Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google Redirecting on IExplorer


  • Please log in to reply
12 replies to this topic

#1 RoyalBlue52

RoyalBlue52

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:01:54 PM

Posted 15 June 2012 - 06:00 PM

Hello :)

I am having issues while using google on internet explorer. When I try to google something, it redirects me to ( http://infomash.org/100/11656/search.php?k=get%20vincent%20rio%20prelude&ts=1001SMA_M3&num=8&subid=263328-109938-27681&click=1562354861-4159.3899.4fdbb21e.2512) and (http://searchathon.com/search?q=get+vincent+rio+prelude) so in other words, Infomash and Searchathon.

When I try to go back to google.com by clicking the go back arrow it still redirects me to those other sites :(

I ran a full norton scan and noticed that it would simply get stuck and not finish the scan. Also I have had some start up issues either just before or at about the same time the redirecting started.

I also tried using hitman pro and the problem still occurs.

This started happening within the last week and I am trying to get rid of it before it gets worse, please help >_<

Edited by RoyalBlue52, 15 June 2012 - 06:07 PM.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:54 PM

Posted 15 June 2012 - 06:14 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)


Please download GMER from here(doesnot work on 64 bit OS)

http://www2.gmer.net/download.php

Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.

GMER will open to the Rootkit/Malware tab and perform an automatic Full Scan when first run. (do not use the computer while the scan is in progress)

If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
Now click the Scan button. If you see a rootkit warning window, click OK.
When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
Click the Copy button and paste the results into your next reply.


Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Edited by narenxp, 15 June 2012 - 06:14 PM.


#3 RoyalBlue52

RoyalBlue52
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:01:54 PM

Posted 18 June 2012 - 05:23 PM

Hi narenxp,

Thank you for responding so quickly, I thought it would take 3 days for someone to respond >.<

I did as requested so here are the following logs.

TDSSkiller Log:

15:38:14.0885 4992 TDSS rootkit removing tool 2.7.40.0 Jun 15 2012 15:13:31
15:38:15.0879 4992 ============================================================
15:38:15.0879 4992 Current date / time: 2012/06/18 15:38:15.0879
15:38:15.0879 4992 SystemInfo:
15:38:15.0879 4992
15:38:15.0879 4992 OS Version: 6.0.6002 ServicePack: 2.0
15:38:15.0879 4992 Product type: Workstation
15:38:15.0879 4992 ComputerName: PILI-PC
15:38:15.0880 4992 UserName: Pili
15:38:15.0880 4992 Windows directory: C:\Windows
15:38:15.0880 4992 System windows directory: C:\Windows
15:38:15.0880 4992 Processor architecture: Intel x86
15:38:15.0880 4992 Number of processors: 4
15:38:15.0880 4992 Page size: 0x1000
15:38:15.0880 4992 Boot type: Normal boot
15:38:15.0880 4992 ============================================================
15:38:16.0860 4992 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
15:38:16.0982 4992 ============================================================
15:38:16.0982 4992 \Device\Harddisk0\DR0:
15:38:16.0990 4992 MBR partitions:
15:38:16.0990 4992 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1B800, BlocksNum 0x1400000
15:38:16.0990 4992 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x141B800, BlocksNum 0x38F6A000
15:38:16.0990 4992 ============================================================
15:38:17.0114 4992 C: <-> \Device\Harddisk0\DR0\Partition1
15:38:17.0215 4992 D: <-> \Device\Harddisk0\DR0\Partition0
15:38:17.0215 4992 ============================================================
15:38:17.0215 4992 Initialize success
15:38:17.0215 4992 ============================================================
15:39:02.0501 5960 ============================================================
15:39:02.0501 5960 Scan started
15:39:02.0501 5960 Mode: Manual; SigCheck; TDLFS;
15:39:02.0501 5960 ============================================================
15:39:02.0759 5960 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
15:39:03.0074 5960 ACPI - ok
15:39:03.0126 5960 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
15:39:03.0271 5960 AdobeFlashPlayerUpdateSvc - ok
15:39:03.0349 5960 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
15:39:03.0501 5960 adp94xx - ok
15:39:03.0534 5960 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
15:39:03.0627 5960 adpahci - ok
15:39:03.0654 5960 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
15:39:03.0708 5960 adpu160m - ok
15:39:03.0740 5960 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
15:39:03.0811 5960 adpu320 - ok
15:39:03.0863 5960 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
15:39:04.0098 5960 AeLookupSvc - ok
15:39:04.0159 5960 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
15:39:04.0263 5960 AFD - ok
15:39:04.0307 5960 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
15:39:04.0378 5960 agp440 - ok
15:39:04.0405 5960 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
15:39:04.0516 5960 aic78xx - ok
15:39:04.0556 5960 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
15:39:04.0754 5960 ALG - ok
15:39:04.0776 5960 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
15:39:04.0869 5960 aliide - ok
15:39:04.0966 5960 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
15:39:05.0059 5960 amdagp - ok
15:39:05.0089 5960 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
15:39:05.0170 5960 amdide - ok
15:39:05.0195 5960 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
15:39:05.0406 5960 AmdK7 - ok
15:39:05.0457 5960 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
15:39:05.0555 5960 AmdK8 - ok
15:39:05.0610 5960 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
15:39:05.0717 5960 Appinfo - ok
15:39:05.0824 5960 Apple Mobile Device (20f6f19fe9e753f2780dc2fa083ad597) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:39:05.0954 5960 Apple Mobile Device - ok
15:39:05.0987 5960 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
15:39:06.0096 5960 arc - ok
15:39:06.0137 5960 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
15:39:06.0227 5960 arcsas - ok
15:39:06.0260 5960 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
15:39:06.0329 5960 AsyncMac - ok
15:39:06.0392 5960 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
15:39:06.0452 5960 atapi - ok
15:39:06.0516 5960 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
15:39:06.0616 5960 AudioEndpointBuilder - ok
15:39:06.0622 5960 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
15:39:06.0664 5960 Audiosrv - ok
15:39:06.0689 5960 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
15:39:06.0786 5960 Beep - ok
15:39:06.0858 5960 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
15:39:06.0970 5960 BFE - ok
15:39:07.0215 5960 BHDrvx86 (a503d32ae26f77cb942aed530112edaa) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20120531.001\BHDrvx86.sys
15:39:07.0327 5960 BHDrvx86 - ok
15:39:07.0415 5960 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\System32\qmgr.dll
15:39:07.0577 5960 BITS - ok
15:39:07.0638 5960 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
15:39:07.0752 5960 blbdrive - ok
15:39:07.0870 5960 Bonjour Service (1c87705ccb2f60172b0fc86b5d82f00d) C:\Program Files\Bonjour\mDNSResponder.exe
15:39:08.0049 5960 Bonjour Service - ok
15:39:08.0089 5960 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
15:39:08.0162 5960 bowser - ok
15:39:08.0202 5960 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
15:39:08.0299 5960 BrFiltLo - ok
15:39:08.0330 5960 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
15:39:08.0415 5960 BrFiltUp - ok
15:39:08.0447 5960 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
15:39:08.0521 5960 Browser - ok
15:39:08.0546 5960 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
15:39:08.0754 5960 Brserid - ok
15:39:08.0780 5960 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
15:39:08.0885 5960 BrSerWdm - ok
15:39:08.0911 5960 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
15:39:09.0000 5960 BrUsbMdm - ok
15:39:09.0036 5960 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
15:39:09.0120 5960 BrUsbSer - ok
15:39:09.0173 5960 BthEnum (6d39c954799b63ba866910234cf7d726) C:\Windows\system32\DRIVERS\BthEnum.sys
15:39:09.0292 5960 BthEnum - ok
15:39:09.0334 5960 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
15:39:09.0420 5960 BTHMODEM - ok
15:39:09.0470 5960 BthPan (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys
15:39:09.0545 5960 BthPan - ok
15:39:09.0616 5960 BTHPORT (611ff3f2f095c8d4a6d4cfd9dcc09793) C:\Windows\system32\Drivers\BTHport.sys
15:39:09.0717 5960 BTHPORT - ok
15:39:09.0754 5960 BthServ (a4c8377fa4a994e07075107dbe2e3dce) C:\Windows\System32\bthserv.dll
15:39:09.0831 5960 BthServ - ok
15:39:09.0861 5960 BTHUSB (d330803eab2a15caec7f011f1d4cb30e) C:\Windows\system32\Drivers\BTHUSB.sys
15:39:09.0889 5960 BTHUSB - ok
15:39:09.0941 5960 btwaudio (fc23e3a7ae18b02dcc1a34cbef3f80af) C:\Windows\system32\drivers\btwaudio.sys
15:39:10.0027 5960 btwaudio - ok
15:39:10.0067 5960 btwavdt (5e14c92763e51130bfb9a670afd7eddf) C:\Windows\system32\drivers\btwavdt.sys
15:39:10.0119 5960 btwavdt - ok
15:39:10.0163 5960 btwrchid (ac3fd5a3bbfa114098f75b80c4c1f3e7) C:\Windows\system32\DRIVERS\btwrchid.sys
15:39:10.0219 5960 btwrchid - ok
15:39:10.0327 5960 ccHP (1fa1c0e73eca849bed29a47c508f7f17) C:\Windows\system32\drivers\N360\0404000.00C\ccHPx86.sys
15:39:10.0441 5960 ccHP - ok
15:39:10.0496 5960 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
15:39:10.0574 5960 cdfs - ok
15:39:10.0614 5960 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
15:39:10.0715 5960 cdrom - ok
15:39:10.0762 5960 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
15:39:10.0850 5960 CertPropSvc - ok
15:39:10.0874 5960 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
15:39:10.0956 5960 circlass - ok
15:39:11.0001 5960 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
15:39:11.0070 5960 CLFS - ok
15:39:11.0148 5960 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:39:11.0290 5960 clr_optimization_v2.0.50727_32 - ok
15:39:11.0370 5960 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:39:11.0467 5960 clr_optimization_v4.0.30319_32 - ok
15:39:11.0508 5960 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
15:39:11.0585 5960 cmdide - ok
15:39:11.0611 5960 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\drivers\compbatt.sys
15:39:11.0678 5960 Compbatt - ok
15:39:11.0683 5960 COMSysApp - ok
15:39:11.0711 5960 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
15:39:11.0801 5960 crcdisk - ok
15:39:11.0828 5960 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
15:39:11.0890 5960 Crusoe - ok
15:39:11.0949 5960 CryptSvc (75c6a297e364014840b48eccd7525e30) C:\Windows\system32\cryptsvc.dll
15:39:12.0035 5960 CryptSvc - ok
15:39:12.0099 5960 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
15:39:12.0199 5960 DcomLaunch - ok
15:39:12.0237 5960 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
15:39:12.0408 5960 DfsC - ok
15:39:12.0558 5960 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
15:39:12.0790 5960 DFSR - ok
15:39:12.0927 5960 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
15:39:13.0017 5960 Dhcp - ok
15:39:13.0069 5960 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
15:39:13.0145 5960 disk - ok
15:39:13.0199 5960 Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
15:39:13.0326 5960 Dnscache - ok
15:39:13.0424 5960 DockLoginService (13511564cac5a005255765e322c16967) C:\Program Files\Dell\DellDock\DockLogin.exe
15:39:13.0574 5960 DockLoginService - ok
15:39:13.0621 5960 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
15:39:13.0696 5960 dot3svc - ok
15:39:13.0751 5960 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
15:39:13.0842 5960 DPS - ok
15:39:13.0881 5960 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
15:39:13.0953 5960 drmkaud - ok
15:39:13.0986 5960 dwusbdnt (732ab6d2fc7f2afebc4a9d2750655b7f) C:\Windows\system32\DRIVERS\dwusbdnt.sys
15:39:14.0084 5960 dwusbdnt - ok
15:39:14.0151 5960 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
15:39:14.0279 5960 DXGKrnl - ok
15:39:14.0355 5960 e1express (908ed85b7806e8af3af5e9b74f7809d4) C:\Windows\system32\DRIVERS\e1e6032.sys
15:39:14.0476 5960 e1express - ok
15:39:14.0519 5960 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
15:39:14.0590 5960 E1G60 - ok
15:39:14.0635 5960 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
15:39:14.0695 5960 EapHost - ok
15:39:14.0744 5960 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
15:39:14.0869 5960 Ecache - ok
15:39:14.0978 5960 eeCtrl (fce87ba643d5e9a8b6e0378508d1b22d) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
15:39:15.0086 5960 eeCtrl - ok
15:39:15.0142 5960 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
15:39:15.0276 5960 ehRecvr - ok
15:39:15.0307 5960 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
15:39:15.0512 5960 ehSched - ok
15:39:15.0580 5960 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
15:39:15.0648 5960 ehstart - ok
15:39:15.0728 5960 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
15:39:15.0850 5960 elxstor - ok
15:39:15.0913 5960 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
15:39:16.0061 5960 EMDMgmt - ok
15:39:16.0157 5960 EraserUtilRebootDrv (115dc729465a8c386615207f28875255) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
15:39:16.0211 5960 EraserUtilRebootDrv - ok
15:39:16.0240 5960 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
15:39:16.0320 5960 ErrDev - ok
15:39:16.0369 5960 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
15:39:16.0446 5960 EventSystem - ok
15:39:16.0495 5960 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
15:39:16.0613 5960 exfat - ok
15:39:16.0641 5960 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
15:39:16.0710 5960 fastfat - ok
15:39:16.0738 5960 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
15:39:16.0834 5960 fdc - ok
15:39:16.0872 5960 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
15:39:16.0915 5960 fdPHost - ok
15:39:16.0920 5960 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
15:39:17.0007 5960 FDResPub - ok
15:39:17.0056 5960 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
15:39:17.0138 5960 FileInfo - ok
15:39:17.0161 5960 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
15:39:17.0229 5960 Filetrace - ok
15:39:17.0256 5960 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
15:39:17.0325 5960 flpydisk - ok
15:39:17.0355 5960 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
15:39:17.0443 5960 FltMgr - ok
15:39:17.0541 5960 FontCache (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
15:39:17.0640 5960 FontCache - ok
15:39:17.0689 5960 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
15:39:17.0785 5960 FontCache3.0.0.0 - ok
15:39:17.0826 5960 Fs_Rec (b972a66758577e0bfd1de0f91aaa27b5) C:\Windows\system32\drivers\Fs_Rec.sys
15:39:17.0928 5960 Fs_Rec - ok
15:39:17.0957 5960 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
15:39:18.0045 5960 gagp30kx - ok
15:39:18.0096 5960 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:39:18.0151 5960 GEARAspiWDM - ok
15:39:18.0259 5960 GoogleDesktopManager-051210-111108 (9f5f2f0fb0a7f5aa9f16b9a7b6dad89f) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
15:39:18.0350 5960 GoogleDesktopManager-051210-111108 - ok
15:39:18.0401 5960 GoToAssist (8f6ae606eb0cc884ee12c41948424422) C:\Program Files\Citrix\GoToAssist\615\g2aservice.exe
15:39:18.0478 5960 GoToAssist - ok
15:39:18.0543 5960 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
15:39:18.0657 5960 gpsvc - ok
15:39:18.0688 5960 gusvc (751c1d2ca2abf4a9f5a6b8d7d45b907c) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
15:39:18.0817 5960 gusvc - ok
15:39:18.0883 5960 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
15:39:18.0947 5960 HDAudBus - ok
15:39:18.0977 5960 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
15:39:19.0051 5960 HidBth - ok
15:39:19.0074 5960 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
15:39:19.0166 5960 HidIr - ok
15:39:19.0204 5960 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\system32\hidserv.dll
15:39:19.0265 5960 hidserv - ok
15:39:19.0302 5960 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
15:39:19.0352 5960 HidUsb - ok
15:39:19.0411 5960 HitmanProScheduler (dfe4303b9e624eca01ad5e388b9d1dea) C:\Program Files\HitmanPro\hmpsched.exe
15:39:19.0526 5960 HitmanProScheduler - ok
15:39:19.0558 5960 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
15:39:19.0608 5960 hkmsvc - ok
15:39:19.0623 5960 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
15:39:19.0685 5960 HpCISSs - ok
15:39:19.0745 5960 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
15:39:19.0868 5960 HTTP - ok
15:39:19.0892 5960 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
15:39:19.0945 5960 i2omp - ok
15:39:19.0983 5960 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
15:39:20.0131 5960 i8042prt - ok
15:39:20.0156 5960 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
15:39:20.0219 5960 iaStorV - ok
15:39:20.0306 5960 IDriverT (6f95324909b502e2651442c1548ab12f) C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
15:39:20.0439 5960 IDriverT ( UnsignedFile.Multi.Generic ) - warning
15:39:20.0439 5960 IDriverT - detected UnsignedFile.Multi.Generic (1)
15:39:20.0568 5960 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:39:20.0688 5960 idsvc - ok
15:39:20.0880 5960 IDSVix86 (f9069ce7a7b9f9ba75d009b0ce3d7601) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20120613.007\IDSvix86.sys
15:39:20.0989 5960 IDSVix86 - ok
15:39:21.0082 5960 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
15:39:21.0261 5960 iirsp - ok
15:39:21.0317 5960 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
15:39:21.0428 5960 IKEEXT - ok
15:39:21.0583 5960 IntcAzAudAddService (4e38a2883df3ba382a59132b3e7d709e) C:\Windows\system32\drivers\RTKVHDA.sys
15:39:21.0731 5960 IntcAzAudAddService - ok
15:39:21.0816 5960 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
15:39:21.0922 5960 intelide - ok
15:39:21.0956 5960 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
15:39:22.0023 5960 intelppm - ok
15:39:22.0046 5960 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
15:39:22.0113 5960 IPBusEnum - ok
15:39:22.0143 5960 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:39:22.0228 5960 IpFilterDriver - ok
15:39:22.0273 5960 iphlpsvc (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll
15:39:22.0361 5960 iphlpsvc - ok
15:39:22.0365 5960 IpInIp - ok
15:39:22.0383 5960 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
15:39:22.0446 5960 IPMIDRV - ok
15:39:22.0467 5960 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
15:39:22.0523 5960 IPNAT - ok
15:39:22.0649 5960 iPod Service (f62c69376a95795fe7cdb1c778edaca4) C:\Program Files\iPod\bin\iPodService.exe
15:39:22.0762 5960 iPod Service - ok
15:39:22.0808 5960 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
15:39:22.0849 5960 IRENUM - ok
15:39:22.0868 5960 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
15:39:22.0927 5960 isapnp - ok
15:39:22.0984 5960 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
15:39:23.0054 5960 iScsiPrt - ok
15:39:23.0079 5960 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
15:39:23.0172 5960 iteatapi - ok
15:39:23.0202 5960 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
15:39:23.0260 5960 iteraid - ok
15:39:23.0287 5960 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
15:39:23.0380 5960 kbdclass - ok
15:39:23.0418 5960 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
15:39:23.0487 5960 kbdhid - ok
15:39:23.0511 5960 KeyIso (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
15:39:23.0606 5960 KeyIso - ok
15:39:23.0641 5960 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
15:39:23.0721 5960 KSecDD - ok
15:39:23.0781 5960 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
15:39:23.0887 5960 KtmRm - ok
15:39:23.0926 5960 LanmanServer (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\system32\srvsvc.dll
15:39:24.0027 5960 LanmanServer - ok
15:39:24.0061 5960 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
15:39:24.0320 5960 LanmanWorkstation - ok
15:39:24.0354 5960 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
15:39:24.0417 5960 lltdio - ok
15:39:24.0461 5960 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
15:39:24.0579 5960 lltdsvc - ok
15:39:24.0609 5960 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
15:39:24.0695 5960 lmhosts - ok
15:39:24.0725 5960 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
15:39:24.0863 5960 LSI_FC - ok
15:39:24.0893 5960 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
15:39:24.0950 5960 LSI_SAS - ok
15:39:24.0981 5960 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
15:39:25.0055 5960 LSI_SCSI - ok
15:39:25.0089 5960 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
15:39:25.0151 5960 luafv - ok
15:39:25.0234 5960 lxeaCATSCustConnectService (2349335a8033fd9834d1c401eae1c9bf) C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxeaserv.exe
15:39:25.0377 5960 lxeaCATSCustConnectService - ok
15:39:25.0403 5960 lxea_device - ok
15:39:25.0434 5960 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
15:39:25.0505 5960 Mcx2Svc - ok
15:39:25.0541 5960 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
15:39:25.0630 5960 megasas - ok
15:39:25.0699 5960 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
15:39:25.0795 5960 MegaSR - ok
15:39:25.0855 5960 mfeavfk (bafdd5e28baea99d7f4772af2f5ec7ee) C:\Windows\system32\drivers\mfeavfk.sys
15:39:25.0992 5960 mfeavfk - ok
15:39:26.0026 5960 mfebopk (1d003e3056a43d881597d6763e83b943) C:\Windows\system32\drivers\mfebopk.sys
15:39:26.0119 5960 mfebopk - ok
15:39:26.0204 5960 mfehidk (3f138a1c8a0659f329f242d1e389b2cf) C:\Windows\system32\drivers\mfehidk.sys
15:39:26.0260 5960 mfehidk - ok
15:39:26.0298 5960 mferkdk (41fe2f288e05a6c8ab85dd56770ffbad) C:\Windows\system32\drivers\mferkdk.sys
15:39:26.0381 5960 mferkdk - ok
15:39:26.0410 5960 mfesmfk (096b52ea918aa909ba5903d79e129005) C:\Windows\system32\drivers\mfesmfk.sys
15:39:26.0473 5960 mfesmfk - ok
15:39:26.0513 5960 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
15:39:26.0593 5960 MMCSS - ok
15:39:26.0631 5960 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
15:39:26.0692 5960 Modem - ok
15:39:26.0729 5960 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
15:39:26.0796 5960 monitor - ok
15:39:26.0813 5960 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
15:39:26.0871 5960 mouclass - ok
15:39:26.0895 5960 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
15:39:26.0962 5960 mouhid - ok
15:39:26.0989 5960 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
15:39:27.0056 5960 MountMgr - ok
15:39:27.0093 5960 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
15:39:27.0158 5960 mpio - ok
15:39:27.0189 5960 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
15:39:27.0241 5960 mpsdrv - ok
15:39:27.0290 5960 MpsSvc (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
15:39:27.0355 5960 MpsSvc - ok
15:39:27.0387 5960 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
15:39:27.0437 5960 Mraid35x - ok
15:39:27.0477 5960 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
15:39:27.0529 5960 MRxDAV - ok
15:39:27.0578 5960 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
15:39:27.0624 5960 mrxsmb - ok
15:39:27.0660 5960 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:39:27.0722 5960 mrxsmb10 - ok
15:39:27.0755 5960 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:39:27.0820 5960 mrxsmb20 - ok
15:39:27.0848 5960 msahci (f70590424eefbf5c27a40c67afdb8383) C:\Windows\system32\drivers\msahci.sys
15:39:27.0923 5960 msahci - ok
15:39:27.0957 5960 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
15:39:28.0096 5960 msdsm - ok
15:39:28.0158 5960 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
15:39:28.0285 5960 MSDTC - ok
15:39:28.0315 5960 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
15:39:28.0423 5960 Msfs - ok
15:39:28.0446 5960 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
15:39:28.0531 5960 msisadrv - ok
15:39:28.0587 5960 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
15:39:28.0689 5960 MSiSCSI - ok
15:39:28.0693 5960 msiserver - ok
15:39:28.0721 5960 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
15:39:28.0784 5960 MSKSSRV - ok
15:39:28.0812 5960 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
15:39:28.0871 5960 MSPCLOCK - ok
15:39:28.0896 5960 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
15:39:28.0938 5960 MSPQM - ok
15:39:28.0974 5960 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
15:39:29.0086 5960 MsRPC - ok
15:39:29.0133 5960 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
15:39:29.0199 5960 mssmbios - ok
15:39:29.0227 5960 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
15:39:29.0287 5960 MSTEE - ok
15:39:29.0313 5960 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
15:39:29.0384 5960 Mup - ok
15:39:29.0475 5960 N360 (b4187346f54e362daffe647b25a58d50) C:\Program Files\Norton Security Suite\Engine\4.4.0.12\ccSvcHst.exe
15:39:29.0561 5960 N360 - ok
15:39:29.0613 5960 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
15:39:29.0696 5960 napagent - ok
15:39:29.0759 5960 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
15:39:29.0800 5960 NativeWifiP - ok
15:39:29.0932 5960 NAVENG (f11033730b38260b6892e837c457fb4b) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20120618.002\NAVENG.SYS
15:39:30.0007 5960 NAVENG - ok
15:39:30.0135 5960 NAVEX15 (4e4e7c0259d3bb97de24a636c0e06aba) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20120618.002\NAVEX15.SYS
15:39:30.0247 5960 NAVEX15 - ok
15:39:30.0395 5960 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
15:39:30.0446 5960 NDIS - ok
15:39:30.0476 5960 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
15:39:30.0537 5960 NdisTapi - ok
15:39:30.0555 5960 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
15:39:30.0597 5960 Ndisuio - ok
15:39:30.0630 5960 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
15:39:30.0820 5960 NdisWan - ok
15:39:30.0846 5960 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
15:39:30.0899 5960 NDProxy - ok
15:39:30.0904 5960 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
15:39:30.0936 5960 NetBIOS - ok
15:39:30.0984 5960 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
15:39:31.0086 5960 netbt - ok
15:39:31.0123 5960 Netlogon (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
15:39:31.0155 5960 Netlogon - ok
15:39:31.0193 5960 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
15:39:31.0267 5960 Netman - ok
15:39:31.0303 5960 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
15:39:31.0398 5960 netprofm - ok
15:39:31.0474 5960 netr28u (6f8480809d14f0594b4b1df07385da33) C:\Windows\system32\DRIVERS\netr28u.sys
15:39:31.0554 5960 netr28u - ok
15:39:31.0627 5960 NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:39:31.0747 5960 NetTcpPortSharing - ok
15:39:31.0780 5960 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
15:39:31.0881 5960 nfrd960 - ok
15:39:31.0917 5960 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
15:39:32.0025 5960 NlaSvc - ok
15:39:32.0057 5960 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
15:39:32.0093 5960 Npfs - ok
15:39:32.0101 5960 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
15:39:32.0216 5960 nsi - ok
15:39:32.0252 5960 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
15:39:32.0324 5960 nsiproxy - ok
15:39:32.0429 5960 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
15:39:32.0628 5960 Ntfs - ok
15:39:32.0664 5960 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
15:39:32.0729 5960 ntrigdigi - ok
15:39:32.0791 5960 nTuneService - ok
15:39:32.0805 5960 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
15:39:32.0867 5960 Null - ok
15:39:32.0973 5960 NVENETFD (d668632606d1cebf0b6ec64c1df7ed6f) C:\Windows\system32\DRIVERS\nvmfdx32.sys
15:39:33.0115 5960 NVENETFD - ok
15:39:33.0782 5960 nvlddmkm (66b4bf606fcc7f0622d4a21bb1461089) C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:39:34.0384 5960 nvlddmkm - ok
15:39:34.0457 5960 NVR0Dev (812f257ed1cd53fcb1f9f9cc910f4809) C:\Windows\nvoclock.sys
15:39:34.0510 5960 NVR0Dev ( UnsignedFile.Multi.Generic ) - warning
15:39:34.0510 5960 NVR0Dev - detected UnsignedFile.Multi.Generic (1)
15:39:34.0607 5960 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
15:39:34.0684 5960 nvraid - ok
15:39:34.0727 5960 nvrd32 (049e81b6fb41c73619ed3fe4df7d8638) C:\Windows\system32\drivers\nvrd32.sys
15:39:34.0787 5960 nvrd32 - ok
15:39:34.0814 5960 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
15:39:34.0898 5960 nvstor - ok
15:39:34.0908 5960 nvstor32 (7eba6c9a0a295b1559efb9062e701218) C:\Windows\system32\drivers\nvstor32.sys
15:39:34.0953 5960 nvstor32 - ok
15:39:35.0375 5960 nvsvc (d122f7c5f79c68868f5dc28cefeb2ecf) C:\Windows\system32\nvvsvc.exe
15:39:35.0599 5960 nvsvc - ok
15:39:36.0234 5960 nvUpdatusService (003cb0a155568b4a53a301f07c734233) C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
15:39:36.0472 5960 nvUpdatusService - ok
15:39:36.0968 5960 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
15:39:37.0069 5960 nv_agp - ok
15:39:37.0073 5960 NwlnkFlt - ok
15:39:37.0079 5960 NwlnkFwd - ok
15:39:37.0264 5960 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
15:39:37.0421 5960 odserv - ok
15:39:37.0471 5960 OEM05Afx (58f478fd0115012ceec75fb73628901c) C:\Windows\system32\Drivers\OEM05Afx.sys
15:39:37.0561 5960 OEM05Afx - ok
15:39:37.0598 5960 OEM05Vfx (86326062a90494bdd79ce383511d7d69) C:\Windows\system32\DRIVERS\OEM05Vfx.sys
15:39:37.0639 5960 OEM05Vfx - ok
15:39:37.0676 5960 OEM05Vid (3c60c2022cb93073da2574da90c962c2) C:\Windows\system32\DRIVERS\OEM05Vid.sys
15:39:37.0732 5960 OEM05Vid - ok
15:39:37.0778 5960 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
15:39:37.0832 5960 ohci1394 - ok
15:39:37.0889 5960 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:39:38.0102 5960 ose - ok
15:39:38.0523 5960 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
15:39:38.0601 5960 p2pimsvc - ok
15:39:38.0610 5960 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
15:39:38.0662 5960 p2psvc - ok
15:39:38.0696 5960 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
15:39:38.0783 5960 Parport - ok
15:39:38.0817 5960 partmgr (b9c2b89f08670e159f7181891e449cd9) C:\Windows\system32\drivers\partmgr.sys
15:39:38.0875 5960 partmgr - ok
15:39:38.0900 5960 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
15:39:39.0001 5960 Parvdm - ok
15:39:39.0042 5960 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
15:39:39.0116 5960 PcaSvc - ok
15:39:39.0173 5960 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
15:39:39.0290 5960 pci - ok
15:39:39.0319 5960 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
15:39:39.0348 5960 pciide - ok
15:39:39.0385 5960 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
15:39:39.0437 5960 pcmcia - ok
15:39:39.0522 5960 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
15:39:39.0611 5960 PEAUTH - ok
15:39:39.0726 5960 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
15:39:39.0855 5960 pla - ok
15:39:39.0963 5960 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
15:39:40.0164 5960 PlugPlay - ok
15:39:40.0233 5960 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
15:39:40.0278 5960 PNRPAutoReg - ok
15:39:40.0287 5960 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
15:39:40.0328 5960 PNRPsvc - ok
15:39:40.0410 5960 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
15:39:40.0473 5960 PolicyAgent - ok
15:39:40.0523 5960 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
15:39:40.0578 5960 PptpMiniport - ok
15:39:40.0600 5960 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
15:39:40.0668 5960 Processor - ok
15:39:40.0715 5960 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
15:39:40.0764 5960 ProfSvc - ok
15:39:40.0798 5960 ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
15:39:40.0842 5960 ProtectedStorage - ok
15:39:40.0873 5960 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
15:39:40.0941 5960 PSched - ok
15:39:40.0977 5960 PxHelp20 (03e0fe281823ba64b3782f5b38950e73) C:\Windows\system32\Drivers\PxHelp20.sys
15:39:41.0054 5960 PxHelp20 - ok
15:39:41.0163 5960 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
15:39:41.0286 5960 ql2300 - ok
15:39:41.0313 5960 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
15:39:41.0377 5960 ql40xx - ok
15:39:41.0423 5960 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
15:39:41.0492 5960 QWAVE - ok
15:39:41.0518 5960 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
15:39:41.0576 5960 QWAVEdrv - ok
15:39:41.0754 5960 R300 (e642b131fb74caf4bb8a014f31113142) C:\Windows\system32\DRIVERS\atikmdag.sys
15:39:41.0915 5960 R300 - ok
15:39:41.0981 5960 RapiMgr (70dbdab246c18b78e2200d6401d038be) C:\Windows\WindowsMobile\rapimgr.dll
15:39:42.0056 5960 RapiMgr - ok
15:39:42.0147 5960 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
15:39:42.0211 5960 RasAcd - ok
15:39:42.0256 5960 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
15:39:42.0336 5960 RasAuto - ok
15:39:42.0367 5960 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
15:39:42.0431 5960 Rasl2tp - ok
15:39:42.0480 5960 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
15:39:42.0559 5960 RasMan - ok
15:39:42.0592 5960 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
15:39:42.0630 5960 RasPppoe - ok
15:39:42.0663 5960 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
15:39:42.0717 5960 RasSstp - ok
15:39:42.0766 5960 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
15:39:42.0812 5960 rdbss - ok
15:39:42.0823 5960 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
15:39:42.0904 5960 RDPCDD - ok
15:39:42.0938 5960 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
15:39:42.0988 5960 rdpdr - ok
15:39:42.0994 5960 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
15:39:43.0100 5960 RDPENCDD - ok
15:39:43.0142 5960 RDPWD (c127ebd5afab31524662c48dfceb773a) C:\Windows\system32\drivers\RDPWD.sys
15:39:43.0231 5960 RDPWD - ok
15:39:43.0277 5960 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
15:39:43.0357 5960 RemoteAccess - ok
15:39:43.0403 5960 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
15:39:43.0452 5960 RemoteRegistry - ok
15:39:43.0497 5960 RFCOMM (6482707f9f4da0ecbab43b2e0398a101) C:\Windows\system32\DRIVERS\rfcomm.sys
15:39:43.0543 5960 RFCOMM - ok
15:39:43.0577 5960 RimUsb (f17713d108aca124a139fde877eef68a) C:\Windows\system32\Drivers\RimUsb.sys
15:39:43.0658 5960 RimUsb - ok
15:39:43.0681 5960 RimVSerPort (d9b34325ee5df78b8f28a3de9f577c7d) C:\Windows\system32\DRIVERS\RimSerial.sys
15:39:43.0749 5960 RimVSerPort - ok
15:39:43.0779 5960 RLDesignVirtualAudioCableWdm (f5cd7457fa2f0d1078992ccb77a546c4) C:\Windows\system32\DRIVERS\livecamv.sys
15:39:43.0813 5960 RLDesignVirtualAudioCableWdm - ok
15:39:43.0840 5960 ROOTMODEM (75e8a6bfa7374aba833ae92bf41ae4e6) C:\Windows\system32\Drivers\RootMdm.sys
15:39:43.0895 5960 ROOTMODEM - ok
15:39:43.0966 5960 RoxLiveShare9 - ok
15:39:43.0981 5960 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
15:39:44.0053 5960 RpcLocator - ok
15:39:44.0106 5960 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
15:39:44.0143 5960 RpcSs - ok
15:39:44.0158 5960 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
15:39:44.0213 5960 rspndr - ok
15:39:44.0236 5960 SamSs (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
15:39:44.0281 5960 SamSs - ok
15:39:44.0298 5960 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
15:39:44.0374 5960 sbp2port - ok
15:39:44.0418 5960 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
15:39:44.0498 5960 SCardSvr - ok
15:39:44.0561 5960 Schedule (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
15:39:44.0653 5960 Schedule - ok
15:39:44.0678 5960 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
15:39:44.0706 5960 SCPolicySvc - ok
15:39:44.0740 5960 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
15:39:44.0790 5960 SDRSVC - ok
15:39:44.0807 5960 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
15:39:44.0875 5960 secdrv - ok
15:39:44.0904 5960 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
15:39:44.0937 5960 seclogon - ok
15:39:44.0948 5960 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll
15:39:45.0004 5960 SENS - ok
15:39:45.0025 5960 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
15:39:45.0093 5960 Serenum - ok
15:39:45.0121 5960 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
15:39:45.0192 5960 Serial - ok
15:39:45.0217 5960 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
15:39:45.0302 5960 sermouse - ok
15:39:45.0335 5960 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
15:39:45.0377 5960 SessionEnv - ok
15:39:45.0390 5960 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
15:39:45.0424 5960 sffdisk - ok
15:39:45.0437 5960 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
15:39:45.0501 5960 sffp_mmc - ok
15:39:45.0528 5960 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
15:39:45.0558 5960 sffp_sd - ok
15:39:45.0569 5960 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
15:39:45.0637 5960 sfloppy - ok
15:39:45.0690 5960 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
15:39:45.0770 5960 SharedAccess - ok
15:39:45.0824 5960 ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
15:39:45.0887 5960 ShellHWDetection - ok
15:39:45.0901 5960 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
15:39:45.0971 5960 sisagp - ok
15:39:46.0000 5960 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
15:39:46.0061 5960 SiSRaid2 - ok
15:39:46.0088 5960 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
15:39:46.0150 5960 SiSRaid4 - ok
15:39:46.0245 5960 SkypeUpdate (579ba0a911ff5ea70cb604cd3b744b0a) C:\Program Files\Skype\Updater\Updater.exe
15:39:46.0560 5960 SkypeUpdate - ok
15:39:46.0779 5960 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
15:39:46.0981 5960 slsvc - ok
15:39:47.0124 5960 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
15:39:47.0190 5960 SLUINotify - ok
15:39:47.0241 5960 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
15:39:47.0333 5960 Smb - ok
15:39:47.0391 5960 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
15:39:47.0425 5960 SNMPTRAP - ok
15:39:47.0438 5960 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
15:39:47.0477 5960 spldr - ok
15:39:47.0520 5960 Spooler (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
15:39:47.0616 5960 Spooler - ok
15:39:47.0682 5960 SRTSP (ec5c3c6260f4019b03dfaa03ec8cbf6a) C:\Windows\System32\Drivers\N360\0404000.00C\SRTSP.SYS
15:39:47.0774 5960 SRTSP - ok
15:39:47.0802 5960 SRTSPX (55d5c37ed41231e3ac2063d16df50840) C:\Windows\system32\drivers\N360\0404000.00C\SRTSPX.SYS
15:39:47.0846 5960 SRTSPX - ok
15:39:47.0906 5960 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
15:39:48.0017 5960 srv - ok
15:39:48.0069 5960 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
15:39:48.0150 5960 srv2 - ok
15:39:48.0181 5960 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
15:39:48.0214 5960 srvnet - ok
15:39:48.0250 5960 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
15:39:48.0293 5960 SSDPSRV - ok
15:39:48.0306 5960 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
15:39:48.0360 5960 SstpSvc - ok
15:39:48.0454 5960 Stereo Service (9e1222c417291bc836210743624a8e5e) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
15:39:48.0555 5960 Stereo Service - ok
15:39:48.0625 5960 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
15:39:48.0694 5960 stisvc - ok
15:39:48.0768 5960 stllssvr (1d0063597c3666404fcf97698abeb019) C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
15:39:48.0799 5960 stllssvr - ok
15:39:48.0849 5960 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
15:39:48.0876 5960 swenum - ok
15:39:48.0918 5960 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
15:39:49.0012 5960 swprv - ok
15:39:49.0040 5960 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
15:39:49.0163 5960 Symc8xx - ok
15:39:49.0239 5960 SymDS (56890bf9d9204b93042089d4b45ae671) C:\Windows\system32\drivers\N360\0404000.00C\SYMDS.SYS
15:39:49.0333 5960 SymDS - ok
15:39:49.0377 5960 SymEFA (10ba64273feff4df0a7ccb0ff3b9b26b) C:\Windows\system32\drivers\N360\0404000.00C\SYMEFA.SYS
15:39:49.0443 5960 SymEFA - ok
15:39:49.0494 5960 SymEvent (961b48b86f94d4cc8ceb483f8aa89374) C:\Windows\system32\Drivers\SYMEVENT.SYS
15:39:49.0545 5960 SymEvent - ok
15:39:49.0585 5960 SymIM (b5eb73a7f72dafc6da693d1a802a057e) C:\Windows\system32\DRIVERS\SymIMv.sys
15:39:49.0610 5960 SymIM - ok
15:39:49.0649 5960 SymIRON (dc80fbf0a348e54853ef82eed4e11e35) C:\Windows\system32\drivers\N360\0404000.00C\Ironx86.SYS
15:39:49.0719 5960 SymIRON - ok
15:39:49.0766 5960 SYMTDIv (b501d61792d8355eae7eb4f7449a9d99) C:\Windows\System32\Drivers\N360\0404000.00C\SYMTDIV.SYS
15:39:49.0837 5960 SYMTDIv - ok
15:39:49.0863 5960 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
15:39:49.0974 5960 Sym_hi - ok
15:39:50.0011 5960 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
15:39:50.0077 5960 Sym_u3 - ok
15:39:50.0140 5960 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
15:39:50.0249 5960 SysMain - ok
15:39:50.0297 5960 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
15:39:50.0370 5960 TabletInputService - ok
15:39:50.0425 5960 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
15:39:50.0594 5960 TapiSrv - ok
15:39:50.0627 5960 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
15:39:50.0676 5960 TBS - ok
15:39:50.0757 5960 Tcpip (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\drivers\tcpip.sys
15:39:50.0874 5960 Tcpip - ok
15:39:50.0888 5960 Tcpip6 (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\DRIVERS\tcpip.sys
15:39:50.0942 5960 Tcpip6 - ok
15:39:50.0993 5960 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
15:39:51.0089 5960 tcpipreg - ok
15:39:51.0115 5960 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
15:39:51.0182 5960 TDPIPE - ok
15:39:51.0212 5960 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
15:39:51.0259 5960 TDTCP - ok
15:39:51.0284 5960 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
15:39:51.0321 5960 tdx - ok
15:39:51.0351 5960 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
15:39:51.0422 5960 TermDD - ok
15:39:51.0480 5960 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
15:39:51.0554 5960 TermService - ok
15:39:51.0615 5960 Themes (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
15:39:51.0645 5960 Themes - ok
15:39:51.0671 5960 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
15:39:51.0715 5960 THREADORDER - ok
15:39:51.0747 5960 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
15:39:51.0784 5960 TrkWks - ok
15:39:51.0821 5960 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
15:39:51.0943 5960 TrustedInstaller - ok
15:39:51.0980 5960 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
15:39:52.0011 5960 tssecsrv - ok
15:39:52.0035 5960 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
15:39:52.0076 5960 tunmp - ok
15:39:52.0119 5960 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
15:39:52.0148 5960 tunnel - ok
15:39:52.0170 5960 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
15:39:52.0262 5960 uagp35 - ok
15:39:52.0310 5960 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
15:39:52.0379 5960 udfs - ok
15:39:52.0413 5960 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
15:39:52.0489 5960 UI0Detect - ok
15:39:52.0520 5960 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
15:39:52.0582 5960 uliagpkx - ok
15:39:52.0620 5960 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
15:39:52.0684 5960 uliahci - ok
15:39:52.0719 5960 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
15:39:52.0777 5960 UlSata - ok
15:39:52.0805 5960 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
15:39:52.0865 5960 ulsata2 - ok
15:39:52.0890 5960 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
15:39:52.0951 5960 umbus - ok
15:39:52.0988 5960 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
15:39:53.0071 5960 upnphost - ok
15:39:53.0142 5960 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys
15:39:53.0211 5960 USBAAPL - ok
15:39:53.0246 5960 usbaudio (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys
15:39:53.0306 5960 usbaudio - ok
15:39:53.0354 5960 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
15:39:53.0413 5960 usbccgp - ok
15:39:53.0450 5960 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
15:39:53.0542 5960 usbcir - ok
15:39:53.0575 5960 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
15:39:53.0670 5960 usbehci - ok
15:39:53.0723 5960 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
15:39:53.0770 5960 usbhub - ok
15:39:53.0794 5960 usbohci (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys
15:39:53.0852 5960 usbohci - ok
15:39:53.0888 5960 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
15:39:53.0974 5960 usbprint - ok
15:39:54.0010 5960 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
15:39:54.0076 5960 usbscan - ok
15:39:54.0106 5960 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:39:54.0142 5960 USBSTOR - ok
15:39:54.0166 5960 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
15:39:54.0226 5960 usbuhci - ok
15:39:54.0267 5960 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
15:39:54.0366 5960 usbvideo - ok
15:39:54.0435 5960 usb_rndisx (35c9095fa7076466afbfc5b9ec4b779e) C:\Windows\system32\DRIVERS\usb8023x.sys
15:39:54.0481 5960 usb_rndisx - ok
15:39:54.0526 5960 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
15:39:54.0566 5960 UxSms - ok
15:39:54.0611 5960 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
15:39:54.0725 5960 vds - ok
15:39:54.0748 5960 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
15:39:54.0812 5960 vga - ok
15:39:54.0836 5960 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
15:39:54.0898 5960 VgaSave - ok
15:39:54.0923 5960 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
15:39:54.0981 5960 viaagp - ok
15:39:55.0009 5960 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
15:39:55.0053 5960 ViaC7 - ok
15:39:55.0065 5960 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
15:39:55.0137 5960 viaide - ok
15:39:55.0165 5960 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
15:39:55.0230 5960 volmgr - ok
15:39:55.0276 5960 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
15:39:55.0422 5960 volmgrx - ok
15:39:55.0473 5960 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
15:39:55.0571 5960 volsnap - ok
15:39:55.0608 5960 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
15:39:55.0686 5960 vsmraid - ok
15:39:55.0801 5960 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
15:39:55.0948 5960 VSS - ok
15:39:55.0998 5960 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
15:39:56.0054 5960 W32Time - ok
15:39:56.0100 5960 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
15:39:56.0196 5960 WacomPen - ok
15:39:56.0311 5960 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
15:39:56.0350 5960 Wanarp - ok
15:39:56.0354 5960 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
15:39:56.0392 5960 Wanarpv6 - ok
15:39:56.0774 5960 WcesComm (779f9c90d3fe9c70b6ffd8ef035f3e83) C:\Windows\WindowsMobile\wcescomm.dll
15:39:56.0888 5960 WcesComm - ok
15:39:57.0594 5960 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
15:39:57.0728 5960 wcncsvc - ok
15:39:57.0768 5960 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
15:39:57.0835 5960 WcsPlugInService - ok
15:39:57.0876 5960 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
15:39:58.0387 5960 Wd - ok
15:39:58.0438 5960 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
15:39:58.0533 5960 Wdf01000 - ok
15:39:58.0578 5960 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
15:39:58.0667 5960 WdiServiceHost - ok
15:39:58.0671 5960 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
15:39:58.0719 5960 WdiSystemHost - ok
15:39:58.0769 5960 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
15:39:58.0874 5960 WebClient - ok
15:39:58.0925 5960 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
15:39:59.0010 5960 Wecsvc - ok
15:39:59.0043 5960 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
15:39:59.0119 5960 wercplsupport - ok
15:39:59.0191 5960 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
15:39:59.0240 5960 WerSvc - ok
15:39:59.0314 5960 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
15:39:59.0403 5960 WinDefend - ok
15:39:59.0410 5960 WinHttpAutoProxySvc - ok
15:39:59.0472 5960 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
15:39:59.0517 5960 Winmgmt - ok
15:39:59.0613 5960 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
15:39:59.0721 5960 WinRM - ok
15:39:59.0786 5960 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
15:39:59.0909 5960 Wlansvc - ok
15:40:00.0063 5960 wlidsvc (fb01d4ae207b9efdbabfc55dc95c7e31) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:40:00.0256 5960 wlidsvc - ok
15:40:00.0351 5960 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys
15:40:00.0423 5960 WmiAcpi - ok
15:40:00.0496 5960 wmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
15:40:00.0605 5960 wmiApSrv - ok
15:40:00.0689 5960 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
15:40:00.0773 5960 WMPNetworkSvc - ok
15:40:00.0799 5960 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
15:40:00.0852 5960 WPCSvc - ok
15:40:00.0895 5960 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
15:40:01.0029 5960 WPDBusEnum - ok
15:40:01.0097 5960 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
15:40:01.0186 5960 WpdUsb - ok
15:40:01.0334 5960 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
15:40:01.0449 5960 WPFFontCache_v0400 - ok
15:40:01.0506 5960 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
15:40:01.0572 5960 ws2ifsl - ok
15:40:01.0625 5960 wscsvc (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\System32\wscsvc.dll
15:40:01.0689 5960 wscsvc - ok
15:40:01.0694 5960 WSearch - ok
15:40:01.0846 5960 wuauserv (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll
15:40:01.0992 5960 wuauserv - ok
15:40:02.0095 5960 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
15:40:02.0163 5960 WUDFRd - ok
15:40:02.0196 5960 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
15:40:02.0268 5960 wudfsvc - ok
15:40:02.0273 5960 XDva351 - ok
15:40:02.0334 5960 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
15:40:02.0641 5960 \Device\Harddisk0\DR0 - ok
15:40:02.0673 5960 Boot (0x1200) (ec80b913cbfed176b6b1ca3cc3d1a9b4) \Device\Harddisk0\DR0\Partition0
15:40:02.0675 5960 \Device\Harddisk0\DR0\Partition0 - ok
15:40:02.0678 5960 Boot (0x1200) (ed55f14e6f77fa3123849b2102e5006f) \Device\Harddisk0\DR0\Partition1
15:40:02.0680 5960 \Device\Harddisk0\DR0\Partition1 - ok
15:40:02.0681 5960 ============================================================
15:40:02.0681 5960 Scan finished
15:40:02.0681 5960 ============================================================
15:40:02.0693 3568 Detected object count: 2
15:40:02.0693 3568 Actual detected object count: 2
15:40:21.0634 3568 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
15:40:21.0634 3568 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:40:21.0635 3568 NVR0Dev ( UnsignedFile.Multi.Generic ) - skipped by user
15:40:21.0635 3568 NVR0Dev ( UnsignedFile.Multi.Generic ) - User select action: Skip

When I downloaded GMER it ran on its own at first and here is the log from that,

GMER log:
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit quick scan 2012-06-18 15:51:33
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\00000066 WDC_WD50 rev.01.0
Running: GMER.exe; Driver: C:\Users\Pili\AppData\Local\Temp\pxldapod.sys


---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \Driver\tdx \Device\Ip SYMTDIV.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\tdx \Device\Tcp SYMTDIV.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\tdx \Device\Udp SYMTDIV.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\tdx \Device\RawIp SYMTDIV.SYS (Network Dispatch Driver/Symantec Corporation)

---- EOF - GMER 1.0.15 ----

It did not seem to be a thorough scan so I tried running it again this time including both the C drive and D drive.
Then my computer crashed and I got a blue screen error and my computer restarted.
Here is the message after booting up:

Microsoft Windows has recovered from an unexpected shutdown
Problem signature:
Problem Event Name: BlueScreen
OS Version: 6.0.6002.2.2.0.768.3
Locale ID: 1033

Additional information about the problem:
BCCode: 50
BCP1: CF640000
BCP2: 00000000
BCP3: 80C3D794
BCP4: 00000000
OS Version: 6_0_6002
Service Pack: 2_0
Product: 768_1

Files that help describe the problem:
C:\Windows\Minidump\Mini061812-01.dmp
C:\Users\Pili\AppData\Local\Temp\WER-83101-0.sysdata.xml
C:\Users\Pili\AppData\Local\Temp\WERE0EC.tmp.version.txt

Read our privacy statement:
http://go.microsoft.com/fwlink/?linkid=50163&clcid=0x0409

So after I booted up I ran the aswmbr

aswMBR log:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-06-18 16:03:09
-----------------------------
16:03:09.722 OS Version: Windows 6.0.6002 Service Pack 2
16:03:09.722 Number of processors: 4 586 0xF0B
16:03:09.723 ComputerName: PILI-PC UserName: Pili
16:03:49.066 Initialize success
16:04:36.033 AVAST engine defs: 12061801
16:05:06.282 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000066
16:05:06.285 Disk 0 Vendor: WDC_WD50 01.0 Size: 476940MB BusType: 6
16:05:06.346 Disk 0 MBR read successfully
16:05:06.349 Disk 0 MBR scan
16:05:06.356 Disk 0 Windows VISTA default MBR code
16:05:06.359 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 54 MB offset 63
16:05:06.376 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 10240 MB offset 112640
16:05:06.391 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 466644 MB offset 21084160
16:05:06.401 Disk 0 scanning sectors +976771072
16:05:06.707 Disk 0 scanning C:\Windows\system32\drivers
16:05:30.273 Service scanning
16:06:01.893 Modules scanning
16:06:10.176 Disk 0 trace - called modules:
16:06:10.536 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll storport.sys nvstor32.sys
16:06:10.542 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85ca9408]
16:06:10.547 3 CLASSPNP.SYS[807978b3] -> nt!IofCallDriver -> [0x85284e00]
16:06:10.552 5 acpi.sys[806916bc] -> nt!IofCallDriver -> \Device\00000066[0x852bcc90]
16:06:11.931 AVAST engine scan C:\Windows
16:06:15.814 AVAST engine scan C:\Windows\system32
16:11:28.522 AVAST engine scan C:\Windows\system32\drivers
16:11:51.547 AVAST engine scan C:\Users\Pili
16:11:53.653 File: C:\Users\Pili\AppData\Local\Apple Computer\Apple\bjvavobwb.dll **INFECTED** Win32:Malware-gen
16:25:27.543 AVAST engine scan C:\ProgramData
16:31:52.114 Scan finished successfully
16:47:41.057 Disk 0 MBR has been saved successfully to "C:\Users\Pili\Desktop\MBR.dat"
16:47:41.057 The log file has been saved successfully to "C:\Users\Pili\Desktop\aswMBR log.txt"



I also noticed that it is no longer affecting just IExplorer but now also Google Chrome


Edited by RoyalBlue52, 18 June 2012 - 05:27 PM.


#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:54 PM

Posted 19 June 2012 - 12:20 AM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

Download

MiniToolBox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

#5 RoyalBlue52

RoyalBlue52
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:01:54 PM

Posted 20 June 2012 - 01:41 AM

I ran Malwarebytes once because it did not find anything the first time.

ESET took over 4 hours to complete its scan but it did find 2 things :)
Here is the ESET result:

C:\Users\Pili\AppData\Local\Apple Computer\Apple\bjvavobwb.dll a variant of Win32/Kryptik.AGVE trojan cleaned by deleting (after the next restart) - quarantined
C:\Users\Pili\AppData\Local\Temp\NOD58C3.tmp a variant of Win32/Kryptik.AGVE trojan cleaned by deleting (after the next restart) - quarantined

And here is the Mini Tool Box result:


MiniToolBox by Farbar Version: 09-06-2012
Ran by Pili (administrator) on 20-06-2012 at 02:35:13
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

::1 localhost

127.0.0.1 localhost

========================= IP Configuration: ================================

Linksys WUSB100 RangePlus Wireless USB Adapter = Wireless Network Connection 4 (Connected)
NVIDIA nForce Networking Controller = Local Area Connection (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Pili-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : hsd1.fl.comcast.net.

Wireless LAN adapter Wireless Network Connection 4:

Connection-specific DNS Suffix . : hsd1.fl.comcast.net.
Description . . . . . . . . . . . : Linksys WUSB100 RangePlus Wireless USB Adapter #4
Physical Address. . . . . . . . . : 00-1C-10-EB-96-C1
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::ac62:45c1:79cf:81ec%22(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.104(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Tuesday, June 19, 2012 3:29:33 PM
Lease Expires . . . . . . . . . . : Thursday, June 21, 2012 2:28:23 AM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 486546448
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-10-3F-9E-6A-00-1E-C9-54-9F-78
DNS Servers . . . . . . . . . . . : 75.75.75.75
75.75.76.76
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : NVIDIA nForce Networking Controller #2
Physical Address. . . . . . . . . : 00-1E-C9-54-9F-78
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Bluetooth Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
Physical Address. . . . . . . . . : 00-1E-4C-CC-A3-31
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 6:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{454D6DD3-C67A-4FBB-B41E-0BBD78F65E5A}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 7:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{0EF57D43-D033-4996-9281-6E5480D00B9D}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 13:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.Comcast
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 16:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : hsd1.fl.comcast.net.
Description . . . . . . . . . . . : isatap.hsd1.fl.comcast.net.
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: cdns01.comcast.net
Address: 75.75.75.75

Name: google.com
Addresses: 2001:4860:800a::71
74.125.137.102
74.125.137.139
74.125.137.100
74.125.137.101
74.125.137.138
74.125.137.113

Pinging google.com [74.125.130.100] with 32 bytes of data:Reply from 74.125.130.100: bytes=32 time=31ms TTL=46Reply from 74.125.130.100: bytes=32 time=32ms TTL=46Ping statistics for 74.125.130.100: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 31ms, Maximum = 32ms, Average = 31msServer: cdns01.comcast.net
Address: 75.75.75.75

Name: yahoo.com
Addresses: 209.191.122.70
72.30.38.140
98.139.183.24

Pinging yahoo.com [209.191.122.70] with 32 bytes of data:Reply from 209.191.122.70: bytes=32 time=51ms TTL=49Reply from 209.191.122.70: bytes=32 time=50ms TTL=49Ping statistics for 209.191.122.70: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 50ms, Maximum = 51ms, Average = 50msServer: cdns01.comcast.net
Address: 75.75.75.75

Name: bleepingcomputer.com
Address: 208.43.87.2

Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:Reply from 208.43.87.2: Destination host unreachable.Reply from 208.43.87.2: Destination host unreachable.Ping statistics for 208.43.87.2: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Pinging 127.0.0.1 with 32 bytes of data:Reply from 127.0.0.1: bytes=32 time=8ms TTL=128Reply from 127.0.0.1: bytes=32 time=3ms TTL=128Ping statistics for 127.0.0.1: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 3ms, Maximum = 8ms, Average = 5ms===========================================================================
Interface List
22 ...00 1c 10 eb 96 c1 ...... Linksys WUSB100 RangePlus Wireless USB Adapter #4
20 ...00 1e c9 54 9f 78 ...... NVIDIA nForce Networking Controller #2
12 ...00 1e 4c cc a3 31 ...... Bluetooth Device (Personal Area Network)
1 ........................... Software Loopback Interface 1
21 ...00 00 00 00 00 00 00 e0 isatap.{454D6DD3-C67A-4FBB-B41E-0BBD78F65E5A}
10 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
23 ...00 00 00 00 00 00 00 e0 isatap.{0EF57D43-D033-4996-9281-6E5480D00B9D}
17 ...00 00 00 00 00 00 00 e0 isatap.Comcast
24 ...00 00 00 00 00 00 00 e0 isatap.hsd1.fl.comcast.net.
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.104 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.104 281
192.168.1.104 255.255.255.255 On-link 192.168.1.104 281
192.168.1.255 255.255.255.255 On-link 192.168.1.104 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.104 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.104 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
22 281 fe80::/64 On-link
22 281 fe80::ac62:45c1:79cf:81ec/128
On-link
1 306 ff00::/8 On-link
22 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\System32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\System32\winrnr.dll [19968] (Microsoft Corporation)
Catalog5 07 C:\Windows\system32\wshbth.dll [34304] (Microsoft Corporation)
Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 30 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 31 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 32 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 33 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 34 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 35 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 36 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 37 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 38 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 39 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 40 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 41 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 42 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 43 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 44 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 45 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (06/19/2012 03:44:03 PM) (Source: Application Hang) (User: )
Description: The program Explorer.EXE version 6.0.6002.18005 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: e48
Start Time: 01cd4e51df732ef1
Termination Time: 59888

Error: (06/19/2012 03:31:04 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/18/2012 03:57:25 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/18/2012 11:46:06 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/15/2012 05:31:21 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/14/2012 05:10:54 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\PILI\APPDATA\LOCAL\MICROSOFT\WINDOWS\TEMPORARY INTERNET FILES\LOW\CONTENT.IE5\95SAJL0R\ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ.ZZZ> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (06/14/2012 05:10:54 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\PILI\APPDATA\LOCAL\MICROSOFT\WINDOWS\TEMPORARY INTERNET FILES\LOW\CONTENT.IE5\95SAJL0R\ZZZZZZZZZZZZZZZZZ.ZZZ> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (06/14/2012 05:10:54 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\PILI\APPDATA\LOCAL\MICROSOFT\WINDOWS\TEMPORARY INTERNET FILES\LOW\CONTENT.IE5\95SAJL0R\ZZZZZZ.ZZZ> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (06/14/2012 05:10:54 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\PILI\APPDATA\LOCAL\MICROSOFT\WINDOWS\TEMPORARY INTERNET FILES\LOW\CONTENT.IE5\95SAJL0R\ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ.ZZZ> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (06/14/2012 05:10:38 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\PILI\APPDATA\LOCAL\MICROSOFT\WINDOWS\TEMPORARY INTERNET FILES\LOW\CONTENT.IE5\95SAJL0R\ZZZZZZZZZZZZZZZZZZZZZZZZZZZZ.ZZZ> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)


System errors:
=============
Error: (06/20/2012 02:08:29 AM) (Source: Service Control Manager) (User: )
Description: 30000TrkWks

Error: (06/20/2012 02:07:59 AM) (Source: Service Control Manager) (User: )
Description: 30000SysMain

Error: (06/20/2012 02:07:29 AM) (Source: Service Control Manager) (User: )
Description: 30000TrkWks

Error: (06/20/2012 00:20:48 AM) (Source: Service Control Manager) (User: )
Description: 30000TrkWks

Error: (06/19/2012 11:12:03 PM) (Source: Service Control Manager) (User: )
Description: 30000TrkWks

Error: (06/19/2012 03:31:08 PM) (Source: Service Control Manager) (User: )
Description: lxeaCATSCustConnectService%%1053

Error: (06/19/2012 03:31:08 PM) (Source: Service Control Manager) (User: )
Description: 30000lxeaCATSCustConnectService

Error: (06/18/2012 03:57:38 PM) (Source: Service Control Manager) (User: )
Description: lxeaCATSCustConnectService%%1053

Error: (06/18/2012 03:57:38 PM) (Source: Service Control Manager) (User: )
Description: 30000lxeaCATSCustConnectService

Error: (06/18/2012 03:55:50 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 3:54:21 PM on 6/18/2012 was unexpected.


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
ABBYY FineReader 6.0 Sprint (Version: 6.00.2146.41621)
Adobe AIR (Version: 2.0.3.13070)
Adobe Flash Player 10 Plugin (Version: 10.0.42.34)
Adobe Flash Player 11 ActiveX (Version: 11.2.202.235)
Adobe Reader 8.3.1 (Version: 8.3.1)
Advanced Audio FX Engine
Advanced Video FX Engine
Apple Application Support (Version: 2.0.1)
Apple Mobile Device Support (Version: 3.4.1.2)
Apple Software Update (Version: 2.1.3.127)
Bonjour (Version: 3.0.0.2)
Browser Address Error Redirector (Version: 1.00.0000)
CCleaner (Version: 3.16)
Comcast Universal Installer v1.2 (Version: 30)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
D3DX10 (Version: 15.4.2368.0902)
Dell DataSafe Online (Version: 1.0.21)
Dell Dock (Version: 1.0.0)
Dell Getting Started Guide (Version: 1.00.0000)
Dell Video Chat (remove only) (Version: 6.0 (6534))
Dell Webcam Center
Dell Webcam Manager
EDocs
ESET Online Scanner v3
Futurestream Client (Version: 2.2f3)
Google Chrome (Version: 19.0.1084.56)
Google Desktop (Version: 5.9.1005.12335)
Google Toolbar for Internet Explorer
GoToAssist Corporate (Version: 9.1.0.615)
HitmanPro 3.6 (Version: 3.6.0.156)
iTunes (Version: 10.4.1.10)
Java™ 6 Update 30 (Version: 6.0.300)
Lexmark Printable Web (Version: 1.0.0.0)
Lexmark S300-S400 Series
Lexmark Tools for Office (Version: 1.29.0.0)
Linksys WUSB100 RangePlus Wireless USB Adapter (Version: 1.0.0.7)
Live! Cam Avatar Creator (Version: 4.5.3104.1)
Live! Cam Avatar v1.0 (Version: 1.0)
Malwarebytes Anti-Malware version 1.61.0.1400 (Version: 1.61.0.1400)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Works (Version: 9.7.0621)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
Monitor Webcam (SP2208WFP) Driver (1.00.08.0720)
MSVCRT (Version: 15.4.2862.0708)
Norton Security Suite (Version: 4.4.0.12)
NVIDIA 3D Vision Controller Driver 285.62 (Version: 285.62)
NVIDIA 3D Vision Driver 285.62 (Version: 285.62)
NVIDIA Control Panel 285.62 (Version: 285.62)
NVIDIA Drivers
NVIDIA Graphics Driver 285.62 (Version: 285.62)
NVIDIA Install Application (Version: 2.1002.46.235)
NVIDIA Performance (Version: 1.00.0000)
NVIDIA PhysX (Version: 9.11.0621)
NVIDIA PhysX System Software 9.11.0621 (Version: 9.11.0621)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.12.8562)
NVIDIA System Monitor (Version: 1.00.0000)
NVIDIA Update 1.5.20 (Version: 1.5.20)
NVIDIA Update Components (Version: 1.5.20)
OpenOffice.org 3.0 (Version: 3.0.9357)
Origin (Version: 8.4.1.210)
QualXServ Service Agreement (Version: 2.0.0)
QuickTime (Version: 7.70.80.34)
Realtek High Definition Audio Driver
Roxio Creator Audio (Version: 3.7.0)
Roxio Creator Copy (Version: 3.7.0)
Roxio Creator Data (Version: 3.7.0)
Roxio Creator DE (Version: 10.1)
Roxio Creator DE (Version: 3.7.0)
Roxio Creator Tools (Version: 3.7.0)
Roxio Express Labeler 3 (Version: 3.2.1)
Roxio Update Manager (Version: 6.0.0)
Segoe UI (Version: 15.4.2271.0615)
Skype Click to Call (Version: 5.10.9560)
Skype™ 5.9 (Version: 5.9.115)
Sword 2
System Requirements Lab
The Sims 2 Family Fun Stuff
The Sims 2 Glamour Life Stuff
The Sims 2 Nightlife
The Sims 2 Open For Business
The Sims 2 Pets
The Sims™ 2 Seasons
The Sims™ 3 (Version: 1.34.27)
The Sims™ 3 Ambitions (Version: 4.10.1)
The Sims™ 3 High-End Loft Stuff (Version: 3.6.6)
The Sims™ 3 Pets (Version: 10.0.96)
The Sims™ 3 World Adventures (Version: 2.4.7)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VoiceOver Kit (Version: 1.30.128.0)
WIDCOMM Bluetooth Software 6.0.1.4300 (Version: 6.0.1.4300)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3538.0513)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
WinZip 16.5 (Version: 16.5.10095)

========================= Memory info: ===================================

Percentage of memory in use: 63%
Total physical RAM: 2044.76 MB
Available physical RAM: 750.11 MB
Total Pagefile: 4332.53 MB
Available Pagefile: 2616.79 MB
Total Virtual: 2047.88 MB
Available Virtual: 1943.51 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:455.71 GB) (Free:352.42 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:10 GB) (Free:5.7 GB) NTFS

========================= Users: ========================================

User accounts for \\PILI-PC

Administrator Guest Pili
UpdatusUser


**** End of log ****


#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:54 PM

Posted 20 June 2012 - 02:00 AM

I think we removed the file that was causing redirects

C:\Users\Pili\AppData\Local\Apple Computer\Apple\bjvavobwb.dll

Do you still have redirects? How is pc behaving now?

#7 RoyalBlue52

RoyalBlue52
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:01:54 PM

Posted 20 June 2012 - 02:04 PM

I tried to use google from both IE and Chrome and they no longer redirect so far so that is wonderful :D

Now when I start up my computer I get this message
Posted Image

I have a few questions...

1.I read that the kryptik trojans have keyloggers aimed for financial information. Do you think with what we did, I am safe to use my credit card online again?

2.How can I stop that start up RunDLL message?

3.Is it a good idea to run one of those scans again to double check that everything is fine?

4.Do you recommend any program to help prevent things like what you just helped me with?

5.Should I keep any of the programs you told me to install or should I just uninstall all of them?

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:54 PM

Posted 20 June 2012 - 03:12 PM

1.I read that the kryptik trojans have keyloggers aimed for financial information. Do you think with what we did, I am safe to use my credit card online again?

Change your passwords to be safe

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:54 PM

Posted 20 June 2012 - 03:14 PM

Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Post the contents of the text file here

Edited by narenxp, 20 June 2012 - 03:14 PM.


#10 RoyalBlue52

RoyalBlue52
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:01:54 PM

Posted 23 June 2012 - 12:09 AM

Here is the autoruns file:

"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Malwarebytes' Anti-Malware" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamgui.exe"
+ "OEM05Mon.exe" "Live! Cam Console Auto Launcher" "Creative Technology Ltd." "c:\windows\oem05mon.exe"
+ "SunJavaUpdateSched" "" "" "File not found: C:\Program Files\Java\jre6\bin\jusched.exe"
+ "Windows Defender" "Windows Defender User Interface" "Microsoft Corporation" "c:\program files\windows defender\msascui.exe"
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "WinZip Quick Pick.lnk" "WinZip Executable" "WinZip Computing, S.L." "c:\program files\winzip\wzqkpick32.exe"
"C:\Users\Pili\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "Dell Dock.lnk" "Dell Dock" "Stardock Corporation" "c:\program files\dell\delldock\delldock.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows Mail 7" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Apple" "" "" "File not found: C:\Users\Pili\AppData\Local\Apple Computer\Apple\bjvavobwb.dll"
+ "Google Update" "Google Installer" "Google Inc." "c:\users\pili\appdata\local\google\update\googleupdate.exe"
+ "MsnMsgr" "Windows Live Messenger" "Microsoft Corporation" "c:\program files\windows live\messenger\msnmsgr.exe"
+ "NVIDIA nTune" "NVIDIA nTune Command" "NVIDIA" "c:\program files\nvidia corporation\ntune\ntunecmd.exe"
+ "swg" "GoogleToolbarNotifier" "Google Inc." "c:\program files\google\googletoolbarnotifier\googletoolbarnotifier.exe"
"HKLM\SOFTWARE\Microsoft\Windows CE Services\AutoStartOnConnect" "" "" ""
+ "BTW Setup Wizard" "BtWizard Module" "Broadcom Corporation." "c:\windows\system32\btwizard.dll"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office12\msoxmlmf.dll"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "livecall" "Windows Live Messenger Protocol Handler Module" "Microsoft Corporation" "c:\program files\windows live\messenger\msgrapp.dll"
+ "ms-help" "Microsoft® Help Data Services Module" "Microsoft Corporation" "c:\program files\common files\microsoft shared\help\hxds.dll"
+ "ms-itss" "Microsoft® InfoTech Storage System Library" "Microsoft Corporation" "c:\program files\common files\microsoft shared\information retrieval\msitss.dll"
+ "msnim" "Windows Live Messenger Protocol Handler Module" "Microsoft Corporation" "c:\program files\windows live\messenger\msgrapp.dll"
+ "skype-ie-addon-data" "Skype Click to Call for Internet Explorer" "Skype Technologies S.A." "c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll"
+ "skype4com" "Skype for COM API" "Skype Technologies" "c:\program files\common files\skype\skype4com.dll"
+ "wlpg" "Windows Live Album Download Protocol Handler" "Microsoft Corporation" "c:\program files\windows live\photo gallery\albumdownloadprotocolhandler.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "BUContextMenu" "Backup Shell" "Symantec Corporation" "c:\program files\norton security suite\engine\4.4.0.12\bushell.dll"
+ "Symantec.Norton.Antivirus.IEContextMenu" "Symantec Shared Component Shell Extension Module" "Symantec Corporation" "c:\program files\norton security suite\engine\4.4.0.12\navshext.dll"
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files\winzip\wzshlstb.dll"
"HKLM\Software\Classes\*\ShellEx\PropertySheetHandlers" "" "" ""
+ "BuPropertySheet" "Backup Shell" "Symantec Corporation" "c:\program files\norton security suite\engine\4.4.0.12\bushell.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files\winzip\wzshlstb.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files\winzip\wzshlstb.dll"
"HKLM\Software\Classes\Directory\Shellex\CopyHookHandlers" "" "" ""
+ "Monitor" "BTNCopy Module" "Broadcom Corporation." "c:\windows\system32\btncopy.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "NvCplDesktopContext" "" "NVIDIA Corporation" "c:\windows\system32\nvshext.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files\common files\adobe\acrobat\activex\pdfshell.dll"
+ "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" "" "Sun Microsystems, Inc." "c:\program files\openoffice.org 3\basis\program\shlxthdl\shlxthdl.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "BUContextMenu" "Backup Shell" "Symantec Corporation" "c:\program files\norton security suite\engine\4.4.0.12\bushell.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
+ "Symantec.Norton.Antivirus.IEContextMenu" "Symantec Shared Component Shell Extension Module" "Symantec Corporation" "c:\program files\norton security suite\engine\4.4.0.12\navshext.dll"
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files\winzip\wzshlstb.dll"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files\winzip\wzshlstb.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "OverlayExcluded" "Backup Shell" "Symantec Corporation" "c:\program files\norton security suite\engine\4.4.0.12\bushell.dll"
+ "OverlayPending" "Backup Shell" "Symantec Corporation" "c:\program files\norton security suite\engine\4.4.0.12\bushell.dll"
+ "OverlayProtected" "Backup Shell" "Symantec Corporation" "c:\program files\norton security suite\engine\4.4.0.12\bushell.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Reader Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files\common files\adobe\acrobat\activex\acroiehelper.dll"
+ "CBrowserHelperObject Object" "BAE.dll" "Dell Inc." "c:\program files\dell\bae\bae.dll"
+ "Google Dictionary Compression sdch" "Fast Search" "Google Inc." "c:\program files\google\google toolbar\component\fastsearch_219b3e1547538286.dll"
+ "Google Toolbar Helper" "" "" "c:\program files\google\google toolbar\googletoolbar.dll"
+ "Google Toolbar Notifier BHO" "GoogleToolbarNotifier" "Google Inc." "c:\program files\google\googletoolbarnotifier\5.0.926.3450\swg.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\jp2ssv.dll"
+ "Lexmark Printable Web" "" "" "c:\program files\lexmark printable web\bho.dll"
+ "Skype Browser Helper" "Skype Click to Call for Internet Explorer" "Skype Technologies S.A." "c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll"
+ "SSVHelper Class" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\ssv.dll"
+ "Symantec Intrusion Prevention" "IPS Browser Helper DLL" "Symantec Corporation" "c:\program files\norton security suite\engine\4.4.0.12\ipsbho.dll"
+ "Symantec NCO BHO" "coIEPlugIn" "Symantec Corporation" "c:\program files\norton security suite\engine\4.4.0.12\coieplg.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "&Google Toolbar" "" "" "c:\program files\google\google toolbar\googletoolbar.dll"
+ "Norton Toolbar" "coIEPlugIn" "Symantec Corporation" "c:\program files\norton security suite\engine\4.4.0.12\coieplg.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "Send to &Bluetooth Device..." "" "" "c:\program files\widcomm\bluetooth software\btsendto_ie.htm"
"Task Scheduler" "" "" ""
+ "\Apple\AppleSoftwareUpdate" "Apple Software Update" "Apple Inc." "c:\program files\apple software update\softwareupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-2498473665-2842608117-3338555662-1000Core" "Google Installer" "Google Inc." "c:\users\pili\appdata\local\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-2498473665-2842608117-3338555662-1000UA" "Google Installer" "Google Inc." "c:\users\pili\appdata\local\google\update\googleupdate.exe"
+ "\Microsoft\Windows Defender\MP Scheduled Scan" "Windows Defender Command Line Utility" "Microsoft Corporation" "c:\program files\windows defender\mpcmdrun.exe"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" "Windows Live Social Object Extractor Engine" "Microsoft Corporation" "c:\program files\windows live\soxe\wlsoxe.dll"
+ "\Microsoft\Windows\Wired\GatherWiredInfo" "" "" "c:\windows\system32\gatherwiredinfo.vbs"
+ "\Microsoft\Windows\Wireless\GatherWirelessInfo" "" "" "c:\windows\system32\gatherwirelessinfo.vbs"
+ "\Symantec\Symantec Error Analyzer 4.4.0.12" "Symantec Error Reporting" "Symantec Corporation" "c:\program files\norton security suite\engine\4.4.0.12\symerr.exe"
+ "\{5BBF0CD8-4318-4B1E-A344-96C2E048B663}" "Skype " "Skype Technologies S.A." "c:\program files\skype\phone\skype.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\system32\macromed\flash\flashplayerupdateservice.exe"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"
+ "DockLoginService" "Dock Login Service" "Stardock Corporation" "c:\program files\dell\delldock\docklogin.exe"
+ "GoogleDesktopManager-051210-111108" "Updates Google Desktop with the latest security fixes, enhancements and features. This service only runs occasionally and thus does not affect your computer's performance. If this service is stopped or disabled, Google Desktop may not function correctly." "Google" "c:\program files\google\google desktop search\googledesktop.exe"
+ "GoToAssist" "Citrix GoToAssist provides remote help to this PC." "Citrix Online, a division of Citrix Systems, Inc." "c:\program files\citrix\gotoassist\615\g2aservice.exe"
+ "gusvc" "gusvc" "Google" "c:\program files\google\common\google updater\googleupdaterservice.exe"
+ "HitmanProScheduler" "HitmanPro Scheduler controls scheduled scans" "SurfRight B.V." "c:\program files\hitmanpro\hmpsched.exe"
+ "IDriverT" "Provides support for the Running Object Table for InstallShield Drivers" "Macrovision Corporation" "c:\program files\common files\installshield\driver\1050\intel 32\idrivert.exe"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "lxea_device" "Printer Communication System" " " "c:\windows\system32\lxeacoms.exe"
+ "lxeaCATSCustConnectService" "Lexmark Connect Service Executable" "Lexmark International, Inc." "c:\windows\system32\spool\drivers\w32x86\3\lxeaserv.exe"
+ "MBAMService" "Malwarebytes Anti-Malware service" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamservice.exe"
+ "N360" "Norton Security Suite" "Symantec Corporation" "c:\program files\norton security suite\engine\4.4.0.12\ccsvchst.exe"
+ "nTuneService" "Service to allow a remote administrator to access this machine for gathering information, and performing performance updates" "NVIDIA" "c:\program files\nvidia corporation\ntune\ntuneservice.exe"
+ "nvsvc" "Provides system and desktop level support to the NVIDIA display driver" "NVIDIA Corporation" "c:\windows\system32\nvvsvc.exe"
+ "nvUpdatusService" "NVIDIA Settings Update Manager service, used to check new updates from NVIDIA server." "NVIDIA Corporation" "c:\program files\nvidia corporation\nvidia updatus\daemonu.exe"
+ "odserv" "Run portions of Microsoft Office Diagnostics." "Microsoft Corporation" "c:\program files\common files\microsoft shared\office12\odserv.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files\common files\microsoft shared\source engine\ose.exe"
+ "RoxLiveShare9" "Allows remote users to view through WEB browsers your authorized multimedia content managed by Roxio Media Manager9." "" "File not found: C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe"
+ "SkypeUpdate" "Enables the detection, download and installation of updates for Skype." "Skype Technologies" "c:\program files\skype\updater\updater.exe"
+ "Stereo Service" "Provides system support for NVIDIA Stereoscopic 3D driver" "NVIDIA Corporation" "c:\program files\nvidia corporation\3d vision\nvscpapisvr.exe"
+ "stllssvr" "SureThing Labelflash Disc Printer Service Module" "MicroVision Development, Inc." "c:\program files\common files\surething shared\stllssvr.exe"
+ "WinDefend" "Scan your computer for unwanted software, schedule scans, and get the latest unwanted software definitions." "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "BHDrvx86" "SONAR Engine Driver" "Symantec Corporation" "c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.0.0.127\definitions\bashdefs\20120619.001\bhdrvx86.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "btwaudio" "Bluetooth Audio Device" "Broadcom Corporation." "c:\windows\system32\drivers\btwaudio.sys"
+ "btwavdt" "Broadcom Bluetooth AVDT Service" "Broadcom Corporation." "c:\windows\system32\drivers\btwavdt.sys"
+ "btwrchid" "Bluetooth Remote Control HID Minidriver" "Broadcom Corporation." "c:\windows\system32\drivers\btwrchid.sys"
+ "ccHP" "Common Client Hash Provider Driver" "Symantec Corporation" "c:\windows\system32\drivers\n360\0404000.00c\cchpx86.sys"
+ "dwusbdnt" "Digit@lway Audio Player USB Driver" "Digit@lway Co., Ltd." "c:\windows\system32\drivers\dwusbdnt.sys"
+ "e1express" "Intel® PRO/1000 Adapter NDIS 6 deserialized driver" "Intel Corporation" "c:\windows\system32\drivers\e1e6032.sys"
+ "E1G60" "Intel® PRO/1000 Adapter NDIS 6 deserialized driver" "Intel Corporation" "c:\windows\system32\drivers\e1g60i32.sys"
+ "eeCtrl" "Symantec Eraser Control Driver" "Symantec Corporation" "c:\program files\common files\symantec shared\eengine\eectrl.sys"
+ "EraserUtilRebootDrv" "Symantec Eraser Utility Driver" "Symantec Corporation" "c:\program files\common files\symantec shared\eengine\eraserutilrebootdrv.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "IDSVix86" "Symantec Intrusion Prevention Driver" "Symantec Corporation" "c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.0.0.127\definitions\ipsdefs\20120622.001\idsvix86.sys"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkvhda.sys"
+ "IpInIp" "IP in IP Tunnel Driver" "" "File not found: system32\DRIVERS\ipinip.sys"
+ "MBAMProtector" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\windows\system32\drivers\mbam.sys"
+ "mfeavfk" "Anti-Virus File System Filter Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfeavfk.sys"
+ "mfebopk" "Buffer Overflow Protection Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfebopk.sys"
+ "mfehidk" "Host Intrusion Detection Link Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfehidk.sys"
+ "mferkdk" "VSCore Code Analysis Driver" "McAfee, Inc." "c:\windows\system32\drivers\mferkdk.sys"
+ "mfesmfk" "System Monitor Filter Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfesmfk.sys"
+ "NAVENG" "AV Engine" "Symantec Corporation" "c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.0.0.127\definitions\virusdefs\20120622.019\naveng.sys"
+ "NAVEX15" "AV Engine" "Symantec Corporation" "c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.0.0.127\definitions\virusdefs\20120622.019\navex15.sys"
+ "netr28u" "Ralink 802.11n Wireless Adapter Driver" "Ralink Technology Corp." "c:\windows\system32\drivers\netr28u.sys"
+ "NVENETFD" "NVIDIA MCP Networking Function Driver." "NVIDIA Corporation" "c:\windows\system32\drivers\nvmfdx32.sys"
+ "nvlddmkm" "NVIDIA Windows Kernel Mode Driver, Version 285.62 " "NVIDIA Corporation" "c:\windows\system32\drivers\nvlddmkm.sys"
+ "NVR0Dev" "NVidia System Utility Driver" "NVidia Corp." "c:\windows\nvoclock.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvrd32" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvrd32.sys"
+ "nvstor32" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor32.sys"
+ "NwlnkFlt" "IPX Traffic Filter Driver" "" "File not found: system32\DRIVERS\nwlnkflt.sys"
+ "NwlnkFwd" "IPX Traffic Forwarder Driver" "" "File not found: system32\DRIVERS\nwlnkfwd.sys"
+ "OEM05Afx" "Advanced Audio FX Driver" "Creative Technology Ltd." "c:\windows\system32\drivers\oem05afx.sys"
+ "OEM05Vfx" "Provides a software interface to control video effects of Monitor Webcam (SP2208WFP)." "EyePower Games Pte. Ltd." "c:\windows\system32\drivers\oem05vfx.sys"
+ "OEM05Vid" "Provides a software interface to control Monitor Webcam (SP2208WFP)." "Creative Technology Ltd." "c:\windows\system32\drivers\oem05vid.sys"
+ "PxHelp20" "Px Engine Device Driver for Windows 2000/XP" "Sonic Solutions" "c:\windows\system32\drivers\pxhelp20.sys"
+ "R300" "ATI Radeon Kernel Mode Driver" "ATI Technologies Inc." "c:\windows\system32\drivers\atikmdag.sys"
+ "RimUsb" "BlackBerry Device Driver" "Research In Motion Limited" "c:\windows\system32\drivers\rimusb.sys"
+ "RimVSerPort" "RIM Virtual Serial Driver" "Research in Motion Ltd" "c:\windows\system32\drivers\rimserial.sys"
+ "RLDesignVirtualAudioCableWdm" "" "" "c:\windows\system32\drivers\livecamv.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SRTSP" "Symantec AutoProtect" "Symantec Corporation" "c:\windows\system32\drivers\n360\0404000.00c\srtsp.sys"
+ "SRTSPX" "Symantec AutoProtect" "Symantec Corporation" "c:\windows\system32\drivers\n360\0404000.00c\srtspx.sys"
+ "SymDS" "Symantec Data Store" "Symantec Corporation" "c:\windows\system32\drivers\n360\0404000.00c\symds.sys"
+ "SymEFA" "Symantec Extended File Attributes" "Symantec Corporation" "c:\windows\system32\drivers\n360\0404000.00c\symefa.sys"
+ "SymEvent" "Symantec Event Library" "Symantec Corporation" "c:\windows\system32\drivers\symevent.sys"
+ "SymIM" "Symantec Network Security Intermediate Filter Driver" "Symantec Corporation" "c:\windows\system32\drivers\symimv.sys"
+ "SymIRON" "Iron Driver" "Symantec Corporation" "c:\windows\system32\drivers\n360\0404000.00c\ironx86.sys"
+ "SYMTDIv" "Network Dispatch Driver" "Symantec Corporation" "c:\windows\system32\drivers\n360\0404000.00c\symtdiv.sys"
+ "USBAAPL" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl.sys"
+ "XDva351" "" "" "File not found: C:\Windows\system32\XDva351.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
+ "MSACM.MI-SC4" "" "" "File not found: MI-SC4.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\system32\iccvid.dll"
+ "vidc.VP60" "VP6 VIDEO FOR WINDOWS CODEC " "On2.com" "c:\windows\system32\vp6vfw.dll"
+ "vidc.VP61" "VP6 VIDEO FOR WINDOWS CODEC " "On2.com" "c:\windows\system32\vp6vfw.dll"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "9x8Resize" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Allocator Fix" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Bitmap" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Capture ASF Writer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "Creative Video Effect" "" "Creative Technology Ltd." "c:\program files\creative\shared files\cteffect.ax"
+ "Frame Eater" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Mic-Array Source" "MicArray Dynamic Link Library" "Creative Technology Ltd." "c:\program files\creative\shared files\micarraysrc.ax"
+ "Multiple File Output" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Proxy Sink" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Proxy Source" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "Record Queue" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "ShotDetect" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Stetch" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WM VIH2 Fix" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Audio Analyzer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Black Frame Generator" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT FormatConversion" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Import Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Interlacer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Log Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT MuxDeMux Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Volume" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls" "" "" ""
+ "C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL" "Google Desktop" "Google" "c:\program files\google\google desktop search\googledesktopnetwork3.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "GoToAssist" "Citrix Online GoToAssist Corporate" "Citrix Online, a division of Citrix Systems, Inc." "c:\program files\citrix\gotoassist\615\g2awinlogon.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "BJ Language Monitor3_2" "Canon Inkjet Printer Driver" "CANON INC." "c:\windows\system32\cnblm3_2.dll"
+ "S300-S400 Series Port" "Printer Communication System" " " "c:\windows\system32\lxealmpm.dll"
"C:\Users\Pili\AppData\Local\Microsoft\Windows Sidebar\Settings.ini" "" "" ""
+ "Clock" "Watch the clock in your own time zone or any city in the world." "Microsoft Corporation" "C:\Program Files\windows sidebar\gadgets\Clock.gadget\en-US\Gadget.xml"
+ "Currency" "Convert from one currency to another." "Microsoft Corporation" "C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\Gadget.xml"
+ "Norton Security Status" "Norton Security Status" "Symantec Corporation" "C:\Program Files\Windows Sidebar\Gadgets\Norton.Gadget\en-US\Gadget.xml"
+ "Pandora Radio" "Pandora radio is the personalized internet radio service that helps you find new music based on your old and current favorites. Create custom web radio stations, listen free." "Pandora Radio" "C:\Users\Pili\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Pandora[1].gadget\Gadget.xml"
+ "Slide Show" "Show a continuous slide show of your pictures." "Microsoft Corporation" "C:\Program Files\windows sidebar\gadgets\SlideShow.Gadget\en-US\Gadget.xml"
+ "Weather" "See what the weather looks like around the world." "Microsoft Corporation" "C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\Gadget.xml"
+ "WinZip Gadget" "" "WinZip" "C:\Program Files\Windows Sidebar\Shared Gadgets\WinZip.Gadget\en-US\Gadget.xml"

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:54 PM

Posted 23 June 2012 - 12:40 AM

Launch autoruns and uncheck this entry

"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Apple" "" "" "File not found: C:\Users\Pili\AppData\Local\Apple Computer\Apple\bjvavobwb.dll"

Restart the PC and check

Download

TFC


Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows-vista/Turn-System-Restore-on-or-off

Update your flash player

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#12 RoyalBlue52

RoyalBlue52
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:01:54 PM

Posted 26 June 2012 - 12:49 AM

Narenxp, I want to thank you SO much. You have been extremely helpful, professional and thorough. I am very grateful to you for helping me. I feel very lucky that you were able to solve the issue at hand in a relatively simple way as well. You must be a really great person to volunteer and help others like this.

Thanks & Praise :)

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:54 PM

Posted 26 June 2012 - 02:08 AM

You're most welcome and thanks for your feedback :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users