Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

iPhone popup ad


  • Please log in to reply
7 replies to this topic

#1 cms_matt

cms_matt

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:01:51 PM

Posted 23 July 2012 - 09:24 AM

I have been getting an iPhone popup ad in the bottom right corner of my screen and have also been suffering redirects. I have ran my scans with my updated antivirus program, running malware and spyware cleaners and the problem persists. Based off of other posts I have seen it requested to post logs from aswMBR, TDSSKiller & MiniToolBox. I will include these reports here. Please let me know if you require anything else from me. Any help would be greatly appreciated. Thanks!

aswMBR Report

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-22 21:23:15
-----------------------------
21:23:15.606 OS Version: Windows x64 6.0.6002 Service Pack 2
21:23:15.607 Number of processors: 2 586 0x170A
21:23:15.608 ComputerName: HOME-PC UserName:
21:23:17.919 Initialize success
21:30:27.372 AVAST engine defs: 12072201
21:30:55.631 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-1
21:30:55.634 Disk 0 Vendor: FUJITSU_MHZ2320BH_G2 8909 Size: 305245MB BusType: 3
21:30:55.673 Disk 0 MBR read successfully
21:30:55.676 Disk 0 MBR scan
21:30:55.691 Disk 0 unknown MBR code
21:30:55.698 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 292472 MB offset 2048
21:30:55.755 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 12769 MB offset 598984704
21:30:55.806 Disk 0 scanning C:\Windows\system32\drivers
21:31:17.664 Service scanning
21:32:13.897 Modules scanning
21:32:13.909 Disk 0 trace - called modules:
21:32:13.953 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys acpi.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
21:32:13.960 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80050f0060]
21:32:14.312 3 CLASSPNP.SYS[fffffa6000a44c33] -> nt!IofCallDriver -> [0xfffffa80050ef040]
21:32:14.320 5 hpdskflt.sys[fffffa6001cac0ee] -> nt!IofCallDriver -> [0xfffffa8004c1a520]
21:32:14.329 7 acpi.sys[fffffa60008fefde] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-1[0xfffffa8004c17060]
21:32:16.312 AVAST engine scan C:\Windows
21:32:42.285 AVAST engine scan C:\Windows\system32
21:43:26.380 AVAST engine scan C:\Windows\system32\drivers
21:44:39.804 AVAST engine scan C:\Users\Administrator
21:46:36.237 AVAST engine scan C:\ProgramData
21:58:03.122 Scan finished successfully
21:58:54.591 Disk 0 MBR has been saved successfully to "C:\Users\Administrator\Desktop\MBR.dat"
21:58:54.618 The log file has been saved successfully to "C:\Users\Administrator\Desktop\aswMBR Report.txt"


TDSSKiller Report

21:19:50.0188 4020 TDSS rootkit removing tool 2.7.46.0 Jul 16 2012 22:10:11
21:19:50.0727 4020 ============================================================
21:19:50.0727 4020 Current date / time: 2012/07/22 21:19:50.0727
21:19:50.0727 4020 SystemInfo:
21:19:50.0727 4020
21:19:50.0727 4020 OS Version: 6.0.6002 ServicePack: 2.0
21:19:50.0727 4020 Product type: Workstation
21:19:50.0727 4020 ComputerName: HOME-PC
21:19:50.0728 4020 UserName: Administrator
21:19:50.0728 4020 Windows directory: C:\Windows
21:19:50.0728 4020 System windows directory: C:\Windows
21:19:50.0728 4020 Running under WOW64
21:19:50.0728 4020 Processor architecture: Intel x64
21:19:50.0728 4020 Number of processors: 2
21:19:50.0728 4020 Page size: 0x1000
21:19:50.0728 4020 Boot type: Normal boot
21:19:50.0728 4020 ============================================================
21:19:52.0952 4020 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:19:52.0964 4020 ============================================================
21:19:52.0964 4020 \Device\Harddisk0\DR0:
21:19:52.0966 4020 MBR partitions:
21:19:52.0966 4020 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x23B3C000
21:19:52.0966 4020 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x23B3C800, BlocksNum 0x18F0800
21:19:52.0966 4020 ============================================================
21:19:52.0994 4020 C: <-> \Device\Harddisk0\DR0\Partition0
21:19:53.0042 4020 D: <-> \Device\Harddisk0\DR0\Partition1
21:19:53.0043 4020 ============================================================
21:19:53.0043 4020 Initialize success
21:19:53.0043 4020 ============================================================
21:21:04.0384 5504 ============================================================
21:21:04.0384 5504 Scan started
21:21:04.0384 5504 Mode: Manual; TDLFS;
21:21:04.0384 5504 ============================================================
21:21:05.0288 5504 Accelerometer (60fbb29ccce48b4c3a6517caf42c3496) C:\Windows\system32\DRIVERS\Accelerometer.sys
21:21:05.0289 5504 Accelerometer - ok
21:21:05.0336 5504 ACPI (1965aaffab07e3fb03c77f81beba3547) C:\Windows\system32\drivers\acpi.sys
21:21:05.0339 5504 ACPI - ok
21:21:05.0431 5504 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:21:05.0434 5504 AdobeFlashPlayerUpdateSvc - ok
21:21:05.0499 5504 adp94xx (f14215e37cf124104575073f782111d2) C:\Windows\system32\drivers\adp94xx.sys
21:21:05.0503 5504 adp94xx - ok
21:21:05.0544 5504 adpahci (7d05a75e3066861a6610f7ee04ff085c) C:\Windows\system32\drivers\adpahci.sys
21:21:05.0561 5504 adpahci - ok
21:21:05.0608 5504 adpu160m (820a201fe08a0c345b3bedbc30e1a77c) C:\Windows\system32\drivers\adpu160m.sys
21:21:05.0609 5504 adpu160m - ok
21:21:05.0682 5504 adpu320 (9b4ab6854559dc168fbb4c24fc52e794) C:\Windows\system32\drivers\adpu320.sys
21:21:05.0684 5504 adpu320 - ok
21:21:05.0719 5504 AeLookupSvc (0f421175574bfe0bf2f4d8e910a253bb) C:\Windows\System32\aelupsvc.dll
21:21:05.0720 5504 AeLookupSvc - ok
21:21:05.0813 5504 AESTFilters (7f66523a27754afcfecae2f5eb643a4a) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_1e90062d\AESTSr64.exe
21:21:05.0814 5504 AESTFilters - ok
21:21:05.0871 5504 AFD (c4f6ce6087760ad70960c9eb130e7943) C:\Windows\system32\drivers\afd.sys
21:21:05.0878 5504 AFD - ok
21:21:05.0900 5504 AgereModemAudio (8fe65709982f2cb7d291f6c9b2c60805) C:\Windows\system32\agr64svc.exe
21:21:05.0901 5504 AgereModemAudio - ok
21:21:06.0004 5504 AgereSoftModem (55fcdb10e31c22eb67454aaef42b6725) C:\Windows\system32\DRIVERS\agrsm64.sys
21:21:06.0084 5504 AgereSoftModem - ok
21:21:06.0118 5504 agp440 (f6f6793b7f17b550ecfdbd3b229173f7) C:\Windows\system32\drivers\agp440.sys
21:21:06.0119 5504 agp440 - ok
21:21:06.0148 5504 aic78xx (222cb641b4b8a1d1126f8033f9fd6a00) C:\Windows\system32\drivers\djsvs.sys
21:21:06.0149 5504 aic78xx - ok
21:21:06.0171 5504 ALG (5922f4f59b7868f3d74bbbbeb7b825a3) C:\Windows\System32\alg.exe
21:21:06.0172 5504 ALG - ok
21:21:06.0188 5504 aliide (e0ca5bb8e6c79533dc6b1da7361a201e) C:\Windows\system32\drivers\aliide.sys
21:21:06.0189 5504 aliide - ok
21:21:06.0197 5504 amdide (7034f8d1b9703d711d3f92c95deb377d) C:\Windows\system32\drivers\amdide.sys
21:21:06.0198 5504 amdide - ok
21:21:06.0218 5504 AmdK8 (cdc3632a3a5ea4dbb83e46076a3165a1) C:\Windows\system32\drivers\amdk8.sys
21:21:06.0219 5504 AmdK8 - ok
21:21:06.0234 5504 Appinfo (9c37b3fd5615477cb9a0cd116cf43f5c) C:\Windows\System32\appinfo.dll
21:21:06.0235 5504 Appinfo - ok
21:21:06.0263 5504 arc (ba8417d4765f3988ff921f30f630e303) C:\Windows\system32\drivers\arc.sys
21:21:06.0264 5504 arc - ok
21:21:06.0275 5504 arcsas (9d41c435619733b34cc16a511e644b11) C:\Windows\system32\drivers\arcsas.sys
21:21:06.0277 5504 arcsas - ok
21:21:06.0298 5504 AsyncMac (22d13ff3dafec2a80634752b1eaa2de6) C:\Windows\system32\DRIVERS\asyncmac.sys
21:21:06.0299 5504 AsyncMac - ok
21:21:06.0323 5504 atapi (e68d9b3a3905619732f7fe039466a623) C:\Windows\system32\drivers\atapi.sys
21:21:06.0323 5504 atapi - ok
21:21:06.0378 5504 AudioEndpointBuilder (79318c744693ec983d20e9337a2f8196) C:\Windows\System32\Audiosrv.dll
21:21:06.0382 5504 AudioEndpointBuilder - ok
21:21:06.0389 5504 AudioSrv (79318c744693ec983d20e9337a2f8196) C:\Windows\System32\Audiosrv.dll
21:21:06.0393 5504 AudioSrv - ok
21:21:06.0608 5504 BCM43XX (eef98ddd0fc6a5da452eb8120d57ce44) C:\Windows\system32\DRIVERS\bcmwl664.sys
21:21:06.0628 5504 BCM43XX - ok
21:21:06.0766 5504 BFE (ffb96c2589ffa60473ead78b39fbde29) C:\Windows\System32\bfe.dll
21:21:06.0770 5504 BFE - ok
21:21:06.0975 5504 BHDrvx64 (c8ab71a5102d0fc103f6dfc750005137) C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Data\Definitions\BASHDefs\20120711.012\BHDrvx64.sys
21:21:06.0984 5504 BHDrvx64 - ok
21:21:07.0135 5504 BITS (6d316f4859634071cc25c4fd4589ad2c) C:\Windows\System32\qmgr.dll
21:21:07.0146 5504 BITS - ok
21:21:07.0204 5504 blbdrive (79feeb40056683f8f61398d81dda65d2) C:\Windows\system32\drivers\blbdrive.sys
21:21:07.0205 5504 blbdrive - ok
21:21:07.0239 5504 bowser (2348447a80920b2493a9b582a23e81e1) C:\Windows\system32\DRIVERS\bowser.sys
21:21:07.0241 5504 bowser - ok
21:21:07.0253 5504 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\brfiltlo.sys
21:21:07.0255 5504 BrFiltLo - ok
21:21:07.0277 5504 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\brfiltup.sys
21:21:07.0278 5504 BrFiltUp - ok
21:21:07.0300 5504 Browser (a1b39de453433b115b4ea69ee0343816) C:\Windows\System32\browser.dll
21:21:07.0302 5504 Browser - ok
21:21:07.0328 5504 Brserid (f0f0ba4d815be446aa6a4583ca3bca9b) C:\Windows\system32\drivers\brserid.sys
21:21:07.0330 5504 Brserid - ok
21:21:07.0353 5504 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\system32\drivers\brserwdm.sys
21:21:07.0360 5504 BrSerWdm - ok
21:21:07.0379 5504 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\system32\drivers\brusbmdm.sys
21:21:07.0380 5504 BrUsbMdm - ok
21:21:07.0393 5504 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\drivers\brusbser.sys
21:21:07.0394 5504 BrUsbSer - ok
21:21:07.0407 5504 BthEnum (09f926a0d9c0bafd8417a4307d2ed13c) C:\Windows\system32\DRIVERS\BthEnum.sys
21:21:07.0408 5504 BthEnum - ok
21:21:07.0422 5504 BTHMODEM (e0777b34e05f8a82a21856efc900c29f) C:\Windows\system32\drivers\bthmodem.sys
21:21:07.0423 5504 BTHMODEM - ok
21:21:07.0462 5504 BthPan (befc5311736b475ac5b60c14ff7c775a) C:\Windows\system32\DRIVERS\bthpan.sys
21:21:07.0463 5504 BthPan - ok
21:21:07.0533 5504 BTHPORT (e1466882252ff51edde48c3f7eda2591) C:\Windows\system32\Drivers\BTHport.sys
21:21:07.0559 5504 BTHPORT - ok
21:21:07.0611 5504 BthServ (22e65ffd640f16968f855f5b3528d366) C:\Windows\System32\bthserv.dll
21:21:07.0613 5504 BthServ - ok
21:21:07.0655 5504 BTHUSB (970192cded77a128e7e30722e5ee6b9c) C:\Windows\system32\Drivers\BTHUSB.sys
21:21:07.0656 5504 BTHUSB - ok
21:21:07.0688 5504 btwaudio (0c5d9c8b412be72c4535ec67a24c01db) C:\Windows\system32\drivers\btwaudio.sys
21:21:07.0689 5504 btwaudio - ok
21:21:07.0703 5504 btwavdt (df18e4291c43bed05b1d0c2d5c0e96d6) C:\Windows\system32\drivers\btwavdt.sys
21:21:07.0705 5504 btwavdt - ok
21:21:07.0718 5504 btwrchid (637a44c54520a9958e2e5e3ee9e26c4a) C:\Windows\system32\DRIVERS\btwrchid.sys
21:21:07.0719 5504 btwrchid - ok
21:21:07.0735 5504 cdfs (b4d787db8d30793a4d4df9feed18f136) C:\Windows\system32\DRIVERS\cdfs.sys
21:21:07.0736 5504 cdfs - ok
21:21:07.0767 5504 cdrom (c025aa69be3d0d25c7a2e746ef6f94fc) C:\Windows\system32\DRIVERS\cdrom.sys
21:21:07.0768 5504 cdrom - ok
21:21:07.0796 5504 CertPropSvc (5a268127633c7ee2a7fb87f39d748d56) C:\Windows\System32\certprop.dll
21:21:07.0800 5504 CertPropSvc - ok
21:21:07.0847 5504 circlass (02ea568d498bbdd4ba55bf3fce34d456) C:\Windows\system32\DRIVERS\circlass.sys
21:21:07.0848 5504 circlass - ok
21:21:07.0898 5504 CLFS (3dca9a18b204939cfb24bea53e31eb48) C:\Windows\system32\CLFS.sys
21:21:07.0901 5504 CLFS - ok
21:21:07.0969 5504 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:21:07.0976 5504 clr_optimization_v2.0.50727_32 - ok
21:21:08.0028 5504 clr_optimization_v2.0.50727_64 (ce07a466201096f021cd09d631b21540) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:21:08.0038 5504 clr_optimization_v2.0.50727_64 - ok
21:21:08.0090 5504 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:21:08.0093 5504 clr_optimization_v4.0.30319_32 - ok
21:21:08.0141 5504 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:21:08.0143 5504 clr_optimization_v4.0.30319_64 - ok
21:21:08.0169 5504 CmBatt (b52d9a14ce4101577900a364ba86f3df) C:\Windows\system32\DRIVERS\CmBatt.sys
21:21:08.0170 5504 CmBatt - ok
21:21:08.0190 5504 cmdide (8c6aa24c1d7273a02284588426ab8ce3) C:\Windows\system32\drivers\cmdide.sys
21:21:08.0191 5504 cmdide - ok
21:21:08.0277 5504 Com4QLBEx (f9a79c5b27037821112c50a9c8fb367a) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
21:21:08.0279 5504 Com4QLBEx - ok
21:21:08.0296 5504 Compbatt (7fb8ad01db0eabe60c8a861531a8f431) C:\Windows\system32\DRIVERS\compbatt.sys
21:21:08.0297 5504 Compbatt - ok
21:21:08.0301 5504 COMSysApp - ok
21:21:08.0350 5504 crcdisk (a8585b6412253803ce8efcbd6d6dc15c) C:\Windows\system32\drivers\crcdisk.sys
21:21:08.0351 5504 crcdisk - ok
21:21:08.0391 5504 CryptSvc (62740b9d2a137e8ced41a9e4239a7a31) C:\Windows\system32\cryptsvc.dll
21:21:08.0393 5504 CryptSvc - ok
21:21:08.0468 5504 DcomLaunch (cf8b9a3a5e7dc57724a89d0c3e8cf9ef) C:\Windows\system32\rpcss.dll
21:21:08.0492 5504 DcomLaunch - ok
21:21:08.0523 5504 DfsC (8b722ba35205c71e7951cdc4cdbade19) C:\Windows\system32\Drivers\dfsc.sys
21:21:08.0524 5504 DfsC - ok
21:21:08.0842 5504 DFSR (c647f468f7de343df8c143655c5557d4) C:\Windows\system32\DFSR.exe
21:21:08.0870 5504 DFSR - ok
21:21:09.0023 5504 Dhcp (3ed0321127ce70acdaabbf77e157c2a7) C:\Windows\System32\dhcpcsvc.dll
21:21:09.0029 5504 Dhcp - ok
21:21:09.0086 5504 disk (b0107e40ecdb5fa692ebf832f295d905) C:\Windows\system32\drivers\disk.sys
21:21:09.0088 5504 disk - ok
21:21:09.0124 5504 Dnscache (06230f1b721494a6df8d47fd395bb1b0) C:\Windows\System32\dnsrslvr.dll
21:21:09.0126 5504 Dnscache - ok
21:21:09.0170 5504 dot3svc (1a7156dd1e850e9914e5e991e3225b94) C:\Windows\System32\dot3svc.dll
21:21:09.0174 5504 dot3svc - ok
21:21:09.0210 5504 DPS (1583b39790db3eaec7edb0cb0140c708) C:\Windows\system32\dps.dll
21:21:09.0212 5504 DPS - ok
21:21:09.0251 5504 drmkaud (f1a78a98cfc2ee02144c6bec945447e6) C:\Windows\system32\drivers\drmkaud.sys
21:21:09.0253 5504 drmkaud - ok
21:21:09.0348 5504 DXGKrnl (b8e554e502d5123bc111f99d6a2181b4) C:\Windows\System32\drivers\dxgkrnl.sys
21:21:09.0357 5504 DXGKrnl - ok
21:21:09.0392 5504 E1G60 (264cee7b031a9d6c827f3d0cb031f2fe) C:\Windows\system32\DRIVERS\E1G6032E.sys
21:21:09.0400 5504 E1G60 - ok
21:21:09.0433 5504 EapHost (c2303883fd9be49dc36a6400643002ea) C:\Windows\System32\eapsvc.dll
21:21:09.0435 5504 EapHost - ok
21:21:09.0463 5504 Ecache (5f94962be5a62db6e447ff6470c4f48a) C:\Windows\system32\drivers\ecache.sys
21:21:09.0465 5504 Ecache - ok
21:21:09.0608 5504 eeCtrl (ba6420c1f7070ed8f1ba372844f3e1ec) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
21:21:09.0613 5504 eeCtrl - ok
21:21:09.0716 5504 ehRecvr (14ce384d2e27b64c256bda4dc39c312d) C:\Windows\ehome\ehRecvr.exe
21:21:09.0720 5504 ehRecvr - ok
21:21:09.0759 5504 ehSched (b93159c1313d66fdfbbe876f5189cd52) C:\Windows\ehome\ehsched.exe
21:21:09.0761 5504 ehSched - ok
21:21:09.0774 5504 ehstart (f5ee2527d74449868e3c3227a59bcd28) C:\Windows\ehome\ehstart.dll
21:21:09.0775 5504 ehstart - ok
21:21:09.0833 5504 elxstor (c4636d6e10469404ab5308d9fd45ed07) C:\Windows\system32\drivers\elxstor.sys
21:21:09.0837 5504 elxstor - ok
21:21:09.0895 5504 EMDMgmt (a9b18b63a4fd6baab83326706d857fab) C:\Windows\system32\emdmgmt.dll
21:21:09.0901 5504 EMDMgmt - ok
21:21:09.0933 5504 enecir (f218a3a27ed6592c0e22ec3595554447) C:\Windows\system32\DRIVERS\enecir.sys
21:21:09.0935 5504 enecir - ok
21:21:10.0023 5504 EraserUtilRebootDrv (1343df3451bc0c442dc69837c6fba21b) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
21:21:10.0025 5504 EraserUtilRebootDrv - ok
21:21:10.0041 5504 ErrDev (bc3a58e938bb277e46bf4b3003b01abd) C:\Windows\system32\drivers\errdev.sys
21:21:10.0042 5504 ErrDev - ok
21:21:10.0137 5504 EventSystem (e12f22b73f153dece721cd45ec05b4af) C:\Windows\system32\es.dll
21:21:10.0141 5504 EventSystem - ok
21:21:10.0185 5504 exfat (486844f47b6636044a42454614ed4523) C:\Windows\system32\drivers\exfat.sys
21:21:10.0187 5504 exfat - ok
21:21:10.0236 5504 fastfat (1a4bee34277784619ddaf0422c0c6e23) C:\Windows\system32\drivers\fastfat.sys
21:21:10.0238 5504 fastfat - ok
21:21:10.0272 5504 fdc (81b79b6df71fa1d2c6d688d830616e39) C:\Windows\system32\DRIVERS\fdc.sys
21:21:10.0273 5504 fdc - ok
21:21:10.0296 5504 fdPHost (bb9267acacd8b7533dd936c34a0cba5e) C:\Windows\system32\fdPHost.dll
21:21:10.0299 5504 fdPHost - ok
21:21:10.0318 5504 FDResPub (300c80931eabbe1db7591c516efe8d0f) C:\Windows\system32\fdrespub.dll
21:21:10.0320 5504 FDResPub - ok
21:21:10.0336 5504 FileInfo (457b7d1d533e4bd62a99aed9c7bb4c59) C:\Windows\system32\drivers\fileinfo.sys
21:21:10.0337 5504 FileInfo - ok
21:21:10.0359 5504 Filetrace (d421327fd6efccaf884a54c58e1b0d7f) C:\Windows\system32\drivers\filetrace.sys
21:21:10.0361 5504 Filetrace - ok
21:21:10.0382 5504 flpydisk (230923ea2b80f79b0f88d90f87b87ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
21:21:10.0384 5504 flpydisk - ok
21:21:10.0423 5504 FltMgr (e3041bc26d6930d61f42aedb79c91720) C:\Windows\system32\drivers\fltmgr.sys
21:21:10.0426 5504 FltMgr - ok
21:21:10.0538 5504 FontCache (be1c5bd1ca7ed015bc6fa1ae67e592c8) C:\Windows\system32\FntCache.dll
21:21:10.0559 5504 FontCache - ok
21:21:10.0633 5504 FontCache3.0.0.0 (bc5b0be5af3510b0fd8c140ee42c6d3e) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:21:10.0634 5504 FontCache3.0.0.0 - ok
21:21:10.0685 5504 Fs_Rec (5779b86cd8b32519fbecb136394d946a) C:\Windows\system32\drivers\Fs_Rec.sys
21:21:10.0686 5504 Fs_Rec - ok
21:21:10.0750 5504 gagp30kx (c8e416668d3dc2be3d4fe4c79224997f) C:\Windows\system32\drivers\gagp30kx.sys
21:21:10.0752 5504 gagp30kx - ok
21:21:10.0840 5504 GameConsoleService (58f9ee8357271a5529cccbd35a80e599) C:\Program Files (x86)\HP Games\My HP Game Console\GameConsoleService.exe
21:21:10.0843 5504 GameConsoleService - ok
21:21:10.0918 5504 gpsvc (a0e1b575ba8f504968cd40c0faeb2384) C:\Windows\System32\gpsvc.dll
21:21:10.0926 5504 gpsvc - ok
21:21:10.0988 5504 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:21:10.0992 5504 gupdate - ok
21:21:11.0002 5504 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:21:11.0005 5504 gupdatem - ok
21:21:11.0049 5504 HdAudAddService (df45f8142dc6df9d18c39b3effbd0409) C:\Windows\system32\drivers\HdAudio.sys
21:21:11.0052 5504 HdAudAddService - ok
21:21:11.0156 5504 HDAudBus (f942c5820205f2fb453243edfec82a3d) C:\Windows\system32\DRIVERS\HDAudBus.sys
21:21:11.0166 5504 HDAudBus - ok
21:21:11.0184 5504 HidBth (b4881c84a180e75b8c25dc1d726c375f) C:\Windows\system32\drivers\hidbth.sys
21:21:11.0186 5504 HidBth - ok
21:21:11.0221 5504 HidIr (5f47839455d01ff6403b008d481a6f5b) C:\Windows\system32\DRIVERS\hidir.sys
21:21:11.0222 5504 HidIr - ok
21:21:11.0291 5504 hidserv (59361d38a297755d46a540e450202b2a) C:\Windows\System32\hidserv.dll
21:21:11.0293 5504 hidserv - ok
21:21:11.0320 5504 HidUsb (d02c82cb3a20f391c8aeff94e8e0baa1) C:\Windows\system32\DRIVERS\hidusb.sys
21:21:11.0321 5504 HidUsb - ok
21:21:11.0358 5504 hkmsvc (b12f367ea39c0795fd57e31242ce1a5a) C:\Windows\system32\kmsvc.dll
21:21:11.0361 5504 hkmsvc - ok
21:21:11.0428 5504 HP Health Check Service (a19b0bb5a7eb6df2dd4a0711d36955ee) c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
21:21:11.0430 5504 HP Health Check Service - ok
21:21:11.0455 5504 HpCISSs (d7109a1e6bd2dfdbcba72a6bc626a13b) C:\Windows\system32\drivers\hpcisss.sys
21:21:11.0456 5504 HpCISSs - ok
21:21:11.0480 5504 hpdskflt (4a435ca815a54639ca09ddf75d751ebc) C:\Windows\system32\DRIVERS\hpdskflt.sys
21:21:11.0481 5504 hpdskflt - ok
21:21:11.0515 5504 HpqKbFiltr (9af482d058be59cc28bce52e7c4b747c) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
21:21:11.0516 5504 HpqKbFiltr - ok
21:21:11.0567 5504 hpqwmiex (fdf273a845f1ffcceadf363aaf47582f) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
21:21:11.0569 5504 hpqwmiex - ok
21:21:11.0605 5504 hpsrv (6bf024ea61d7894bf4af0b10a90b546e) C:\Windows\system32\Hpservice.exe
21:21:11.0607 5504 hpsrv - ok
21:21:11.0686 5504 HTTP (098f1e4e5c9cb5b0063a959063631610) C:\Windows\system32\drivers\HTTP.sys
21:21:11.0703 5504 HTTP - ok
21:21:11.0724 5504 i2omp (da94c854cea5fac549d4e1f6e88349e8) C:\Windows\system32\drivers\i2omp.sys
21:21:11.0725 5504 i2omp - ok
21:21:11.0758 5504 i8042prt (cbb597659a2713ce0c9cc20c88c7591f) C:\Windows\system32\DRIVERS\i8042prt.sys
21:21:11.0760 5504 i8042prt - ok
21:21:11.0795 5504 iaStorV (3e3bf3627d886736d0b4e90054f929f6) C:\Windows\system32\drivers\iastorv.sys
21:21:11.0825 5504 iaStorV - ok
21:21:11.0921 5504 IDriverT (6f95324909b502e2651442c1548ab12f) C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
21:21:11.0924 5504 IDriverT - ok
21:21:12.0040 5504 idsvc (749f5f8cedca70f2a512945325fc489d) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:21:12.0053 5504 idsvc - ok
21:21:12.0193 5504 IDSVia64 (ce0bf35c79e03bb89da6b14fac838605) C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Data\Definitions\IPSDefs\20120720.001\IDSvia64.sys
21:21:12.0218 5504 IDSVia64 - ok
21:21:12.0874 5504 igfx (7b0a679638e9380c0d8d42c7d43f8169) C:\Windows\system32\DRIVERS\igdkmd64.sys
21:21:13.0111 5504 igfx - ok
21:21:13.0223 5504 iirsp (8c3951ad2fe886ef76c7b5027c3125d3) C:\Windows\system32\drivers\iirsp.sys
21:21:13.0225 5504 iirsp - ok
21:21:13.0289 5504 IKEEXT (0c9ea6e654e7b0471741e343a6c671af) C:\Windows\System32\ikeext.dll
21:21:13.0295 5504 IKEEXT - ok
21:21:13.0349 5504 IntcHdmiAddService (be1cb000c655396c9def09aee3ea2d67) C:\Windows\system32\drivers\IntcHdmi.sys
21:21:13.0351 5504 IntcHdmiAddService - ok
21:21:13.0362 5504 intelide (475490caf376e55e6e8b37bbdfeb2e81) C:\Windows\system32\drivers\intelide.sys
21:21:13.0363 5504 intelide - ok
21:21:13.0380 5504 intelppm (bfd84af32fa1bad6231c4585cb469630) C:\Windows\system32\DRIVERS\intelppm.sys
21:21:13.0387 5504 intelppm - ok
21:21:13.0416 5504 IPBusEnum (5624bc1bc5eeb49c0ab76a8114f05ea3) C:\Windows\system32\ipbusenum.dll
21:21:13.0419 5504 IPBusEnum - ok
21:21:13.0461 5504 IpFilterDriver (d8aabc341311e4780d6fce8c73c0ad81) C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:21:13.0464 5504 IpFilterDriver - ok
21:21:13.0514 5504 iphlpsvc (bf0dbfa9792c5c14fa00f61c75116c1b) C:\Windows\System32\iphlpsvc.dll
21:21:13.0518 5504 iphlpsvc - ok
21:21:13.0524 5504 IpInIp - ok
21:21:13.0554 5504 IPMIDRV (9c2ee2e6e5a7203bfae15c299475ec67) C:\Windows\system32\drivers\ipmidrv.sys
21:21:13.0555 5504 IPMIDRV - ok
21:21:13.0597 5504 IPNAT (b7e6212f581ea5f6ab0c3a6ceeeb89be) C:\Windows\system32\DRIVERS\ipnat.sys
21:21:13.0600 5504 IPNAT - ok
21:21:13.0642 5504 IRENUM (8c42ca155343a2f11d29feca67faa88d) C:\Windows\system32\drivers\irenum.sys
21:21:13.0644 5504 IRENUM - ok
21:21:13.0663 5504 isapnp (0672bfcedc6fc468a2b0500d81437f4f) C:\Windows\system32\drivers\isapnp.sys
21:21:13.0665 5504 isapnp - ok
21:21:13.0714 5504 iScsiPrt (e4fdf99599f27ec25d2cf6d754243520) C:\Windows\system32\DRIVERS\msiscsi.sys
21:21:13.0717 5504 iScsiPrt - ok
21:21:13.0763 5504 iteatapi (63c766cdc609ff8206cb447a65abba4a) C:\Windows\system32\drivers\iteatapi.sys
21:21:13.0764 5504 iteatapi - ok
21:21:13.0782 5504 iteraid (1281fe73b17664631d12f643cbea3f59) C:\Windows\system32\drivers\iteraid.sys
21:21:13.0784 5504 iteraid - ok
21:21:13.0807 5504 kbdclass (423696f3ba6472dd17699209b933bc26) C:\Windows\system32\DRIVERS\kbdclass.sys
21:21:13.0808 5504 kbdclass - ok
21:21:13.0830 5504 kbdhid (dbdf75d51464fbc47d0104ec3d572c05) C:\Windows\system32\DRIVERS\kbdhid.sys
21:21:13.0831 5504 kbdhid - ok
21:21:13.0855 5504 KeyIso (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
21:21:13.0857 5504 KeyIso - ok
21:21:13.0917 5504 KSecDD (88956ad9fa510848ad176777a6c6c1f5) C:\Windows\system32\Drivers\ksecdd.sys
21:21:13.0935 5504 KSecDD - ok
21:21:13.0951 5504 ksthunk (1d419cf43db29396ecd7113d129d94eb) C:\Windows\system32\drivers\ksthunk.sys
21:21:13.0953 5504 ksthunk - ok
21:21:14.0009 5504 KtmRm (1faf6926f3416d3da05c5b265491bdae) C:\Windows\system32\msdtckrm.dll
21:21:14.0031 5504 KtmRm - ok
21:21:14.0073 5504 LanmanServer (50c7a3cb427e9bb5ed0708a669956ab5) C:\Windows\System32\srvsvc.dll
21:21:14.0078 5504 LanmanServer - ok
21:21:14.0126 5504 LanmanWorkstation (caf86fc1388be1e470f1a7b43e348adb) C:\Windows\System32\wkssvc.dll
21:21:14.0135 5504 LanmanWorkstation - ok
21:21:14.0154 5504 Lbd (a352cdb69af6e18d60c0001d540d8478) C:\Windows\system32\DRIVERS\Lbd.sys
21:21:14.0156 5504 Lbd - ok
21:21:14.0224 5504 LightScribeService (c2e324014d54daa2b5a4de47cb696fd8) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
21:21:14.0226 5504 LightScribeService - ok
21:21:14.0247 5504 lltdio (96ece2659b6654c10a0c310ae3a6d02c) C:\Windows\system32\DRIVERS\lltdio.sys
21:21:14.0248 5504 lltdio - ok
21:21:14.0288 5504 lltdsvc (961ccbd0b1ccb5675d64976fae37d092) C:\Windows\System32\lltdsvc.dll
21:21:14.0293 5504 lltdsvc - ok
21:21:14.0315 5504 lmhosts (a47f8080cacc23c91fe823ad19aa5612) C:\Windows\System32\lmhsvc.dll
21:21:14.0320 5504 lmhosts - ok
21:21:14.0347 5504 LSI_FC (acbe1af32d3123e330a07bfbc5ec4a9b) C:\Windows\system32\drivers\lsi_fc.sys
21:21:14.0349 5504 LSI_FC - ok
21:21:14.0375 5504 LSI_SAS (799ffb2fc4729fa46d2157c0065b3525) C:\Windows\system32\drivers\lsi_sas.sys
21:21:14.0382 5504 LSI_SAS - ok
21:21:14.0399 5504 LSI_SCSI (f445ff1daad8a226366bfaf42551226b) C:\Windows\system32\drivers\lsi_scsi.sys
21:21:14.0402 5504 LSI_SCSI - ok
21:21:14.0416 5504 luafv (52f87b9cc8932c2a7375c3b2a9be5e3e) C:\Windows\system32\drivers\luafv.sys
21:21:14.0418 5504 luafv - ok
21:21:14.0467 5504 McAfeeEngineService (c1dfabffd5c17a64a3e756313e5495d9) C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\EngineServer.exe
21:21:14.0468 5504 McAfeeEngineService - ok
21:21:14.0533 5504 McAfeeFramework (4cd3ee64736b4d156dac5c1d6eb60c24) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
21:21:14.0534 5504 McAfeeFramework - ok
21:21:14.0588 5504 McciCMService (e2d797e64f66ff4ce4092563523cc316) C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
21:21:14.0593 5504 McciCMService - ok
21:21:14.0694 5504 McciCMService64 (2211d2ed99bf9e0706ffefc3928827a9) C:\Program Files\Common Files\Motive\McciCMService.exe
21:21:14.0717 5504 McciCMService64 - ok
21:21:14.0789 5504 McComponentHostService (fd3ad5e1ecdaa94a89d6697f5c5465d6) C:\Program Files (x86)\McAfee Security Scan\2.1.121\McCHSvc.exe
21:21:14.0792 5504 McComponentHostService - ok
21:21:14.0845 5504 McShield (683d79595af56b4b987ffc898c83c575) C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\McShield.exe
21:21:14.0847 5504 McShield - ok
21:21:14.0869 5504 McTaskManager (f3d4f5a7a672d97f6357644d80280a8d) C:\Program Files (x86)\McAfee\VirusScan Enterprise\VsTskMgr.exe
21:21:14.0871 5504 McTaskManager - ok
21:21:15.0001 5504 Mcx2Svc (76a58df02bd4ea29f189b82d0bef17f8) C:\Windows\system32\Mcx2Svc.dll
21:21:15.0010 5504 Mcx2Svc - ok
21:21:15.0051 5504 megasas (5c5cd6aaced32fb26c3fb34b3dcf972f) C:\Windows\system32\drivers\megasas.sys
21:21:15.0053 5504 megasas - ok
21:21:15.0098 5504 MegaSR (859bc2436b076c77c159ed694acfe8f8) C:\Windows\system32\drivers\megasr.sys
21:21:15.0103 5504 MegaSR - ok
21:21:15.0143 5504 mfeapfk (4dea3f2dc347dea7cb4535680c0e03f1) C:\Windows\system32\drivers\mfeapfk.sys
21:21:15.0145 5504 mfeapfk - ok
21:21:15.0175 5504 mfeavfk (e555fed8762cbee0a91c47450f81654e) C:\Windows\system32\drivers\mfeavfk.sys
21:21:15.0177 5504 mfeavfk - ok
21:21:15.0227 5504 mfehidk (f3ce7173922b89cfa909695a489a0e9e) C:\Windows\system32\drivers\mfehidk.sys
21:21:15.0233 5504 mfehidk - ok
21:21:15.0255 5504 mferkdet (a4f8465b956571ab296eb70c167754db) C:\Windows\system32\drivers\mferkdet.sys
21:21:15.0269 5504 mferkdet - ok
21:21:15.0307 5504 mfetdik (4339aee8f042ecb4292cd36d84a7cc2f) C:\Windows\system32\drivers\mfetdik.sys
21:21:15.0309 5504 mfetdik - ok
21:21:15.0324 5504 mfevtp (dbeb6c9c637703c51356f5a1c932ff51) C:\Windows\system32\mfevtps.exe
21:21:15.0328 5504 mfevtp - ok
21:21:15.0368 5504 MMCSS (3cbe4995e80e13ccfbc42e5dcf3ac81a) C:\Windows\system32\mmcss.dll
21:21:15.0370 5504 MMCSS - ok
21:21:15.0394 5504 Modem (59848d5cc74606f0ee7557983bb73c2e) C:\Windows\system32\drivers\modem.sys
21:21:15.0396 5504 Modem - ok
21:21:15.0485 5504 monitor (c247cc2a57e0a0c8c6dccf7807b3e9e5) C:\Windows\system32\DRIVERS\monitor.sys
21:21:15.0487 5504 monitor - ok
21:21:15.0522 5504 mouclass (9367304e5e412b120cf5f4ea14e4e4f1) C:\Windows\system32\DRIVERS\mouclass.sys
21:21:15.0524 5504 mouclass - ok
21:21:15.0532 5504 mouhid (c2c2bd5c5ce5aaf786ddd74b75d2ac69) C:\Windows\system32\DRIVERS\mouhid.sys
21:21:15.0533 5504 mouhid - ok
21:21:15.0557 5504 MountMgr (11bc9b1e8801b01f7f6adb9ead30019b) C:\Windows\system32\drivers\mountmgr.sys
21:21:15.0559 5504 MountMgr - ok
21:21:15.0620 5504 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:21:15.0673 5504 MozillaMaintenance - ok
21:21:15.0707 5504 mpio (f8276eb8698142884498a528dfea8478) C:\Windows\system32\drivers\mpio.sys
21:21:15.0709 5504 mpio - ok
21:21:15.0733 5504 mpsdrv (c92b9abdb65a5991e00c28f13491dba2) C:\Windows\system32\drivers\mpsdrv.sys
21:21:15.0735 5504 mpsdrv - ok
21:21:15.0807 5504 MpsSvc (897e3baf68ba406a61682ae39c83900c) C:\Windows\system32\mpssvc.dll
21:21:15.0815 5504 MpsSvc - ok
21:21:15.0848 5504 Mraid35x (3c200630a89ef2c0864d515b7a75802e) C:\Windows\system32\drivers\mraid35x.sys
21:21:15.0849 5504 Mraid35x - ok
21:21:15.0886 5504 MREMP50 (9bd4dcb5412921864a7aacdedfbd1923) C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS
21:21:15.0970 5504 MREMP50 - ok
21:21:15.0997 5504 MRESP50 (07c02c892e8e1a72d6bf35004f0e9c5e) C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS
21:21:16.0084 5504 MRESP50 - ok
21:21:16.0123 5504 MRxDAV (7c1de4aa96dc0c071611f9e7de02a68d) C:\Windows\system32\drivers\mrxdav.sys
21:21:16.0126 5504 MRxDAV - ok
21:21:16.0166 5504 mrxsmb (1485811b320ff8c7edad1caebb1c6c2b) C:\Windows\system32\DRIVERS\mrxsmb.sys
21:21:16.0168 5504 mrxsmb - ok
21:21:16.0223 5504 mrxsmb10 (3b929a60c833fc615fd97fba82bc7632) C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:21:16.0226 5504 mrxsmb10 - ok
21:21:16.0251 5504 mrxsmb20 (c64ab3e1f53b4f5b5bb6d796b2d7bec3) C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:21:16.0253 5504 mrxsmb20 - ok
21:21:16.0294 5504 msahci (aa459f2ab3ab603c357ff117cae3d818) C:\Windows\system32\drivers\msahci.sys
21:21:16.0295 5504 msahci - ok
21:21:16.0340 5504 msdsm (264bbb4aaf312a485f0e44b65a6b7202) C:\Windows\system32\drivers\msdsm.sys
21:21:16.0342 5504 msdsm - ok
21:21:16.0375 5504 MSDTC (7ec02ce772f068ed0beafa3da341a9bc) C:\Windows\System32\msdtc.exe
21:21:16.0378 5504 MSDTC - ok
21:21:16.0412 5504 Msfs (704f59bfc4512d2bb0146aec31b10a7c) C:\Windows\system32\drivers\Msfs.sys
21:21:16.0413 5504 Msfs - ok
21:21:16.0427 5504 msisadrv (00ebc952961664780d43dca157e79b27) C:\Windows\system32\drivers\msisadrv.sys
21:21:16.0428 5504 msisadrv - ok
21:21:16.0458 5504 MSiSCSI (366b0c1f4478b519c181e37d43dcda32) C:\Windows\system32\iscsiexe.dll
21:21:16.0471 5504 MSiSCSI - ok
21:21:16.0484 5504 msiserver - ok
21:21:16.0501 5504 MSKSSRV (0ea73e498f53b96d83dbfca074ad4cf8) C:\Windows\system32\drivers\MSKSSRV.sys
21:21:16.0503 5504 MSKSSRV - ok
21:21:16.0520 5504 MSPCLOCK (52e59b7e992a58e740aa63f57edbae8b) C:\Windows\system32\drivers\MSPCLOCK.sys
21:21:16.0521 5504 MSPCLOCK - ok
21:21:16.0550 5504 MSPQM (49084a75bae043ae02d5b44d02991bb2) C:\Windows\system32\drivers\MSPQM.sys
21:21:16.0551 5504 MSPQM - ok
21:21:16.0635 5504 MsRPC (dc6ccf440cdede4293db41c37a5060a5) C:\Windows\system32\drivers\MsRPC.sys
21:21:16.0638 5504 MsRPC - ok
21:21:16.0724 5504 mssmbios (855796e59df77ea93af46f20155bf55b) C:\Windows\system32\DRIVERS\mssmbios.sys
21:21:16.0726 5504 mssmbios - ok
21:21:16.0742 5504 MSTEE (86d632d75d05d5b7c7c043fa3564ae86) C:\Windows\system32\drivers\MSTEE.sys
21:21:16.0744 5504 MSTEE - ok
21:21:16.0765 5504 Mup (0cc49f78d8aca0877d885f149084e543) C:\Windows\system32\Drivers\mup.sys
21:21:16.0766 5504 Mup - ok
21:21:16.0821 5504 napagent (a5b10c845e7538c60c0f5d87a57cb3f5) C:\Windows\system32\qagentRT.dll
21:21:16.0827 5504 napagent - ok
21:21:16.0874 5504 NativeWifiP (2007b826c4acd94ae32232b41f0842b9) C:\Windows\system32\DRIVERS\nwifi.sys
21:21:16.0877 5504 NativeWifiP - ok
21:21:17.0027 5504 NAVENG (8043d41f881d6ace40b854ad6e32217f) C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Data\Definitions\VirusDefs\20120721.005\ENG64.SYS
21:21:17.0030 5504 NAVENG - ok
21:21:17.0211 5504 NAVEX15 (9a9ab2fc45d701daed465d14980f1305) C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Data\Definitions\VirusDefs\20120721.005\EX64.SYS
21:21:17.0269 5504 NAVEX15 - ok
21:21:17.0443 5504 NDIS (65950e07329fcee8e6516b17c8d0abb6) C:\Windows\system32\drivers\ndis.sys
21:21:17.0450 5504 NDIS - ok
21:21:17.0476 5504 NdisTapi (64df698a425478e321981431ac171334) C:\Windows\system32\DRIVERS\ndistapi.sys
21:21:17.0479 5504 NdisTapi - ok
21:21:17.0487 5504 Ndisuio (8baa43196d7b5bb972c9a6b2bbf61a19) C:\Windows\system32\DRIVERS\ndisuio.sys
21:21:17.0488 5504 Ndisuio - ok
21:21:17.0540 5504 NdisWan (f8158771905260982ce724076419ef19) C:\Windows\system32\DRIVERS\ndiswan.sys
21:21:17.0543 5504 NdisWan - ok
21:21:17.0569 5504 NDProxy (9cb77ed7cb72850253e973a2d6afdf49) C:\Windows\system32\drivers\NDProxy.sys
21:21:17.0572 5504 NDProxy - ok
21:21:17.0635 5504 NetBIOS (a499294f5029a7862adc115bda7371ce) C:\Windows\system32\DRIVERS\netbios.sys
21:21:17.0637 5504 NetBIOS - ok
21:21:17.0682 5504 netbt (fc2c792ebddc8e28df939d6a92c83d61) C:\Windows\system32\DRIVERS\netbt.sys
21:21:17.0685 5504 netbt - ok
21:21:17.0740 5504 Netlogon (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
21:21:17.0742 5504 Netlogon - ok
21:21:17.0794 5504 Netman (9b63b29defc0f3115a559d2597bf5d75) C:\Windows\System32\netman.dll
21:21:17.0809 5504 Netman - ok
21:21:17.0846 5504 netprofm (7846d0136cc2b264926a73047ba7688a) C:\Windows\System32\netprofm.dll
21:21:17.0851 5504 netprofm - ok
21:21:17.0917 5504 NetTcpPortSharing (74751dda198165947fd7454d83f49825) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:21:17.0926 5504 NetTcpPortSharing - ok
21:21:18.0187 5504 NETw3v64 (c86984aee87900c1eeb6942ede3bf4b6) C:\Windows\system32\DRIVERS\NETw3v64.sys
21:21:18.0217 5504 NETw3v64 - ok
21:21:18.0324 5504 nfrd960 (4ac08bd6af2df42e0c3196d826c8aea7) C:\Windows\system32\drivers\nfrd960.sys
21:21:18.0326 5504 nfrd960 - ok
21:21:18.0368 5504 NlaSvc (f145bf4c4668e7e312069f81ef847cfc) C:\Windows\System32\nlasvc.dll
21:21:18.0375 5504 NlaSvc - ok
21:21:18.0405 5504 Npfs (b298874f8e0ea93f06ec40aa8d146478) C:\Windows\system32\drivers\Npfs.sys
21:21:18.0407 5504 Npfs - ok
21:21:18.0430 5504 nsi (acb62baa1c319b17752553df3026eeeb) C:\Windows\system32\nsisvc.dll
21:21:18.0433 5504 nsi - ok
21:21:18.0465 5504 nsiproxy (1523af19ee8b030ba682f7a53537eaeb) C:\Windows\system32\drivers\nsiproxy.sys
21:21:18.0466 5504 nsiproxy - ok
21:21:18.0613 5504 Ntfs (bac869dfb98e499ba4d9bb1fb43270e1) C:\Windows\system32\drivers\Ntfs.sys
21:21:18.0673 5504 Ntfs - ok
21:21:18.0771 5504 Null (dd5d684975352b85b52e3fd5347c20cb) C:\Windows\system32\drivers\Null.sys
21:21:18.0772 5504 Null - ok
21:21:18.0795 5504 nvraid (2c040b7ada5b06f6facadac8514aa034) C:\Windows\system32\drivers\nvraid.sys
21:21:18.0797 5504 nvraid - ok
21:21:18.0818 5504 nvstor (f7ea0fe82842d05eda3efdd376dbfdba) C:\Windows\system32\drivers\nvstor.sys
21:21:18.0819 5504 nvstor - ok
21:21:18.0849 5504 nv_agp (19067ca93075ef4823e3938a686f532f) C:\Windows\system32\drivers\nv_agp.sys
21:21:18.0852 5504 nv_agp - ok
21:21:18.0859 5504 NwlnkFlt - ok
21:21:18.0872 5504 NwlnkFwd - ok
21:21:18.0996 5504 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
21:21:19.0011 5504 odserv - ok
21:21:19.0032 5504 ohci1394 (1b30103fde512915a9214b108b6e7a9c) C:\Windows\system32\DRIVERS\ohci1394.sys
21:21:19.0034 5504 ohci1394 - ok
21:21:19.0077 5504 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:21:19.0169 5504 ose - ok
21:21:19.0276 5504 p2pimsvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
21:21:19.0286 5504 p2pimsvc - ok
21:21:19.0301 5504 p2psvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
21:21:19.0311 5504 p2psvc - ok
21:21:19.0351 5504 Parport (aecd57f94c887f58919f307c35498ea0) C:\Windows\system32\drivers\parport.sys
21:21:19.0353 5504 Parport - ok
21:21:19.0383 5504 partmgr (b43751085e2abe389da466bc62a4b987) C:\Windows\system32\drivers\partmgr.sys
21:21:19.0385 5504 partmgr - ok
21:21:19.0412 5504 PcaSvc (9ab157b374192ff276c1628fbdba2b0e) C:\Windows\System32\pcasvc.dll
21:21:19.0419 5504 PcaSvc - ok
21:21:19.0467 5504 pci (47ab1e0fc9d0e12bb53ba246e3a0906d) C:\Windows\system32\drivers\pci.sys
21:21:19.0471 5504 pci - ok
21:21:19.0497 5504 pciide (15e5c3f89a3452efbda3b39816dbc4ee) C:\Windows\system32\drivers\pciide.sys
21:21:19.0499 5504 pciide - ok
21:21:19.0531 5504 pcmcia (037661f3d7c507c9993b7010ceee6288) C:\Windows\system32\drivers\pcmcia.sys
21:21:19.0535 5504 pcmcia - ok
21:21:19.0618 5504 PEAUTH (58865916f53592a61549b04941bfd80d) C:\Windows\system32\drivers\peauth.sys
21:21:19.0640 5504 PEAUTH - ok
21:21:19.0722 5504 PerfHost (0ed8727ea0172860f47258456c06caea) C:\Windows\SysWow64\perfhost.exe
21:21:19.0724 5504 PerfHost - ok
21:21:19.0878 5504 pla (e9e68c1a0f25cf4a7ac966eea74ee89e) C:\Windows\system32\pla.dll
21:21:19.0894 5504 pla - ok
21:21:19.0948 5504 PlugPlay (fe6b0f59215c9fd9f9d26539c58c8b82) C:\Windows\system32\umpnpmgr.dll
21:21:19.0954 5504 PlugPlay - ok
21:21:20.0056 5504 PNRPAutoReg (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
21:21:20.0066 5504 PNRPAutoReg - ok
21:21:20.0087 5504 PNRPsvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
21:21:20.0100 5504 PNRPsvc - ok
21:21:20.0221 5504 PolicyAgent (89a5560671c2d8b4a4b51f3e1aa069d8) C:\Windows\System32\ipsecsvc.dll
21:21:20.0228 5504 PolicyAgent - ok
21:21:20.0303 5504 PptpMiniport (23386e9952025f5f21c368971e2e7301) C:\Windows\system32\DRIVERS\raspptp.sys
21:21:20.0306 5504 PptpMiniport - ok
21:21:20.0335 5504 Processor (5080e59ecee0bc923f14018803aa7a01) C:\Windows\system32\drivers\processr.sys
21:21:20.0337 5504 Processor - ok
21:21:20.0369 5504 ProfSvc (e058ce4fc2449d8bfa14739c83b7ff2a) C:\Windows\system32\profsvc.dll
21:21:20.0375 5504 ProfSvc - ok
21:21:20.0412 5504 ProtectedStorage (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
21:21:20.0414 5504 ProtectedStorage - ok
21:21:20.0462 5504 PSched (c5ab7f0809392d0da027f4a2a81bfa31) C:\Windows\system32\DRIVERS\pacer.sys
21:21:20.0464 5504 PSched - ok
21:21:20.0567 5504 ql2300 (0b83f4e681062f3839be2ec1d98fd94a) C:\Windows\system32\drivers\ql2300.sys
21:21:20.0579 5504 ql2300 - ok
21:21:20.0625 5504 ql40xx (e1c80f8d4d1e39ef9595809c1369bf2a) C:\Windows\system32\drivers\ql40xx.sys
21:21:20.0628 5504 ql40xx - ok
21:21:20.0686 5504 QWAVE (90574842c3da781e279061a3eff91f07) C:\Windows\system32\qwave.dll
21:21:20.0692 5504 QWAVE - ok
21:21:20.0710 5504 QWAVEdrv (e8d76edab77ec9c634c27b8eac33adc5) C:\Windows\system32\drivers\qwavedrv.sys
21:21:20.0711 5504 QWAVEdrv - ok
21:21:20.0727 5504 RasAcd (1013b3b663a56d3ddd784f581c1bd005) C:\Windows\system32\DRIVERS\rasacd.sys
21:21:20.0728 5504 RasAcd - ok
21:21:20.0750 5504 RasAuto (b2ae18f847d07f0044404ddf7cb04497) C:\Windows\System32\rasauto.dll
21:21:20.0754 5504 RasAuto - ok
21:21:20.0816 5504 Rasl2tp (ac7bc4d42a7e558718dfdec599bbfc2c) C:\Windows\system32\DRIVERS\rasl2tp.sys
21:21:20.0818 5504 Rasl2tp - ok
21:21:20.0855 5504 RasMan (3ad83e4046c43be510de681588acb8af) C:\Windows\System32\rasmans.dll
21:21:20.0872 5504 RasMan - ok
21:21:20.0903 5504 RasPppoe (4517fbf8b42524afe4ede1de102aae3e) C:\Windows\system32\DRIVERS\raspppoe.sys
21:21:20.0905 5504 RasPppoe - ok
21:21:20.0947 5504 RasSstp (c6a593b51f34c33e5474539544072527) C:\Windows\system32\DRIVERS\rassstp.sys
21:21:20.0949 5504 RasSstp - ok
21:21:21.0004 5504 rdbss (322db5c6b55e8d8ee8d6f358b2aaabb1) C:\Windows\system32\DRIVERS\rdbss.sys
21:21:21.0009 5504 rdbss - ok
21:21:21.0028 5504 RDPCDD (603900cc05f6be65ccbf373800af3716) C:\Windows\system32\DRIVERS\RDPCDD.sys
21:21:21.0029 5504 RDPCDD - ok
21:21:21.0095 5504 rdpdr (c045d1fb111c28df0d1be8d4bda22c06) C:\Windows\system32\drivers\rdpdr.sys
21:21:21.0098 5504 rdpdr - ok
21:21:21.0107 5504 RDPENCDD (cab9421daf3d97b33d0d055858e2c3ab) C:\Windows\system32\drivers\rdpencdd.sys
21:21:21.0108 5504 RDPENCDD - ok
21:21:21.0167 5504 RDPWD (ae4bd9e1c33d351d8e607fc81f15160c) C:\Windows\system32\drivers\RDPWD.sys
21:21:21.0170 5504 RDPWD - ok
21:21:21.0267 5504 Recovery Service for Windows (0d362785bef9bdf5a6e1f4628d06716d) C:\Program Files (x86)\SMINST\BLService.exe
21:21:21.0271 5504 Recovery Service for Windows - ok
21:21:21.0325 5504 RemoteAccess (c612b9557da73f70d41f8a6fbc8e5344) C:\Windows\System32\mprdim.dll
21:21:21.0335 5504 RemoteAccess - ok
21:21:21.0375 5504 RemoteRegistry (44b9d8ec2f3ef3a0efb00857af70d861) C:\Windows\system32\regsvc.dll
21:21:21.0380 5504 RemoteRegistry - ok
21:21:21.0425 5504 RFCOMM (cd71e053d7260e4102d99a28f9196070) C:\Windows\system32\DRIVERS\rfcomm.sys
21:21:21.0428 5504 RFCOMM - ok
21:21:21.0498 5504 RichVideo (805ae1f90c64758d19aaa001cf8cba12) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
21:21:21.0501 5504 RichVideo - ok
21:21:21.0537 5504 RpcLocator (f46c457840d4b7a4daafee739ce04102) C:\Windows\system32\locator.exe
21:21:21.0539 5504 RpcLocator - ok
21:21:21.0628 5504 RpcSs (cf8b9a3a5e7dc57724a89d0c3e8cf9ef) C:\Windows\system32\rpcss.dll
21:21:21.0637 5504 RpcSs - ok
21:21:21.0669 5504 rspndr (22a9cb08b1a6707c1550c6bf099aae73) C:\Windows\system32\DRIVERS\rspndr.sys
21:21:21.0671 5504 rspndr - ok
21:21:21.0713 5504 RTL8169 (8b91737da75add21cb1554b38089196a) C:\Windows\system32\DRIVERS\Rtlh64.sys
21:21:21.0715 5504 RTL8169 - ok
21:21:21.0743 5504 RTSTOR (aa3987386cf7d9005c42bc974634bd56) C:\Windows\system32\drivers\RTSTOR64.SYS
21:21:21.0745 5504 RTSTOR - ok
21:21:21.0779 5504 SamSs (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
21:21:21.0781 5504 SamSs - ok
21:21:21.0826 5504 sbp2port (cd9c693589c60ad59bbbcfb0e524e01b) C:\Windows\system32\drivers\sbp2port.sys
21:21:21.0828 5504 sbp2port - ok
21:21:21.0868 5504 SCardSvr (fd1cdcf108d5ef3366f00d18b70fb89b) C:\Windows\System32\SCardSvr.dll
21:21:21.0873 5504 SCardSvr - ok
21:21:21.0975 5504 Schedule (0f838c811ad295d2a4489b9993096c63) C:\Windows\system32\schedsvc.dll
21:21:21.0986 5504 Schedule - ok
21:21:22.0011 5504 SCPolicySvc (5a268127633c7ee2a7fb87f39d748d56) C:\Windows\System32\certprop.dll
21:21:22.0013 5504 SCPolicySvc - ok
21:21:22.0046 5504 sdbus (b42ee50f7d24f837f925332eb349eca5) C:\Windows\system32\DRIVERS\sdbus.sys
21:21:22.0048 5504 sdbus - ok
21:21:22.0088 5504 SDRSVC (4ff71b076a7760fe75ea5ae2d0ee0018) C:\Windows\System32\SDRSVC.dll
21:21:22.0092 5504 SDRSVC - ok
21:21:22.0252 5504 SDScannerService (43d29ecb8137eeae30b0970bbc7a5500) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
21:21:22.0264 5504 SDScannerService - ok
21:21:22.0392 5504 SDUpdateService (6b859b122e85c2c833e6d8c5dc4b07f3) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
21:21:22.0406 5504 SDUpdateService - ok
21:21:22.0456 5504 SDWSCService (59dce6783f9ed27eb72c81466e363bf8) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
21:21:22.0459 5504 SDWSCService - ok
21:21:22.0590 5504 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
21:21:22.0592 5504 secdrv - ok
21:21:22.0629 5504 seclogon (5acdcbc67fcf894a1815b9f96d704490) C:\Windows\system32\seclogon.dll
21:21:22.0633 5504 seclogon - ok
21:21:22.0669 5504 SENS (90973a64b96cd647ff81c79443618eed) C:\Windows\System32\sens.dll
21:21:22.0673 5504 SENS - ok
21:21:22.0745 5504 SepMasterService (74885bdff62e537f268ebf8e8cec24bb) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin\ccSvcHst.exe
21:21:22.0748 5504 SepMasterService - ok
21:21:22.0800 5504 Serenum (f71bfe7ac6c52273b7c82cbf1bb2a222) C:\Windows\system32\drivers\serenum.sys
21:21:22.0801 5504 Serenum - ok
21:21:22.0831 5504 Serial (e62fac91ee288db29a9696a9d279929c) C:\Windows\system32\drivers\serial.sys
21:21:22.0833 5504 Serial - ok
21:21:22.0857 5504 sermouse (a842f04833684bceea7336211be478df) C:\Windows\system32\drivers\sermouse.sys
21:21:22.0858 5504 sermouse - ok
21:21:22.0910 5504 SessionEnv (a8e4a4407a09f35dccc3771af590b0c4) C:\Windows\system32\sessenv.dll
21:21:22.0915 5504 SessionEnv - ok
21:21:22.0940 5504 sffdisk (14d4b4465193a87c127933978e8c4106) C:\Windows\system32\drivers\sffdisk.sys
21:21:22.0942 5504 sffdisk - ok
21:21:22.0973 5504 sffp_mmc (7073aee3f82f3d598e3825962aa98ab2) C:\Windows\system32\drivers\sffp_mmc.sys
21:21:22.0974 5504 sffp_mmc - ok
21:21:22.0992 5504 sffp_sd (35e59ebe4a01a0532ed67975161c7b82) C:\Windows\system32\drivers\sffp_sd.sys
21:21:22.0994 5504 sffp_sd - ok
21:21:23.0038 5504 sfloppy (6b7838c94135768bd455cbdc23e39e5f) C:\Windows\system32\drivers\sfloppy.sys
21:21:23.0040 5504 sfloppy - ok
21:21:23.0102 5504 SharedAccess (4c5aee179da7e1ee9a9ccb9da289af34) C:\Windows\System32\ipnathlp.dll
21:21:23.0126 5504 SharedAccess - ok
21:21:23.0220 5504 ShellHWDetection (56793271ecdedd350c5add305603e963) C:\Windows\System32\shsvcs.dll
21:21:23.0225 5504 ShellHWDetection - ok
21:21:23.0284 5504 SiSRaid2 (7a5de502aeb719d4594c6471060a78b3) C:\Windows\system32\drivers\sisraid2.sys
21:21:23.0286 5504 SiSRaid2 - ok
21:21:23.0336 5504 SiSRaid4 (3a2f769fab9582bc720e11ea1dfb184d) C:\Windows\system32\drivers\sisraid4.sys
21:21:23.0339 5504 SiSRaid4 - ok
21:21:23.0553 5504 slsvc (a9a27a8e257b45a604fdad4f26fe7241) C:\Windows\system32\SLsvc.exe
21:21:23.0581 5504 slsvc - ok
21:21:23.0695 5504 SLUINotify (fd74b4b7c2088e390a30c85a896fc3af) C:\Windows\system32\SLUINotify.dll
21:21:23.0699 5504 SLUINotify - ok
21:21:23.0765 5504 Smb (290b6f6a0ec4fcdfc90f5cb6d7020473) C:\Windows\system32\DRIVERS\smb.sys
21:21:23.0767 5504 Smb - ok
21:21:24.0009 5504 SmcService (b8ef6f1fafbe89e24e152907605e7a25) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin64\Smc.exe
21:21:24.0058 5504 SmcService - ok
21:21:24.0116 5504 SNAC (89733dcc3817455fbc3ab4a3c19ee765) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin64\snac64.exe
21:21:24.0122 5504 SNAC - ok
21:21:24.0256 5504 SNMPTRAP (f8f47f38909823b1af28d60b96340cff) C:\Windows\System32\snmptrap.exe
21:21:24.0260 5504 SNMPTRAP - ok
21:21:24.0325 5504 spldr (386c3c63f00a7040c7ec5e384217e89d) C:\Windows\system32\drivers\spldr.sys
21:21:24.0326 5504 spldr - ok
21:21:24.0380 5504 Spooler (f66ff751e7efc816d266977939ef5dc3) C:\Windows\System32\spoolsv.exe
21:21:24.0385 5504 Spooler - ok
21:21:24.0484 5504 SRTSP (48fd53fed3c81726001e438a2201e9ff) C:\Windows\system32\Drivers\SEP\0C0103E8\009D.105\x64\SRTSP64.SYS
21:21:24.0491 5504 SRTSP - ok
21:21:24.0527 5504 SRTSPX (63199a936d9bdea578dfb8f5e9a40095) C:\Windows\system32\Drivers\SEP\0C0103E8\009D.105\x64\SRTSPX64.SYS
21:21:24.0612 5504 SRTSPX - ok
21:21:24.0675 5504 srv (880a57fccb571ebd063d4dd50e93e46d) C:\Windows\system32\DRIVERS\srv.sys
21:21:24.0679 5504 srv - ok
21:21:24.0724 5504 srv2 (a1ad14a6d7a37891fffeca35ebbb0730) C:\Windows\system32\DRIVERS\srv2.sys
21:21:24.0727 5504 srv2 - ok
21:21:24.0761 5504 srvnet (4bed62f4fa4d8300973f1151f4c4d8a7) C:\Windows\system32\DRIVERS\srvnet.sys
21:21:24.0765 5504 srvnet - ok
21:21:24.0799 5504 sscebus (f74634f46692c8315e7f37f698af3225) C:\Windows\system32\DRIVERS\sscebus.sys
21:21:24.0803 5504 sscebus - ok
21:21:24.0836 5504 sscemdfl (82732b391efd69b0548044be9cb37bfc) C:\Windows\system32\DRIVERS\sscemdfl.sys
21:21:24.0838 5504 sscemdfl - ok
21:21:24.0871 5504 sscemdm (43d56ace4469d90f9790e8352d87d9b5) C:\Windows\system32\DRIVERS\sscemdm.sys
21:21:24.0875 5504 sscemdm - ok
21:21:24.0956 5504 SSDPSRV (192c74646ec5725aef3f80d19ff75f6a) C:\Windows\System32\ssdpsrv.dll
21:21:24.0963 5504 SSDPSRV - ok
21:21:24.0988 5504 SstpSvc (2ee3fa0308e6185ba64a9a7f2e74332b) C:\Windows\system32\sstpsvc.dll
21:21:24.0996 5504 SstpSvc - ok
21:21:25.0104 5504 STacSV (a400c503b256cd7c8289b2a943370415) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_1e90062d\STacSV64.exe
21:21:25.0107 5504 STacSV - ok
21:21:25.0170 5504 STHDA (0c2bf91cdc0575f5713a4d2d5118bc06) C:\Windows\system32\DRIVERS\stwrt64.sys
21:21:25.0190 5504 STHDA - ok
21:21:25.0278 5504 stisvc (15825c1fbfb8779992cb65087f316af5) C:\Windows\System32\wiaservc.dll
21:21:25.0287 5504 stisvc - ok
21:21:25.0319 5504 swenum (8a851ca908b8b974f89c50d2e18d4f0c) C:\Windows\system32\DRIVERS\swenum.sys
21:21:25.0320 5504 swenum - ok
21:21:25.0393 5504 swprv (6de37f4de19d4efd9c48c43addbc949a) C:\Windows\System32\swprv.dll
21:21:25.0417 5504 swprv - ok
21:21:25.0513 5504 SyDvCtrl (c6ee00b4ca36cc1e48a323a75e5881ce) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin64\SyDvCtrl64.sys
21:21:25.0514 5504 SyDvCtrl - ok
21:21:25.0548 5504 Symc8xx (2f26a2c6fc96b29beff5d8ed74e6625b) C:\Windows\system32\drivers\symc8xx.sys
21:21:25.0555 5504 Symc8xx - ok
21:21:25.0619 5504 SymDS (f017987b177f7bbc989318d59309d091) C:\Windows\system32\Drivers\SEP\0C0103E8\009D.105\x64\SYMDS64.SYS
21:21:25.0729 5504 SymDS - ok
21:21:25.0814 5504 SymEFA (e7f25d768ee0cdf69d8b752398c262bb) C:\Windows\system32\Drivers\SEP\0C0103E8\009D.105\x64\SYMEFA64.SYS
21:21:25.0945 5504 SymEFA - ok
21:21:25.0979 5504 SymEvent (36b77f5c9e21f88a8c8ec67ad5415819) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
21:21:25.0981 5504 SymEvent - ok
21:21:26.0044 5504 SymIRON (1611fa7a95a48387df22757fa81b46a9) C:\Windows\system32\Drivers\SEP\0C0103E8\009D.105\x64\Ironx64.SYS
21:21:26.0130 5504 SymIRON - ok
21:21:26.0177 5504 SYMTDIV (5d705fb09a9f0edd42a8a6a75e5edfee) C:\Windows\system32\Drivers\SEP\0C0103E8\009D.105\x64\SYMTDIV.SYS
21:21:26.0283 5504 SYMTDIV - ok
21:21:26.0312 5504 Sym_hi (a909667976d3bccd1df813fed517d837) C:\Windows\system32\drivers\sym_hi.sys
21:21:26.0313 5504 Sym_hi - ok
21:21:26.0340 5504 Sym_u3 (36887b56ec2d98b9c362f6ae4de5b7b0) C:\Windows\system32\drivers\sym_u3.sys
21:21:26.0341 5504 Sym_u3 - ok
21:21:26.0398 5504 SynTP (5790d18b440fb13583308bfae5f13fea) C:\Windows\system32\DRIVERS\SynTP.sys
21:21:26.0402 5504 SynTP - ok
21:21:26.0508 5504 SysMain (92d7a8b0f87b036f17d25885937897a6) C:\Windows\system32\sysmain.dll
21:21:26.0533 5504 SysMain - ok
21:21:26.0579 5504 SysPlant (3beab2de5688f3635a8ecd7c75562f43) C:\Windows\system32\Drivers\SysPlant.sys
21:21:26.0654 5504 SysPlant - ok
21:21:26.0698 5504 TabletInputService (005ce42567f9113a3bccb3b20073b029) C:\Windows\System32\TabSvc.dll
21:21:26.0702 5504 TabletInputService - ok
21:21:26.0761 5504 TapiSrv (cc2562b4d55e0b6a4758c65407f63b79) C:\Windows\System32\tapisrv.dll
21:21:26.0784 5504 TapiSrv - ok
21:21:26.0803 5504 TBS (cdbe8d7c1e201b911cdc346d06617fb5) C:\Windows\System32\tbssvc.dll
21:21:26.0807 5504 TBS - ok
21:21:26.0952 5504 Tcpip (46d448e9117464e4d3bbf36d7e3fa48e) C:\Windows\system32\drivers\tcpip.sys
21:21:26.0973 5504 Tcpip - ok
21:21:27.0194 5504 Tcpip6 (46d448e9117464e4d3bbf36d7e3fa48e) C:\Windows\system32\DRIVERS\tcpip.sys
21:21:27.0208 5504 Tcpip6 - ok
21:21:27.0312 5504 tcpipreg (c7e72a4071ee0200e3c075dacfb2b334) C:\Windows\system32\drivers\tcpipreg.sys
21:21:27.0314 5504 tcpipreg - ok
21:21:27.0353 5504 TDPIPE (1d8bf4aaa5fb7a2761475781dc1195bc) C:\Windows\system32\drivers\tdpipe.sys
21:21:27.0354 5504 TDPIPE - ok
21:21:27.0380 5504 TDTCP (7f7e00cdf609df657f4cda02dd1c9bb1) C:\Windows\system32\drivers\tdtcp.sys
21:21:27.0382 5504 TDTCP - ok
21:21:27.0426 5504 tdx (458919c8c42e398dc4802178d5ffee27) C:\Windows\system32\DRIVERS\tdx.sys
21:21:27.0427 5504 tdx - ok
21:21:27.0460 5504 Teefer2 (7dd4f26f73efe8e0817e18d1d1b9b18a) C:\Windows\system32\DRIVERS\Teefer.sys
21:21:27.0462 5504 Teefer2 - ok
21:21:27.0493 5504 TermDD (8c19678d22649ec002ef2282eae92f98) C:\Windows\system32\DRIVERS\termdd.sys
21:21:27.0495 5504 TermDD - ok
21:21:27.0573 5504 TermService (5cdd30bc217082dac71a9878d9bfd566) C:\Windows\System32\termsrv.dll
21:21:27.0591 5504 TermService - ok
21:21:27.0628 5504 TFsExDisk (48d9d00c2e0e72c3d4f52772c80355f6) C:\Windows\System32\Drivers\TFsExDisk.sys
21:21:27.0630 5504 TFsExDisk - ok
21:21:27.0687 5504 Themes (56793271ecdedd350c5add305603e963) C:\Windows\system32\shsvcs.dll
21:21:27.0700 5504 Themes - ok
21:21:27.0737 5504 THREADORDER (3cbe4995e80e13ccfbc42e5dcf3ac81a) C:\Windows\system32\mmcss.dll
21:21:27.0739 5504 THREADORDER - ok
21:21:27.0787 5504 TrkWks (f4689f05af472a651a7b1b7b02d200e7) C:\Windows\System32\trkwks.dll
21:21:27.0791 5504 TrkWks - ok
21:21:27.0843 5504 TrustedInstaller (66328b08ef5a9305d8ede36b93930369) C:\Windows\servicing\TrustedInstaller.exe
21:21:27.0844 5504 TrustedInstaller - ok
21:21:27.0886 5504 tssecsrv (9e5409cd17c8bef193aad498f3bc2cb8) C:\Windows\system32\DRIVERS\tssecsrv.sys
21:21:27.0887 5504 tssecsrv - ok
21:21:27.0910 5504 tunmp (89ec74a9e602d16a75a4170511029b3c) C:\Windows\system32\DRIVERS\tunmp.sys
21:21:27.0912 5504 tunmp - ok
21:21:27.0950 5504 tunnel (30a9b3f45ad081bffc3bcaa9c812b609) C:\Windows\system32\DRIVERS\tunnel.sys
21:21:27.0951 5504 tunnel - ok
21:21:28.0081 5504 TVCapSvc (4bc24ad1af866eb21c09d837a8a017e7) C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
21:21:28.0086 5504 TVCapSvc - ok
21:21:28.0117 5504 TVSched (56196a4fd34a9985ab93531dcdc07dcb) C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
21:21:28.0119 5504 TVSched - ok
21:21:28.0152 5504 uagp35 (fec266ef401966311744bd0f359f7f56) C:\Windows\system32\drivers\uagp35.sys
21:21:28.0154 5504 uagp35 - ok
21:21:28.0219 5504 udfs (faf2640a2a76ed03d449e443194c4c34) C:\Windows\system32\DRIVERS\udfs.sys
21:21:28.0246 5504 udfs - ok
21:21:28.0295 5504 UI0Detect (060507c4113391394478f6953a79eedc) C:\Windows\system32\UI0Detect.exe
21:21:28.0299 5504 UI0Detect - ok
21:21:28.0333 5504 uliagpkx (4ec9447ac3ab462647f60e547208ca00) C:\Windows\system32\drivers\uliagpkx.sys
21:21:28.0335 5504 uliagpkx - ok
21:21:28.0406 5504 uliahci (697f0446134cdc8f99e69306184fbbb4) C:\Windows\system32\drivers\uliahci.sys
21:21:28.0410 5504 uliahci - ok
21:21:28.0438 5504 UlSata (31707f09846056651ea2c37858f5ddb0) C:\Windows\system32\drivers\ulsata.sys
21:21:28.0442 5504 UlSata - ok
21:21:28.0468 5504 ulsata2 (85e5e43ed5b48c8376281bab519271b7) C:\Windows\system32\drivers\ulsata2.sys
21:21:28.0472 5504 ulsata2 - ok
21:21:28.0494 5504 umbus (46e9a994c4fed537dd951f60b86ad3f4) C:\Windows\system32\DRIVERS\umbus.sys
21:21:28.0495 5504 umbus - ok
21:21:28.0545 5504 upnphost (7093799ff80e9deca0680d2e3535be60) C:\Windows\System32\upnphost.dll
21:21:28.0551 5504 upnphost - ok
21:21:28.0601 5504 usbccgp (07e3498fc60834219d2356293da0fecc) C:\Windows\system32\DRIVERS\usbccgp.sys
21:21:28.0604 5504 usbccgp - ok
21:21:28.0640 5504 USBCCID (f8e1cb9b8da037219953190cd2aca358) C:\Windows\system32\DRIVERS\usbccid.sys
21:21:28.0642 5504 USBCCID - ok
21:21:28.0681 5504 usbcir (9247f7e0b65852c1f6631480984d6ed2) C:\Windows\system32\drivers\usbcir.sys
21:21:28.0683 5504 usbcir - ok
21:21:28.0728 5504 usbehci (827e44de934a736ea31e91d353eb126f) C:\Windows\system32\DRIVERS\usbehci.sys
21:21:28.0730 5504 usbehci - ok
21:21:28.0765 5504 usbhub (bb35cd80a2ececfadc73569b3d70c7d1) C:\Windows\system32\DRIVERS\usbhub.sys
21:21:28.0771 5504 usbhub - ok
21:21:28.0802 5504 usbohci (eba14ef0c07cec233f1529c698d0d154) C:\Windows\system32\drivers\usbohci.sys
21:21:28.0804 5504 usbohci - ok
21:21:28.0841 5504 usbprint (acfee697af477021bb3ec78c5431fed2) C:\Windows\system32\drivers\usbprint.sys
21:21:28.0842 5504 usbprint - ok
21:21:28.0880 5504 USBSTOR (b854c1558fca0c269a38663e8b59b581) C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:21:28.0883 5504 USBSTOR - ok
21:21:28.0899 5504 usbuhci (b2872cbf9f47316abd0e0c74a1aba507) C:\Windows\system32\DRIVERS\usbuhci.sys
21:21:28.0901 5504 usbuhci - ok
21:21:28.0935 5504 usbvideo (fc33099877790d51b0927b7039059855) C:\Windows\system32\Drivers\usbvideo.sys
21:21:28.0938 5504 usbvideo - ok
21:21:28.0968 5504 UxSms (d76e231e4850bb3f88a3d9a78df191e3) C:\Windows\System32\uxsms.dll
21:21:28.0972 5504 UxSms - ok
21:21:29.0039 5504 vds (294945381dfa7ce58cecf0a9896af327) C:\Windows\System32\vds.exe
21:21:29.0054 5504 vds - ok
21:21:29.0078 5504 vga (916b94bcf1e09873fff2d5fb11767bbc) C:\Windows\system32\DRIVERS\vgapnp.sys
21:21:29.0080 5504 vga - ok
21:21:29.0098 5504 VgaSave (b83ab16b51feda65dd81b8c59d114d63) C:\Windows\System32\drivers\vga.sys
21:21:29.0099 5504 VgaSave - ok
21:21:29.0132 5504 viaide (4f964e6828156f0ef3fa8d3a9a7895de) C:\Windows\system32\drivers\viaide.sys
21:21:29.0134 5504 viaide - ok
21:21:29.0178 5504 volmgr (2b7e885ed951519a12c450d24535dfca) C:\Windows\system32\drivers\volmgr.sys
21:21:29.0180 5504 volmgr - ok
21:21:29.0236 5504 volmgrx (cec5ac15277d75d9e5dec2e1c6eaf877) C:\Windows\system32\drivers\volmgrx.sys
21:21:29.0246 5504 volmgrx - ok
21:21:29.0424 5504 volsnap (5280aada24ab36b01a84a6424c475c8d) C:\Windows\system32\drivers\volsnap.sys
21:21:29.0427 5504 volsnap - ok
21:21:29.0471 5504 vsmraid (a68f455ed2673835209318dd61bfbb0e) C:\Windows\system32\drivers\vsmraid.sys
21:21:29.0474 5504 vsmraid - ok
21:21:29.0612 5504 VSS (b75232dad33bfd95bf6f0a3e6bff51e1) C:\Windows\system32\vssvc.exe
21:21:29.0640 5504 VSS - ok
21:21:29.0786 5504 W32Time (f14a7de2ea41883e250892e1e5230a9a) C:\Windows\system32\w32time.dll
21:21:29.0792 5504 W32Time - ok
21:21:29.0869 5504 WacomPen (fef8fe5923fead2cee4dfabfce3393a7) C:\Windows\system32\drivers\wacompen.sys
21:21:29.0870 5504 WacomPen - ok
21:21:29.0914 5504 Wanarp (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
21:21:29.0916 5504 Wanarp - ok
21:21:29.0924 5504 Wanarpv6 (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
21:21:29.0927 5504 Wanarpv6 - ok
21:21:29.0995 5504 wcncsvc (b4e4c37d0aa6100090a53213ee2bf1c1) C:\Windows\System32\wcncsvc.dll
21:21:30.0008 5504 wcncsvc - ok
21:21:30.0042 5504 WcsPlugInService (ea4b369560e986f19d93f45a881484ac) C:\Windows\System32\WcsPlugInService.dll
21:21:30.0047 5504 WcsPlugInService - ok
21:21:30.0077 5504 Wd (0c17a0816f65b89e362e682ad5e7266e) C:\Windows\system32\drivers\wd.sys
21:21:30.0084 5504 Wd - ok
21:21:30.0163 5504 Wdf01000 (d02e7e4567da1e7582fbf6a91144b0df) C:\Windows\system32\drivers\Wdf01000.sys
21:21:30.0183 5504 Wdf01000 - ok
21:21:30.0224 5504 WdiServiceHost (c5efda73ebfca8b02a094898de0a9276) C:\Windows\system32\wdi.dll
21:21:30.0229 5504 WdiServiceHost - ok
21:21:30.0238 5504 WdiSystemHost (c5efda73ebfca8b02a094898de0a9276) C:\Windows\system32\wdi.dll
21:21:30.0242 5504 WdiSystemHost - ok
21:21:30.0287 5504 WebClient (3e6d05381cf35f75ebb055544a8ed9ac) C:\Windows\System32\webclnt.dll
21:21:30.0292 5504 WebClient - ok
21:21:30.0346 5504 Wecsvc (8d40bc587993f876658bf9fb0f7d3462) C:\Windows\system32\wecsvc.dll
21:21:30.0351 5504 Wecsvc - ok
21:21:30.0378 5504 wercplsupport (9c980351d7e96288ea0c23ae232bd065) C:\Windows\System32\wercplsupport.dll
21:21:30.0383 5504 wercplsupport - ok
21:21:30.0410 5504 WerSvc (66b9ecebc46683f47edc06333c075fef) C:\Windows\System32\WerSvc.dll
21:21:30.0415 5504 WerSvc - ok
21:21:30.0442 5504 WinDefend - ok
21:21:30.0458 5504 WinHttpAutoProxySvc - ok
21:21:30.0523 5504 Winmgmt (d2e7296ed1bd26d8db2799770c077a02) C:\Windows\system32\wbem\WMIsvc.dll
21:21:30.0525 5504 Winmgmt - ok
21:21:30.0705 5504 WinRM (6cbb0c68f13b9c2ec1b16f5fa5e7c869) C:\Windows\system32\WsmSvc.dll
21:21:30.0767 5504 WinRM - ok
21:21:30.0979 5504 Wlansvc (ec339c8115e91baed835957e9a677f16) C:\Windows\System32\wlansvc.dll
21:21:31.0005 5504 Wlansvc - ok
21:21:31.0063 5504 WmiAcpi (e18aebaaa5a773fe11aa2c70f65320f5) C:\Windows\system32\DRIVERS\wmiacpi.sys
21:21:31.0065 5504 WmiAcpi - ok
21:21:31.0137 5504 wmiApSrv (21fa389e65a852698b6a1341f36ee02d) C:\Windows\system32\wbem\WmiApSrv.exe
21:21:31.0140 5504 wmiApSrv - ok
21:21:31.0185 5504 WMPNetworkSvc - ok
21:21:31.0236 5504 WPCSvc (cbc156c913f099e6680d1df9307db7a8) C:\Windows\System32\wpcsvc.dll
21:21:31.0242 5504 WPCSvc - ok
21:21:31.0284 5504 WPDBusEnum (490a18b4e4d53dc10879deaa8e8b70d9) C:\Windows\system32\wpdbusenum.dll
21:21:31.0291 5504 WPDBusEnum - ok
21:21:31.0330 5504 WpdUsb (5e2401b3fc1089c90e081291357371a9) C:\Windows\system32\DRIVERS\wpdusb.sys
21:21:31.0332 5504 WpdUsb - ok
21:21:31.0497 5504 WPFFontCache_v0400 (991e2c2cf3bc204c2bb2ee1476149e4e) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
21:21:31.0614 5504 WPFFontCache_v0400 - ok
21:21:31.0651 5504 ws2ifsl (8a900348370e359b6bff6a550e4649e1) C:\Windows\system32\drivers\ws2ifsl.sys
21:21:31.0652 5504 ws2ifsl - ok
21:21:31.0683 5504 wscsvc (9ea3e6d0ef7a5c2b9181961052a4b01a) C:\Windows\system32\wscsvc.dll
21:21:31.0687 5504 wscsvc - ok
21:21:31.0697 5504 WSearch - ok
21:21:31.0907 5504 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
21:21:31.0976 5504 wuauserv - ok
21:21:32.0113 5504 WUDFRd (501a65252617b495c0f1832f908d54d8) C:\Windows\system32\DRIVERS\WUDFRd.sys
21:21:32.0115 5504 WUDFRd - ok
21:21:32.0144 5504 wudfsvc (6cbd51ff913c851d56ed9dc7f2a27dde) C:\Windows\System32\WUDFSvc.dll
21:21:32.0148 5504 wudfsvc - ok
21:21:32.0281 5504 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
21:21:32.0287 5504 YahooAUService - ok
21:21:32.0334 5504 yukonx64 (07f7285220307aafb755d890295f0f9a) C:\Windows\system32\DRIVERS\yk60x64.sys
21:21:32.0338 5504 yukonx64 - ok
21:21:32.0409 5504 {55662437-DA8C-40c0-AADA-2C816A897A49} (15cc7077d2dc28776cd430ecabbffd66) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl
21:21:32.0413 5504 {55662437-DA8C-40c0-AADA-2C816A897A49} - ok
21:21:32.0437 5504 MBR (0x1B8) (5c86adec17b739c437e145e3b3fc2e6d) \Device\Harddisk0\DR0
21:21:32.0650 5504 \Device\Harddisk0\DR0 - ok
21:21:32.0655 5504 Boot (0x1200) (245ff49ce7d2551e29ac4bc437d6c76a) \Device\Harddisk0\DR0\Partition0
21:21:32.0657 5504 \Device\Harddisk0\DR0\Partition0 - ok
21:21:32.0663 5504 Boot (0x1200) (c72221536f498c7140c22880616a69ca) \Device\Harddisk0\DR0\Partition1
21:21:32.0665 5504 \Device\Harddisk0\DR0\Partition1 - ok
21:21:32.0666 5504 ============================================================
21:21:32.0666 5504 Scan finished
21:21:32.0666 5504 ============================================================
21:21:32.0687 5316 Detected object count: 0
21:21:32.0688 5316 Actual detected object count: 0
21:22:51.0516 4460 Deinitialize success


MiniToolBox Report


MiniToolBox by Farbar Version: 22-07-2012
Ran by Administrator (administrator) on 22-07-2012 at 21:09:31
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

::1 localhost




108.163.215.51 www.google-analytics.com.
108.163.215.51 ad-emea.doubleclick.net.
108.163.215.51 www.statcounter.com.


127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 www.100888290cs.com
127.0.0.1 100888290cs.com

There are 15237 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

Broadcom 4322AG 802.11a/b/g/draft-n Wi-Fi Adapter = Wireless Network Connection (Connected)
Realtek RTL8102E Family PCI-E Fast Ethernet NIC (NDIS 6.0) = Local Area Connection (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Home-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : gateway.2wire.net

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : gateway.2wire.net
Description . . . . . . . . . . . : Broadcom 4322AG 802.11a/b/g/draft-n Wi-Fi Adapter
Physical Address. . . . . . . . . : 00-21-00-D7-B1-DE
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::fcc4:6092:db38:5d9a%13(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.65(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Sunday, July 22, 2012 8:14:11 PM
Lease Expires . . . . . . . . . . : Monday, July 23, 2012 8:14:10 PM
Default Gateway . . . . . . . . . : 192.168.1.254
DHCP Server . . . . . . . . . . . : 192.168.1.254
DHCPv6 IAID . . . . . . . . . . . : 318775552
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-11-78-D4-6D-00-23-8B-AE-C8-0F
DNS Servers . . . . . . . . . . . : 192.168.1.254
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Bluetooth Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
Physical Address. . . . . . . . . : 00-24-7E-43-11-CE
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek RTL8102E Family PCI-E Fast Ethernet NIC (NDIS 6.0)
Physical Address. . . . . . . . . : 00-23-8B-AE-C8-0F
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 7:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{ECFF3402-AA72-4EB1-8A4D-E66676C6CB8B}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : gateway.2wire.net
Description . . . . . . . . . . . : isatap.gateway.2wire.net
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 14:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{C8B4163F-78C3-4A6C-899F-65959D889964}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: home
Address: 192.168.1.254

Name: google.com
Addresses: 2001:4860:4002:800::1006
74.125.227.9
74.125.227.14
74.125.227.0
74.125.227.1
74.125.227.2
74.125.227.3
74.125.227.4
74.125.227.5
74.125.227.6
74.125.227.7
74.125.227.8



Pinging google.com [74.125.227.34] with 32 bytes of data:

Reply from 74.125.227.34: bytes=32 time=38ms TTL=52

Reply from 74.125.227.34: bytes=32 time=27ms TTL=52



Ping statistics for 74.125.227.34:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 27ms, Maximum = 38ms, Average = 32ms

Server: home
Address: 192.168.1.254

Name: yahoo.com
Addresses: 72.30.38.140
98.139.183.24
209.191.122.70



Pinging yahoo.com [209.191.122.70] with 32 bytes of data:

Reply from 209.191.122.70: bytes=32 time=58ms TTL=45

Reply from 209.191.122.70: bytes=32 time=58ms TTL=45



Ping statistics for 209.191.122.70:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 58ms, Maximum = 58ms, Average = 58ms

Server: home
Address: 192.168.1.254

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:

Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
13 ...00 21 00 d7 b1 de ...... Broadcom 4322AG 802.11a/b/g/draft-n Wi-Fi Adapter
12 ...00 24 7e 43 11 ce ...... Bluetooth Device (Personal Area Network)
10 ...00 23 8b ae c8 0f ...... Realtek RTL8102E Family PCI-E Fast Ethernet NIC (NDIS 6.0)
1 ........................... Software Loopback Interface 1
17 ...00 00 00 00 00 00 00 e0 isatap.{ECFF3402-AA72-4EB1-8A4D-E66676C6CB8B}
14 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
18 ...00 00 00 00 00 00 00 e0 isatap.gateway.2wire.net
16 ...00 00 00 00 00 00 00 e0 isatap.{C8B4163F-78C3-4A6C-899F-65959D889964}
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.65 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.65 281
192.168.1.65 255.255.255.255 On-link 192.168.1.65 281
192.168.1.255 255.255.255.255 On-link 192.168.1.65 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.65 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.65 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
13 281 fe80::/64 On-link
13 281 fe80::fcc4:6092:db38:5d9a/128
On-link
1 306 ff00::/8 On-link
13 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [19968] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [34304] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [61440] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [62976] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [78848] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [78848] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [27648] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [44032] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/22/2012 08:14:16 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/22/2012 04:39:38 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/22/2012 04:37:47 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/22/2012 04:24:00 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Details:
AddCoreCsiFiles : BeginFileEnumeration() failed.

System Error:
Access is denied.

Error: (07/22/2012 04:14:30 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/22/2012 03:26:11 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/22/2012 02:57:14 PM) (Source: Application Hang) (User: )
Description: The program Aurora.scr version 6.0.6000.16386 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: 1340
Start Time: 01cd684402d3da23
Termination Time: 5124

Error: (07/22/2012 02:14:02 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/22/2012 09:32:48 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Details:
AddCoreCsiFiles : BeginFileEnumeration() failed.

System Error:
Access is denied.

Error: (07/22/2012 09:32:48 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Details:
AddCoreCsiFiles : BeginFileEnumeration() failed.

System Error:
Access is denied.


System errors:
=============
Error: (07/22/2012 04:42:26 PM) (Source: Service Control Manager) (User: )
Description: Symantec Management Client%%1053

Error: (07/22/2012 04:42:26 PM) (Source: Service Control Manager) (User: )
Description: 30000Symantec Management Client

Error: (07/22/2012 04:41:50 PM) (Source: Service Control Manager) (User: )
Description: Symantec Management Client%%1053

Error: (07/22/2012 04:41:50 PM) (Source: Service Control Manager) (User: )
Description: 30000Symantec Management Client

Error: (07/22/2012 04:37:53 PM) (Source: Service Control Manager) (User: )
Description: Spybot-S&D 2 Security Center ServiceSecurity Center%%1069

Error: (07/22/2012 04:37:53 PM) (Source: Service Control Manager) (User: )
Description: Security Center%%1069

Error: (07/22/2012 04:37:53 PM) (Source: Service Control Manager) (User: )
Description: wscsvcNT AUTHORITY\LocalService%%1115

Error: (07/22/2012 04:37:48 PM) (Source: Service Control Manager) (User: )
Description: Group Policy Client

Error: (07/22/2012 04:16:05 PM) (Source: Service Control Manager) (User: )
Description: Symantec Management Client%%1053

Error: (07/22/2012 04:16:03 PM) (Source: Service Control Manager) (User: )
Description: 30000Symantec Management Client


Microsoft Office Sessions:
=========================
Error: (05/13/2011 02:24:54 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 6698 seconds with 3060 seconds of active time. This session ended with a crash.


=========================== Installed Programs ============================

Agere Systems HDA Modem
Broadcom 802.11 Wireless LAN Adapter (Version: 5.30.20.0)
CCleaner (Version: 3.20)
HP Integrated Module with Bluetooth wireless technology 6.0.1.6204 (Version: 6.0.1.6204)
HP MediaSmart SmartMenu (Version: 2.0.8)
HP Smart Web Printing 4.60 (Version: 4.60)
Intel® Graphics Media Accelerator Driver
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
ProtectSmart Hard Drive Protection (Version: 3.10.1.7)
SAMSUNG USB Driver for Mobile Phones (Version: 1.3.650.0)
Symantec Endpoint Protection (Version: 12.1.1000.157)
Synaptics Pointing Device Driver (Version: 13.0.4.0)
Windows Driver Package - ENE (enecir) HIDClass (09/04/2008 2.6.0.0) (Version: 09/04/2008 2.6.0.0)

========================= Memory info: ===================================

Percentage of memory in use: 52%
Total physical RAM: 4026.25 MB
Available physical RAM: 1915.31 MB
Total Pagefile: 8249.79 MB
Available Pagefile: 5956.69 MB
Total Virtual: 4095.88 MB
Available Virtual: 3994.64 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:285.62 GB) (Free:210.98 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:12.47 GB) (Free:1.98 GB) NTFS

========================= Users: ========================================

User accounts for \\HOME-PC

Administrator Guest Home


**** End of log ****

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:51 PM

Posted 23 July 2012 - 09:43 AM

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply


Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

Rogue killer

right click on it and select run as administrator

Now,click on HOSTS FIX option on right side

A log should get generated after the fix ,post the log here


Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#3 cms_matt

cms_matt
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:01:51 PM

Posted 24 July 2012 - 08:43 AM

Okay that took all day and night to run but the results are in!

ESET Report

C:\Windows\System32\config\systemprofile\AppData\Local\Temp\ICReinstall\cnet2_ComboFix_exe.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined


Rogue Killer Log

RogueKiller V7.6.4 [07/17/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows Vista (6.0.6002 Service Pack 2) 64 bits version
Started in : Normal mode
User: Administrator [Admin rights]
Mode: HOSTSFix -- Date: 07/24/2012 08:15:48

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Driver: [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
127.0.0.1 localhost
::1 localhost
108.163.215.51 www.google-analytics.com.
108.163.215.51 ad-emea.doubleclick.net.
108.163.215.51 www.statcounter.com.
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
[...]


¤¤¤ Resetted HOSTS: ¤¤¤
127.0.0.1 localhost

Finished : << RKreport[1].txt >>
RKreport[1].txt



FSS Report

Farbar Service Scanner Version: 22-07-2012
Ran by Administrator (administrator) on 24-07-2012 at 08:18:15
Running from "C:\Users\Administrator\Downloads"
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall"=DWORD:0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============

sharedaccess Service is not running. Checking service configuration:
The start type of sharedaccess service is set to Disabled
The ImagePath of sharedaccess service is OK.
The ServiceDll of sharedaccess service is OK.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcsvc.dll
[2009-12-03 13:12] - [2009-04-11 02:11] - 0268288 ____A (Microsoft Corporation) 3ED0321127CE70ACDAABBF77E157C2A7

C:\Windows\System32\drivers\afd.sys
[2012-02-16 13:33] - [2012-01-03 09:25] - 0404992 ____A (Microsoft Corporation) C4F6CE6087760AD70960C9EB130E7943

C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2012-05-09 06:46] - [2012-03-30 07:45] - 1423744 ____A (Microsoft Corporation) 46D448E9117464E4D3BBF36D7E3FA48E

C:\Windows\System32\dnsrslvr.dll
[2011-04-14 20:36] - [2011-03-02 11:12] - 0117760 ____A (Microsoft Corporation) 06230F1B721494A6DF8D47FD395BB1B0

C:\Windows\System32\mpssvc.dll
[2009-12-03 13:12] - [2009-04-11 02:11] - 0603136 ____A (Microsoft Corporation) 897E3BAF68BA406A61682AE39C83900C

C:\Windows\System32\bfe.dll
[2009-12-03 13:11] - [2009-04-11 02:11] - 0458240 ____A (Microsoft Corporation) FFB96C2589FFA60473EAD78B39FBDE29

C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe
[2009-12-03 13:12] - [2009-04-11 02:11] - 1433600 ____A (Microsoft Corporation) B75232DAD33BFD95BF6F0A3E6BFF51E1

C:\Windows\System32\wscsvc.dll
[2009-12-03 13:11] - [2009-04-11 02:11] - 0074752 ____A (Microsoft Corporation) 9EA3E6D0EF7A5C2B9181961052A4B01A

C:\Windows\System32\wbem\WMIsvc.dll
[2009-12-03 13:12] - [2009-04-11 02:11] - 0221696 ____A (Microsoft Corporation) D2E7296ED1BD26D8DB2799770C077A02

C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll
[2009-12-03 13:12] - [2009-04-11 02:11] - 1081856 ____A (Microsoft Corporation) 6D316F4859634071CC25C4FD4589AD2C

C:\Windows\System32\es.dll
[2009-12-03 13:12] - [2009-04-11 02:11] - 0361984 ____A (Microsoft Corporation) E12F22B73F153DECE721CD45EC05B4AF

C:\Windows\System32\cryptsvc.dll
[2012-06-14 07:02] - [2012-04-23 11:25] - 0174592 ____A (Microsoft Corporation) 62740B9D2A137E8CED41A9E4239A7A31

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll
[2009-12-03 13:12] - [2009-04-11 02:11] - 0719872 ____A (Microsoft Corporation) CF8B9A3A5E7DC57724A89D0C3E8CF9EF



**** End of log ****


ADWCleaner Log

# AdwCleaner v1.703 - Logfile created 07/24/2012 at 08:22:48
# Updated 20/07/2012 by Xplode
# Operating system : Windows ™ Vista Home Premium Service Pack 2 (64 bits)
# User : Administrator - HOME-PC
# Running from : C:\Users\Administrator\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Deleted on reboot : C:\Users\Home\AppData\LocalLow\Toolbar4
Deleted on reboot : C:\Users\Administrator\AppData\LocalLow\Toolbar4
Deleted on reboot : C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\q6f0r3np.default\ConduitCommon
File Deleted : C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\q6f0r3np.default\searchplugins\Conduit.xml
File Deleted : C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\q6f0r3np.default\searchplugins\fast-browser-search.xml
File Deleted : C:\Users\Public\Desktop\eBay.lnk
File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
File Deleted : C:\Program Files (x86)\Mozilla FireFox\searchplugins\fast.xml

***** [Registry] *****

[*] Key Deleted : HKLM\SOFTWARE\Classes\TBSB05810.IEToolbar
[*] Key Deleted : HKLM\SOFTWARE\Classes\TBSB05810.IEToolbar.1
[*] Key Deleted : HKLM\SOFTWARE\Classes\TBSB05810.TBSB05810
[*] Key Deleted : HKLM\SOFTWARE\Classes\TBSB05810.TBSB05810.3
[*] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.TBSB05810
[*] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.TBSB05810.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler
Key Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager.1
Key Deleted : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook
Key Deleted : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook.1
Key Deleted : HKLM\SOFTWARE\Iminent

***** [Registre - GUID] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{57CADC46-58FF-4105-B733-5A9F3FC9783C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D433A9D0-8267-40CB-8AD5-24F22FA5373F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{CA3EB689-8F09-4026-AA10-B9534C691CE0}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v14.0.1 (en-US)

Profile name : default
File : C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\q6f0r3np.default\prefs.js

C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\q6f0r3np.default\user.js ... Deleted !

Deleted : user_pref("CT2260173..clientLogIsEnabled", false);
Deleted : user_pref("CT2260173..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Deleted : user_pref("CT2260173..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Deleted : user_pref("CT2260173.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Deleted : user_pref("CT2260173.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT2260173.AppTrackingLastCheckTime", "Fri Jul 06 2012 10:22:50 GMT-0500 (Central Daylight[...]
Deleted : user_pref("CT2260173.CT2260173", "CT2260173");
Deleted : user_pref("CT2260173.CommunitiesChangesLastCheckTime", "0");
Deleted : user_pref("CT2260173.CurrentServerDate", "15-7-2012");
Deleted : user_pref("CT2260173.DSInstall", true);
Deleted : user_pref("CT2260173.DialogsAlignMode", "LTR");
Deleted : user_pref("CT2260173.DialogsGetterLastCheckTime", "Sat Jul 14 2012 14:43:39 GMT-0500 (Central Daylig[...]
Deleted : user_pref("CT2260173.DownloadReferralCookieData", "");
Deleted : user_pref("CT2260173.FeedLastCount128940659599556287", 0);
Deleted : user_pref("CT2260173.FeedPollDate128940659196275477", "Mon Jul 09 2012 20:09:54 GMT-0500 (Central Da[...]
Deleted : user_pref("CT2260173.FeedPollDate128940659574712536", "Mon Jul 09 2012 18:44:47 GMT-0500 (Central Da[...]
Deleted : user_pref("CT2260173.FeedTTL128940659574712536", 40);
Deleted : user_pref("CT2260173.FirstServerDate", "28-6-2012");
Deleted : user_pref("CT2260173.FirstTime", true);
Deleted : user_pref("CT2260173.FirstTimeFF3", true);
Deleted : user_pref("CT2260173.FirstTimeHiddenVer", true);
Deleted : user_pref("CT2260173.FixPageNotFoundErrors", true);
Deleted : user_pref("CT2260173.GroupingInvalidateCache", false);
Deleted : user_pref("CT2260173.GroupingLastCheckTime", "0");
Deleted : user_pref("CT2260173.GroupingLastServerUpdateTime", "0");
Deleted : user_pref("CT2260173.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT2260173.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT2260173.HPInstall", false);
Deleted : user_pref("CT2260173.HasUserGlobalKeys", true);
Deleted : user_pref("CT2260173.HomePageProtectorEnabled", false);
Deleted : user_pref("CT2260173.HomepageBeforeUnload", "hxxp://www.facebook.com/");
Deleted : user_pref("CT2260173.Initialize", true);
Deleted : user_pref("CT2260173.InitializeCommonPrefs", true);
Deleted : user_pref("CT2260173.InstallationAndCookieDataSentCount", 3);
Deleted : user_pref("CT2260173.InstallationType", "Unknown");
Deleted : user_pref("CT2260173.InstalledDate", "Thu Jun 28 2012 07:28:40 GMT-0500 (Central Daylight Time)");
Deleted : user_pref("CT2260173.InvalidateCache", false);
Deleted : user_pref("CT2260173.IsAlertDBUpdated", true);
Deleted : user_pref("CT2260173.IsGrouping", false);
Deleted : user_pref("CT2260173.IsInitSetupIni", true);
Deleted : user_pref("CT2260173.IsMulticommunity", false);
Deleted : user_pref("CT2260173.IsOpenThankYouPage", true);
Deleted : user_pref("CT2260173.IsOpenUninstallPage", true);
Deleted : user_pref("CT2260173.IsProtectorsInit", true);
Deleted : user_pref("CT2260173.LanguagePackLastCheckTime", "Sun Jul 15 2012 15:56:12 GMT-0500 (Central Dayligh[...]
Deleted : user_pref("CT2260173.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT2260173.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT2260173.LastLogin_3.13.0.6", "Sun Jul 15 2012 15:56:10 GMT-0500 (Central Daylight Time)[...]
Deleted : user_pref("CT2260173.LatestVersion", "3.13.0.6");
Deleted : user_pref("CT2260173.Locale", "en");
Deleted : user_pref("CT2260173.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT2260173.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT2260173.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT2260173.MyStuffEnabledAtInstallation", true);
Deleted : user_pref("CT2260173.OriginalFirstVersion", "3.13.0.6");
Deleted : user_pref("CT2260173.RadioLastCheckTime", "0");
Deleted : user_pref("CT2260173.RadioLastUpdateIPServer", "0");
Deleted : user_pref("CT2260173.RadioLastUpdateServer", "0");
Deleted : user_pref("CT2260173.SearchCaption", "Swag Bucks Customized Web Search");
Deleted : user_pref("CT2260173.SearchEngineBeforeUnload", "Swag Bucks Customized Web Search");
Deleted : user_pref("CT2260173.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT2260173.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT226[...]
Deleted : user_pref("CT2260173.SearchInNewTabEnabled", true);
Deleted : user_pref("CT2260173.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT2260173.SearchInNewTabLastCheckTime", "Sun Jul 15 2012 15:56:09 GMT-0500 (Central Dayli[...]
Deleted : user_pref("CT2260173.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT2260173.SearchProtectorEnabled", true);
Deleted : user_pref("CT2260173.SearchProtectorToolbarDisabled", false);
Deleted : user_pref("CT2260173.SendProtectorDataViaLogin", true);
Deleted : user_pref("CT2260173.ServiceMapLastCheckTime", "Sun Jul 15 2012 15:56:10 GMT-0500 (Central Daylight [...]
Deleted : user_pref("CT2260173.SettingsLastCheckTime", "Sun Jul 15 2012 15:56:08 GMT-0500 (Central Daylight Ti[...]
Deleted : user_pref("CT2260173.SettingsLastUpdate", "1341921553");
Deleted : user_pref("CT2260173.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2260173&SearchSource=13");
Deleted : user_pref("CT2260173.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT2260173.ThirdPartyComponentsLastCheck", "Thu Jun 28 2012 07:28:33 GMT-0500 (Central Day[...]
Deleted : user_pref("CT2260173.ThirdPartyComponentsLastUpdate", "1331805997");
Deleted : user_pref("CT2260173.ToolbarShrinkedFromSetup", false);
Deleted : user_pref("CT2260173.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2260173");
Deleted : user_pref("CT2260173.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Deleted : user_pref("CT2260173.UserID", "UN59865798606990029");
Deleted : user_pref("CT2260173.ValidationData_Search", 2);
Deleted : user_pref("CT2260173.ValidationData_Toolbar", 2);
Deleted : user_pref("CT2260173.WeatherNetwork", "");
Deleted : user_pref("CT2260173.WeatherPollDate", "Mon Jul 09 2012 19:44:54 GMT-0500 (Central Daylight Time)");
Deleted : user_pref("CT2260173.WeatherUnit", "F");
Deleted : user_pref("CT2260173.alertChannelId", "657446");
Deleted : user_pref("CT2260173.components.1000034", false);
Deleted : user_pref("CT2260173.components.1000082", false);
Deleted : user_pref("CT2260173.components.1000234", true);
Deleted : user_pref("CT2260173.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Deleted : user_pref("CT2260173.globalFirstTimeInfoLastCheckTime", "Sun Jul 08 2012 07:52:32 GMT-0500 (Central [...]
Deleted : user_pref("CT2260173.homepageProtectorEnableByLogin", true);
Deleted : user_pref("CT2260173.initDone", true);
Deleted : user_pref("CT2260173.isAppTrackingManagerOn", true);
Deleted : user_pref("CT2260173.myStuffEnabled", true);
Deleted : user_pref("CT2260173.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT2260173.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT2260173.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT2260173.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT2260173.navigateToUrlOnSearch", false);
Deleted : user_pref("CT2260173.oldAppsList", "128848965243869714,128848965243869715,111,128958821111237507,128[...]
Deleted : user_pref("CT2260173.revertSettingsEnabled", false);
Deleted : user_pref("CT2260173.searchProtectorDialogDelayInSec", 10);
Deleted : user_pref("CT2260173.searchProtectorEnableByLogin", true);
Deleted : user_pref("CT2260173.testingCtid", "");
Deleted : user_pref("CT2260173.toolbarAppMetaDataLastCheckTime", "Sun Jul 15 2012 15:56:10 GMT-0500 (Central D[...]
Deleted : user_pref("CT2260173.toolbarContextMenuLastCheckTime", "Thu Jun 28 2012 07:28:42 GMT-0500 (Central D[...]
Deleted : user_pref("CT2260173.usagesFlag", 2);
Deleted : user_pref("CT3209604.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Deleted : user_pref("CT3209604.AppTrackingLastCheckTime", "Sun Jul 15 2012 21:01:00 GMT-0500 (Central Daylight[...]
Deleted : user_pref("CT3209604.BrowserCompStateIsOpen_7903562971459794832", true);
Deleted : user_pref("CT3209604.DSInstall", false);
Deleted : user_pref("CT3209604.DialogsAlignMode", "LTR");
Deleted : user_pref("CT3209604.DialogsGetterLastCheckTime", "Sun Jul 15 2012 21:01:00 GMT-0500 (Central Daylig[...]
Deleted : user_pref("CT3209604.ExternalComponentPollDate129785153990495186", "Sun Jul 15 2012 21:00:11 GMT-050[...]
Deleted : user_pref("CT3209604.FirstTimeFF3", true);
Deleted : user_pref("CT3209604.HPInstall", false);
Deleted : user_pref("CT3209604.HasUserGlobalKeys", true);
Deleted : user_pref("CT3209604.Initialize", true);
Deleted : user_pref("CT3209604.InitializeCommonPrefs", true);
Deleted : user_pref("CT3209604.InstalledDate", "Sun Jul 15 2012 21:01:11 GMT-0500 (Central Daylight Time)");
Deleted : user_pref("CT3209604.InvalidateCache", false);
Deleted : user_pref("CT3209604.IsGrouping", false);
Deleted : user_pref("CT3209604.IsInitSetupIni", true);
Deleted : user_pref("CT3209604.IsMulticommunity", false);
Deleted : user_pref("CT3209604.IsOpenThankYouPage", true);
Deleted : user_pref("CT3209604.IsOpenUninstallPage", true);
Deleted : user_pref("CT3209604.LanguagePackLastCheckTime", "Sun Jul 15 2012 21:01:02 GMT-0500 (Central Dayligh[...]
Deleted : user_pref("CT3209604.Locale", "en");
Deleted : user_pref("CT3209604.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT3209604.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT3209604.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT3209604.MyStuffEnabledAtInstallation", true);
Deleted : user_pref("CT3209604.RadioIsPodcast", false);
Deleted : user_pref("CT3209604.RadioLastCheckTime", "Sun Jul 15 2012 21:00:52 GMT-0500 (Central Daylight Time)[...]
Deleted : user_pref("CT3209604.RadioLastUpdateIPServer", "3");
Deleted : user_pref("CT3209604.RadioLastUpdateServer", "3");
Deleted : user_pref("CT3209604.RadioMediaID", "9962");
Deleted : user_pref("CT3209604.RadioMediaType", "Media Player");
Deleted : user_pref("CT3209604.RadioMenuSelectedID", "EBRadioMenu_CT32096049962");
Deleted : user_pref("CT3209604.RadioShrinkedFromSetup", false);
Deleted : user_pref("CT3209604.RadioStationName", "California%20Rock");
Deleted : user_pref("CT3209604.RadioStationURL", "hxxp://feedlive.net/california.asx");
Deleted : user_pref("CT3209604.SearchCaption", "Produtools Manuals 2.1 Customized Web Search");
Deleted : user_pref("CT3209604.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT3209604.SendProtectorDataViaLogin", true);
Deleted : user_pref("CT3209604.ServiceMapLastCheckTime", "Sun Jul 15 2012 21:00:52 GMT-0500 (Central Daylight [...]
Deleted : user_pref("CT3209604.SettingsLastCheckTime", "Sun Jul 15 2012 21:00:53 GMT-0500 (Central Daylight Ti[...]
Deleted : user_pref("CT3209604.SettingsLastUpdate", "1342355079");
Deleted : user_pref("CT3209604.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT3209604&SearchSource=13");
Deleted : user_pref("CT3209604.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT3209604.ThirdPartyComponentsLastCheck", "Sun Jul 15 2012 21:00:52 GMT-0500 (Central Day[...]
Deleted : user_pref("CT3209604.ThirdPartyComponentsLastUpdate", "1331805997");
Deleted : user_pref("CT3209604.ToolbarShrinkedFromSetup", false);
Deleted : user_pref("CT3209604.alertChannelId", "1631618");
Deleted : user_pref("CT3209604.backendstorage.cbcountry_001", "5553");
Deleted : user_pref("CT3209604.backendstorage.cbfirsttime", "53756E204A756C20313520323031322032313A30313A30372[...]
Deleted : user_pref("CT3209604.backendstorage.shoppingapp.gk.exipres", "467269204A756C20323020323031322032313A[...]
Deleted : user_pref("CT3209604.backendstorage.shoppingapp.gk.geolocation", "756E6974656420737461746573");
Deleted : user_pref("CT3209604.globalFirstTimeInfoLastCheckTime", "Sun Jul 15 2012 21:01:02 GMT-0500 (Central [...]
Deleted : user_pref("CT3209604.initDone", true);
Deleted : user_pref("CT3209604.isAppTrackingManagerOn", true);
Deleted : user_pref("CT3209604.isFirstRadioInstallation", false);
Deleted : user_pref("CT3209604.navigateToUrlOnSearch", false);
Deleted : user_pref("CT3209604.revertSettingsEnabled", false);
Deleted : user_pref("CT3209604.testingCtid", "");
Deleted : user_pref("CT3209604.toolbarAppMetaDataLastCheckTime", "Sun Jul 15 2012 21:01:00 GMT-0500 (Central D[...]
Deleted : user_pref("CT3209604.toolbarContextMenuLastCheckTime", "Sun Jul 15 2012 21:01:04 GMT-0500 (Central D[...]
Deleted : user_pref("CommunityToolbar.ConduitSearchList", "Swag Bucks Customized Web Search");
Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2260173/CT2260173[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT3209604/CT3209604[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1631618/1624709/US", "\"0\"[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/657446/653307/US", "\"0\"")[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2260173", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT3209604", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2260173",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT3209604",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=EB_LOCALE",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"21b[...]
Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Home\\AppData\\Roaming\\Mozilla\\Fi[...]
Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.14.1.0");
Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://www.fastbrowsersearch.com/results[...]
Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT2260173,CT3209604");
Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2260173");
Deleted : user_pref("CommunityToolbar.ToolbarsList4", "CT2260173,CT3209604");
Deleted : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Wed Jul 11 2012 03:01:36 GMT-0500 (Cen[...]
Deleted : user_pref("CommunityToolbar.globalUserId", "60f2fa59-7935-4c5a-bff6-4832212a15d2");
Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2260173");
Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Sun Jul 15 2012 21:01:0[...]
Deleted : user_pref("CommunityToolbar.notifications.alertEnabled", true);
Deleted : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
Deleted : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Sun Jul 15 2012 21:01:04 GMT-050[...]
Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.locale", "en");
Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sun Jul 15 2012 21:00:59 GMT-0500 (C[...]
Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.notifications.userId", "ed234007-ee7e-4e89-ba08-ca098bd78c07");
Deleted : user_pref("CommunityToolbar.originalHomepage", "hxxp://www.facebook.com/");
Deleted : user_pref("CommunityToolbar.originalSearchEngine", "search");
Deleted : user_pref("browser.search.defaultenginename", "Fast Browser Search");
Deleted : user_pref("browser.search.defaultthis.engineName", "Swag Bucks Customized Web Search");
Deleted : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2260173&Sea[...]
Deleted : user_pref("browser.search.order.1", "Fast Browser Search");
Deleted : user_pref("browser.search.selectedEngine", "Swag Bucks Customized Web Search");
Deleted : user_pref("keyword.URL", "hxxp://www.fastbrowsersearch.com/results/results.aspx?s=NAUS&v=18&tid={A7A[...]

Profile name : default
File : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\lnnvaha3.default\prefs.js

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [25427 octets] - [24/07/2012 08:22:48]

########## EOF - C:\AdwCleaner[S1].txt - [25556 octets] ##########

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:51 PM

Posted 24 July 2012 - 08:53 AM

Malwarebytes log?

#5 cms_matt

cms_matt
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:01:51 PM

Posted 24 July 2012 - 09:03 AM

Sorry, forgot to post that one. Here you go!

Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.07.23.11

Windows Vista Service Pack 2 x64 NTFS
Internet Explorer 9.0.8112.16421
Administrator :: HOME-PC [administrator]

7/23/2012 5:56:52 PM
mbam-log-2012-07-23 (17-56-52).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 431101
Time elapsed: 4 hour(s), 47 minute(s), 33 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:51 PM

Posted 24 July 2012 - 09:27 AM

That looks good

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows-vista/Turn-System-Restore-on-or-off

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#7 cms_matt

cms_matt
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:01:51 PM

Posted 24 July 2012 - 02:38 PM

That looks like it fixed it! Thanks so much for your time and assistance!

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:51 PM

Posted 24 July 2012 - 08:31 PM

You're most welcome :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users