Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Computer ran fine (although slow), now barely runs internet [Solved]

Started by pctrouble , Dec 02 2012 05:54 PM

  • This topic is locked This topic is locked

#1
pctrouble
Posted 02 December 2012 - 05:54 PM

pctrouble

    Member

  • Member
  • PipPip
  • 27 posts
My laptop was working pretty decently. It's old, so it was slower than a nicer one, but it went online to surf and get email just fine. All of a sudden it will barely let me get my email. I've ran MalwareBytes and CCleaner, as well as a virus scan. Nothing comes up, but I can't imagine that it wouldn't be some form of malware, etc plugging up the works. I'm not getting any error messages, but I do get a lot of lag when trying to open browser windows, etc.

OTL logfile created on: 12/2/2012 6:13:45 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Nick Slocumb\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1014.37 Mb Total Physical Memory | 202.59 Mb Available Physical Memory | 19.97% Memory free
2.38 Gb Paging File | 1.67 Gb Available in Paging File | 70.10% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 54.48 Gb Total Space | 36.98 Gb Free Space | 67.88% Space Free | Partition Type: NTFS

Computer Name: MOPAR | User Name: Nick Slocumb | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/12/02 18:13:29 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Nick Slocumb\My Documents\Downloads\OTL.exe
PRC - [2012/11/13 21:11:00 | 001,242,728 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Nick Slocumb\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2012/11/06 19:00:32 | 003,143,800 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgui.exe
PRC - [2012/11/06 19:00:04 | 005,814,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgidsagent.exe
PRC - [2012/10/30 04:59:56 | 000,726,648 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgrsx.exe
PRC - [2012/10/22 13:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe
PRC - [2012/10/22 13:04:32 | 001,116,792 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgnsx.exe
PRC - [2012/10/22 13:03:52 | 000,796,792 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgemcx.exe
PRC - [2012/10/22 13:03:46 | 000,440,440 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgcsrvx.exe
PRC - [2011/12/06 16:00:14 | 000,784,240 | ---- | M] () -- C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe
PRC - [2011/12/06 16:00:14 | 000,214,896 | ---- | M] () -- C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/10/08 13:18:04 | 000,995,328 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe
PRC - [2007/10/08 13:15:50 | 000,356,352 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe
PRC - [2007/10/08 13:13:36 | 001,101,824 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe
PRC - [2007/10/08 13:09:26 | 000,659,456 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
PRC - [2007/05/10 09:22:32 | 000,405,504 | ---- | M] (SigmaTel, Inc.) -- C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe


========== Modules (No Company Name) ==========

MOD - [2012/11/13 21:10:59 | 000,460,904 | ---- | M] () -- C:\Documents and Settings\Nick Slocumb\Local Settings\Application Data\Google\Chrome\Application\23.0.1271.91\ppgooglenaclpluginchrome.dll
MOD - [2012/11/13 21:10:58 | 012,456,040 | ---- | M] () -- C:\Documents and Settings\Nick Slocumb\Local Settings\Application Data\Google\Chrome\Application\23.0.1271.91\PepperFlash\pepflashplayer.dll
MOD - [2012/11/13 21:10:57 | 004,008,040 | ---- | M] () -- C:\Documents and Settings\Nick Slocumb\Local Settings\Application Data\Google\Chrome\Application\23.0.1271.91\pdf.dll
MOD - [2012/11/13 21:10:12 | 000,587,880 | ---- | M] () -- C:\Documents and Settings\Nick Slocumb\Local Settings\Application Data\Google\Chrome\Application\23.0.1271.91\libglesv2.dll
MOD - [2012/11/13 21:10:11 | 000,124,520 | ---- | M] () -- C:\Documents and Settings\Nick Slocumb\Local Settings\Application Data\Google\Chrome\Application\23.0.1271.91\libegl.dll
MOD - [2012/11/13 21:10:04 | 000,157,304 | ---- | M] () -- C:\Documents and Settings\Nick Slocumb\Local Settings\Application Data\Google\Chrome\Application\23.0.1271.91\avutil-51.dll
MOD - [2012/11/13 21:10:03 | 000,275,576 | ---- | M] () -- C:\Documents and Settings\Nick Slocumb\Local Settings\Application Data\Google\Chrome\Application\23.0.1271.91\avformat-54.dll
MOD - [2012/11/13 21:10:02 | 002,168,952 | ---- | M] () -- C:\Documents and Settings\Nick Slocumb\Local Settings\Application Data\Google\Chrome\Application\23.0.1271.91\avcodec-54.dll
MOD - [2011/12/06 16:00:14 | 000,784,240 | ---- | M] () -- C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe
MOD - [2011/12/06 16:00:14 | 000,214,896 | ---- | M] () -- C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe
MOD - [2008/04/13 19:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/13 19:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2007/10/08 13:03:22 | 000,245,760 | ---- | M] () -- C:\Program Files\Intel\Wireless\Bin\iWMSProv.dll
MOD - [2007/05/17 13:42:26 | 001,167,360 | ---- | M] () -- C:\Program Files\Intel\Wireless\Bin\acAuth.dll


========== Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2012/11/06 19:00:04 | 005,814,392 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012/10/22 13:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe -- (avgwd)
SRV - [2012/10/09 12:22:37 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2011/12/06 16:00:14 | 000,214,896 | ---- | M] () [Auto | Running] -- C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe -- (MotoHelper)
SRV - [2007/10/08 13:15:50 | 000,356,352 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe -- (WLANKEEPER)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\UIUSYS.SYS -- (UIUSys)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\TEMP\cpuz135\cpuz135_x32.sys -- (cpuz135)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012/10/22 13:02:46 | 000,179,936 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2012/10/15 03:48:52 | 000,055,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Stopped] -- C:\WINDOWS\system32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2012/10/05 03:32:50 | 000,093,536 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2012/10/02 03:30:38 | 000,159,712 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2012/09/21 03:46:06 | 000,164,832 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2012/09/21 03:46:00 | 000,177,376 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\avglogx.sys -- (Avglogx)
DRV - [2012/09/21 03:45:54 | 000,019,936 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2012/09/14 03:05:20 | 000,035,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2007/09/26 05:01:32 | 002,236,032 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETw4x32.sys -- (NETw4x32)
DRV - [2007/08/27 10:10:36 | 000,012,288 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2007/05/10 09:24:34 | 001,222,840 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2006/11/21 03:25:44 | 000,045,568 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2006/11/14 23:16:24 | 000,032,256 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2006/11/14 18:42:46 | 000,043,520 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006/11/14 16:35:20 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rixdptsk.sys -- (rismxdp)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\..\SearchScopes,DefaultScope = {44F3C38A-0AE2-42FF-96EC-5ECB6BF2C31D}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{44F3C38A-0AE2-42FF-96EC-5ECB6BF2C31D}: "URL" = http://www.google.co...utputEncoding?}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_37: C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Nick Slocumb\Local Settings\Application Data\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Nick Slocumb\Local Settings\Application Data\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\Nick Slocumb\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)



========== Chrome ==========

CHR - homepage: http://www.yahoo.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.yahoo.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Nick Slocumb\Local Settings\Application Data\Google\Chrome\Application\23.0.1271.91\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Nick Slocumb\Local Settings\Application Data\Google\Chrome\Application\23.0.1271.91\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Nick Slocumb\Local Settings\Application Data\Google\Chrome\Application\23.0.1271.91\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_265.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.270.7 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U27 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Nick Slocumb\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Unity Player (Enabled) = C:\Documents and Settings\Nick Slocumb\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Documents and Settings\Nick Slocumb\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Google Search = C:\Documents and Settings\Nick Slocumb\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: Reddit Enhancement Suite = C:\Documents and Settings\Nick Slocumb\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb\4.1.3_0\
CHR - Extension: Gmail = C:\Documents and Settings\Nick Slocumb\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2001/08/23 07:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe (SigmaTel, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.ma...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_37)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D626837E-B2D0-49F7-BB7D-E01B49ADE995}: DhcpNameServer = 209.18.47.61 209.18.47.62
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\NavLogon: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O24 - Desktop WallPaper: C:\Documents and Settings\Nick Slocumb\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Nick Slocumb\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/09/27 14:50:22 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{8d009175-ebdd-11e1-857c-0015c5a3dfc9}\Shell - "" = AutoRun
O33 - MountPoints2\{8d009175-ebdd-11e1-857c-0015c5a3dfc9}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{8d009175-ebdd-11e1-857c-0015c5a3dfc9}\Shell\AutoRun\command - "" = F:\setup.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2013\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/12/02 18:07:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nick Slocumb\Application Data\AVG2013
[2012/12/02 18:06:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AVG
[2012/12/02 18:06:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nick Slocumb\Application Data\TuneUp Software
[2012/12/02 18:06:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2012/12/02 18:05:45 | 000,000,000 | -H-D | C] -- C:\$AVG
[2012/12/02 18:05:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG2013
[2012/12/02 18:04:25 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2012/12/02 17:58:05 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2012/12/02 17:58:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nick Slocumb\Local Settings\Application Data\MFAData
[2012/12/02 17:58:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2012/12/02 17:58:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nick Slocumb\Local Settings\Application Data\Avg2013
[2012/12/02 17:55:03 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Nick Slocumb\Recent
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/12/02 18:30:55 | 000,436,276 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/12/02 18:30:55 | 000,069,006 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/12/02 18:24:54 | 000,001,006 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-515967899-484763869-839522115-1003UA.job
[2012/12/02 18:24:28 | 000,002,315 | ---- | M] () -- C:\Documents and Settings\Nick Slocumb\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/12/02 18:22:21 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/12/02 18:06:43 | 000,000,702 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 2013.lnk
[2012/12/02 17:55:58 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/12/02 17:53:46 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/12/02 17:50:29 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012/11/29 08:16:00 | 000,000,954 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-515967899-484763869-839522115-1003Core.job
[2012/11/29 07:37:02 | 000,000,354 | ---- | M] () -- C:\WINDOWS\tasks\MotoHelper Routing.job
[2012/11/13 20:21:49 | 000,276,560 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/11/03 07:12:42 | 000,119,797 | ---- | M] () -- C:\Documents and Settings\Nick Slocumb\Desktop\PrintPage.pdf
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/12/02 18:06:42 | 000,000,702 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG 2013.lnk
[2012/11/03 07:12:41 | 000,119,797 | ---- | C] () -- C:\Documents and Settings\Nick Slocumb\Desktop\PrintPage.pdf
[2012/10/28 12:07:21 | 001,508,744 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2012/10/28 11:55:38 | 000,000,193 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Microsoft.SqlServer.Compact.351.32.bc
[2012/02/15 10:25:48 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011/09/28 12:17:05 | 000,000,713 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2011/09/28 11:51:48 | 000,016,480 | ---- | C] () -- C:\WINDOWS\System32\rixdicon.dll
[2011/09/27 23:37:25 | 000,000,000 | ---- | C] () -- C:\WINDOWS\vpc32.INI
[2011/09/27 23:24:32 | 000,006,656 | ---- | C] () -- C:\Documents and Settings\Nick Slocumb\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/09/27 23:16:44 | 000,376,832 | ---- | C] () -- C:\WINDOWS\System32\AegisI5Installer.exe
[2011/09/27 15:13:24 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4814.dll
[2011/09/27 14:53:46 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011/09/27 14:46:45 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011/09/27 10:36:46 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011/09/27 10:35:28 | 000,276,560 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT

========== ZeroAccess Check ==========

[2011/09/28 13:11:14 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/13 19:12:05 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 07:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/13 19:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2012/12/02 17:53:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2012/12/02 18:07:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2013
[2012/04/01 08:13:55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2012/12/02 17:58:05 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2012/12/02 18:12:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2012/10/28 12:47:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Soluto
[2012/12/02 18:07:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nick Slocumb\Application Data\AVG2013
[2012/08/14 18:20:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nick Slocumb\Application Data\Magic Set Editor
[2012/09/22 06:37:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nick Slocumb\Application Data\Motorola
[2012/10/30 15:01:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nick Slocumb\Application Data\SystemRequirementsLab
[2012/10/28 10:06:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nick Slocumb\Application Data\TFP
[2012/12/02 18:06:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nick Slocumb\Application Data\TuneUp Software
[2012/07/04 16:30:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nick Slocumb\Application Data\Unity

========== Purity Check ==========



< End of report >
  • 0

Advertisements

#2
gringo_pr
Posted 02 December 2012 - 08:07 PM

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Greetings and Welcome to The Forums!!

My name is Gringo and I'll be glad to help you with your malware problems.

I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of us

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.




These are the programs I would like you to run next, if you have any problems with these just skip it and run the next one.

-Security Check-

  • Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

-AdwCleaner-

  • Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

--RogueKiller--

  • Download & SAVE to your Desktop RogueKiller or from here
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or Windows 7, right-click and select "Run as Administrator to start"
  • For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on "Scan" button
  • Wait until the Status box shows "Scan Finished"
  • click on "delete"
  • Wait until the Status box shows "Deleting Finished"
  • Click on "Report" and copy/paste the content of the Notepad into your next reply.
  • The log should be found in RKreport[1].txt on your Desktop
  • Exit/Close RogueKiller+

Gringo
  • 0

#3
pctrouble
Posted 02 December 2012 - 08:16 PM

pctrouble

    Member

  • Topic Starter
  • Member
  • PipPip
  • 27 posts
Results of screen317's Security Check version 0.99.56
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
AVG Anti-Virus 2013
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.65.1.1000
CCleaner
Java™ 6 Update 37
Java version out of Date!
Adobe Flash Player 11.4.402.287
Adobe Reader 10.1.4 Adobe Reader out of Date!
````````Process Check: objlist.exe by Laurent````````
AVG avgwdsvc.exe
AVG avgrsx.exe
AVG avgnsx.exe
AVG avgemc.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:: 0%
````````````````````End of Log``````````````````````

# AdwCleaner v2.011 - Logfile created 12/02/2012 at 21:11:05
# Updated 02/12/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Nick Slocumb - MOPAR
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Nick Slocumb\My Documents\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

-\\ Google Chrome v23.0.1271.95

File : C:\Documents and Settings\Nick Slocumb\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [866 octets] - [02/12/2012 19:05:52]
AdwCleaner[S2].txt - [798 octets] - [02/12/2012 21:11:05]

########## EOF - C:\AdwCleaner[S2].txt - [857 octets] ##########

RogueKiller V8.3.1 [Dec 2 2012] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo...13-roguekiller/
Website : http://tigzy.geeksto...roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User : Nick Slocumb [Admin rights]
Mode : Remove -- Date : 12/02/2012 21:16:35

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: Hitachi HTS541060G9SA00 +++++
--- User ---
[MBR] 134fb9fc0775fd7e8ea7a6a0071cf338
[BSP] ae203e84dcb456630d870d8f3155a2b5 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 55788 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[2]_D_12022012_02d2116.txt >>
RKreport[1]_S_12022012_02d2116.txt ; RKreport[2]_D_12022012_02d2116.txt
  • 0

#4
pctrouble
Posted 02 December 2012 - 08:20 PM

pctrouble

    Member

  • Topic Starter
  • Member
  • PipPip
  • 27 posts
I saw that it needed updates, so I am currently updating the Java and Adobe Reader.
  • 0

#5
gringo_pr
Posted 02 December 2012 - 08:27 PM

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello

I Would like you to do the following.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
  • 0

#6
pctrouble
Posted 02 December 2012 - 08:46 PM

pctrouble

    Member

  • Topic Starter
  • Member
  • PipPip
  • 27 posts
ComboFix 12-12-02.01 - Nick Slocumb 12/02/2012 21:39:30.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.458 [GMT -5:00]
Running from: c:\documents and settings\Nick Slocumb\My Documents\Downloads\ComboFix.exe
AV: AVG Anti-Virus 2013 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Nick Slocumb\WINDOWS
c:\windows\system32\AegisI5Installer.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-11-03 to 2012-12-03 )))))))))))))))))))))))))))))))
.
.
2012-12-03 02:23 . 2012-12-03 02:23 -------- d-----w- c:\program files\Common Files\Java
2012-12-03 02:23 . 2012-12-03 02:22 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-12-02 23:07 . 2012-12-02 23:07 -------- d-----w- c:\documents and settings\Nick Slocumb\Application Data\AVG2013
2012-12-02 23:07 . 2012-12-02 23:07 -------- d-----w- c:\windows\system32\config\systemprofile\Application Data\AVG2013
2012-12-02 23:06 . 2012-12-02 23:06 -------- d-----w- c:\documents and settings\Nick Slocumb\Application Data\TuneUp Software
2012-12-02 23:05 . 2012-12-02 23:07 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG2013
2012-12-02 23:05 . 2012-12-02 23:05 -------- d-----w- C:\$AVG
2012-12-02 23:04 . 2012-12-02 23:04 -------- d-----w- c:\program files\AVG
2012-12-02 22:58 . 2012-12-02 22:58 -------- d--h--w- c:\documents and settings\All Users\Application Data\Common Files
2012-12-02 22:58 . 2012-12-03 00:11 -------- d-----w- c:\documents and settings\All Users\Application Data\MFAData
2012-12-02 22:58 . 2012-12-02 22:58 -------- d-----w- c:\documents and settings\Nick Slocumb\Local Settings\Application Data\MFAData
2012-12-02 22:58 . 2012-12-02 22:58 -------- d-----w- c:\documents and settings\Nick Slocumb\Local Settings\Application Data\Avg2013
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-03 02:22 . 2012-10-18 11:33 143872 ----a-w- c:\windows\system32\javacpl.cpl
2012-12-03 02:22 . 2012-10-18 11:33 821736 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-12-03 02:22 . 2011-09-28 16:16 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-10-22 18:02 . 2012-10-22 18:02 179936 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
2012-10-22 08:37 . 2004-08-04 03:17 1866368 ----a-w- c:\windows\system32\win32k.sys
2012-10-15 08:48 . 2012-10-15 08:48 55776 ----a-w- c:\windows\system32\drivers\avgidshx.sys
2012-10-09 17:22 . 2012-07-17 16:26 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-10-09 17:22 . 2011-10-09 01:16 73656 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-10-05 08:32 . 2012-10-05 08:32 93536 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2012-10-02 18:04 . 2004-08-04 04:56 58368 ----a-w- c:\windows\system32\synceng.dll
2012-10-02 08:30 . 2012-10-02 08:30 159712 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2012-09-29 23:54 . 2012-06-24 01:11 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-21 08:46 . 2012-09-21 08:46 164832 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2012-09-21 08:46 . 2012-09-21 08:46 177376 ----a-w- c:\windows\system32\drivers\avglogx.sys
2012-09-21 08:45 . 2012-09-21 08:45 19936 ----a-w- c:\windows\system32\drivers\avgidsshimx.sys
2012-09-14 08:05 . 2012-09-14 08:05 35552 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SigmatelSysTrayApp"="c:\program files\SigmaTel\C-Major Audio\WDM\stsystra.exe" [2007-05-10 405504]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-03-31 138008]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-03-30 138008]
"IntelZeroConfig"="c:\program files\Intel\Wireless\bin\ZCfgSvc.exe" [2007-10-08 995328]
"IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2007-10-08 1101824]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-03-08 761947]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-03-31 162584]
"AVG_UI"="c:\program files\AVG\AVG2013\avgui.exe" [2012-11-07 3143800]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-09-24 926896]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2013\avgrsx.exe /sync /restart
.
[HKLM\~\startupfolder\C:^Documents and Settings^Nick Slocumb^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]
path=c:\documents and settings\Nick Slocumb\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
backup=c:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2009-02-26 23:36 30040 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)]
2012-01-04 07:47 6497592 ----a-w- c:\progra~1\Yahoo!\Messenger\YahooMessenger.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Documents and Settings\\Nick Slocumb\\My Documents\\Downloads\\solutoinstaller-Sg8z5F0Aij_u55554387.exe"=
"c:\\Program Files\\AVG\\AVG2013\\avgnsx.exe"=
"c:\\Program Files\\AVG\\AVG2013\\avgdiagex.exe"=
"c:\\Program Files\\AVG\\AVG2013\\avgmfapx.exe"=
"c:\\Program Files\\AVG\\AVG2013\\avgemcx.exe"=
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [10/15/2012 3:48 AM 55776]
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [9/21/2012 3:46 AM 177376]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [9/14/2012 3:05 AM 35552]
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [10/22/2012 1:02 PM 179936]
R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [9/21/2012 3:45 AM 19936]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [10/2/2012 3:30 AM 159712]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [9/21/2012 3:46 AM 164832]
R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2013\avgwdsvc.exe [10/22/2012 1:05 PM 196664]
R2 MotoHelper;MotoHelper Service;c:\program files\Motorola\MotoHelper\MotoHelperService.exe [12/6/2011 4:00 PM 214896]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2013\avgidsagent.exe [11/6/2012 7:00 PM 5814392]
S3 cpuz135;cpuz135;\??\c:\windows\TEMP\cpuz135\cpuz135_x32.sys --> c:\windows\TEMP\cpuz135\cpuz135_x32.sys [?]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - JAVAQUICKSTARTERSERVICE
*Deregistered* - TrueSight
.
Contents of the 'Scheduled Tasks' folder
.
2012-12-03 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-17 17:22]
.
2012-11-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-515967899-484763869-839522115-1003Core.job
- c:\documents and settings\Nick Slocumb\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-07-20 12:01]
.
2012-12-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-515967899-484763869-839522115-1003UA.job
- c:\documents and settings\Nick Slocumb\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-07-20 12:01]
.
2012-10-22 c:\windows\Tasks\MotoHelper MUM.job
- c:\program files\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-06 21:00]
.
2012-11-29 c:\windows\Tasks\MotoHelper Routing.job
- c:\program files\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-06 21:00]
.
2012-10-22 c:\windows\Tasks\MotoHelper Update.job
- c:\program files\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-06 21:00]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com/
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 209.18.47.61 209.18.47.62
.
- - - - ORPHANS REMOVED - - - -
.
Notify-NavLogon - (no file)
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-12-02 21:43
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(1112)
c:\windows\system32\netprovcredman.dll
.
Completion time: 2012-12-02 21:45:09
ComboFix-quarantined-files.txt 2012-12-03 02:45
.
Pre-Run: 39,168,385,024 bytes free
Post-Run: 39,280,664,576 bytes free
.
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - 273F27897C56276732841C16B01A6B22
  • 0

#7
pctrouble
Posted 02 December 2012 - 08:49 PM

pctrouble

    Member

  • Topic Starter
  • Member
  • PipPip
  • 27 posts
had no issues running ComboFix. Computer actually seems to be running better than it has been.
  • 0

#8
gringo_pr
Posted 02 December 2012 - 08:53 PM

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Greetings

I want you to run these next,

tdsskiller:

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Please download aswMBR to your desktop.
  • Double click the aswMBR.exe icon to run it
  • it will ask to download extra definitions - ALLOW IT
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and aswMBR

Gringo
  • 0

#9
pctrouble
Posted 02 December 2012 - 09:27 PM

pctrouble

    Member

  • Topic Starter
  • Member
  • PipPip
  • 27 posts
21:56:49.0484 0788 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
21:56:50.0031 0788 ============================================================
21:56:50.0031 0788 Current date / time: 2012/12/02 21:56:50.0031
21:56:50.0031 0788 SystemInfo:
21:56:50.0031 0788
21:56:50.0031 0788 OS Version: 5.1.2600 ServicePack: 3.0
21:56:50.0031 0788 Product type: Workstation
21:56:50.0031 0788 ComputerName: MOPAR
21:56:50.0031 0788 UserName: Nick Slocumb
21:56:50.0031 0788 Windows directory: C:\WINDOWS
21:56:50.0031 0788 System windows directory: C:\WINDOWS
21:56:50.0031 0788 Processor architecture: Intel x86
21:56:50.0031 0788 Number of processors: 2
21:56:50.0031 0788 Page size: 0x1000
21:56:50.0031 0788 Boot type: Normal boot
21:56:50.0031 0788 ============================================================
21:56:52.0296 0788 Drive \Device\Harddisk0\DR0 - Size: 0xD9F411200 (54.49 Gb), SectorSize: 0x200, Cylinders: 0x1BC9, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
21:56:52.0296 0788 ============================================================
21:56:52.0296 0788 \Device\Harddisk0\DR0:
21:56:52.0296 0788 MBR partitions:
21:56:52.0296 0788 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x6CF6189
21:56:52.0296 0788 ============================================================
21:56:52.0328 0788 C: <-> \Device\Harddisk0\DR0\Partition1
21:56:52.0328 0788 ============================================================
21:56:52.0328 0788 Initialize success
21:56:52.0328 0788 ============================================================
21:56:53.0984 2836 ============================================================
21:56:53.0984 2836 Scan started
21:56:53.0984 2836 Mode: Manual;
21:56:53.0984 2836 ============================================================
21:56:55.0593 2836 ================ Scan system memory ========================
21:56:58.0046 2836 System memory - ok
21:56:58.0046 2836 ================ Scan services =============================
21:56:58.0140 2836 Abiosdsk - ok
21:56:58.0140 2836 abp480n5 - ok
21:56:58.0187 2836 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
21:56:58.0187 2836 ACPI - ok
21:56:58.0218 2836 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
21:56:58.0218 2836 ACPIEC - ok
21:56:58.0328 2836 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
21:56:58.0343 2836 AdobeFlashPlayerUpdateSvc - ok
21:56:58.0359 2836 adpu160m - ok
21:56:58.0390 2836 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
21:56:58.0390 2836 aec - ok
21:56:58.0437 2836 [ 023867B6606FBABCDD52E089C4A507DA ] AegisP C:\WINDOWS\system32\DRIVERS\AegisP.sys
21:56:58.0437 2836 AegisP - ok
21:56:58.0484 2836 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
21:56:58.0484 2836 AFD - ok
21:56:58.0500 2836 Aha154x - ok
21:56:58.0500 2836 aic78u2 - ok
21:56:58.0515 2836 aic78xx - ok
21:56:58.0546 2836 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
21:56:58.0546 2836 Alerter - ok
21:56:58.0578 2836 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
21:56:58.0578 2836 ALG - ok
21:56:58.0578 2836 AliIde - ok
21:56:58.0578 2836 amsint - ok
21:56:58.0625 2836 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
21:56:58.0640 2836 AppMgmt - ok
21:56:58.0656 2836 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
21:56:58.0671 2836 Arp1394 - ok
21:56:58.0671 2836 asc - ok
21:56:58.0671 2836 asc3350p - ok
21:56:58.0687 2836 asc3550 - ok
21:56:58.0781 2836 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
21:56:58.0781 2836 aspnet_state - ok
21:56:58.0796 2836 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
21:56:58.0796 2836 AsyncMac - ok
21:56:58.0828 2836 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
21:56:58.0828 2836 atapi - ok
21:56:58.0843 2836 Atdisk - ok
21:56:58.0875 2836 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
21:56:58.0890 2836 Atmarpc - ok
21:56:58.0906 2836 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
21:56:58.0921 2836 AudioSrv - ok
21:56:58.0953 2836 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
21:56:58.0953 2836 audstub - ok
21:56:59.0312 2836 [ 56C73C5BC1656656CAC38A23B4310466 ] AVGIDSAgent C:\Program Files\AVG\AVG2013\avgidsagent.exe
21:56:59.0468 2836 AVGIDSAgent - ok
21:56:59.0515 2836 [ 7BB2C605094DBCA536D127B434214862 ] AVGIDSDriver C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys
21:56:59.0515 2836 AVGIDSDriver - ok
21:56:59.0531 2836 [ 8F50F98686C9A397A19FCBAE284DB1C5 ] AVGIDSHX C:\WINDOWS\system32\DRIVERS\avgidshx.sys
21:56:59.0531 2836 AVGIDSHX - ok
21:56:59.0531 2836 [ A8DE230CC8536790CA07D37FBCD87A74 ] AVGIDSShim C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys
21:56:59.0546 2836 AVGIDSShim - ok
21:56:59.0593 2836 [ D53D35031365A0ECCB1DC1BC1B15B18E ] Avgldx86 C:\WINDOWS\system32\DRIVERS\avgldx86.sys
21:56:59.0609 2836 Avgldx86 - ok
21:56:59.0609 2836 [ 95889A9D23F3133250FA8AD13C982D58 ] Avglogx C:\WINDOWS\system32\DRIVERS\avglogx.sys
21:56:59.0625 2836 Avglogx - ok
21:56:59.0640 2836 [ 6C7C00B8DD22B4343B47FED148387057 ] Avgmfx86 C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
21:56:59.0640 2836 Avgmfx86 - ok
21:56:59.0640 2836 [ F3D57358DE0B8B3491013C615754A7C7 ] Avgrkx86 C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
21:56:59.0656 2836 Avgrkx86 - ok
21:56:59.0671 2836 [ BA73B38E9033FC6018DB736B635706AE ] Avgtdix C:\WINDOWS\system32\DRIVERS\avgtdix.sys
21:56:59.0671 2836 Avgtdix - ok
21:56:59.0718 2836 [ 6B72E1E329C4E98C6B6FDD2D265E3BA3 ] avgwd C:\Program Files\AVG\AVG2013\avgwdsvc.exe
21:56:59.0718 2836 avgwd - ok
21:56:59.0781 2836 [ CD4646067CC7DCBA1907FA0ACF7E3966 ] bcm4sbxp C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
21:56:59.0781 2836 bcm4sbxp - ok
21:56:59.0828 2836 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
21:56:59.0828 2836 Beep - ok
21:56:59.0890 2836 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
21:56:59.0906 2836 BITS - ok
21:56:59.0953 2836 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
21:56:59.0953 2836 Browser - ok
21:57:00.0062 2836 catchme - ok
21:57:00.0093 2836 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
21:57:00.0109 2836 cbidf2k - ok
21:57:00.0109 2836 cd20xrnt - ok
21:57:00.0109 2836 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
21:57:00.0125 2836 Cdaudio - ok
21:57:00.0125 2836 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
21:57:00.0125 2836 Cdfs - ok
21:57:00.0171 2836 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
21:57:00.0171 2836 Cdrom - ok
21:57:00.0187 2836 Changer - ok
21:57:00.0203 2836 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
21:57:00.0203 2836 CiSvc - ok
21:57:00.0218 2836 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
21:57:00.0218 2836 ClipSrv - ok
21:57:00.0265 2836 [ 7FA87325900183197BC9710D1CE4C9FA ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:57:00.0265 2836 clr_optimization_v2.0.50727_32 - ok
21:57:00.0296 2836 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
21:57:00.0296 2836 CmBatt - ok
21:57:00.0296 2836 CmdIde - ok
21:57:00.0312 2836 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
21:57:00.0312 2836 Compbatt - ok
21:57:00.0328 2836 COMSysApp - ok
21:57:00.0343 2836 Cpqarray - ok
21:57:00.0453 2836 cpuz135 - ok
21:57:00.0468 2836 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
21:57:00.0484 2836 CryptSvc - ok
21:57:00.0484 2836 dac2w2k - ok
21:57:00.0484 2836 dac960nt - ok
21:57:00.0546 2836 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
21:57:00.0562 2836 DcomLaunch - ok
21:57:00.0609 2836 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
21:57:00.0609 2836 Dhcp - ok
21:57:00.0625 2836 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
21:57:00.0625 2836 Disk - ok
21:57:00.0640 2836 dmadmin - ok
21:57:00.0703 2836 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
21:57:00.0718 2836 dmboot - ok
21:57:00.0734 2836 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
21:57:00.0750 2836 dmio - ok
21:57:00.0796 2836 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
21:57:00.0843 2836 dmload - ok
21:57:00.0906 2836 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
21:57:00.0921 2836 dmserver - ok
21:57:01.0000 2836 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
21:57:01.0031 2836 DMusic - ok
21:57:01.0078 2836 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
21:57:01.0078 2836 Dnscache - ok
21:57:01.0109 2836 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
21:57:01.0109 2836 Dot3svc - ok
21:57:01.0109 2836 dpti2o - ok
21:57:01.0125 2836 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
21:57:01.0125 2836 drmkaud - ok
21:57:01.0140 2836 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
21:57:01.0140 2836 EapHost - ok
21:57:01.0140 2836 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
21:57:01.0140 2836 ERSvc - ok
21:57:01.0171 2836 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
21:57:01.0171 2836 Eventlog - ok
21:57:01.0218 2836 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
21:57:01.0218 2836 EventSystem - ok
21:57:01.0312 2836 [ F10E7AA8BDF4488E3DFA989B8E7F7C9F ] EvtEng C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
21:57:01.0343 2836 EvtEng - ok
21:57:01.0375 2836 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
21:57:01.0390 2836 Fastfat - ok
21:57:01.0468 2836 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
21:57:01.0484 2836 FastUserSwitchingCompatibility - ok
21:57:01.0500 2836 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
21:57:01.0500 2836 Fdc - ok
21:57:01.0546 2836 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
21:57:01.0546 2836 Fips - ok
21:57:01.0562 2836 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
21:57:01.0562 2836 Flpydisk - ok
21:57:01.0593 2836 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
21:57:01.0609 2836 FltMgr - ok
21:57:01.0640 2836 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
21:57:01.0656 2836 FontCache3.0.0.0 - ok
21:57:01.0656 2836 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
21:57:01.0656 2836 Fs_Rec - ok
21:57:01.0687 2836 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
21:57:01.0703 2836 Ftdisk - ok
21:57:01.0718 2836 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
21:57:01.0718 2836 Gpc - ok
21:57:01.0734 2836 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
21:57:01.0750 2836 HDAudBus - ok
21:57:01.0828 2836 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
21:57:01.0828 2836 helpsvc - ok
21:57:01.0828 2836 HidServ - ok
21:57:01.0875 2836 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
21:57:01.0875 2836 HidUsb - ok
21:57:01.0921 2836 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
21:57:01.0921 2836 hkmsvc - ok
21:57:01.0921 2836 hpn - ok
21:57:02.0015 2836 [ E8EC1767EA315A39A0DD8989952CA0E9 ] HSF_DPV C:\WINDOWS\system32\DRIVERS\HSX_DPV.sys
21:57:02.0031 2836 HSF_DPV - ok
21:57:02.0062 2836 [ 61478FA42EE04562E7F11F4DCA87E9C8 ] HSXHWAZL C:\WINDOWS\system32\DRIVERS\HSXHWAZL.sys
21:57:02.0062 2836 HSXHWAZL - ok
21:57:02.0125 2836 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
21:57:02.0125 2836 HTTP - ok
21:57:02.0171 2836 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
21:57:02.0171 2836 HTTPFilter - ok
21:57:02.0187 2836 i2omgmt - ok
21:57:02.0187 2836 i2omp - ok
21:57:02.0234 2836 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
21:57:02.0234 2836 i8042prt - ok
21:57:02.0562 2836 [ E8C7CC369C2FB657E0792AF70DF529E6 ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
21:57:02.0921 2836 ialm - ok
21:57:03.0015 2836 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
21:57:03.0046 2836 idsvc - ok
21:57:03.0062 2836 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
21:57:03.0062 2836 Imapi - ok
21:57:03.0109 2836 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
21:57:03.0125 2836 ImapiService - ok
21:57:03.0125 2836 ini910u - ok
21:57:03.0140 2836 IntelIde - ok
21:57:03.0171 2836 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
21:57:03.0187 2836 intelppm - ok
21:57:03.0203 2836 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
21:57:03.0203 2836 Ip6Fw - ok
21:57:03.0234 2836 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
21:57:03.0234 2836 IpFilterDriver - ok
21:57:03.0250 2836 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
21:57:03.0265 2836 IpInIp - ok
21:57:03.0296 2836 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
21:57:03.0296 2836 IpNat - ok
21:57:03.0343 2836 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
21:57:03.0343 2836 IPSec - ok
21:57:03.0375 2836 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
21:57:03.0375 2836 IRENUM - ok
21:57:03.0421 2836 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
21:57:03.0437 2836 isapnp - ok
21:57:03.0578 2836 [ B591E761161D1EF547D76EF236EAA6A5 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
21:57:03.0578 2836 JavaQuickStarterService - ok
21:57:03.0609 2836 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
21:57:03.0609 2836 Kbdclass - ok
21:57:03.0640 2836 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
21:57:03.0640 2836 kmixer - ok
21:57:03.0656 2836 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
21:57:03.0671 2836 KSecDD - ok
21:57:03.0703 2836 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
21:57:03.0703 2836 lanmanserver - ok
21:57:03.0734 2836 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
21:57:03.0750 2836 lanmanworkstation - ok
21:57:03.0750 2836 lbrtfdc - ok
21:57:03.0796 2836 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
21:57:03.0796 2836 LmHosts - ok
21:57:03.0906 2836 [ 7CF1B716372B89568AE4C0FE769F5869 ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
21:57:03.0906 2836 MDM - ok
21:57:03.0953 2836 [ E246A32C445056996074A397DA56E815 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
21:57:03.0968 2836 mdmxsdk - ok
21:57:03.0984 2836 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
21:57:04.0000 2836 Messenger - ok
21:57:04.0046 2836 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
21:57:04.0046 2836 Microsoft Office Groove Audit Service - ok
21:57:04.0093 2836 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
21:57:04.0093 2836 mnmdd - ok
21:57:04.0125 2836 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
21:57:04.0125 2836 mnmsrvc - ok
21:57:04.0156 2836 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
21:57:04.0156 2836 Modem - ok
21:57:04.0203 2836 [ 9DFD34E6841C460B5D992A1C5327AE69 ] MotoHelper C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe
21:57:04.0203 2836 MotoHelper - ok
21:57:04.0218 2836 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
21:57:04.0234 2836 Mouclass - ok
21:57:04.0265 2836 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
21:57:04.0265 2836 mouhid - ok
21:57:04.0281 2836 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
21:57:04.0281 2836 MountMgr - ok
21:57:04.0296 2836 mraid35x - ok
21:57:04.0296 2836 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
21:57:04.0312 2836 MRxDAV - ok
21:57:04.0421 2836 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
21:57:04.0421 2836 MRxSmb - ok
21:57:04.0453 2836 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
21:57:04.0453 2836 MSDTC - ok
21:57:04.0468 2836 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
21:57:04.0468 2836 Msfs - ok
21:57:04.0484 2836 MSIServer - ok
21:57:04.0500 2836 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
21:57:04.0500 2836 MSKSSRV - ok
21:57:04.0546 2836 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
21:57:04.0546 2836 MSPCLOCK - ok
21:57:04.0546 2836 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
21:57:04.0562 2836 MSPQM - ok
21:57:04.0593 2836 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
21:57:04.0593 2836 mssmbios - ok
21:57:04.0625 2836 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
21:57:04.0640 2836 Mup - ok
21:57:04.0671 2836 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
21:57:04.0687 2836 napagent - ok
21:57:04.0718 2836 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
21:57:04.0718 2836 NDIS - ok
21:57:04.0734 2836 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
21:57:04.0734 2836 NdisTapi - ok
21:57:04.0750 2836 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
21:57:04.0750 2836 Ndisuio - ok
21:57:04.0765 2836 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
21:57:04.0765 2836 NdisWan - ok
21:57:04.0796 2836 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
21:57:04.0796 2836 NDProxy - ok
21:57:04.0812 2836 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
21:57:04.0812 2836 NetBIOS - ok
21:57:04.0843 2836 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
21:57:04.0843 2836 NetBT - ok
21:57:04.0875 2836 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
21:57:04.0890 2836 NetDDE - ok
21:57:04.0890 2836 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
21:57:04.0890 2836 NetDDEdsdm - ok
21:57:04.0937 2836 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
21:57:04.0937 2836 Netlogon - ok
21:57:04.0953 2836 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
21:57:04.0968 2836 Netman - ok
21:57:05.0000 2836 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:57:05.0000 2836 NetTcpPortSharing - ok
21:57:05.0140 2836 [ 88100EBDD10309FBD445EF8E42452EAE ] NETw4x32 C:\WINDOWS\system32\DRIVERS\NETw4x32.sys
21:57:05.0203 2836 NETw4x32 - ok
21:57:05.0218 2836 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
21:57:05.0218 2836 NIC1394 - ok
21:57:05.0250 2836 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
21:57:05.0250 2836 Nla - ok
21:57:05.0296 2836 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
21:57:05.0312 2836 Npfs - ok
21:57:05.0343 2836 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
21:57:05.0359 2836 Ntfs - ok
21:57:05.0390 2836 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
21:57:05.0390 2836 NtLmSsp - ok
21:57:05.0437 2836 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
21:57:05.0453 2836 NtmsSvc - ok
21:57:05.0468 2836 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
21:57:05.0484 2836 Null - ok
21:57:05.0515 2836 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
21:57:05.0515 2836 NwlnkFlt - ok
21:57:05.0546 2836 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
21:57:05.0546 2836 NwlnkFwd - ok
21:57:05.0625 2836 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
21:57:05.0640 2836 odserv - ok
21:57:05.0656 2836 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
21:57:05.0656 2836 ohci1394 - ok
21:57:05.0687 2836 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:57:05.0703 2836 ose - ok
21:57:05.0734 2836 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\drivers\Parport.sys
21:57:05.0734 2836 Parport - ok
21:57:05.0750 2836 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
21:57:05.0750 2836 PartMgr - ok
21:57:05.0781 2836 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
21:57:05.0781 2836 ParVdm - ok
21:57:05.0796 2836 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
21:57:05.0796 2836 PCI - ok
21:57:05.0796 2836 PCIDump - ok
21:57:05.0828 2836 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
21:57:05.0828 2836 PCIIde - ok
21:57:05.0859 2836 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
21:57:05.0859 2836 Pcmcia - ok
21:57:05.0875 2836 PDCOMP - ok
21:57:05.0875 2836 PDFRAME - ok
21:57:05.0890 2836 PDRELI - ok
21:57:05.0890 2836 PDRFRAME - ok
21:57:05.0906 2836 perc2 - ok
21:57:05.0906 2836 perc2hib - ok
21:57:05.0953 2836 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
21:57:05.0968 2836 PlugPlay - ok
21:57:06.0000 2836 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
21:57:06.0000 2836 PolicyAgent - ok
21:57:06.0015 2836 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
21:57:06.0015 2836 PptpMiniport - ok
21:57:06.0031 2836 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
21:57:06.0031 2836 ProtectedStorage - ok
21:57:06.0031 2836 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
21:57:06.0046 2836 PSched - ok
21:57:06.0046 2836 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
21:57:06.0046 2836 Ptilink - ok
21:57:06.0062 2836 ql1080 - ok
21:57:06.0062 2836 Ql10wnt - ok
21:57:06.0078 2836 ql12160 - ok
21:57:06.0078 2836 ql1240 - ok
21:57:06.0093 2836 ql1280 - ok
21:57:06.0109 2836 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
21:57:06.0109 2836 RasAcd - ok
21:57:06.0140 2836 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
21:57:06.0156 2836 RasAuto - ok
21:57:06.0171 2836 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
21:57:06.0171 2836 Rasl2tp - ok
21:57:06.0218 2836 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
21:57:06.0234 2836 RasMan - ok
21:57:06.0234 2836 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
21:57:06.0250 2836 RasPppoe - ok
21:57:06.0250 2836 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
21:57:06.0250 2836 Raspti - ok
21:57:06.0281 2836 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
21:57:06.0296 2836 Rdbss - ok
21:57:06.0296 2836 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
21:57:06.0296 2836 RDPCDD - ok
21:57:06.0328 2836 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
