent.exe
.
**************************************************************************
.
Completion time: 2011-08-26 15:35:03 - machine was rebooted
ComboFix-quarantined-files.txt 2011-08-26 14:31
.
Pre-Run: 41,083,379,712 bytes free
Post-Run: 39,810,109,440 bytes free
.
- - End Of File - - BA425F97CFA623DF6B356A58B2CD1107
  • 0

#14
QPR

QPR

    Member

  • Topic Starter
  • Member
  • PipPip
  • 20 posts
2011/08/26 15:49:53.0218 1700 TDSS rootkit removing tool 2.5.17.0 Aug 22 2011 15:46:57
2011/08/26 15:49:53.0407 1700 ================================================================================
2011/08/26 15:49:53.0407 1700 SystemInfo:
2011/08/26 15:49:53.0408 1700
2011/08/26 15:49:53.0408 1700 OS Version: 6.0.6002 ServicePack: 2.0
2011/08/26 15:49:53.0408 1700 Product type: Workstation
2011/08/26 15:49:53.0408 1700 ComputerName: FLOYDY2606
2011/08/26 15:49:53.0408 1700 UserName: ross
2011/08/26 15:49:53.0408 1700 Windows directory: C:\Windows
2011/08/26 15:49:53.0408 1700 System windows directory: C:\Windows
2011/08/26 15:49:53.0408 1700 Processor architecture: Intel x86
2011/08/26 15:49:53.0408 1700 Number of processors: 2
2011/08/26 15:49:53.0408 1700 Page size: 0x1000
2011/08/26 15:49:53.0408 1700 Boot type: Safe boot with network
2011/08/26 15:49:53.0408 1700 ================================================================================
2011/08/26 15:49:54.0167 1700 Initialize success
2011/08/26 15:49:58.0699 2032 ================================================================================
2011/08/26 15:49:58.0699 2032 Scan started
2011/08/26 15:49:58.0699 2032 Mode: Manual;
2011/08/26 15:49:58.0699 2032 ================================================================================
2011/08/26 15:49:59.0156 2032 a2acc (71574a98093d94bdbb3cb74e272d29a5) C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2accx86.sys
2011/08/26 15:49:59.0310 2032 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
2011/08/26 15:49:59.0388 2032 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
2011/08/26 15:49:59.0445 2032 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
2011/08/26 15:49:59.0494 2032 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
2011/08/26 15:49:59.0533 2032 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
2011/08/26 15:49:59.0617 2032 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
2011/08/26 15:49:59.0697 2032 AgereSoftModem (5d97943c128ed756d1b0a08302c1b1f8) C:\Windows\system32\DRIVERS\AGRSM.sys
2011/08/26 15:49:59.0820 2032 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
2011/08/26 15:49:59.0877 2032 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
2011/08/26 15:49:59.0925 2032 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
2011/08/26 15:49:59.0974 2032 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
2011/08/26 15:49:59.0996 2032 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
2011/08/26 15:50:00.0032 2032 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
2011/08/26 15:50:00.0056 2032 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
2011/08/26 15:50:00.0148 2032 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
2011/08/26 15:50:00.0197 2032 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
2011/08/26 15:50:00.0271 2032 aswFsBlk (861cb512e4e850e87dd2316f88d69330) C:\Windows\system32\drivers\aswFsBlk.sys
2011/08/26 15:50:00.0324 2032 aswMonFlt (ff83c93aeee8b0cf4b464ca667a67acd) C:\Windows\system32\drivers\aswMonFlt.sys
2011/08/26 15:50:00.0392 2032 aswRdr (8db043bf96bb6d334e5b4888e709e1c7) C:\Windows\system32\drivers\aswRdr.sys
2011/08/26 15:50:00.0497 2032 aswSnx (17230708a2028cd995656df455f2e303) C:\Windows\system32\drivers\aswSnx.sys
2011/08/26 15:50:00.0556 2032 aswSP (dbedd9d43b00630966ef05d2d8d04cee) C:\Windows\system32\drivers\aswSP.sys
2011/08/26 15:50:00.0624 2032 aswTdi (984cfce2168286c2511695c2f9621475) C:\Windows\system32\drivers\aswTdi.sys
2011/08/26 15:50:00.0707 2032 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/08/26 15:50:00.0750 2032 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
2011/08/26 15:50:00.0833 2032 athr (997e25f5b7d53c94c0ad2dc080f6868e) C:\Windows\system32\DRIVERS\athr.sys
2011/08/26 15:50:01.0007 2032 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
2011/08/26 15:50:01.0064 2032 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
2011/08/26 15:50:01.0157 2032 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
2011/08/26 15:50:01.0188 2032 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
2011/08/26 15:50:01.0211 2032 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
2011/08/26 15:50:01.0249 2032 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
2011/08/26 15:50:01.0296 2032 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
2011/08/26 15:50:01.0318 2032 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
2011/08/26 15:50:01.0364 2032 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
2011/08/26 15:50:01.0388 2032 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
2011/08/26 15:50:01.0667 2032 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/08/26 15:50:01.0730 2032 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
2011/08/26 15:50:01.0771 2032 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
2011/08/26 15:50:01.0826 2032 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
2011/08/26 15:50:01.0896 2032 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/08/26 15:50:01.0930 2032 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
2011/08/26 15:50:01.0979 2032 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
2011/08/26 15:50:02.0036 2032 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
2011/08/26 15:50:02.0069 2032 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
2011/08/26 15:50:02.0159 2032 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
2011/08/26 15:50:02.0243 2032 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
2011/08/26 15:50:02.0315 2032 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
2011/08/26 15:50:02.0394 2032 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
2011/08/26 15:50:02.0473 2032 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
2011/08/26 15:50:02.0538 2032 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
2011/08/26 15:50:02.0601 2032 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
2011/08/26 15:50:02.0645 2032 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
2011/08/26 15:50:02.0727 2032 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
2011/08/26 15:50:02.0792 2032 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
2011/08/26 15:50:02.0874 2032 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
2011/08/26 15:50:02.0956 2032 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
2011/08/26 15:50:02.0998 2032 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
2011/08/26 15:50:03.0022 2032 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/08/26 15:50:03.0070 2032 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
2011/08/26 15:50:03.0139 2032 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
2011/08/26 15:50:03.0191 2032 FwLnk (cbc22823628544735625b280665e434e) C:\Windows\system32\DRIVERS\FwLnk.sys
2011/08/26 15:50:03.0244 2032 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
2011/08/26 15:50:03.0301 2032 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
2011/08/26 15:50:03.0379 2032 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
2011/08/26 15:50:03.0441 2032 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/08/26 15:50:03.0482 2032 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
2011/08/26 15:50:03.0526 2032 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
2011/08/26 15:50:03.0606 2032 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
2011/08/26 15:50:03.0652 2032 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
2011/08/26 15:50:03.0700 2032 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
2011/08/26 15:50:03.0772 2032 HSF_DPV (cc267848cb3508e72762be65734e764d) C:\Windows\system32\DRIVERS\HSX_DPV.sys
2011/08/26 15:50:03.0853 2032 HSXHWAZL (a2882945cc4b6e3e4e9e825590438888) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
2011/08/26 15:50:03.0903 2032 HTTP (0eeeca26c8d4bde2a4664db058a81937) C:\Windows\system32\drivers\HTTP.sys
2011/08/26 15:50:03.0949 2032 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
2011/08/26 15:50:04.0080 2032 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/08/26 15:50:04.0134 2032 iaStor (db0cc620b27a928d968c1a1e9cd9cb87) C:\Windows\system32\DRIVERS\iaStor.sys
2011/08/26 15:50:04.0174 2032 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
2011/08/26 15:50:04.0296 2032 igfx (6fb1858d1f0923d122b0331865695041) C:\Windows\system32\DRIVERS\igdkmd32.sys
2011/08/26 15:50:04.0396 2032 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
2011/08/26 15:50:04.0537 2032 IntcAzAudAddService (b9cbd3dea7ca02868621173bf7a2af9f) C:\Windows\system32\drivers\RTKVHDA.sys
2011/08/26 15:50:04.0653 2032 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
2011/08/26 15:50:04.0704 2032 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
2011/08/26 15:50:04.0755 2032 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/08/26 15:50:04.0813 2032 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
2011/08/26 15:50:04.0848 2032 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
2011/08/26 15:50:04.0873 2032 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
2011/08/26 15:50:04.0908 2032 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
2011/08/26 15:50:04.0953 2032 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/08/26 15:50:04.0975 2032 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
2011/08/26 15:50:05.0010 2032 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
2011/08/26 15:50:05.0053 2032 jswpslwf (11ad410f41af42ba12e63187e3ec141a) C:\Windows\system32\DRIVERS\jswpslwf.sys
2011/08/26 15:50:05.0090 2032 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/08/26 15:50:05.0151 2032 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/08/26 15:50:05.0211 2032 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
2011/08/26 15:50:05.0295 2032 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
2011/08/26 15:50:05.0356 2032 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
2011/08/26 15:50:05.0393 2032 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
2011/08/26 15:50:05.0419 2032 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
2011/08/26 15:50:05.0459 2032 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
2011/08/26 15:50:05.0506 2032 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
2011/08/26 15:50:05.0545 2032 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
2011/08/26 15:50:05.0596 2032 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
2011/08/26 15:50:05.0644 2032 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
2011/08/26 15:50:05.0691 2032 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
2011/08/26 15:50:05.0723 2032 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
2011/08/26 15:50:05.0754 2032 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
2011/08/26 15:50:05.0804 2032 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
2011/08/26 15:50:05.0851 2032 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
2011/08/26 15:50:06.0632 2032 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
2011/08/26 15:50:06.0697 2032 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
2011/08/26 15:50:06.0740 2032 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
2011/08/26 15:50:06.0797 2032 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/08/26 15:50:06.0853 2032 mrxsmb10 (d4a3c7c580c4ccb5c06f2ada933ad507) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/08/26 15:50:06.0891 2032 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/08/26 15:50:06.0945 2032 msahci (f70590424eefbf5c27a40c67afdb8383) C:\Windows\system32\drivers\msahci.sys
2011/08/26 15:50:06.0977 2032 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
2011/08/26 15:50:07.0026 2032 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
2011/08/26 15:50:07.0088 2032 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
2011/08/26 15:50:07.0143 2032 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
2011/08/26 15:50:07.0175 2032 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/08/26 15:50:07.0215 2032 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
2011/08/26 15:50:07.0257 2032 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
2011/08/26 15:50:07.0317 2032 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/08/26 15:50:07.0362 2032 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
2011/08/26 15:50:07.0393 2032 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
2011/08/26 15:50:07.0457 2032 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
2011/08/26 15:50:07.0529 2032 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
2011/08/26 15:50:07.0601 2032 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/08/26 15:50:07.0650 2032 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/08/26 15:50:07.0687 2032 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/08/26 15:50:07.0721 2032 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
2011/08/26 15:50:07.0757 2032 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
2011/08/26 15:50:07.0809 2032 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
2011/08/26 15:50:07.0876 2032 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
2011/08/26 15:50:07.0918 2032 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
2011/08/26 15:50:07.0972 2032 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
2011/08/26 15:50:08.0056 2032 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
2011/08/26 15:50:08.0129 2032 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
2011/08/26 15:50:08.0158 2032 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
2011/08/26 15:50:08.0200 2032 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
2011/08/26 15:50:08.0225 2032 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
2011/08/26 15:50:08.0252 2032 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
2011/08/26 15:50:08.0355 2032 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
2011/08/26 15:50:08.0416 2032 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
2011/08/26 15:50:08.0462 2032 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
2011/08/26 15:50:08.0495 2032 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
2011/08/26 15:50:08.0558 2032 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
2011/08/26 15:50:08.0615 2032 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\DRIVERS\pciide.sys
2011/08/26 15:50:08.0656 2032 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
2011/08/26 15:50:08.0727 2032 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
2011/08/26 15:50:08.0870 2032 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
2011/08/26 15:50:08.0909 2032 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
2011/08/26 15:50:08.0977 2032 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
2011/08/26 15:50:09.0007 2032 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\Windows\system32\Drivers\PxHelp20.sys
2011/08/26 15:50:09.0086 2032 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
2011/08/26 15:50:09.0140 2032 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
2011/08/26 15:50:09.0180 2032 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
2011/08/26 15:50:09.0222 2032 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
2011/08/26 15:50:09.0268 2032 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/08/26 15:50:09.0320 2032 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/08/26 15:50:09.0351 2032 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
2011/08/26 15:50:09.0403 2032 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
2011/08/26 15:50:09.0436 2032 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/08/26 15:50:09.0485 2032 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
2011/08/26 15:50:09.0540 2032 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
2011/08/26 15:50:09.0603 2032 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
2011/08/26 15:50:09.0688 2032 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
2011/08/26 15:50:09.0750 2032 RTL8169 (7157e70a90cce49deb8885d23a073a39) C:\Windows\system32\DRIVERS\Rtlh86.sys
2011/08/26 15:50:09.0786 2032 RTSTOR (9ff7d9cf3a5f296613588b0e8db83afe) C:\Windows\system32\drivers\RTSTOR.SYS
2011/08/26 15:50:09.0832 2032 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
2011/08/26 15:50:09.0898 2032 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/08/26 15:50:09.0947 2032 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
2011/08/26 15:50:09.0975 2032 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
2011/08/26 15:50:10.0003 2032 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
2011/08/26 15:50:10.0054 2032 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
2011/08/26 15:50:10.0098 2032 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
2011/08/26 15:50:10.0120 2032 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
2011/08/26 15:50:10.0152 2032 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
2011/08/26 15:50:10.0213 2032 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
2011/08/26 15:50:10.0236 2032 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
2011/08/26 15:50:10.0274 2032 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
2011/08/26 15:50:10.0340 2032 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
2011/08/26 15:50:10.0392 2032 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
2011/08/26 15:50:10.0477 2032 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
2011/08/26 15:50:10.0521 2032 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
2011/08/26 15:50:10.0619 2032 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
2011/08/26 15:50:10.0689 2032 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
2011/08/26 15:50:10.0740 2032 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
2011/08/26 15:50:10.0770 2032 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
2011/08/26 15:50:10.0808 2032 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
2011/08/26 15:50:10.0852 2032 SynTP (55f6e55cc2430ca8713387106fa79817) C:\Windows\system32\DRIVERS\SynTP.sys
2011/08/26 15:50:10.0950 2032 Tcpip (6a10afce0b38371064be41c1fbfd3c6b) C:\Windows\system32\drivers\tcpip.sys
2011/08/26 15:50:11.0027 2032 Tcpip6 (6a10afce0b38371064be41c1fbfd3c6b) C:\Windows\system32\DRIVERS\tcpip.sys
2011/08/26 15:50:11.0067 2032 tcpipreg (9bf343f4c878d6ad6922b2c5a4fefe0d) C:\Windows\system32\drivers\tcpipreg.sys
2011/08/26 15:50:11.0183 2032 tdcmdpst (1825bceb47bf41c5a9f0e44de82fc27a) C:\Windows\system32\DRIVERS\tdcmdpst.sys
2011/08/26 15:50:11.0219 2032 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
2011/08/26 15:50:11.0240 2032 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
2011/08/26 15:50:11.0294 2032 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
2011/08/26 15:50:11.0351 2032 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
2011/08/26 15:50:11.0484 2032 tos_sps32 (4399a9bf7d8f49991a07fd86590a1619) C:\Windows\system32\DRIVERS\tos_sps32.sys
2011/08/26 15:50:11.0579 2032 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/08/26 15:50:11.0623 2032 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
2011/08/26 15:50:11.0708 2032 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
2011/08/26 15:50:11.0750 2032 TVALZ (792a8b80f8188aba4b2be271583f3e46) C:\Windows\system32\DRIVERS\TVALZ_O.SYS
2011/08/26 15:50:11.0795 2032 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
2011/08/26 15:50:11.0844 2032 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
2011/08/26 15:50:11.0914 2032 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
2011/08/26 15:50:11.0947 2032 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
2011/08/26 15:50:11.0975 2032 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
2011/08/26 15:50:12.0012 2032 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
2011/08/26 15:50:12.0046 2032 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
2011/08/26 15:50:12.0105 2032 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/08/26 15:50:12.0153 2032 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
2011/08/26 15:50:12.0212 2032 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
2011/08/26 15:50:12.0268 2032 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
2011/08/26 15:50:12.0313 2032 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
2011/08/26 15:50:12.0346 2032 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys
2011/08/26 15:50:12.0395 2032 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
2011/08/26 15:50:12.0462 2032 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/08/26 15:50:12.0518 2032 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/08/26 15:50:12.0567 2032 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
2011/08/26 15:50:12.0624 2032 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/08/26 15:50:12.0654 2032 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
2011/08/26 15:50:12.0704 2032 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
2011/08/26 15:50:12.0739 2032 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
2011/08/26 15:50:12.0767 2032 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
2011/08/26 15:50:12.0814 2032 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
2011/08/26 15:50:12.0862 2032 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
2011/08/26 15:50:12.0916 2032 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
2011/08/26 15:50:12.0979 2032 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
2011/08/26 15:50:13.0036 2032 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
2011/08/26 15:50:13.0084 2032 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/08/26 15:50:13.0101 2032 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/08/26 15:50:13.0162 2032 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
2011/08/26 15:50:13.0213 2032 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
2011/08/26 15:50:13.0351 2032 winachsf (0acd399f5db3df1b58903cf4949ab5a8) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
2011/08/26 15:50:13.0469 2032 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys
2011/08/26 15:50:13.0594 2032 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
2011/08/26 15:50:13.0622 2032 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
2011/08/26 15:50:13.0709 2032 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/08/26 15:50:13.0773 2032 XAudio (dab33cfa9dd24251aaa389ff36b64d4b) C:\Windows\system32\DRIVERS\xaudio.sys
2011/08/26 15:50:13.0836 2032 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
2011/08/26 15:50:13.0859 2032 Boot (0x1200) (2eba9a103e7c9958bf5f5b154b6a2242) \Device\Harddisk0\DR0\Partition0
2011/08/26 15:50:13.0911 2032 Boot (0x1200) (419a657081c9e6359927d4351d54010d) \Device\Harddisk0\DR0\Partition1
2011/08/26 15:50:13.0918 2032 ================================================================================
2011/08/26 15:50:13.0918 2032 Scan finished
2011/08/26 15:50:13.0918 2032 ================================================================================
2011/08/26 15:50:13.0940 0884 Detected object count: 0
2011/08/26 15:50:13.0940 0884 Actual detected object count: 0
  • 0

#15
QPR

QPR

    Member

  • Topic Starter
  • Member
  • PipPip
  • 20 posts
aswMBR version 0.9.8.986 Copyright© 2011 AVAST Software
Run date: 2011-08-26 15:51:34
-----------------------------
15:51:34.302 OS Version: Windows 6.0.6002 Service Pack 2
15:51:34.302 Number of processors: 2 586 0xF0D
15:51:34.303 ComputerName: FLOYDY2606 UserName: ross
15:52:07.285 Initialize success
15:52:08.172 AVAST engine defs: 11070401
15:52:35.813 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
15:52:35.816 Disk 0 Vendor: ST916031 SD56 Size: 152627MB BusType: 3
15:52:36.090 Disk 0 MBR read successfully
15:52:36.093 Disk 0 MBR scan
15:52:36.614 Disk 0 Windows VISTA default MBR code
15:52:36.645 Disk 0 scanning sectors +312579760
15:52:37.486 Disk 0 scanning C:\Windows\system32\drivers
15:52:57.181 Service scanning
15:52:58.734 Modules scanning
15:53:03.271 Disk 0 trace - called modules:
15:53:03.305 ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
15:53:03.310 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x84da1558]
15:53:03.316 3 CLASSPNP.SYS[863148b3] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x842b8028]
15:53:03.716 AVAST engine scan C:\Windows
15:53:07.269 AVAST engine scan C:\Windows\system32
15:55:04.831 AVAST engine scan C:\Windows\system32\drivers
15:55:14.615 AVAST engine scan C:\Users\ross
16:00:02.288 AVAST engine scan C:\ProgramData
16:01:32.854 Scan finished successfully
16:05:25.267 Disk 0 MBR has been saved successfully to "C:\Users\ross\Downloads\MBR.dat"
16:05:25.466 The log file has been saved successfully to "C:\Users\ross\Downloads\aswMBR.txt"


The Fix button was not enabled.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP