Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Removal help needed - HELP!


  • Please log in to reply
10 replies to this topic

#1 pmarc

pmarc

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:02:09 PM

Posted 23 July 2012 - 07:07 AM

This FBI message pops up upon startup. Can't get rid of it - has taken over my pc!

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:09 PM

Posted 23 July 2012 - 07:18 AM

Boot the PC into safemode with networking


Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 pmarc

pmarc
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:02:09 PM

Posted 23 July 2012 - 09:54 PM

ESET:
C:\Documents and Settings\John\Local Settings\temp\rool0_pk.exe Win32/Reveton.H trojan cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Documents and Settings\NetworkService\Application Data\Adobe\sp.Dll.vir a variant of Win32/Kryptik.AFQN trojan cleaned by deleting - quarantined
C:\System Volume Information\_restore{7A2A248A-E530-47DF-A0C5-A4237847A4D1}\RP1286\A0128804.exe a variant of Win32/SoftonicDownloader.A application cleaned by deleting - quarantined
C:\System Volume Information\_restore{7A2A248A-E530-47DF-A0C5-A4237847A4D1}\RP1286\A0128805.exe Win32/SpeedUpMyPC application cleaned by deleting - quarantined
C:\System Volume Information\_restore{A29CB736-1944-4C96-8E2F-3B893BF76A2F}\RP1\A0000024.DLL a variant of Win32/Kryptik.AFQN trojan cleaned by deleting - quarantined
C:\System Volume Information\_restore{A29CB736-1944-4C96-8E2F-3B893BF76A2F}\RP10\A0011638.exe a variant of Win32/InstallIQ application cleaned by deleting - quarantined
C:\System Volume Information\_restore{A29CB736-1944-4C96-8E2F-3B893BF76A2F}\RP4\A0002384.exe probably a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined
C:\System Volume Information\_restore{A29CB736-1944-4C96-8E2F-3B893BF76A2F}\RP4\A0002385.exe a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined
C:\System Volume Information\_restore{A29CB736-1944-4C96-8E2F-3B893BF76A2F}\RP4\A0002386.dll a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined
C:\System Volume Information\_restore{A29CB736-1944-4C96-8E2F-3B893BF76A2F}\RP8\A0005761.rbf a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined
C:\WINDOWS\system32\Ipripv32.dll a variant of Win32/Wimpixo.AU trojan cleaned by deleting - quarantined
C:\WINDOWS\system32\USB3Sw32.dll a variant of Win32/Wimpixo.AU trojan cleaned by deleting (after the next restart) - quarantined


aswMBR:
aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-23 20:54:22
-----------------------------
20:54:22.968 OS Version: Windows 5.1.2600 Service Pack 3
20:54:22.968 Number of processors: 1 586 0x207
20:54:22.968 ComputerName: JOHN-DELL UserName: John
20:54:23.406 Initialize success
20:57:30.187 AVAST engine defs: 12072302
20:58:11.187 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
20:58:11.187 Disk 0 Vendor: WDC_WD400BB-75DEA0 05.03E05 Size: 38146MB BusType: 3
20:58:11.218 Disk 0 MBR read successfully
20:58:11.218 Disk 0 MBR scan
20:58:11.281 Disk 0 Windows XP default MBR code
20:58:11.281 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 38138 MB offset 63
20:58:11.296 Disk 0 scanning sectors +78108030
20:58:11.375 Disk 0 scanning C:\WINDOWS\system32\drivers
20:58:27.453 Service scanning
20:58:35.625 Service Iprip C:\WINDOWS\system32\Ipripv32.dll **INFECTED** Win32:Zbot-OEO [Trj]
20:58:49.218 Modules scanning
20:58:53.734 Module: C:\WINDOWS\System32\drivers\dxgthk.sys **SUSPICIOUS**
20:58:54.234 Module: C:\WINDOWS\system32\ntdll.dll **SUSPICIOUS**
20:58:54.281 Disk 0 trace - called modules:
20:58:54.312 ntoskrnl.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll intelide.sys PCIIDEX.SYS
20:58:54.328 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x82fd2ab8]
20:58:54.359 3 CLASSPNP.SYS[f8778fd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x82fd3b00]
20:58:55.343 AVAST engine scan C:\WINDOWS
20:59:06.750 AVAST engine scan C:\WINDOWS\system32
20:59:57.125 File: C:\WINDOWS\system32\Ipripv32.dll **INFECTED** Win32:Zbot-OEO [Trj]
21:01:21.968 File: C:\WINDOWS\system32\USB3Sw32.dll **INFECTED** Win32:Malware-gen
21:02:47.171 AVAST engine scan C:\WINDOWS\system32\drivers
21:03:09.437 AVAST engine scan C:\Documents and Settings\John
21:05:36.578 File: C:\Documents and Settings\John\Local Settings\temp\rool0_pk.exe **INFECTED** Win32:Rootkit-gen [Rtk]
21:06:10.015 AVAST engine scan C:\Documents and Settings\All Users
21:06:38.828 Scan finished successfully
21:07:03.109 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\John\Desktop\today\MBR.dat"
21:07:03.125 The log file has been saved successfully to "C:\Documents and Settings\John\Desktop\today\aswMBR.txt"


TDSSKILLER:
20:49:43.0625 1852 TDSS rootkit removing tool 2.7.47.0 Jul 20 2012 20:36:30
20:49:44.0093 1852 ============================================================
20:49:44.0093 1852 Current date / time: 2012/07/23 20:49:44.0093
20:49:44.0093 1852 SystemInfo:
20:49:44.0093 1852
20:49:44.0093 1852 OS Version: 5.1.2600 ServicePack: 3.0
20:49:44.0093 1852 Product type: Workstation
20:49:44.0093 1852 ComputerName: JOHN-DELL
20:49:44.0093 1852 UserName: John
20:49:44.0093 1852 Windows directory: C:\WINDOWS
20:49:44.0093 1852 System windows directory: C:\WINDOWS
20:49:44.0093 1852 Processor architecture: Intel x86
20:49:44.0093 1852 Number of processors: 1
20:49:44.0093 1852 Page size: 0x1000
20:49:44.0093 1852 Boot type: Safe boot with network
20:49:44.0093 1852 ============================================================
20:49:46.0718 1852 Drive \Device\Harddisk0\DR0 - Size: 0x9502F9000 (37.25 Gb), SectorSize: 0x200, Cylinders: 0x12FF, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
20:49:46.0718 1852 Drive \Device\Harddisk1\DR2 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
20:49:47.0046 1852 ============================================================
20:49:47.0046 1852 \Device\Harddisk0\DR0:
20:49:47.0046 1852 MBR partitions:
20:49:47.0046 1852 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x4A7D53F
20:49:47.0046 1852 \Device\Harddisk1\DR2:
20:49:47.0046 1852 MBR partitions:
20:49:47.0046 1852 \Device\Harddisk1\DR2\Partition0: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x1D1C4542
20:49:47.0046 1852 ============================================================
20:49:47.0046 1852 D: <-> \Device\Harddisk1\DR2\Partition0
20:49:47.0078 1852 C: <-> \Device\Harddisk0\DR0\Partition0
20:49:47.0078 1852 ============================================================
20:49:47.0078 1852 Initialize success
20:49:47.0078 1852 ============================================================
20:50:49.0171 2024 ============================================================
20:50:49.0171 2024 Scan started
20:50:49.0171 2024 Mode: Manual; TDLFS;
20:50:49.0171 2024 ============================================================
20:50:49.0875 2024 Abiosdsk - ok
20:50:49.0921 2024 abp480n5 - ok
20:50:50.0031 2024 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
20:50:50.0046 2024 ACPI - ok
20:50:50.0156 2024 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
20:50:50.0156 2024 ACPIEC - ok
20:50:50.0218 2024 adpu160m - ok
20:50:50.0296 2024 aeaudio (11c04b17ed2abbb4833694bcd644ac90) C:\WINDOWS\system32\drivers\aeaudio.sys
20:50:50.0296 2024 aeaudio - ok
20:50:50.0359 2024 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
20:50:50.0359 2024 aec - ok
20:50:50.0468 2024 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
20:50:50.0484 2024 AFD - ok
20:50:50.0546 2024 Aha154x - ok
20:50:50.0593 2024 aic78u2 - ok
20:50:50.0640 2024 aic78xx - ok
20:50:50.0734 2024 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
20:50:50.0734 2024 Alerter - ok
20:50:50.0828 2024 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
20:50:50.0828 2024 ALG - ok
20:50:50.0875 2024 AliIde - ok
20:50:50.0921 2024 amsint - ok
20:50:51.0015 2024 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll
20:50:51.0046 2024 AppMgmt - ok
20:50:51.0093 2024 asc - ok
20:50:51.0140 2024 asc3350p - ok
20:50:51.0187 2024 asc3550 - ok
20:50:51.0453 2024 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
20:50:51.0515 2024 aspnet_state - ok
20:50:51.0593 2024 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
20:50:51.0593 2024 AsyncMac - ok
20:50:51.0656 2024 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
20:50:51.0656 2024 atapi - ok
20:50:51.0703 2024 Atdisk - ok
20:50:51.0781 2024 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
20:50:51.0796 2024 Atmarpc - ok
20:50:51.0890 2024 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
20:50:51.0890 2024 AudioSrv - ok
20:50:51.0984 2024 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
20:50:52.0000 2024 audstub - ok
20:50:52.0109 2024 AVGIDSHX (d63d83659eedf60b3a3e620281a888e5) C:\WINDOWS\system32\DRIVERS\avgidshx.sys
20:50:52.0109 2024 AVGIDSHX - ok
20:50:52.0187 2024 Avgtdix (1263f2554ace925c237a40b4c568d815) C:\WINDOWS\system32\DRIVERS\avgtdix.sys
20:50:52.0187 2024 Avgtdix - ok
20:50:52.0406 2024 avgwd (ea1145debcd508fd25bd1e95c4346929) C:\Program Files\AVG\AVG2012\avgwdsvc.exe
20:50:52.0468 2024 avgwd - ok
20:50:52.0578 2024 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
20:50:52.0578 2024 Beep - ok
20:50:52.0687 2024 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
20:50:52.0781 2024 BITS - ok
20:50:52.0890 2024 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
20:50:52.0906 2024 Browser - ok
20:50:53.0187 2024 catchme - ok
20:50:53.0265 2024 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
20:50:53.0265 2024 cbidf2k - ok
20:50:53.0328 2024 cd20xrnt - ok
20:50:53.0406 2024 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
20:50:53.0406 2024 Cdaudio - ok
20:50:53.0468 2024 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
20:50:53.0484 2024 Cdfs - ok
20:50:53.0562 2024 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
20:50:53.0578 2024 Cdrom - ok
20:50:53.0625 2024 Changer - ok
20:50:53.0703 2024 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
20:50:53.0703 2024 CiSvc - ok
20:50:53.0750 2024 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
20:50:53.0765 2024 ClipSrv - ok
20:50:53.0937 2024 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:50:54.0000 2024 clr_optimization_v2.0.50727_32 - ok
20:50:54.0046 2024 CmdIde - ok
20:50:54.0109 2024 COMSysApp - ok
20:50:54.0218 2024 Cpqarray - ok
20:50:54.0281 2024 cpuz134 - ok
20:50:54.0375 2024 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
20:50:54.0390 2024 CryptSvc - ok
20:50:54.0437 2024 dac2w2k - ok
20:50:54.0515 2024 dac960nt - ok
20:50:54.0593 2024 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
20:50:54.0609 2024 DcomLaunch - ok
20:50:54.0718 2024 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
20:50:54.0734 2024 Dhcp - ok
20:50:54.0796 2024 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
20:50:54.0796 2024 Disk - ok
20:50:54.0859 2024 dmadmin - ok
20:50:54.0968 2024 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
20:50:55.0000 2024 dmboot - ok
20:50:55.0093 2024 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
20:50:55.0109 2024 dmio - ok
20:50:55.0203 2024 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
20:50:55.0203 2024 dmload - ok
20:50:55.0312 2024 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
20:50:55.0312 2024 dmserver - ok
20:50:55.0375 2024 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
20:50:55.0390 2024 DMusic - ok
20:50:55.0484 2024 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
20:50:55.0500 2024 Dnscache - ok
20:50:55.0609 2024 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
20:50:55.0625 2024 Dot3svc - ok
20:50:55.0671 2024 dpti2o - ok
20:50:55.0781 2024 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
20:50:55.0781 2024 drmkaud - ok
20:50:55.0906 2024 E1000 (854293999e91bf2eb9e786166de4a35f) C:\WINDOWS\system32\DRIVERS\e1000325.sys
20:50:55.0921 2024 E1000 - ok
20:50:56.0015 2024 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
20:50:56.0015 2024 EapHost - ok
20:50:56.0109 2024 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
20:50:56.0109 2024 ERSvc - ok
20:50:56.0187 2024 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
20:50:56.0203 2024 Eventlog - ok
20:50:56.0312 2024 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
20:50:56.0328 2024 EventSystem - ok
20:50:56.0421 2024 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
20:50:56.0437 2024 Fastfat - ok
20:50:56.0531 2024 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
20:50:56.0546 2024 FastUserSwitchingCompatibility - ok
20:50:56.0625 2024 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
20:50:56.0625 2024 Fdc - ok
20:50:56.0828 2024 FileMonitor (9200a69413d69ab86add9bc81960be7b) C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys
20:50:56.0843 2024 FileMonitor - ok
20:50:56.0921 2024 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
20:50:56.0921 2024 Fips - ok
20:50:57.0031 2024 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
20:50:57.0031 2024 Flpydisk - ok
20:50:57.0109 2024 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
20:50:57.0125 2024 FltMgr - ok
20:50:57.0296 2024 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
20:50:57.0296 2024 FontCache3.0.0.0 - ok
20:50:57.0390 2024 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:50:57.0390 2024 Fs_Rec - ok
20:50:57.0500 2024 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
20:50:57.0531 2024 Ftdisk - ok
20:50:57.0609 2024 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
20:50:57.0609 2024 Gpc - ok
20:50:57.0765 2024 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
20:50:57.0765 2024 helpsvc - ok
20:50:57.0859 2024 HidServ (deb04da35cc871b6d309b77e1443c796) C:\WINDOWS\System32\hidserv.dll
20:50:57.0859 2024 HidServ - ok
20:50:57.0937 2024 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
20:50:57.0937 2024 HidUsb - ok
20:50:58.0031 2024 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
20:50:58.0046 2024 hkmsvc - ok
20:50:58.0093 2024 hpn - ok
20:50:58.0203 2024 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
20:50:58.0218 2024 HTTP - ok
20:50:58.0312 2024 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
20:50:58.0375 2024 HTTPFilter - ok
20:50:58.0421 2024 i2omgmt - ok
20:50:58.0468 2024 i2omp - ok
20:50:58.0562 2024 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
20:50:58.0609 2024 i8042prt - ok
20:50:58.0718 2024 ialm (bf5b9dbbee664f046e85c6b853af47de) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
20:50:58.0734 2024 ialm - ok
20:50:58.0906 2024 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:50:58.0937 2024 idsvc - ok
20:50:59.0015 2024 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
20:50:59.0031 2024 Imapi - ok
20:50:59.0109 2024 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
20:50:59.0125 2024 ImapiService - ok
20:50:59.0375 2024 IMFservice (8ae99ebe30e8338907361018d9030835) C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
20:50:59.0406 2024 IMFservice - ok
20:50:59.0484 2024 ini910u - ok
20:50:59.0625 2024 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
20:50:59.0625 2024 IntelIde - ok
20:50:59.0671 2024 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
20:50:59.0687 2024 intelppm - ok
20:50:59.0750 2024 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
20:50:59.0750 2024 Ip6Fw - ok
20:50:59.0812 2024 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
20:50:59.0812 2024 IpInIp - ok
20:50:59.0890 2024 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
20:50:59.0921 2024 IpNat - ok
20:51:00.0000 2024 Iprip (a2ef83192fc5d990c8a5276da8306586) C:\WINDOWS\system32\Ipripv32.dll
20:51:00.0031 2024 Iprip - ok
20:51:00.0093 2024 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
20:51:00.0109 2024 IPSec - ok
20:51:00.0187 2024 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
20:51:00.0187 2024 IRENUM - ok
20:51:00.0296 2024 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
20:51:00.0296 2024 isapnp - ok
20:51:00.0484 2024 JavaQuickStarterService (0a5709543986843d37a92290b7838340) C:\Program Files\Java\jre6\bin\jqs.exe
20:51:00.0578 2024 JavaQuickStarterService - ok
20:51:00.0671 2024 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
20:51:00.0671 2024 Kbdclass - ok
20:51:00.0718 2024 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
20:51:00.0718 2024 kbdhid - ok
20:51:00.0796 2024 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
20:51:00.0828 2024 kmixer - ok
20:51:00.0953 2024 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
20:51:00.0968 2024 KSecDD - ok
20:51:01.0062 2024 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
20:51:01.0078 2024 lanmanserver - ok
20:51:01.0187 2024 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
20:51:01.0203 2024 lanmanworkstation - ok
20:51:01.0250 2024 lbrtfdc - ok
20:51:01.0375 2024 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
20:51:01.0390 2024 LmHosts - ok
20:51:01.0468 2024 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
20:51:01.0468 2024 Messenger - ok
20:51:01.0562 2024 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
20:51:01.0578 2024 mnmdd - ok
20:51:01.0656 2024 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
20:51:01.0671 2024 mnmsrvc - ok
20:51:01.0781 2024 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
20:51:01.0781 2024 Modem - ok
20:51:01.0843 2024 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
20:51:01.0843 2024 Mouclass - ok
20:51:01.0937 2024 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
20:51:01.0953 2024 mouhid - ok
20:51:02.0031 2024 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
20:51:02.0031 2024 MountMgr - ok
20:51:02.0078 2024 mraid35x - ok
20:51:02.0140 2024 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
20:51:02.0156 2024 MRxDAV - ok
20:51:02.0203 2024 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe
20:51:02.0203 2024 MSDTC - ok
20:51:02.0265 2024 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
20:51:02.0265 2024 Msfs - ok
20:51:02.0312 2024 MSIServer - ok
20:51:02.0375 2024 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
20:51:02.0375 2024 MSKSSRV - ok
20:51:02.0421 2024 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
20:51:02.0421 2024 MSPCLOCK - ok
20:51:02.0437 2024 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
20:51:02.0437 2024 MSPQM - ok
20:51:02.0515 2024 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
20:51:02.0515 2024 mssmbios - ok
20:51:02.0609 2024 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
20:51:02.0625 2024 Mup - ok
20:51:02.0734 2024 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
20:51:02.0765 2024 napagent - ok
20:51:02.0828 2024 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
20:51:02.0843 2024 NDIS - ok
20:51:02.0937 2024 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:51:02.0937 2024 NdisTapi - ok
20:51:03.0000 2024 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
20:51:03.0015 2024 Ndisuio - ok
20:51:03.0078 2024 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:51:03.0093 2024 NdisWan - ok
20:51:03.0140 2024 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
20:51:03.0140 2024 NDProxy - ok
20:51:03.0187 2024 NecUsb3 - ok
20:51:03.0250 2024 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
20:51:03.0250 2024 NetBIOS - ok
20:51:03.0328 2024 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\drivers\netbt.sys
20:51:03.0343 2024 NetBT - ok
20:51:03.0421 2024 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
20:51:03.0437 2024 NetDDE - ok
20:51:03.0484 2024 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
20:51:03.0484 2024 NetDDEdsdm - ok
20:51:03.0578 2024 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
20:51:03.0578 2024 Netlogon - ok
20:51:03.0656 2024 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
20:51:03.0671 2024 Netman - ok
20:51:03.0843 2024 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:51:03.0859 2024 NetTcpPortSharing - ok
20:51:03.0968 2024 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
20:51:03.0984 2024 Nla - ok
20:51:04.0078 2024 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
20:51:04.0078 2024 Npfs - ok
20:51:04.0171 2024 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
20:51:04.0203 2024 Ntfs - ok
20:51:04.0250 2024 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
20:51:04.0250 2024 NtLmSsp - ok
20:51:04.0328 2024 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
20:51:04.0343 2024 NtmsSvc - ok
20:51:04.0453 2024 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
20:51:04.0453 2024 Null - ok
20:51:04.0546 2024 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
20:51:04.0546 2024 NwlnkFlt - ok
20:51:04.0625 2024 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
20:51:04.0625 2024 NwlnkFwd - ok
20:51:04.0703 2024 NwlnkIpx (8b8b1be2dba4025da6786c645f77f123) C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys
20:51:04.0718 2024 NwlnkIpx - ok
20:51:04.0812 2024 NwlnkNb (56d34a67c05e94e16377c60609741ff8) C:\WINDOWS\system32\DRIVERS\nwlnknb.sys
20:51:04.0828 2024 NwlnkNb - ok
20:51:04.0890 2024 NwlnkSpx (c0bb7d1615e1acbdc99757f6ceaf8cf0) C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys
20:51:04.0906 2024 NwlnkSpx - ok
20:51:05.0125 2024 O&O CleverCache (3bbbc02d84ac98af93f2f4d00ec347f0) C:\Program Files\OO Software\CleverCache\ooccag.exe
20:51:05.0156 2024 O&O CleverCache - ok
20:51:05.0234 2024 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
20:51:05.0265 2024 Parport - ok
20:51:05.0328 2024 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
20:51:05.0328 2024 PartMgr - ok
20:51:05.0406 2024 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
20:51:05.0406 2024 ParVdm - ok
20:51:05.0453 2024 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
20:51:05.0484 2024 PCI - ok
20:51:05.0531 2024 PCIDump - ok
20:51:05.0625 2024 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\drivers\PCIIde.sys
20:51:05.0625 2024 PCIIde - ok
20:51:05.0687 2024 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
20:51:05.0703 2024 Pcmcia - ok
20:51:05.0750 2024 PDCOMP - ok
20:51:05.0796 2024 PDFRAME - ok
20:51:05.0843 2024 PDRELI - ok
20:51:05.0890 2024 PDRFRAME - ok
20:51:05.0937 2024 perc2 - ok
20:51:05.0984 2024 perc2hib - ok
20:51:06.0125 2024 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
20:51:06.0140 2024 PlugPlay - ok
20:51:06.0203 2024 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
20:51:06.0203 2024 PolicyAgent - ok
20:51:06.0296 2024 ppa (411923a60e1fc2b136c77e6d50fc69bd) C:\WINDOWS\system32\DRIVERS\ppa.sys
20:51:06.0296 2024 ppa - ok
20:51:06.0375 2024 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
20:51:06.0390 2024 PptpMiniport - ok
20:51:06.0453 2024 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
20:51:06.0453 2024 ProtectedStorage - ok
20:51:06.0515 2024 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
20:51:06.0531 2024 PSched - ok
20:51:06.0625 2024 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
20:51:06.0625 2024 Ptilink - ok
20:51:06.0671 2024 ql1080 - ok
20:51:06.0718 2024 Ql10wnt - ok
20:51:06.0765 2024 ql12160 - ok
20:51:06.0812 2024 ql1240 - ok
20:51:06.0890 2024 ql1280 - ok
20:51:06.0937 2024 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:51:06.0937 2024 RasAcd - ok
20:51:07.0031 2024 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
20:51:07.0046 2024 RasAuto - ok
20:51:07.0125 2024 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
20:51:07.0140 2024 Rasl2tp - ok
20:51:07.0234 2024 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
20:51:07.0250 2024 RasMan - ok
20:51:07.0312 2024 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:51:07.0312 2024 RasPppoe - ok
20:51:07.0390 2024 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
20:51:07.0390 2024 Raspti - ok
20:51:07.0500 2024 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
20:51:07.0515 2024 Rdbss - ok
20:51:07.0578 2024 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
20:51:07.0593 2024 RDPCDD - ok
20:51:07.0687 2024 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
20:51:07.0703 2024 rdpdr - ok
20:51:07.0812 2024 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
20:51:07.0828 2024 RDPWD - ok
20:51:07.0921 2024 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
20:51:07.0953 2024 RDSessMgr - ok
20:51:08.0046 2024 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
20:51:08.0062 2024 redbook - ok
20:51:08.0265 2024 RegFilter (2ca761ce3abb7bbbb9c5519b2fb54f5e) C:\Program Files\IObit\IObit Malware Fighter\drivers\wxp_x86\regfilter.sys
20:51:08.0265 2024 RegFilter - ok
20:51:08.0359 2024 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
20:51:08.0390 2024 RemoteAccess - ok
20:51:08.0484 2024 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINDOWS\system32\regsvc.dll
20:51:08.0500 2024 RemoteRegistry - ok
20:51:08.0625 2024 RimVSerPort (2c4fb2e9f039287767c384e46ee91030) C:\WINDOWS\system32\DRIVERS\RimSerial.sys
20:51:08.0625 2024 RimVSerPort - ok
20:51:08.0671 2024 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
20:51:08.0671 2024 ROOTMODEM - ok
20:51:08.0718 2024 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
20:51:08.0750 2024 RpcLocator - ok
20:51:08.0843 2024 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\System32\rpcss.dll
20:51:08.0843 2024 RpcSs - ok
20:51:08.0906 2024 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
20:51:08.0921 2024 RSVP - ok
20:51:09.0078 2024 RTL8192cu (5b3a5bc13614fffa1be65d434688ed3f) C:\WINDOWS\system32\DRIVERS\RTL8192cu.sys
20:51:09.0125 2024 RTL8192cu - ok
20:51:09.0250 2024 RTL8192su (b29eeb1ea7971bd83069eb2e2258d224) C:\WINDOWS\system32\DRIVERS\RTL8192su.sys
20:51:09.0296 2024 RTL8192su - ok
20:51:09.0375 2024 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
20:51:09.0375 2024 SamSs - ok
20:51:09.0468 2024 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
20:51:09.0484 2024 SCardSvr - ok
20:51:09.0578 2024 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
20:51:09.0609 2024 Schedule - ok
20:51:09.0687 2024 Scutum50 - ok
20:51:09.0781 2024 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
20:51:09.0781 2024 Secdrv - ok
20:51:09.0843 2024 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
20:51:09.0843 2024 seclogon - ok
20:51:09.0906 2024 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
20:51:09.0906 2024 SENS - ok
20:51:10.0000 2024 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
20:51:10.0000 2024 serenum - ok
20:51:10.0078 2024 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
20:51:10.0093 2024 Serial - ok
20:51:10.0218 2024 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
20:51:10.0218 2024 Sfloppy - ok
20:51:10.0359 2024 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
20:51:10.0390 2024 SharedAccess - ok
20:51:10.0484 2024 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
20:51:10.0484 2024 ShellHWDetection - ok
20:51:10.0515 2024 Simbad - ok
20:51:10.0640 2024 smwdm (12d9287937366bf1c9ad7007b5407deb) C:\WINDOWS\system32\drivers\smwdm.sys
20:51:10.0671 2024 smwdm - ok
20:51:10.0718 2024 Sparrow - ok
20:51:10.0812 2024 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
20:51:10.0812 2024 splitter - ok
20:51:10.0890 2024 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
20:51:10.0921 2024 Spooler - ok
20:51:10.0984 2024 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
20:51:11.0000 2024 sr - ok
20:51:11.0078 2024 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
20:51:11.0093 2024 srservice - ok
20:51:11.0203 2024 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
20:51:11.0218 2024 Srv - ok
20:51:11.0281 2024 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
20:51:11.0312 2024 SSDPSRV - ok
20:51:11.0390 2024 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
20:51:11.0421 2024 stisvc - ok
20:51:11.0515 2024 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
20:51:11.0515 2024 swenum - ok
20:51:11.0625 2024 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
20:51:11.0640 2024 swmidi - ok
20:51:11.0687 2024 SwPrv - ok
20:51:11.0765 2024 symc810 - ok
20:51:11.0812 2024 symc8xx - ok
20:51:11.0890 2024 sym_hi - ok
20:51:11.0937 2024 sym_u3 - ok
20:51:11.0984 2024 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
20:51:12.0015 2024 sysaudio - ok
20:51:12.0078 2024 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
20:51:12.0109 2024 SysmonLog - ok
20:51:12.0203 2024 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
20:51:12.0234 2024 TapiSrv - ok
20:51:12.0343 2024 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
20:51:12.0390 2024 Tcpip - ok
20:51:12.0484 2024 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
20:51:12.0484 2024 TDPIPE - ok
20:51:12.0546 2024 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
20:51:12.0546 2024 TDTCP - ok
20:51:12.0593 2024 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
20:51:12.0593 2024 TermDD - ok
20:51:12.0718 2024 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
20:51:12.0734 2024 TermService - ok
20:51:12.0843 2024 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
20:51:12.0843 2024 Themes - ok
20:51:12.0953 2024 TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINDOWS\system32\tlntsvr.exe
20:51:12.0984 2024 TlntSvr - ok
20:51:13.0015 2024 TosIde - ok
20:51:13.0078 2024 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
20:51:13.0093 2024 TrkWks - ok
20:51:13.0203 2024 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
20:51:13.0234 2024 Udfs - ok
20:51:13.0281 2024 ultra - ok
20:51:13.0406 2024 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
20:51:13.0437 2024 Update - ok
20:51:13.0531 2024 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
20:51:13.0578 2024 upnphost - ok
20:51:13.0640 2024 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
20:51:13.0640 2024 UPS - ok
20:51:13.0859 2024 UrlFilter (62551ba687f1d0f582810cfa37384bb0) C:\Program Files\IObit\IObit Malware Fighter\drivers\wxp_x86\UrlFilter.sys
20:51:13.0859 2024 UrlFilter - ok
20:51:13.0937 2024 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
20:51:13.0937 2024 usbccgp - ok
20:51:14.0031 2024 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
20:51:14.0031 2024 usbehci - ok
20:51:14.0093 2024 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
20:51:14.0109 2024 usbhub - ok
20:51:14.0156 2024 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
20:51:14.0156 2024 usbprint - ok
20:51:14.0234 2024 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
20:51:14.0234 2024 usbscan - ok
20:51:14.0265 2024 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
20:51:14.0265 2024 USBSTOR - ok
20:51:14.0328 2024 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
20:51:14.0328 2024 usbuhci - ok
20:51:14.0390 2024 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
20:51:14.0390 2024 VgaSave - ok
20:51:14.0468 2024 ViaIde - ok
20:51:14.0578 2024 Viewpoint Manager Service (5f974fde801c73952770736becde11e7) C:\Program Files\Viewpoint\Common\ViewpointService.exe
20:51:14.0578 2024 Viewpoint Manager Service - ok
20:51:14.0671 2024 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
20:51:14.0671 2024 VolSnap - ok
20:51:14.0796 2024 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
20:51:14.0859 2024 VSS - ok
20:51:15.0140 2024 vToolbarUpdater11.2.0 (8ed347bad8d1fb7c40b593bfb01786d2) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe
20:51:15.0187 2024 vToolbarUpdater11.2.0 - ok
20:51:15.0312 2024 W32Time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
20:51:15.0328 2024 W32Time - ok
20:51:15.0468 2024 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:51:15.0468 2024 Wanarp - ok
20:51:15.0546 2024 WDICA - ok
20:51:15.0609 2024 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
20:51:15.0640 2024 wdmaud - ok
20:51:15.0734 2024 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
20:51:15.0750 2024 WebClient - ok
20:51:15.0906 2024 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
20:51:15.0921 2024 winmgmt - ok
20:51:16.0093 2024 WmdmPmSN (c7e39ea41233e9f5b86c8da3a9f1e4a8) C:\WINDOWS\system32\mspmsnsv.dll
20:51:16.0125 2024 WmdmPmSN - ok
20:51:16.0250 2024 Wmi (e76f8807070ed04e7408a86d6d3a6137) C:\WINDOWS\System32\advapi32.dll
20:51:16.0281 2024 Wmi - ok
20:51:16.0375 2024 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
20:51:16.0406 2024 WmiApSrv - ok
20:51:16.0500 2024 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
20:51:16.0500 2024 WS2IFSL - ok
20:51:16.0562 2024 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
20:51:16.0578 2024 wscsvc - ok
20:51:16.0671 2024 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
20:51:16.0687 2024 wuauserv - ok
20:51:16.0812 2024 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
20:51:16.0843 2024 WZCSVC - ok
20:51:16.0953 2024 XE103Sp50 (1961590aa191b6b7dcf18a6a693af7b8) C:\WINDOWS\system32\Drivers\XE103Sp50.sys
20:51:16.0953 2024 XE103Sp50 - ok
20:51:17.0062 2024 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
20:51:17.0093 2024 xmlprov - ok
20:51:17.0265 2024 {6080A529-897E-4629-A488-ABA0C29B635E} (afeffe0f8805fcd47b05cf1fbde08092) C:\WINDOWS\system32\drivers\ialmsbw.sys
20:51:17.0281 2024 {6080A529-897E-4629-A488-ABA0C29B635E} - ok
20:51:17.0343 2024 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91} (85a36991a5ceaf9e65c4b743210e759b) C:\WINDOWS\system32\drivers\ialmkchw.sys
20:51:17.0359 2024 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91} - ok
20:51:17.0421 2024 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
20:51:18.0156 2024 \Device\Harddisk0\DR0 - ok
20:51:18.0203 2024 MBR (0x1B8) (8ff255184f078c9c04e6a2ce66117c5c) \Device\Harddisk1\DR2
20:51:18.0703 2024 \Device\Harddisk1\DR2 - ok
20:51:18.0750 2024 Boot (0x1200) (f96bf034bca004d95447bef99a57612b) \Device\Harddisk0\DR0\Partition0
20:51:18.0750 2024 \Device\Harddisk0\DR0\Partition0 - ok
20:51:18.0796 2024 Boot (0x1200) (a03aee5f5d01b6275fbde1a6a0af3ff6) \Device\Harddisk1\DR2\Partition0
20:51:18.0796 2024 \Device\Harddisk1\DR2\Partition0 - ok
20:51:18.0812 2024 ============================================================
20:51:18.0812 2024 Scan finished
20:51:18.0812 2024 ============================================================
20:51:18.0890 2016 Detected object count: 0
20:51:18.0890 2016 Actual detected object count: 0
20:53:00.0015 1848 Deinitialize success

Edited by pmarc, 23 July 2012 - 10:01 PM.


#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:09 PM

Posted 24 July 2012 - 01:09 AM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#5 pmarc

pmarc
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:02:09 PM

Posted 24 July 2012 - 09:01 AM

# AdwCleaner v1.703 - Logfile created 07/24/2012 at 09:20:27
# Updated 20/07/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : John - JOHN-DELL
# Running from : C:\Documents and Settings\John\Desktop\today\adwcleaner.exe
# Option [Delete]


***** [Services] *****

Stopped & Deleted : Viewpoint Manager Service
Stopped & Deleted : vToolbarUpdater11.2.0

***** [Files / Folders] *****

Folder Deleted : C:\Documents and Settings\John\Local Settings\Application Data\AVG Secure Search
Folder Deleted : C:\Documents and Settings\John\Local Settings\Application Data\Conduit
Folder Deleted : C:\DOCUME~1\John\LOCALS~1\Temp\avg@toolbar
Folder Deleted : C:\Documents and Settings\John\Application Data\AVG Secure Search
Folder Deleted : C:\Documents and Settings\John\Application Data\Viewpoint
Folder Deleted : C:\Documents and Settings\John\Application Data\Mozilla\Firefox\Profiles\9dcib5du.default\ConduitCommon
Folder Deleted : C:\Documents and Settings\All Users\Application Data\AVG Secure Search
Folder Deleted : C:\Program Files\AVG Secure Search
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\Mozilla Firefox\Extensions\webbooster@iminent.com
Folder Deleted : C:\Program Files\Viewpoint
Folder Deleted : C:\Program Files\Common Files\AVG Secure Search
File Deleted : C:\Documents and Settings\John\Application Data\Mozilla\Firefox\Profiles\9dcib5du.default\searchplugins\Askcom.xml
File Deleted : C:\Documents and Settings\John\Application Data\Mozilla\Firefox\Profiles\9dcib5du.default\searchplugins\Conduit.xml
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml

***** [Registry] *****

[*] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3070524
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\IGearSettings
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\SOFTWARE\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\Default Tab
Key Deleted : HKLM\SOFTWARE\Freeze.com
Key Deleted : HKLM\SOFTWARE\Iminent
Key Deleted : HKLM\SOFTWARE\MetaStream
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Key Deleted : HKLM\SOFTWARE\Viewpoint
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]

***** [Registre - GUID] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A3F2A195-0D11-463b-96BB-D2FF1B7490A1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ECD0ECC6-DCA4-4013-A915-12355AB70999}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9DBB28C1-1925-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]

***** [Internet Browsers] *****

-\\ Internet Explorer v6.0.2900.5512

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.conduit.com?SearchSource=10&ctid=CT3070524 --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://isearch.avg.com/tab?cid={48862C7D-3CA7-4DCD-93F9-C63881F1A43E}&mid=caf5c484e91747d1b400d1e8f6d4cc66-cfc07a1c33c1d1c617c70627ee82b4f5243f3eb6&lang=en&ds=AVG&pr=fr&d=2012-06-28 14:21:53&v=11.1.0.12&sap=nt --> hxxp://www.google.com

-\\ Mozilla Firefox v6.0 (en-US)

Profile name : default
File : C:\Documents and Settings\John\Application Data\Mozilla\Firefox\Profiles\9dcib5du.default\prefs.js

C:\Documents and Settings\John\Application Data\Mozilla\Firefox\Profiles\9dcib5du.default\user.js ... Deleted !

Deleted : user_pref("CT3070524.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Deleted : user_pref("CT3070524.BrowserCompStateIsOpen_129569629696356359", true);
Deleted : user_pref("CT3070524.BrowserCompStateIsOpen_129569629696366133", true);
Deleted : user_pref("CT3070524.BrowserCompStateIsOpen_129683198028772265", true);
Deleted : user_pref("CT3070524.BrowserCompStateIsOpen_6446430262877312757", true);
Deleted : user_pref("CT3070524.DSInstall", false);
Deleted : user_pref("CT3070524.DialogsAlignMode", "LTR");
Deleted : user_pref("CT3070524.DialogsGetterLastCheckTime", "Wed Jan 18 2012 16:31:52 GMT-0500 (Eastern Standa[...]
Deleted : user_pref("CT3070524.EMailNotifierPollDate", "Wed Jan 18 2012 16:31:53 GMT-0500 (Eastern Standard Ti[...]
Deleted : user_pref("CT3070524.ExternalComponentPollDate5572891143576555073", "Wed Jan 18 2012 16:31:53 GMT-05[...]
Deleted : user_pref("CT3070524.FeedLastCount129569629696434545", 200);
Deleted : user_pref("CT3070524.FeedPollDate129237173390688207", "Wed Jan 18 2012 16:31:55 GMT-0500 (Eastern St[...]
Deleted : user_pref("CT3070524.FeedPollDate129237173390688210", "Wed Jan 18 2012 16:31:54 GMT-0500 (Eastern St[...]
Deleted : user_pref("CT3070524.FeedPollDate129238703378572556", "Wed Jan 18 2012 16:31:54 GMT-0500 (Eastern St[...]
Deleted : user_pref("CT3070524.FeedPollDate129238703378572557", "Wed Jan 18 2012 16:31:55 GMT-0500 (Eastern St[...]
Deleted : user_pref("CT3070524.FeedPollDate129238703378572558", "Wed Jan 18 2012 16:31:54 GMT-0500 (Eastern St[...]
Deleted : user_pref("CT3070524.FeedPollDate129238703378572559", "Wed Jan 18 2012 16:31:55 GMT-0500 (Eastern St[...]
Deleted : user_pref("CT3070524.FeedPollDate129238703378572560", "Wed Jan 18 2012 16:31:54 GMT-0500 (Eastern St[...]
Deleted : user_pref("CT3070524.FeedPollDate129238824209885828", "Wed Jan 18 2012 16:31:54 GMT-0500 (Eastern St[...]
Deleted : user_pref("CT3070524.FeedPollDate129238824209885829", "Wed Jan 18 2012 16:31:54 GMT-0500 (Eastern St[...]
Deleted : user_pref("CT3070524.FeedPollDate129238824209885830", "Wed Jan 18 2012 16:31:54 GMT-0500 (Eastern St[...]
Deleted : user_pref("CT3070524.FeedTTL129237173390688207", 40);
Deleted : user_pref("CT3070524.FeedTTL129237173390688210", 40);
Deleted : user_pref("CT3070524.FeedTTL129238703378572556", 40);
Deleted : user_pref("CT3070524.FeedTTL129238703378572557", 40);
Deleted : user_pref("CT3070524.FeedTTL129238703378572558", 40);
Deleted : user_pref("CT3070524.FeedTTL129238703378572559", 40);
Deleted : user_pref("CT3070524.FeedTTL129238703378572560", 40);
Deleted : user_pref("CT3070524.FeedTTL129238824209885828", 40);
Deleted : user_pref("CT3070524.FeedTTL129238824209885829", 40);
Deleted : user_pref("CT3070524.FeedTTL129238824209885830", 40);
Deleted : user_pref("CT3070524.FirstTimeFF3", true);
Deleted : user_pref("CT3070524.HPInstall", false);
Deleted : user_pref("CT3070524.HasUserGlobalKeys", true);
Deleted : user_pref("CT3070524.Initialize", true);
Deleted : user_pref("CT3070524.InitializeCommonPrefs", true);
Deleted : user_pref("CT3070524.InstalledDate", "Wed Jan 18 2012 16:31:58 GMT-0500 (Eastern Standard Time)");
Deleted : user_pref("CT3070524.InvalidateCache", false);
Deleted : user_pref("CT3070524.IsGrouping", false);
Deleted : user_pref("CT3070524.IsInitSetupIni", true);
Deleted : user_pref("CT3070524.IsMulticommunity", false);
Deleted : user_pref("CT3070524.IsOpenThankYouPage", true);
Deleted : user_pref("CT3070524.IsOpenUninstallPage", true);
Deleted : user_pref("CT3070524.LanguagePackLastCheckTime", "Wed Jan 18 2012 16:31:57 GMT-0500 (Eastern Standar[...]
Deleted : user_pref("CT3070524.Locale", "en-us");
Deleted : user_pref("CT3070524.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT3070524.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT3070524.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT3070524.MyStuffEnabledAtInstallation", true);
Deleted : user_pref("CT3070524.RadioLastCheckTime", "Wed Jan 18 2012 16:31:57 GMT-0500 (Eastern Standard Time)[...]
Deleted : user_pref("CT3070524.RadioLastUpdateIPServer", "3");
Deleted : user_pref("CT3070524.RadioLastUpdateServer", "3");
Deleted : user_pref("CT3070524.RadioShrinkedFromSetup", false);
Deleted : user_pref("CT3070524.SearchCaption", "midicairUSA Customized Web Search");
Deleted : user_pref("CT3070524.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT3070524.SendProtectorDataViaLogin", true);
Deleted : user_pref("CT3070524.ServiceMapLastCheckTime", "Wed Jan 18 2012 16:31:51 GMT-0500 (Eastern Standard [...]
Deleted : user_pref("CT3070524.SettingsLastCheckTime", "Wed Jan 18 2012 16:31:51 GMT-0500 (Eastern Standard Ti[...]
Deleted : user_pref("CT3070524.SettingsLastUpdate", "1326723880");
Deleted : user_pref("CT3070524.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT3070524&SearchSource=13");
Deleted : user_pref("CT3070524.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT3070524.ThirdPartyComponentsLastCheck", "Wed Jan 18 2012 16:31:51 GMT-0500 (Eastern Sta[...]
Deleted : user_pref("CT3070524.ThirdPartyComponentsLastUpdate", "1312887586");
Deleted : user_pref("CT3070524.ToolbarShrinkedFromSetup", false);
Deleted : user_pref("CT3070524.ValidationData_Toolbar", 0);
Deleted : user_pref("CT3070524.WeatherNetwork", "");
Deleted : user_pref("CT3070524.WeatherPollDate", "Wed Jan 18 2012 16:31:57 GMT-0500 (Eastern Standard Time)");
Deleted : user_pref("CT3070524.WeatherUnit", "F");
Deleted : user_pref("CT3070524.alertChannelId", "1461996");
Deleted : user_pref("CT3070524.backendstorage.c2p_iframe_md5", "6537663536626130396366633837326231393531333264[...]
Deleted : user_pref("CT3070524.backendstorage.cbfirsttime", "576564204A616E20313820323031322031363A33323A30342[...]
Deleted : user_pref("CT3070524.backendstorage.installationdate14cd7187-6ab1-4fa7-a5ac-ddfa5773148a", "31333236[...]
Deleted : user_pref("CT3070524.backendstorage.shoppingapp.gk.exipres", "4D6F6E204A616E20323320323031322031363A[...]
Deleted : user_pref("CT3070524.backendstorage.shoppingapp.gk.geolocation", "756E6974656420737461746573");
Deleted : user_pref("CT3070524.backendstorage.toolbarappheartbeat", "7B2231346364373138372D366162312D346661372[...]
Deleted : user_pref("CT3070524.backendstorage.toolbarnotificationheartbeat", "7B2274797065223A2268656172746265[...]
Deleted : user_pref("CT3070524.backendstorage.toolbarnotificationqueue", "5B7B22617070223A2231346364373138372D[...]
Deleted : user_pref("CT3070524.backendstorage.toolbarnotificationsettings", "7B2273656E644E6F74696669636174696[...]
Deleted : user_pref("CT3070524.backendstorage.toolbarnotificationuserid", "3433393338343032343234");
Deleted : user_pref("CT3070524.globalFirstTimeInfoLastCheckTime", "Wed Jan 18 2012 16:31:52 GMT-0500 (Eastern [...]
Deleted : user_pref("CT3070524.initDone", true);
Deleted : user_pref("CT3070524.isAppTrackingManagerOn", true);
Deleted : user_pref("CT3070524.isFirstRadioInstallation", false);
Deleted : user_pref("CT3070524.revertSettingsEnabled", false);
Deleted : user_pref("CT3070524.testingCtid", "");
Deleted : user_pref("CT3070524.toolbarAppMetaDataLastCheckTime", "Wed Jan 18 2012 16:31:52 GMT-0500 (Eastern S[...]
Deleted : user_pref("CT3070524.toolbarContextMenuLastCheckTime", "Wed Jan 18 2012 16:31:58 GMT-0500 (Eastern S[...]
Deleted : user_pref("CT3070524.usagesFlag", 1);
Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT3070524/CT3070524[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT3070524", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.9.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT3070524",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/StarFleet/equalize[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/StarFleet/minimize[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/StarFleet/play.gif[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/StarFleet/stop.gif[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/StarFleet/vol.gif"[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en-us", "\"[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/15846407.xml", "\"6d43045c9bb0094498d[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/16190898.xml", "\"0b5aaf7913da91f90c2[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/16727535.xml", "\"18d3d15369e1ca88b3b[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/17461978.xml", "\"20a9c893c23eeb65aad[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/18676177.xml", "\"b504043f080ae3db020[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/19058681.xml", "\"07550bfffb129c89733[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/19554706.xml", "\"1076f46730f69c68834[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/21324258.xml", "\"af956b11fbccbbd2fb2[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/21879024.xml", "\"346cd8c4fe1cb9250a4[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/2883841.xml", "\"bd2606c8f0e50ee0dabc[...]
Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Documents and Settings\\John\\Application [...]
Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.9.0.3");
Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT3070524");
Deleted : user_pref("CommunityToolbar.ToolbarsList4", "CT3070524");
Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Wed Jan 18 2012 16:31:5[...]
Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.locale", "en");
Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Wed Jan 18 2012 16:31:52 GMT-0500 (E[...]
Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.notifications.userId", "0cdbd931-1d03-44ae-880a-11182958a356");
Deleted : user_pref("CommunityToolbar.originalHomepage", "hxxp://search.conduit.com/?ctid=CT3070524&SearchSour[...]
Deleted : user_pref("CommunityToolbar.originalSearchEngine", "midicairUSA Customized Web Search");
Deleted : user_pref("CommunityToolbar.twitter.user_15846407.LastCheckTime", "Wed Jan 18 2012 16:31:58 GMT-0500[...]
Deleted : user_pref("CommunityToolbar.twitter.user_16190898.LastCheckTime", "Wed Jan 18 2012 16:31:58 GMT-0500[...]
Deleted : user_pref("CommunityToolbar.twitter.user_16727535.LastCheckTime", "Wed Jan 18 2012 16:31:58 GMT-0500[...]
Deleted : user_pref("CommunityToolbar.twitter.user_17461978.LastCheckTime", "Wed Jan 18 2012 16:31:58 GMT-0500[...]
Deleted : user_pref("CommunityToolbar.twitter.user_18676177.LastCheckTime", "Wed Jan 18 2012 16:31:58 GMT-0500[...]
Deleted : user_pref("CommunityToolbar.twitter.user_19058681.LastCheckTime", "Wed Jan 18 2012 16:31:58 GMT-0500[...]
Deleted : user_pref("CommunityToolbar.twitter.user_19554706.LastCheckTime", "Wed Jan 18 2012 16:31:58 GMT-0500[...]
Deleted : user_pref("CommunityToolbar.twitter.user_21324258.LastCheckTime", "Wed Jan 18 2012 16:31:58 GMT-0500[...]
Deleted : user_pref("CommunityToolbar.twitter.user_21879024.LastCheckTime", "Wed Jan 18 2012 16:31:58 GMT-0500[...]
Deleted : user_pref("CommunityToolbar.twitter.user_2883841.LastCheckTime", "Wed Jan 18 2012 16:31:58 GMT-0500 [...]
Deleted : user_pref("avg.install.installDirPath", "C:\\Documents and Settings\\All Users\\Application Data\\AV[...]
Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search");
Deleted : user_pref("browser.search.defaultthis.engineName", "midicairUSA Customized Web Search");
Deleted : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3070524&Sea[...]
Deleted : user_pref("extensions.crossriderapp1950.1950.InstallationThankYouPage", true);
Deleted : user_pref("extensions.crossriderapp1950.1950.InstallationTime", 1326936140);
Deleted : user_pref("extensions.crossriderapp1950.1950.InstallationUserSettings.searchUserConifrmation", false[...]
Deleted : user_pref("extensions.crossriderapp1950.1950.InstallationUserSettings.setHomepage", false);
Deleted : user_pref("extensions.crossriderapp1950.1950.InstallationUserSettings.setNewTab", false);
Deleted : user_pref("extensions.crossriderapp1950.1950.InstallationUserSettings.setSearch", false);
Deleted : user_pref("extensions.crossriderapp1950.1950.active", true);
Deleted : user_pref("extensions.crossriderapp1950.1950.addressbar", "");
Deleted : user_pref("extensions.crossriderapp1950.1950.affid", "0");
Deleted : user_pref("extensions.crossriderapp1950.1950.backgroundjs", "\n/************************************[...]
Deleted : user_pref("extensions.crossriderapp1950.1950.backgroundver", 4);
Deleted : user_pref("extensions.crossriderapp1950.1950.certdomaininstaller", "");
Deleted : user_pref("extensions.crossriderapp1950.1950.changeprevious", false);
Deleted : user_pref("extensions.crossriderapp1950.1950.cookie.InstallationTime.expiration", "Fri Feb 01 2030 0[...]
Deleted : user_pref("extensions.crossriderapp1950.1950.cookie.InstallationTime.value", "1326936140");
Deleted : user_pref("extensions.crossriderapp1950.1950.cookie.InstallerParams.expiration", "Fri Feb 01 2030 00[...]
Deleted : user_pref("extensions.crossriderapp1950.1950.cookie.InstallerParams.value", "%7B%22sub_id%22%3A%22de[...]
Deleted : user_pref("extensions.crossriderapp1950.1950.cookie._GPL_geo.expiration", "Wed Jan 25 2012 20:24:36 [...]
Deleted : user_pref("extensions.crossriderapp1950.1950.cookie._GPL_geo.value", "%7B%22geoplugin_city%22%3A%22B[...]
Deleted : user_pref("extensions.crossriderapp1950.1950.cookie._GPL_hotfix20111102645.expiration", "Fri Feb 01 [...]
Deleted : user_pref("extensions.crossriderapp1950.1950.cookie._GPL_hotfix20111102645.value", "%221%22");
Deleted : user_pref("extensions.crossriderapp1950.1950.cookie._GPL_parent_zoneid.expiration", "Fri Feb 01 2030[...]
Deleted : user_pref("extensions.crossriderapp1950.1950.cookie._GPL_parent_zoneid.value", "%2213620%22");
Deleted : user_pref("extensions.crossriderapp1950.1950.cookie._GPL_zoneid.expiration", "Fri Feb 01 2030 00:00:[...]
Deleted : user_pref("extensions.crossriderapp1950.1950.cookie._GPL_zoneid.value", "%2216021%22");
Deleted : user_pref("extensions.crossriderapp1950.1950.description", "RewardsArcade allows you to play multipl[...]
Deleted : user_pref("extensions.crossriderapp1950.1950.domain", "www.rewardsarcade.com");
Deleted : user_pref("extensions.crossriderapp1950.1950.emailsig", "");
Deleted : user_pref("extensions.crossriderapp1950.1950.enablesearch", false);
Deleted : user_pref("extensions.crossriderapp1950.1950.exposesites", "");
Deleted : user_pref("extensions.crossriderapp1950.1950.fbremoteurl", "");
Deleted : user_pref("extensions.crossriderapp1950.1950.group", 0);
Deleted : user_pref("extensions.crossriderapp1950.1950.homepage", "");
Deleted : user_pref("extensions.crossriderapp1950.1950.iframe", false);
Deleted : user_pref("extensions.crossriderapp1950.1950.js", "\n\nvar _GPL_PID = 18;\n\n(function($) { \n\n [...]
Deleted : user_pref("extensions.crossriderapp1950.1950.manifesturl", "");
Deleted : user_pref("extensions.crossriderapp1950.1950.name", "RewardsArcade Suite");
Deleted : user_pref("extensions.crossriderapp1950.1950.newtab", "");
Deleted : user_pref("extensions.crossriderapp1950.1950.opensearch", "");
Deleted : user_pref("extensions.crossriderapp1950.1950.premium", true);
Deleted : user_pref("extensions.crossriderapp1950.1950.publisher", "215 Apps");
Deleted : user_pref("extensions.crossriderapp1950.1950.searchstatus", 0);
Deleted : user_pref("extensions.crossriderapp1950.1950.setnewtab", false);
Deleted : user_pref("extensions.crossriderapp1950.1950.settingsurl", "");
Deleted : user_pref("extensions.crossriderapp1950.1950.thankyou", "hxxp://www.rewardsarcade.com/r.php?app_id=1[...]
Deleted : user_pref("extensions.crossriderapp1950.1950.updateinterval", 360);
Deleted : user_pref("extensions.crossriderapp1950.1950.ver", 17);
Deleted : user_pref("extensions.crossriderapp1950.apps", "1950");
Deleted : user_pref("extensions.crossriderapp1950.bic", "134f3900a5a81f182e9fbf198f11aace");
Deleted : user_pref("extensions.crossriderapp1950.cid", 1950);
Deleted : user_pref("extensions.crossriderapp1950.firstrun", false);
Deleted : user_pref("extensions.crossriderapp1950.hadappinstalled", true);
Deleted : user_pref("extensions.crossriderapp1950.installationdate", 1326936230);
Deleted : user_pref("extensions.crossriderapp1950.jsver", 3);
Deleted : user_pref("extensions.crossriderapp1950.lastcheck", 22118650);
Deleted : user_pref("extensions.crossriderapp1950.lastcheckitem", 22118651);
Deleted : user_pref("extensions.crossriderapp1950.misc.lastBgWorkerTimer", "1327100510706");
Deleted : user_pref("extensions.crossriderapp1950.misc.lastDomWorkerTimer", "1327100510702");
Deleted : user_pref("keyword.URL", "hxxp://isearch.avg.com/search?cid=%7B94aa3a56-b4a6-4898-ad80-0d3efa18dd6d%[...]

*************************

AdwCleaner[S1].txt - [27456 octets] - [24/07/2012 09:20:27]

########## EOF - C:\AdwCleaner[S1].txt - [27585 octets] ##########



Farbar Service Scanner Version: 22-07-2012
Ran by John (administrator) on 24-07-2012 at 09:18:34
Running from "C:\Documents and Settings\John\Desktop\today"
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Network
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
ATTENTION!=====> Unable to retrieve HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\\EnableFirewall value. The value does not exist.


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv: "C:\WINDOWS\system32\wuauserv.dll".

BITS Service is not running. Checking service configuration:
The start type of BITS service is set to Demand. The default start type is Auto.
The ImagePath of BITS service is OK.
The ServiceDll of BITS service is OK.

EventSystem Service is not running. Checking service configuration:
The start type of EventSystem service is OK.
The ImagePath of EventSystem: "C:\WINDOWS\system32\svchost.exe -k netsvcs".
The ServiceDll of EventSystem: "C:\WINDOWS\system32\es.dll".


Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
Avgtdix(12) Gpc(3) IPSec(5) NetBT(11) NwlnkIpx(8) NwlnkNb(9) PSched(7) Tcpip(4)
0x0F0000000500000001000000020000000300000004000000560000000A0000005A00000006000000070000000800000009000000570000000C0000000B000000
IpSec Tag value is correct.

**** End of log ****


MiniToolBox by Farbar Version: 23-07-2012
Ran by John (administrator) on 24-07-2012 at 10:00:59
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Intel® PRO/1000 MT Network Connection = Local Area Connection (Connected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : John-Dell

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Unknown

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No

DNS Suffix Search List. . . . . . : home



Ethernet adapter Local Area Connection:



Connection-specific DNS Suffix . : home

Description . . . . . . . . . . . : Intel® PRO/1000 MT Network Connection

Physical Address. . . . . . . . . : 00-08-74-DC-8D-02

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.1.3

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.1.1

DHCP Server . . . . . . . . . . . : 192.168.1.1

DNS Servers . . . . . . . . . . . : 192.168.1.1

NetBIOS over Tcpip. . . . . . . . : Disabled

Lease Obtained. . . . . . . . . . : Tuesday, July 24, 2012 9:22:28 AM

Lease Expires . . . . . . . . . . : Wednesday, July 25, 2012 9:22:28 AM

Server: Wireless_Broadband_Router.home
Address: 192.168.1.1

Name: google.com
Addresses: 173.194.43.3, 173.194.43.4, 173.194.43.5, 173.194.43.6
173.194.43.1, 173.194.43.0, 173.194.43.7, 173.194.43.8, 173.194.43.2
173.194.43.14, 173.194.43.9



Pinging google.com [74.125.226.201] with 32 bytes of data:



Reply from 74.125.226.201: bytes=32 time=17ms TTL=54

Reply from 74.125.226.201: bytes=32 time=16ms TTL=54



Ping statistics for 74.125.226.201:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 16ms, Maximum = 17ms, Average = 16ms

Server: Wireless_Broadband_Router.home
Address: 192.168.1.1

Name: yahoo.com
Addresses: 209.191.122.70, 72.30.38.140, 98.139.183.24



Pinging yahoo.com [98.139.183.24] with 32 bytes of data:



Reply from 98.139.183.24: bytes=32 time=234ms TTL=48

Reply from 98.139.183.24: bytes=32 time=226ms TTL=48



Ping statistics for 98.139.183.24:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 226ms, Maximum = 234ms, Average = 230ms

Server: Wireless_Broadband_Router.home
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:



Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 08 74 dc 8d 02 ...... Intel® PRO/1000 MT Network Connection - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.3 10
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.1.0 255.255.255.0 192.168.1.3 192.168.1.3 10
192.168.1.3 255.255.255.255 127.0.0.1 127.0.0.1 10
192.168.1.255 255.255.255.255 192.168.1.3 192.168.1.3 10
224.0.0.0 240.0.0.0 192.168.1.3 192.168.1.3 10
255.255.255.255 255.255.255.255 192.168.1.3 192.168.1.3 1
Default Gateway: 192.168.1.1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\Windows\System32\nwprovau.dll [142336] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/23/2012 03:17:23 PM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 6.0.2900.5512, faulting module , version 0.0.0.0, fault address 0x00000000.
Processing media-specific event for [iexplore.exe!ws!]

Error: (07/23/2012 03:14:24 PM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 6.0.2900.5512, faulting module unknown, version 0.0.0.0, fault address 0x00000000.
Processing media-specific event for [iexplore.exe!ws!]

Error: (07/23/2012 03:14:09 PM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 6.0.2900.5512, faulting module unknown, version 0.0.0.0, fault address 0x00000000.
Processing media-specific event for [iexplore.exe!ws!]

Error: (07/23/2012 03:06:41 PM) (Source: MsiInstaller) (User: JOHN-DELL)JOHN-DELL
Description: Product: Microsoft Office XP Small Business -- Error 1911. Setup cannot register type library for file C:\Program Files\Microsoft Office\Office10\EXCEL.EXE. Contact your computer manufacturer's product support for assistance.

Error: (07/10/2012 09:53:20 AM) (Source: MsiInstaller) (User: JOHN-DELL)JOHN-DELL
Description: Product: Microsoft Office XP Small Business -- Error 1911. Setup cannot register type library for file C:\Program Files\Microsoft Office\Office10\EXCEL.EXE. Contact your computer manufacturer's product support for assistance.

Error: (07/10/2012 09:53:17 AM) (Source: MsiInstaller) (User: JOHN-DELL)JOHN-DELL
Description: Product: Microsoft Office XP Small Business -- Error 1911. Setup cannot register type library for file C:\Program Files\Microsoft Office\Office10\EXCEL.EXE. Contact your computer manufacturer's product support for assistance.

Error: (07/10/2012 09:51:12 AM) (Source: MsiInstaller) (User: JOHN-DELL)JOHN-DELL
Description: Product: Microsoft Office XP Small Business -- Error 1911. Setup cannot register type library for file C:\Program Files\Microsoft Office\Office10\EXCEL.EXE. Contact your computer manufacturer's product support for assistance.

Error: (06/29/2012 00:01:08 PM) (Source: Application Error) (User: )
Description: Faulting application mspaint.exe, version 5.1.2600.5512, faulting module imm32.dll, version 5.1.2600.5512, fault address 0x00014769.
Processing media-specific event for [mspaint.exe!ws!]

Error: (06/29/2012 10:34:59 AM) (Source: MsiInstaller) (User: JOHN-DELL)JOHN-DELL
Description: Product: Microsoft Office XP Small Business -- Error 1706. Setup cannot find the required files. Check your connection to the network, or CD-ROM drive. For other potential solutions to this problem, see C:\Program Files\Microsoft Office\Office10\1033\SETUP.HLP.

Error: (04/15/2012 05:10:50 PM) (Source: MsiInstaller) (User: JOHN-DELL)JOHN-DELL
Description: Product: Microsoft Office XP Small Business -- Error 1911. Setup cannot register type library for file C:\Program Files\Microsoft Office\Office10\EXCEL.EXE. Contact your computer manufacturer's product support for assistance.


System errors:
=============
Error: (07/19/2012 11:32:17 AM) (Source: Service Control Manager) (User: )
Description: The USB3 Service service terminated with the following error:
%%126

Error: (07/19/2012 11:32:07 AM) (Source: Service Control Manager) (User: )
Description: The USB3 Service service terminated with the following error:
%%126

Error: (07/19/2012 11:31:57 AM) (Source: Service Control Manager) (User: )
Description: The USB3 Service service terminated with the following error:
%%126

Error: (07/19/2012 11:31:47 AM) (Source: Service Control Manager) (User: )
Description: The USB3 Service service terminated with the following error:
%%126

Error: (07/19/2012 11:31:38 AM) (Source: Service Control Manager) (User: )
Description: The USB3 Service service terminated with the following error:
%%126

Error: (07/19/2012 11:31:27 AM) (Source: Service Control Manager) (User: )
Description: The USB3 Service service terminated with the following error:
%%126

Error: (07/19/2012 11:31:17 AM) (Source: Service Control Manager) (User: )
Description: The USB3 Service service terminated with the following error:
%%126

Error: (07/19/2012 11:31:07 AM) (Source: Service Control Manager) (User: )
Description: The USB3 Service service terminated with the following error:
%%126

Error: (07/19/2012 11:30:58 AM) (Source: Service Control Manager) (User: )
Description: The USB3 Service service terminated with the following error:
%%126

Error: (07/19/2012 11:30:47 AM) (Source: Service Control Manager) (User: )
Description: The USB3 Service service terminated with the following error:
%%126


Microsoft Office Sessions:
=========================
Error: (07/23/2012 03:17:23 PM) (Source: Application Error)(User: )
Description: iexplore.exe6.0.2900.55120.0.0.000000000

Error: (07/23/2012 03:14:24 PM) (Source: Application Error)(User: )
Description: iexplore.exe6.0.2900.5512unknown0.0.0.000000000

Error: (07/23/2012 03:14:09 PM) (Source: Application Error)(User: )
Description: iexplore.exe6.0.2900.5512unknown0.0.0.000000000

Error: (07/23/2012 03:06:41 PM) (Source: MsiInstaller)(User: JOHN-DELL)JOHN-DELL
Description: Product: Microsoft Office XP Small Business -- Error 1911. Setup cannot register type library for file C:\Program Files\Microsoft Office\Office10\EXCEL.EXE. Contact your computer manufacturer's product support for assistance.(NULL)(NULL)(NULL)

Error: (07/10/2012 09:53:20 AM) (Source: MsiInstaller)(User: JOHN-DELL)JOHN-DELL
Description: Product: Microsoft Office XP Small Business -- Error 1911. Setup cannot register type library for file C:\Program Files\Microsoft Office\Office10\EXCEL.EXE. Contact your computer manufacturer's product support for assistance.(NULL)(NULL)(NULL)

Error: (07/10/2012 09:53:17 AM) (Source: MsiInstaller)(User: JOHN-DELL)JOHN-DELL
Description: Product: Microsoft Office XP Small Business -- Error 1911. Setup cannot register type library for file C:\Program Files\Microsoft Office\Office10\EXCEL.EXE. Contact your computer manufacturer's product support for assistance.(NULL)(NULL)(NULL)

Error: (07/10/2012 09:51:12 AM) (Source: MsiInstaller)(User: JOHN-DELL)JOHN-DELL
Description: Product: Microsoft Office XP Small Business -- Error 1911. Setup cannot register type library for file C:\Program Files\Microsoft Office\Office10\EXCEL.EXE. Contact your computer manufacturer's product support for assistance.(NULL)(NULL)(NULL)

Error: (06/29/2012 00:01:08 PM) (Source: Application Error)(User: )
Description: mspaint.exe5.1.2600.5512imm32.dll5.1.2600.551200014769

Error: (06/29/2012 10:34:59 AM) (Source: MsiInstaller)(User: JOHN-DELL)JOHN-DELL
Description: Product: Microsoft Office XP Small Business -- Error 1706. Setup cannot find the required files. Check your connection to the network, or CD-ROM drive. For other potential solutions to this problem, see C:\Program Files\Microsoft Office\Office10\1033\SETUP.HLP.(NULL)(NULL)(NULL)

Error: (04/15/2012 05:10:50 PM) (Source: MsiInstaller)(User: JOHN-DELL)JOHN-DELL
Description: Product: Microsoft Office XP Small Business -- Error 1911. Setup cannot register type library for file C:\Program Files\Microsoft Office\Office10\EXCEL.EXE. Contact your computer manufacturer's product support for assistance.(NULL)(NULL)(NULL)


=========================== Installed Programs ============================

Adobe Flash Player 10 ActiveX (Version: 10.0.32.18)
Adobe Flash Player 10 Plugin (Version: 10.1.53.64)
AVG 2012 (Version: 12.0.2197)
AVG 2012 (Version: 2012.0.2197)
Belkin F7D1101 Basic Wireless USB Adapter (Version: 1.0.0.4)
BlackBerry Desktop Software 6.1 (Version: 6.1.0.35)
Compatibility Pack for the 2007 Office system (Version: 12.0.6021.5000)
ESET Online Scanner v3
File Type Assistant
Foxit Reader (Version: 4.0.0.619)
Free File Viewer 2011
HijackThis 2.0.2 (Version: 2.0.2)
Intel® Extreme Graphics Driver
Intel® PRO Ethernet Adapter and Software
IObit Malware Fighter (Version: 1.0)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 31 (Version: 6.0.310)
Lagarith lossless video codec (Remove Only)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office XP Small Business (Version: 10.0.2627.01)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft VC9 runtime libraries (Version: 1.0.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Mozilla Firefox 6.0 (x86 en-US) (Version: 6.0)
Mozilla Thunderbird 14.0 (x86 en-US) (Version: 14.0)
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
NETGEAR XET1001 Powerline Encryption Utility (Version: 1.0.0.1)
O&O CleverCache (Version: 7.1.2737)
QuickTime (Version: 7.65.17.80)
SoundMAX
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft Windows (KB971513)
Update for Windows XP (KB2141007) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2492386) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2616676-v2) (Version: 2)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB951072-v2) (Version: 2)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB955839) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
Update for Windows XP (KB976749) (Version: 1)
Update for Windows XP (KB978207) (Version: 1)
Update for Windows XP (KB980182) (Version: 1)
WebFldrs XP (Version: 9.50.7523)
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray (Version: 1.0)
Windows Genuine Advantage Notifications (KB905474) (Version: 1.9.0040.0)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.5.0530.0)
Windows Management Framework Core
Windows XP Service Pack 3 (Version: 20080414.031525)
Wondershare DVD Slideshow Builder Deluxe(Build 6.1.10.62) (Version: 6.1.10.62)

========================= Memory info: ===================================

Percentage of memory in use: 54%
Total physical RAM: 509.99 MB
Available physical RAM: 233.54 MB
Total Pagefile: 862.73 MB
Available Pagefile: 649.18 MB
Total Virtual: 2047.88 MB
Available Virtual: 1980.84 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:37.24 GB) (Free:17.54 GB) NTFS
3 Drive d: (My Passport) (Fixed) (Total:232.83 GB) (Free:207.12 GB) FAT32

========================= Users: ========================================

User accounts for \\

Administrator ASPNET Guest
HelpAssistant John SUPPORT_388945a0


**** End of log ****

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:09 PM

Posted 24 July 2012 - 09:30 AM

malwarebytes log?

#7 pmarc

pmarc
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:02:09 PM

Posted 24 July 2012 - 12:00 PM

in safe mode it was clean want it anyway? thanx

will have to run it again

#8 pmarc

pmarc
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:02:09 PM

Posted 24 July 2012 - 06:29 PM

Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.07.24.05

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 6.0.2900.5512
John :: JOHN-DELL [administrator]

7/24/2012 5:20:51 PM
mbam-log-2012-07-24 (17-20-51).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 265767
Time elapsed: 1 hour(s), 12 minute(s), 47 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:09 PM

Posted 24 July 2012 - 08:37 PM

That looks good

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://support.microsoft.com/kb/310405

Update your flash player

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#10 pmarc

pmarc
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:02:09 PM

Posted 25 July 2012 - 02:16 PM

OK. Thanx a lot and good luck.

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:09 PM

Posted 25 July 2012 - 03:42 PM

You're welcome :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users