21:57:06.0328 2836 rdpdr - ok
21:57:06.0390 2836 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
21:57:06.0406 2836 RDPWD - ok
21:57:06.0421 2836 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
21:57:06.0437 2836 RDSessMgr - ok
21:57:06.0468 2836 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
21:57:06.0468 2836 redbook - ok
21:57:06.0562 2836 [ 7274BD434B6165BAA382BDD87F6CA4CE ] RegSrvc C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
21:57:06.0578 2836 RegSrvc - ok
21:57:06.0609 2836 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
21:57:06.0625 2836 RemoteAccess - ok
21:57:06.0625 2836 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
21:57:06.0640 2836 RemoteRegistry - ok
21:57:06.0687 2836 [ D85E3FA9F5B1F29BB4ED185C450D1470 ] rimmptsk C:\WINDOWS\system32\DRIVERS\rimmptsk.sys
21:57:06.0687 2836 rimmptsk - ok
21:57:06.0687 2836 [ DB8EB01C58C9FADA00C70B1775278AE0 ] rimsptsk C:\WINDOWS\system32\DRIVERS\rimsptsk.sys
21:57:06.0703 2836 rimsptsk - ok
21:57:06.0703 2836 [ 6C1F93C0760C9F79A1869D07233DF39D ] rismxdp C:\WINDOWS\system32\DRIVERS\rixdptsk.sys
21:57:06.0703 2836 rismxdp - ok
21:57:06.0750 2836 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
21:57:06.0750 2836 RpcLocator - ok
21:57:06.0796 2836 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\System32\rpcss.dll
21:57:06.0812 2836 RpcSs - ok
21:57:06.0843 2836 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
21:57:06.0859 2836 RSVP - ok
21:57:06.0921 2836 [ 20F261E78CCF0EA36D4FE2C363A2EF8A ] S24EventMonitor C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
21:57:06.0968 2836 S24EventMonitor - ok
21:57:07.0000 2836 [ C26A053E4DB47F6CDD8653C83AAF22EE ] s24trans C:\WINDOWS\system32\DRIVERS\s24trans.sys
21:57:07.0000 2836 s24trans - ok
21:57:07.0015 2836 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
21:57:07.0031 2836 SamSs - ok
21:57:07.0062 2836 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
21:57:07.0062 2836 SCardSvr - ok
21:57:07.0109 2836 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
21:57:07.0109 2836 Schedule - ok
21:57:07.0156 2836 [ 8D04819A3CE51B9EB47E5689B44D43C4 ] sdbus C:\WINDOWS\system32\DRIVERS\sdbus.sys
21:57:07.0156 2836 sdbus - ok
21:57:07.0187 2836 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
21:57:07.0187 2836 Secdrv - ok
21:57:07.0203 2836 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
21:57:07.0218 2836 seclogon - ok
21:57:07.0234 2836 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
21:57:07.0234 2836 SENS - ok
21:57:07.0265 2836 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\drivers\Serial.sys
21:57:07.0265 2836 Serial - ok
21:57:07.0296 2836 [ 0FA803C64DF0914B41F807EA276BF2A6 ] sffdisk C:\WINDOWS\system32\DRIVERS\sffdisk.sys
21:57:07.0296 2836 sffdisk - ok
21:57:07.0296 2836 [ C17C331E435ED8737525C86A7557B3AC ] sffp_sd C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
21:57:07.0296 2836 sffp_sd - ok
21:57:07.0328 2836 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
21:57:07.0328 2836 Sfloppy - ok
21:57:07.0390 2836 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
21:57:07.0390 2836 SharedAccess - ok
21:57:07.0421 2836 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
21:57:07.0421 2836 ShellHWDetection - ok
21:57:07.0437 2836 Simbad - ok
21:57:07.0453 2836 Sparrow - ok
21:57:07.0484 2836 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
21:57:07.0484 2836 splitter - ok
21:57:07.0578 2836 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
21:57:07.0578 2836 Spooler - ok
21:57:07.0593 2836 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
21:57:07.0609 2836 sr - ok
21:57:07.0640 2836 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
21:57:07.0640 2836 srservice - ok
21:57:07.0687 2836 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
21:57:07.0796 2836 Srv - ok
21:57:07.0859 2836 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
21:57:07.0875 2836 SSDPSRV - ok
21:57:07.0968 2836 [ 951801DFB54D86F611F0AF47825476F9 ] STHDA C:\WINDOWS\system32\drivers\sthda.sys
21:57:08.0015 2836 STHDA - ok
21:57:08.0062 2836 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
21:57:08.0078 2836 stisvc - ok
21:57:08.0125 2836 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
21:57:08.0125 2836 swenum - ok
21:57:08.0156 2836 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
21:57:08.0156 2836 swmidi - ok
21:57:08.0156 2836 SwPrv - ok
21:57:08.0171 2836 symc810 - ok
21:57:08.0171 2836 symc8xx - ok
21:57:08.0187 2836 sym_hi - ok
21:57:08.0187 2836 sym_u3 - ok
21:57:08.0250 2836 [ FA2DAA32BED908023272A0F77D625DAE ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
21:57:08.0265 2836 SynTP - ok
21:57:08.0281 2836 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
21:57:08.0281 2836 sysaudio - ok
21:57:08.0296 2836 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
21:57:08.0296 2836 SysmonLog - ok
21:57:08.0343 2836 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
21:57:08.0484 2836 TapiSrv - ok
21:57:08.0531 2836 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
21:57:08.0546 2836 Tcpip - ok
21:57:08.0562 2836 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
21:57:08.0562 2836 TDPIPE - ok
21:57:08.0593 2836 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
21:57:08.0593 2836 TDTCP - ok
21:57:08.0593 2836 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
21:57:08.0593 2836 TermDD - ok
21:57:08.0640 2836 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
21:57:08.0656 2836 TermService - ok
21:57:08.0671 2836 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
21:57:08.0671 2836 Themes - ok
21:57:08.0718 2836 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
21:57:08.0718 2836 TlntSvr - ok
21:57:08.0734 2836 TosIde - ok
21:57:08.0750 2836 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
21:57:08.0765 2836 TrkWks - ok
21:57:08.0781 2836 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
21:57:08.0781 2836 Udfs - ok
21:57:08.0781 2836 UIUSys - ok
21:57:08.0796 2836 ultra - ok
21:57:08.0843 2836 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
21:57:08.0859 2836 Update - ok
21:57:08.0890 2836 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
21:57:08.0906 2836 upnphost - ok
21:57:08.0921 2836 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
21:57:08.0937 2836 UPS - ok
21:57:08.0968 2836 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
21:57:08.0968 2836 usbccgp - ok
21:57:08.0984 2836 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
21:57:08.0984 2836 usbehci - ok
21:57:09.0031 2836 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
21:57:09.0031 2836 usbhub - ok
21:57:09.0062 2836 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
21:57:09.0062 2836 usbprint - ok
21:57:09.0109 2836 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
21:57:09.0109 2836 usbscan - ok
21:57:09.0140 2836 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
21:57:09.0140 2836 USBSTOR - ok
21:57:09.0171 2836 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
21:57:09.0171 2836 usbuhci - ok
21:57:09.0171 2836 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
21:57:09.0187 2836 VgaSave - ok
21:57:09.0187 2836 ViaIde - ok
21:57:09.0203 2836 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
21:57:09.0218 2836 VolSnap - ok
21:57:09.0265 2836 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
21:57:09.0281 2836 VSS - ok
21:57:09.0312 2836 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
21:57:09.0312 2836 W32Time - ok
21:57:09.0375 2836 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
21:57:09.0375 2836 Wanarp - ok
21:57:09.0390 2836 WDICA - ok
21:57:09.0406 2836 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
21:57:09.0421 2836 wdmaud - ok
21:57:09.0453 2836 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
21:57:09.0453 2836 WebClient - ok
21:57:09.0531 2836 [ BA6B6FB242A6BA4068C8B763063BEB63 ] winachsf C:\WINDOWS\system32\DRIVERS\HSX_CNXT.sys
21:57:09.0546 2836 winachsf - ok
21:57:09.0625 2836 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
21:57:09.0625 2836 winmgmt - ok
21:57:09.0687 2836 [ C2ED9211101F3C9CF70B9CBDB3E99C8C ] WLANKEEPER C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
21:57:09.0687 2836 WLANKEEPER - ok
21:57:09.0734 2836 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
21:57:09.0734 2836 WmdmPmSN - ok
21:57:09.0796 2836 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll
21:57:09.0812 2836 Wmi - ok
21:57:09.0843 2836 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
21:57:09.0859 2836 WmiApSrv - ok
21:57:09.0953 2836 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
21:57:09.0984 2836 WMPNetworkSvc - ok
21:57:10.0015 2836 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
21:57:10.0015 2836 WS2IFSL - ok
21:57:10.0046 2836 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
21:57:10.0046 2836 wscsvc - ok
21:57:10.0078 2836 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
21:57:10.0078 2836 wuauserv - ok
21:57:10.0109 2836 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
21:57:10.0125 2836 WudfPf - ok
21:57:10.0140 2836 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
21:57:10.0140 2836 WudfRd - ok
21:57:10.0156 2836 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
21:57:10.0156 2836 WudfSvc - ok
21:57:10.0218 2836 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
21:57:10.0234 2836 WZCSVC - ok
21:57:10.0250 2836 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
21:57:10.0265 2836 xmlprov - ok
21:57:10.0281 2836 ================ Scan global ===============================
21:57:10.0312 2836 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
21:57:10.0375 2836 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
21:57:10.0390 2836 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
21:57:10.0421 2836 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
21:57:10.0437 2836 [Global] - ok
21:57:10.0437 2836 ================ Scan MBR ==================================
21:57:10.0453 2836 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
21:57:10.0687 2836 \Device\Harddisk0\DR0 - ok
21:57:10.0687 2836 ================ Scan VBR ==================================
21:57:10.0687 2836 [ 6C5ED7B7FD58C00DB1B6BCFF8C1944E5 ] \Device\Harddisk0\DR0\Partition1
21:57:10.0703 2836 \Device\Harddisk0\DR0\Partition1 - ok
21:57:10.0703 2836 ============================================================
21:57:10.0703 2836 Scan finished
21:57:10.0703 2836 ============================================================
21:57:10.0734 2356 Detected object count: 0
21:57:10.0734 2356 Actual detected object count: 0

Currently running the avast program you linked. It took quite a long time to download the definitions.
  • 0

#10
pctrouble
Posted 02 December 2012 - 09:33 PM

pctrouble

    Member

  • Topic Starter
  • Member
  • PipPip
  • 27 posts
aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2012-12-02 21:59:04
-----------------------------
21:59:04.187 OS Version: Windows 5.1.2600 Service Pack 3
21:59:04.187 Number of processors: 2 586 0xE08
21:59:04.187 ComputerName: MOPAR UserName:
21:59:05.562 Initialize success
22:09:49.921 AVAST engine defs: 12120200
22:14:55.937 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
22:14:55.937 Disk 0 Vendor: Hitachi_HTS541060G9SA00 MB3OC60R Size: 55796MB BusType: 3
22:14:55.953 Disk 0 MBR read successfully
22:14:55.953 Disk 0 MBR scan
22:14:55.984 Disk 0 Windows XP default MBR code
22:14:55.984 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 55788 MB offset 63
22:14:55.984 Disk 0 scanning sectors +114254280
22:14:56.140 Disk 0 scanning C:\WINDOWS\system32\drivers
22:15:12.140 Service scanning
22:15:32.484 Modules scanning
22:15:41.359 Disk 0 trace - called modules:
22:15:41.359
22:15:42.562 AVAST engine scan C:\WINDOWS
22:16:09.765 AVAST engine scan C:\WINDOWS\system32
22:21:45.250 AVAST engine scan C:\WINDOWS\system32\drivers
22:22:18.187 AVAST engine scan C:\Documents and Settings\Nick Slocumb
22:31:05.140 AVAST engine scan C:\Documents and Settings\All Users
22:31:48.031 Scan finished successfully
22:33:01.203 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Nick Slocumb\Desktop\MBR.dat"
22:33:01.234 The log file has been saved successfully to "C:\Documents and Settings\Nick Slocumb\Desktop\aswMBR.txt"
  • 0

Advertisements

#11
gringo_pr
Posted 02 December 2012 - 09:47 PM

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Greetings

At this time I would like you to run this script for me and it is a good time to check out the computer to see if there is anything else that needs to be addressed.

:Run CFScript:

Open Notepad and copy/paste the text in the box into the window:

ClearJavaCache::

Save it to your desktop as CFScript.txt

Refering to the picture above, drag CFScript.txt into ComboFix.exe
Posted Image
This will let ComboFix run again.
Restart if you have to.
Save the produced logfile to your desktop.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following

  • report from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now after running the script?

Gringo
  • 0

#12
pctrouble
Posted 02 December 2012 - 10:11 PM

pctrouble

    Member

  • Topic Starter
  • Member
  • PipPip
  • 27 posts
ComboFix 12-12-02.01 - Nick Slocumb 12/02/2012 23:01:27.2.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.455 [GMT -5:00]
Running from: c:\documents and settings\Nick Slocumb\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Nick Slocumb\Desktop\cfscript.txt
AV: AVG Anti-Virus 2013 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
.
((((((((((((((((((((((((( Files Created from 2012-11-03 to 2012-12-03 )))))))))))))))))))))))))))))))
.
.
2012-12-03 02:23 . 2012-12-03 02:23 -------- d-----w- c:\program files\Common Files\Java
2012-12-03 02:23 . 2012-12-03 02:22 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-12-02 23:07 . 2012-12-02 23:07 -------- d-----w- c:\documents and settings\Nick Slocumb\Application Data\AVG2013
2012-12-02 23:07 . 2012-12-02 23:07 -------- d-----w- c:\windows\system32\config\systemprofile\Application Data\AVG2013
2012-12-02 23:06 . 2012-12-02 23:06 -------- d-----w- c:\documents and settings\Nick Slocumb\Application Data\TuneUp Software
2012-12-02 23:05 . 2012-12-02 23:07 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG2013
2012-12-02 23:05 . 2012-12-02 23:05 -------- d-----w- C:\$AVG
2012-12-02 23:04 . 2012-12-02 23:04 -------- d-----w- c:\program files\AVG
2012-12-02 22:58 . 2012-12-02 22:58 -------- d--h--w- c:\documents and settings\All Users\Application Data\Common Files
2012-12-02 22:58 . 2012-12-03 03:19 -------- d-----w- c:\documents and settings\All Users\Application Data\MFAData
2012-12-02 22:58 . 2012-12-02 22:58 -------- d-----w- c:\documents and settings\Nick Slocumb\Local Settings\Application Data\MFAData
2012-12-02 22:58 . 2012-12-02 22:58 -------- d-----w- c:\documents and settings\Nick Slocumb\Local Settings\Application Data\Avg2013
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-03 02:22 . 2012-10-18 11:33 143872 ----a-w- c:\windows\system32\javacpl.cpl
2012-12-03 02:22 . 2012-10-18 11:33 821736 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-12-03 02:22 . 2011-09-28 16:16 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-10-22 18:02 . 2012-10-22 18:02 179936 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
2012-10-22 08:37 . 2004-08-04 03:17 1866368 ----a-w- c:\windows\system32\win32k.sys
2012-10-15 08:48 . 2012-10-15 08:48 55776 ----a-w- c:\windows\system32\drivers\avgidshx.sys
2012-10-09 17:22 . 2012-07-17 16:26 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-10-09 17:22 . 2011-10-09 01:16 73656 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-10-05 08:32 . 2012-10-05 08:32 93536 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2012-10-02 18:04 . 2004-08-04 04:56 58368 ----a-w- c:\windows\system32\synceng.dll
2012-10-02 08:30 . 2012-10-02 08:30 159712 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2012-09-29 23:54 . 2012-06-24 01:11 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-21 08:46 . 2012-09-21 08:46 164832 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2012-09-21 08:46 . 2012-09-21 08:46 177376 ----a-w- c:\windows\system32\drivers\avglogx.sys
2012-09-21 08:45 . 2012-09-21 08:45 19936 ----a-w- c:\windows\system32\drivers\avgidsshimx.sys
2012-09-14 08:05 . 2012-09-14 08:05 35552 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SigmatelSysTrayApp"="c:\program files\SigmaTel\C-Major Audio\WDM\stsystra.exe" [2007-05-10 405504]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-03-31 138008]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-03-30 138008]
"IntelZeroConfig"="c:\program files\Intel\Wireless\bin\ZCfgSvc.exe" [2007-10-08 995328]
"IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2007-10-08 1101824]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-03-08 761947]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-03-31 162584]
"AVG_UI"="c:\program files\AVG\AVG2013\avgui.exe" [2012-11-07 3143800]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-09-24 926896]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2013\avgrsx.exe /sync /restart
.
[HKLM\~\startupfolder\C:^Documents and Settings^Nick Slocumb^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]
path=c:\documents and settings\Nick Slocumb\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
backup=c:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2009-02-26 23:36 30040 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)]
2012-01-04 07:47 6497592 ----a-w- c:\progra~1\Yahoo!\Messenger\YahooMessenger.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Documents and Settings\\Nick Slocumb\\My Documents\\Downloads\\solutoinstaller-Sg8z5F0Aij_u55554387.exe"=
"c:\\Program Files\\AVG\\AVG2013\\avgnsx.exe"=
"c:\\Program Files\\AVG\\AVG2013\\avgdiagex.exe"=
"c:\\Program Files\\AVG\\AVG2013\\avgmfapx.exe"=
"c:\\Program Files\\AVG\\AVG2013\\avgemcx.exe"=
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [10/15/2012 3:48 AM 55776]
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [9/21/2012 3:46 AM 177376]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [9/14/2012 3:05 AM 35552]
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [10/22/2012 1:02 PM 179936]
R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [9/21/2012 3:45 AM 19936]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [10/2/2012 3:30 AM 159712]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [9/21/2012 3:46 AM 164832]
R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2013\avgwdsvc.exe [10/22/2012 1:05 PM 196664]
R2 MotoHelper;MotoHelper Service;c:\program files\Motorola\MotoHelper\MotoHelperService.exe [12/6/2011 4:00 PM 214896]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2013\avgidsagent.exe [11/6/2012 7:00 PM 5814392]
S3 cpuz135;cpuz135;\??\c:\windows\TEMP\cpuz135\cpuz135_x32.sys --> c:\windows\TEMP\cpuz135\cpuz135_x32.sys [?]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - 73064708
*NewlyCreated* - ASWMBR
*NewlyCreated* - JAVAQUICKSTARTERSERVICE
*Deregistered* - 73064708
*Deregistered* - aswMBR
*Deregistered* - TrueSight
.
Contents of the 'Scheduled Tasks' folder
.
2012-12-03 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-17 17:22]
.
2012-11-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-515967899-484763869-839522115-1003Core.job
- c:\documents and settings\Nick Slocumb\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-07-20 12:01]
.
2012-12-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-515967899-484763869-839522115-1003UA.job
- c:\documents and settings\Nick Slocumb\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-07-20 12:01]
.
2012-10-22 c:\windows\Tasks\MotoHelper MUM.job
- c:\program files\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-06 21:00]
.
2012-11-29 c:\windows\Tasks\MotoHelper Routing.job
- c:\program files\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-06 21:00]
.
2012-10-22 c:\windows\Tasks\MotoHelper Update.job
- c:\program files\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-06 21:00]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com/
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 209.18.47.61 209.18.47.62
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-12-02 23:07
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(1112)
c:\windows\system32\netprovcredman.dll
.
- - - - - - - > 'explorer.exe'(2932)
c:\windows\system32\WININET.dll
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCR80.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\IEFRAME.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\windows\system32\netprovcredman.dll
.
Completion time: 2012-12-02 23:10:36
ComboFix-quarantined-files.txt 2012-12-03 04:10
ComboFix2.txt 2012-12-03 02:45
.
Pre-Run: 38,958,919,680 bytes free
Post-Run: 39,103,148,032 bytes free
.
- - End Of File - - 0FD4F8D315A5566EDBA718044910A2CC
  • 0

#13
pctrouble
Posted 02 December 2012 - 10:12 PM

pctrouble

    Member

  • Topic Starter
  • Member
  • PipPip
  • 27 posts
The computer seemed to be running faster prior to running this last ComboFix. No issues running combofix.
  • 0

#14
gringo_pr
Posted 02 December 2012 - 10:38 PM

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello

I would like to see a report that combofix makes.

extra combofix report

  • push the "windows key" + "R" (between the "Ctrl" button and "Alt" Button)
  • please copy and past the following into the box
C:\Qoobox\Add-Remove Programs.txt
  • click ok

copy and paste the report into this topic for me to review

Gringo
  • 0

#15
pctrouble
Posted 03 December 2012 - 07:06 PM

pctrouble

    Member

  • Topic Starter
  • Member
  • PipPip
  • 27 posts
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader XI
Adobe Shockwave Player 11.6
AVG 2013
Broadcom 440x 10/100 Integrated Controller
Canon MP280 series MP Drivers
CCleaner
Conexant HDA D110 MDC V.92 Modem
Google Chrome
High Definition Audio Driver Package - KB835221
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB2756822)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB981793)
hp deskjet 5550 series
Intel® Graphics Media Accelerator Driver
Intel® PROSet/Wireless Software
Java 7 Update 9
Java Auto Updater
Java™ 6 Update 37
Magic Set Editor 2.0.0
Malwarebytes Anti-Malware version 1.65.1.1000
mCore
mDriver
mDrWiFi
mHlpDell
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework Client Profile
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Software Update for Web Folders (English) 12
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
mIWA
mLogView
mMHouse
MotoHelper 2.1.32 Driver 5.4.0
MotoHelper MergeModules
Motorola Mobile Drivers Installation 5.4.0
mPfMgr
mPfWiz
mProSafe
mSCfg
mSSO
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6 Service Pack 2 (KB973686)
mWlsSafe
mWMI
mZConfig
Paint.NET v3.5.10
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687314) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2687315) 32-Bit Edition
Security Update for Microsoft Windows (KB2564958)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2647516)
Security Update for Windows Internet Explorer 8 (KB2675157)
Security Update for Windows Internet Explorer 8 (KB2699988)
Security Update for Windows Internet Explorer 8 (KB2722913)
Security Update for Windows Internet Explorer 8 (KB2744842)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player (KB979402)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2621440)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB2641653)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2647518)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2655992)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2660465)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2685939)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2691442)
Security Update for Windows XP (KB2695962)
Security Update for Windows XP (KB2698365)
Security Update for Windows XP (KB2705219)
Security Update for Windows XP (KB2707511)
Security Update for Windows XP (KB2709162)
Security Update for Windows XP (KB2712808)
Security Update for Windows XP (KB2718523)
Security Update for Windows XP (KB2719985)
Security Update for Windows XP (KB2723135)
Security Update for Windows XP (KB2724197)
Security Update for Windows XP (KB2727528)
Security Update for Windows XP (KB2731847)
Security Update for Windows XP (KB2761226)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982665)
SigmaTel Audio
StarParts Training
swMSM
Synaptics Pointing Device Driver
System Requirements Lab Test
Unity Web Player
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2760413) 32-Bit Edition
Update for Windows Internet Explorer 8 (KB2447568)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2616676-v2)
Update for Windows XP (KB2641690)
Update for Windows XP (KB2661254-v2)
Update for Windows XP (KB2718704)
Update for Windows XP (KB2736233)
Update for Windows XP (KB2749655)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
WebFldrs XP
Windows Driver Package - Ricoh Company (rimsptsk) hdc (11/14/2006 6.00.01.04)
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3
WinRAR archiver
Yahoo! Messenger
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP