Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Multiple Infections (midhos, bvxgen, dcminer and zaccess)


  • Please log in to reply
20 replies to this topic

#1 Logix69

Logix69

  • Members
  • 104 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Kent
  • Local time:05:07 PM

Posted 05 August 2012 - 01:58 PM

hi i have done all i can think of to get rid of these but still have something remaining but not sure what it is.

first I used malwarebytes, and found the following

Trojan Midhos
Trojan Midhos
Trojan Midhos
Trojan Midhos
Trojan 0access
Trojan Agent.BVXGen
Rootkit Zaccess
Trojan Dropper.BCMiner
Trojan Zaccess
Trojan Zaccess

Got rid of them which i thought was to easy but something still stayed, every time i went online i could not look at anything to do with anti virus or even do a online scan i am running a up to date AVG,Also Have Malewarebytes and super anti spyware, which are not all running at the same time.

i have used software rkill and combofix but when i look online i am still being sent to random site and computer a little slow. maybe i should make kids use there computer from now on, what 2hours of kids using computer can do lol.

any help would be much appreciated

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:07 PM

Posted 05 August 2012 - 04:08 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 Logix69

Logix69
  • Topic Starter

  • Members
  • 104 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Kent
  • Local time:05:07 PM

Posted 06 August 2012 - 01:41 AM

07:37:51.0523 4700 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
07:37:51.0719 4700 ============================================================
07:37:51.0719 4700 Current date / time: 2012/08/06 07:37:51.0719
07:37:51.0719 4700 SystemInfo:
07:37:51.0719 4700
07:37:51.0719 4700 OS Version: 6.0.6002 ServicePack: 2.0
07:37:51.0719 4700 Product type: Workstation
07:37:51.0719 4700 ComputerName: CARL-PC
07:37:51.0719 4700 UserName: Carl
07:37:51.0719 4700 Windows directory: C:\Windows
07:37:51.0719 4700 System windows directory: C:\Windows
07:37:51.0719 4700 Processor architecture: Intel x86
07:37:51.0719 4700 Number of processors: 4
07:37:51.0719 4700 Page size: 0x1000
07:37:51.0719 4700 Boot type: Normal boot
07:37:51.0719 4700 ============================================================
07:37:52.0491 4700 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (485.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
07:37:52.0511 4700 ============================================================
07:37:52.0511 4700 \Device\Harddisk0\DR0:
07:37:52.0512 4700 MBR partitions:
07:37:52.0512 4700 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A380D41
07:37:52.0512 4700 ============================================================
07:37:52.0529 4700 C: <-> \Device\Harddisk0\DR0\Partition0
07:37:52.0529 4700 ============================================================
07:37:52.0529 4700 Initialize success
07:37:52.0529 4700 ============================================================
07:38:29.0033 1876 ============================================================
07:38:29.0033 1876 Scan started
07:38:29.0033 1876 Mode: Manual; TDLFS;
07:38:29.0033 1876 ============================================================
07:38:29.0497 1876 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
07:38:29.0499 1876 ACPI - ok
07:38:29.0641 1876 AdobeActiveFileMonitor6.0 (e8fe4fce23d2809bd88bcc1d0f8408ce) C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
07:38:29.0643 1876 AdobeActiveFileMonitor6.0 - ok
07:38:29.0710 1876 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
07:38:29.0711 1876 AdobeARMservice - ok
07:38:29.0802 1876 AdobeFlashPlayerUpdateSvc (f19c98ad81d2c0e1bbfd8153d2c80ee8) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
07:38:29.0804 1876 AdobeFlashPlayerUpdateSvc - ok
07:38:29.0858 1876 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
07:38:29.0863 1876 adp94xx - ok
07:38:29.0876 1876 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
07:38:29.0880 1876 adpahci - ok
07:38:29.0892 1876 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
07:38:29.0894 1876 adpu160m - ok
07:38:29.0910 1876 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
07:38:29.0912 1876 adpu320 - ok
07:38:29.0935 1876 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
07:38:29.0936 1876 AeLookupSvc - ok
07:38:30.0000 1876 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
07:38:30.0003 1876 AFD - ok
07:38:30.0047 1876 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
07:38:30.0048 1876 agp440 - ok
07:38:30.0065 1876 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
07:38:30.0067 1876 aic78xx - ok
07:38:30.0080 1876 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
07:38:30.0081 1876 ALG - ok
07:38:30.0089 1876 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
07:38:30.0091 1876 aliide - ok
07:38:30.0103 1876 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
07:38:30.0104 1876 amdagp - ok
07:38:30.0115 1876 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
07:38:30.0116 1876 amdide - ok
07:38:30.0128 1876 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
07:38:30.0130 1876 AmdK7 - ok
07:38:30.0142 1876 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
07:38:30.0144 1876 AmdK8 - ok
07:38:30.0172 1876 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
07:38:30.0173 1876 Appinfo - ok
07:38:30.0319 1876 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
07:38:30.0320 1876 Apple Mobile Device - ok
07:38:30.0356 1876 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
07:38:30.0358 1876 arc - ok
07:38:30.0373 1876 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
07:38:30.0375 1876 arcsas - ok
07:38:30.0397 1876 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
07:38:30.0398 1876 AsyncMac - ok
07:38:30.0408 1876 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
07:38:30.0409 1876 atapi - ok
07:38:30.0448 1876 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
07:38:30.0451 1876 AudioEndpointBuilder - ok
07:38:30.0455 1876 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
07:38:30.0457 1876 Audiosrv - ok
07:38:30.0724 1876 AVGIDSAgent (ba60fd7a64b9759a14c0fba4a9ed4c7b) C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
07:38:30.0759 1876 AVGIDSAgent - ok
07:38:30.0856 1876 AVGIDSDriver (1074f787080068c71303b61fae7e7ca4) C:\Windows\system32\DRIVERS\avgidsdriverx.sys
07:38:30.0858 1876 AVGIDSDriver - ok
07:38:30.0880 1876 AVGIDSFilter (61a7e0b02f82cff3db2445bbe50b3589) C:\Windows\system32\DRIVERS\avgidsfilterx.sys
07:38:30.0881 1876 AVGIDSFilter - ok
07:38:30.0894 1876 AVGIDSHX (d63d83659eedf60b3a3e620281a888e5) C:\Windows\system32\DRIVERS\avgidshx.sys
07:38:30.0895 1876 AVGIDSHX - ok
07:38:30.0940 1876 AVGIDSShim (baf975b72062f53d327788e99d64197e) C:\Windows\system32\DRIVERS\avgidsshimx.sys
07:38:30.0941 1876 AVGIDSShim - ok
07:38:30.0955 1876 Avgldx86 (dda6a2a18841e4c9172bb85958b8d948) C:\Windows\system32\DRIVERS\avgldx86.sys
07:38:30.0959 1876 Avgldx86 - ok
07:38:31.0001 1876 Avgmfx86 (ccdd61545aaea265977e4b1efdc74e8c) C:\Windows\system32\DRIVERS\avgmfx86.sys
07:38:31.0002 1876 Avgmfx86 - ok
07:38:31.0014 1876 Avgrkx86 (1fd90b28d2c3100bf4500199c8ad6358) C:\Windows\system32\DRIVERS\avgrkx86.sys
07:38:31.0016 1876 Avgrkx86 - ok
07:38:31.0150 1876 Avgtdix (1263f2554ace925c237a40b4c568d815) C:\Windows\system32\DRIVERS\avgtdix.sys
07:38:31.0154 1876 Avgtdix - ok
07:38:31.0265 1876 avgwd (ea1145debcd508fd25bd1e95c4346929) C:\Program Files\AVG\AVG2012\avgwdsvc.exe
07:38:31.0266 1876 avgwd - ok
07:38:31.0342 1876 BBSvc (825f81a6f7dd073509db101f0ba6dc59) C:\Program Files\Microsoft\BingBar\BBSvc.EXE
07:38:31.0345 1876 BBSvc - ok
07:38:31.0370 1876 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
07:38:31.0371 1876 Beep - ok
07:38:31.0416 1876 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
07:38:31.0419 1876 BFE - ok
07:38:31.0435 1876 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
07:38:31.0437 1876 blbdrive - ok
07:38:31.0531 1876 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
07:38:31.0534 1876 Bonjour Service - ok
07:38:31.0571 1876 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
07:38:31.0573 1876 bowser - ok
07:38:31.0606 1876 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
07:38:31.0608 1876 BrFiltLo - ok
07:38:31.0618 1876 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
07:38:31.0620 1876 BrFiltUp - ok
07:38:31.0638 1876 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
07:38:31.0641 1876 Browser - ok
07:38:31.0654 1876 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
07:38:31.0657 1876 Brserid - ok
07:38:31.0666 1876 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
07:38:31.0669 1876 BrSerWdm - ok
07:38:31.0673 1876 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
07:38:31.0675 1876 BrUsbMdm - ok
07:38:31.0689 1876 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
07:38:31.0691 1876 BrUsbSer - ok
07:38:31.0703 1876 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
07:38:31.0705 1876 BTHMODEM - ok
07:38:31.0741 1876 catchme - ok
07:38:31.0774 1876 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
07:38:31.0776 1876 cdfs - ok
07:38:31.0807 1876 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
07:38:31.0810 1876 cdrom - ok
07:38:31.0834 1876 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
07:38:31.0836 1876 CertPropSvc - ok
07:38:31.0851 1876 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
07:38:31.0854 1876 circlass - ok
07:38:31.0869 1876 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
07:38:31.0874 1876 CLFS - ok
07:38:31.0952 1876 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
07:38:31.0955 1876 clr_optimization_v2.0.50727_32 - ok
07:38:32.0008 1876 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
07:38:32.0010 1876 clr_optimization_v4.0.30319_32 - ok
07:38:32.0053 1876 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
07:38:32.0055 1876 cmdide - ok
07:38:32.0060 1876 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\drivers\compbatt.sys
07:38:32.0062 1876 Compbatt - ok
07:38:32.0095 1876 COMSysApp - ok
07:38:32.0134 1876 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
07:38:32.0137 1876 crcdisk - ok
07:38:32.0186 1876 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
07:38:32.0189 1876 Crusoe - ok
07:38:32.0247 1876 CryptSvc (75c6a297e364014840b48eccd7525e30) C:\Windows\system32\cryptsvc.dll
07:38:32.0250 1876 CryptSvc - ok
07:38:32.0287 1876 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
07:38:32.0296 1876 DcomLaunch - ok
07:38:32.0340 1876 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
07:38:32.0342 1876 DfsC - ok
07:38:32.0451 1876 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
07:38:32.0483 1876 DFSR - ok
07:38:32.0587 1876 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
07:38:32.0591 1876 Dhcp - ok
07:38:32.0625 1876 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
07:38:32.0627 1876 disk - ok
07:38:32.0661 1876 Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
07:38:32.0664 1876 Dnscache - ok
07:38:32.0680 1876 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
07:38:32.0684 1876 dot3svc - ok
07:38:32.0704 1876 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
07:38:32.0707 1876 DPS - ok
07:38:32.0742 1876 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
07:38:32.0744 1876 drmkaud - ok
07:38:32.0786 1876 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
07:38:32.0793 1876 DXGKrnl - ok
07:38:32.0835 1876 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
07:38:32.0838 1876 E1G60 - ok
07:38:32.0863 1876 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
07:38:32.0865 1876 EapHost - ok
07:38:32.0879 1876 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
07:38:32.0881 1876 Ecache - ok
07:38:32.0910 1876 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
07:38:32.0915 1876 elxstor - ok
07:38:32.0942 1876 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
07:38:32.0946 1876 EMDMgmt - ok
07:38:32.0963 1876 ErrDev (a81ab23eddb4693612014d87367d014c) C:\Windows\system32\drivers\errdev.sys
07:38:32.0965 1876 ErrDev - ok
07:38:32.0995 1876 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
07:38:32.0997 1876 EventSystem - ok
07:38:33.0026 1876 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
07:38:33.0029 1876 exfat - ok
07:38:33.0062 1876 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
07:38:33.0064 1876 fastfat - ok
07:38:33.0083 1876 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
07:38:33.0084 1876 fdc - ok
07:38:33.0099 1876 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
07:38:33.0100 1876 fdPHost - ok
07:38:33.0104 1876 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
07:38:33.0105 1876 FDResPub - ok
07:38:33.0123 1876 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
07:38:33.0125 1876 FileInfo - ok
07:38:33.0136 1876 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
07:38:33.0137 1876 Filetrace - ok
07:38:33.0243 1876 FLEXnet Licensing Service (1f63900e2eb00101b9aca2b7a870704e) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
07:38:33.0251 1876 FLEXnet Licensing Service - ok
07:38:33.0280 1876 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
07:38:33.0281 1876 flpydisk - ok
07:38:33.0306 1876 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
07:38:33.0308 1876 FltMgr - ok
07:38:33.0382 1876 FontCache (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
07:38:33.0392 1876 FontCache - ok
07:38:33.0463 1876 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
07:38:33.0465 1876 FontCache3.0.0.0 - ok
07:38:33.0540 1876 fssfltr (d909075fa72c090f27aa926c32cb4612) C:\Windows\system32\DRIVERS\fssfltr.sys
07:38:33.0542 1876 fssfltr - ok
07:38:33.0682 1876 fsssvc (4ce9dac1518ff7e77bd213e6394b9d77) C:\Program Files\Windows Live\Family Safety\fsssvc.exe
07:38:33.0700 1876 fsssvc - ok
07:38:33.0806 1876 Fs_Rec (b972a66758577e0bfd1de0f91aaa27b5) C:\Windows\system32\drivers\Fs_Rec.sys
07:38:33.0820 1876 Fs_Rec - ok
07:38:33.0836 1876 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
07:38:33.0839 1876 gagp30kx - ok
07:38:33.0866 1876 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
07:38:33.0868 1876 GEARAspiWDM - ok
07:38:33.0916 1876 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
07:38:33.0924 1876 gpsvc - ok
07:38:34.0122 1876 gupdate (506708142bc63daba64f2d3ad1dcd5bf) C:\Program Files\Google\Update\GoogleUpdate.exe
07:38:34.0123 1876 gupdate - ok
07:38:34.0140 1876 gupdatem (506708142bc63daba64f2d3ad1dcd5bf) C:\Program Files\Google\Update\GoogleUpdate.exe
07:38:34.0141 1876 gupdatem - ok
07:38:34.0166 1876 HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys
07:38:34.0170 1876 HdAudAddService - ok
07:38:34.0205 1876 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
07:38:34.0211 1876 HDAudBus - ok
07:38:34.0222 1876 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
07:38:34.0223 1876 HidBth - ok
07:38:34.0237 1876 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
07:38:34.0239 1876 HidIr - ok
07:38:34.0262 1876 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\System32\hidserv.dll
07:38:34.0264 1876 hidserv - ok
07:38:34.0273 1876 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
07:38:34.0274 1876 HidUsb - ok
07:38:34.0282 1876 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
07:38:34.0284 1876 hkmsvc - ok
07:38:34.0296 1876 HpCISSs (7ebec5eb56b90ed65a8bbd91464e5cfb) C:\Windows\system32\drivers\hpcisss.sys
07:38:34.0297 1876 HpCISSs - ok
07:38:34.0321 1876 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
07:38:34.0325 1876 HTTP - ok
07:38:34.0342 1876 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
07:38:34.0344 1876 i2omp - ok
07:38:34.0372 1876 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
07:38:34.0374 1876 i8042prt - ok
07:38:34.0386 1876 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
07:38:34.0389 1876 iaStorV - ok
07:38:34.0463 1876 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
07:38:34.0473 1876 idsvc - ok
07:38:34.0492 1876 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
07:38:34.0493 1876 iirsp - ok
07:38:34.0537 1876 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
07:38:34.0545 1876 IKEEXT - ok
07:38:34.0582 1876 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
07:38:34.0584 1876 intelide - ok
07:38:34.0621 1876 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
07:38:34.0623 1876 intelppm - ok
07:38:34.0648 1876 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
07:38:34.0651 1876 IPBusEnum - ok
07:38:34.0660 1876 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
07:38:34.0662 1876 IpFilterDriver - ok
07:38:34.0719 1876 iphlpsvc (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll
07:38:34.0723 1876 iphlpsvc - ok
07:38:34.0727 1876 IpInIp - ok
07:38:34.0742 1876 IPMIDRV (4b9c0f4d4a3acc535f9771039ecd6365) C:\Windows\system32\drivers\ipmidrv.sys
07:38:34.0744 1876 IPMIDRV - ok
07:38:34.0765 1876 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
07:38:34.0768 1876 IPNAT - ok
07:38:34.0881 1876 iPod Service (57edb35ea2feca88f8b17c0c095c9a56) C:\Program Files\iPod\bin\iPodService.exe
07:38:34.0887 1876 iPod Service - ok
07:38:34.0916 1876 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
07:38:34.0918 1876 IRENUM - ok
07:38:34.0936 1876 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
07:38:34.0937 1876 isapnp - ok
07:38:34.0962 1876 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
07:38:34.0964 1876 iScsiPrt - ok
07:38:35.0022 1876 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
07:38:35.0030 1876 iteatapi - ok
07:38:35.0064 1876 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
07:38:35.0067 1876 iteraid - ok
07:38:35.0080 1876 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
07:38:35.0082 1876 kbdclass - ok
07:38:35.0098 1876 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
07:38:35.0100 1876 kbdhid - ok
07:38:35.0120 1876 KeyIso (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
07:38:35.0122 1876 KeyIso - ok
07:38:35.0192 1876 KSecDD (4a1445efa932a3baf5bdb02d7131ee20) C:\Windows\system32\Drivers\ksecdd.sys
07:38:35.0197 1876 KSecDD - ok
07:38:35.0250 1876 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
07:38:35.0253 1876 KtmRm - ok
07:38:35.0273 1876 LanmanServer (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\System32\srvsvc.dll
07:38:35.0277 1876 LanmanServer - ok
07:38:35.0314 1876 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
07:38:35.0317 1876 LanmanWorkstation - ok
07:38:35.0331 1876 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
07:38:35.0332 1876 lltdio - ok
07:38:35.0368 1876 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
07:38:35.0372 1876 lltdsvc - ok
07:38:35.0388 1876 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
07:38:35.0390 1876 lmhosts - ok
07:38:35.0416 1876 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
07:38:35.0418 1876 LSI_FC - ok
07:38:35.0431 1876 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
07:38:35.0433 1876 LSI_SAS - ok
07:38:35.0453 1876 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
07:38:35.0455 1876 LSI_SCSI - ok
07:38:35.0467 1876 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
07:38:35.0468 1876 luafv - ok
07:38:35.0532 1876 ManyCam (8e17d513d8011b0ee03c355eaab0e0cc) C:\Windows\system32\DRIVERS\mcvidrv.sys
07:38:35.0566 1876 ManyCam - ok
07:38:35.0586 1876 MBAMProtector (6dfe7f2e8e8a337263aa5c92a215f161) C:\Windows\system32\drivers\mbam.sys
07:38:35.0587 1876 MBAMProtector - ok
07:38:35.0685 1876 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
07:38:35.0689 1876 MBAMService - ok
07:38:35.0773 1876 McAfee SiteAdvisor Service (c226ce46cd17fce6261a9de406f01c8b) c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe
07:38:35.0774 1876 McAfee SiteAdvisor Service - ok
07:38:35.0841 1876 mcaudrv_simple (562d95e00e14a944debe655decbd3f5b) C:\Windows\system32\drivers\mcaudrv.sys
07:38:35.0852 1876 mcaudrv_simple - ok
07:38:35.0900 1876 McComponentHostService (f453d1e6d881e8f8717e20ccd4199e85) C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
07:38:35.0904 1876 McComponentHostService - ok
07:38:35.0940 1876 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
07:38:35.0941 1876 megasas - ok
07:38:35.0970 1876 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
07:38:35.0976 1876 MegaSR - ok
07:38:36.0056 1876 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
07:38:36.0058 1876 Microsoft Office Groove Audit Service - ok
07:38:36.0077 1876 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
07:38:36.0079 1876 MMCSS - ok
07:38:36.0088 1876 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
07:38:36.0090 1876 Modem - ok
07:38:36.0105 1876 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
07:38:36.0106 1876 monitor - ok
07:38:36.0115 1876 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
07:38:36.0117 1876 mouclass - ok
07:38:36.0124 1876 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
07:38:36.0125 1876 mouhid - ok
07:38:36.0131 1876 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
07:38:36.0133 1876 MountMgr - ok
07:38:36.0338 1876 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
07:38:36.0340 1876 MozillaMaintenance - ok
07:38:36.0357 1876 mpio (5da347912fd3af24d7bfb3de519d4bd0) C:\Windows\system32\drivers\mpio.sys
07:38:36.0359 1876 mpio - ok
07:38:36.0375 1876 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
07:38:36.0377 1876 mpsdrv - ok
07:38:36.0407 1876 MpsSvc (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
07:38:36.0411 1876 MpsSvc - ok
07:38:36.0433 1876 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
07:38:36.0435 1876 Mraid35x - ok
07:38:36.0449 1876 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
07:38:36.0452 1876 MRxDAV - ok
07:38:36.0503 1876 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
07:38:36.0505 1876 mrxsmb - ok
07:38:36.0552 1876 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
07:38:36.0555 1876 mrxsmb10 - ok
07:38:36.0560 1876 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
07:38:36.0562 1876 mrxsmb20 - ok
07:38:36.0577 1876 msahci (5457dcfa7c0da43522f4d9d4049c1472) C:\Windows\system32\drivers\msahci.sys
07:38:36.0578 1876 msahci - ok
07:38:36.0600 1876 msdsm (2c563aef15b8d0014c36c5f27742ac7b) C:\Windows\system32\drivers\msdsm.sys
07:38:36.0602 1876 msdsm - ok
07:38:36.0630 1876 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
07:38:36.0634 1876 MSDTC - ok
07:38:36.0658 1876 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
07:38:36.0659 1876 Msfs - ok
07:38:36.0686 1876 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
07:38:36.0688 1876 msisadrv - ok
07:38:36.0707 1876 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
07:38:36.0710 1876 MSiSCSI - ok
07:38:36.0713 1876 msiserver - ok
07:38:36.0734 1876 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
07:38:36.0736 1876 MSKSSRV - ok
07:38:36.0755 1876 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
07:38:36.0757 1876 MSPCLOCK - ok
07:38:36.0769 1876 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
07:38:36.0771 1876 MSPQM - ok
07:38:36.0787 1876 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
07:38:36.0789 1876 MsRPC - ok
07:38:36.0801 1876 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
07:38:36.0802 1876 mssmbios - ok
07:38:36.0830 1876 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
07:38:36.0831 1876 MSTEE - ok
07:38:36.0848 1876 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
07:38:36.0851 1876 Mup - ok
07:38:36.0878 1876 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
07:38:36.0885 1876 napagent - ok
07:38:36.0898 1876 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
07:38:36.0901 1876 NativeWifiP - ok
07:38:36.0934 1876 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
07:38:36.0941 1876 NDIS - ok
07:38:36.0964 1876 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
07:38:36.0965 1876 NdisTapi - ok
07:38:36.0974 1876 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
07:38:36.0975 1876 Ndisuio - ok
07:38:36.0987 1876 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
07:38:36.0990 1876 NdisWan - ok
07:38:37.0000 1876 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
07:38:37.0002 1876 NDProxy - ok
07:38:37.0025 1876 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
07:38:37.0027 1876 NetBIOS - ok
07:38:37.0044 1876 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
07:38:37.0048 1876 netbt - ok
07:38:37.0087 1876 Netlogon (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
07:38:37.0088 1876 Netlogon - ok
07:38:37.0115 1876 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
07:38:37.0119 1876 Netman - ok
07:38:37.0139 1876 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
07:38:37.0143 1876 netprofm - ok
07:38:37.0195 1876 NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
07:38:37.0197 1876 NetTcpPortSharing - ok
07:38:37.0220 1876 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
07:38:37.0221 1876 nfrd960 - ok
07:38:37.0232 1876 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
07:38:37.0235 1876 NlaSvc - ok
07:38:37.0275 1876 nmwcd (f6c40e0a565ee3ce5aeeb325e10054f2) C:\Windows\system32\drivers\ccdcmb.sys
07:38:37.0288 1876 nmwcd - ok
07:38:37.0339 1876 nmwcdc (2a394e9e1fa3565e4b2fea470ffe4d6b) C:\Windows\system32\drivers\ccdcmbo.sys
07:38:37.0351 1876 nmwcdc - ok
07:38:37.0357 1876 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
07:38:37.0358 1876 Npfs - ok
07:38:37.0381 1876 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
07:38:37.0383 1876 nsi - ok
07:38:37.0390 1876 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
07:38:37.0392 1876 nsiproxy - ok
07:38:37.0438 1876 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
07:38:37.0450 1876 Ntfs - ok
07:38:37.0473 1876 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
07:38:37.0475 1876 ntrigdigi - ok
07:38:37.0481 1876 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
07:38:37.0482 1876 Null - ok
07:38:37.0835 1876 nvlddmkm (bd409de5681c74c1de51d72427dc202d) C:\Windows\system32\DRIVERS\nvlddmkm.sys
07:38:37.0990 1876 nvlddmkm - ok
07:38:38.0070 1876 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
07:38:38.0073 1876 nvraid - ok
07:38:38.0083 1876 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
07:38:38.0085 1876 nvstor - ok
07:38:38.0140 1876 NVSvc (e55877be77a8a31b0416b4e7c3dbe3f2) C:\Windows\system32\nvvsvc.exe
07:38:38.0146 1876 NVSvc - ok
07:38:38.0163 1876 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
07:38:38.0166 1876 nv_agp - ok
07:38:38.0169 1876 NwlnkFlt - ok
07:38:38.0175 1876 NwlnkFwd - ok
07:38:38.0301 1876 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
07:38:38.0306 1876 odserv - ok
07:38:38.0335 1876 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
07:38:38.0337 1876 ohci1394 - ok
07:38:38.0368 1876 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
07:38:38.0371 1876 ose - ok
07:38:38.0410 1876 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
07:38:38.0419 1876 p2pimsvc - ok
07:38:38.0424 1876 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
07:38:38.0430 1876 p2psvc - ok
07:38:38.0452 1876 Parport (8a79fdf04a73428597e2caf9d0d67850) C:\Windows\system32\DRIVERS\parport.sys
07:38:38.0454 1876 Parport - ok
07:38:38.0500 1876 partmgr (b9c2b89f08670e159f7181891e449cd9) C:\Windows\system32\drivers\partmgr.sys
07:38:38.0502 1876 partmgr - ok
07:38:38.0515 1876 Parvdm (6c580025c81caf3ae9e3617c22cad00e) C:\Windows\system32\DRIVERS\parvdm.sys
07:38:38.0517 1876 Parvdm - ok
07:38:38.0528 1876 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
07:38:38.0531 1876 PcaSvc - ok
07:38:38.0573 1876 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\Windows\system32\DRIVERS\pccsmcfd.sys
07:38:38.0575 1876 pccsmcfd - ok
07:38:38.0596 1876 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
07:38:38.0599 1876 pci - ok
07:38:38.0609 1876 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
07:38:38.0611 1876 pciide - ok
07:38:38.0629 1876 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
07:38:38.0633 1876 pcmcia - ok
07:38:38.0683 1876 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
07:38:38.0693 1876 PEAUTH - ok
07:38:38.0784 1876 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
07:38:38.0804 1876 pla - ok
07:38:38.0867 1876 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
07:38:38.0872 1876 PlugPlay - ok
07:38:38.0908 1876 PnkBstrA (1713d9de407313138118d501b0e3c05b) C:\Windows\system32\PnkBstrA.exe
07:38:38.0912 1876 PnkBstrA - ok
07:38:38.0980 1876 PnkBstrB (27f1be4a53441c9f1f48b9adc145b0a5) C:\Windows\system32\PnkBstrB.exe
07:38:38.0984 1876 PnkBstrB - ok
07:38:39.0053 1876 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
07:38:39.0060 1876 PNRPAutoReg - ok
07:38:39.0067 1876 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
07:38:39.0074 1876 PNRPsvc - ok
07:38:39.0115 1876 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
07:38:39.0121 1876 PolicyAgent - ok
07:38:39.0160 1876 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
07:38:39.0162 1876 PptpMiniport - ok
07:38:39.0175 1876 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\DRIVERS\processr.sys
07:38:39.0177 1876 Processor - ok
07:38:39.0188 1876 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
07:38:39.0191 1876 ProfSvc - ok
07:38:39.0211 1876 ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
07:38:39.0214 1876 ProtectedStorage - ok
07:38:39.0235 1876 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
07:38:39.0237 1876 PSched - ok
07:38:39.0283 1876 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\Windows\system32\Drivers\PxHelp20.sys
07:38:39.0285 1876 PxHelp20 - ok
07:38:39.0339 1876 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
07:38:39.0353 1876 ql2300 - ok
07:38:39.0368 1876 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
07:38:39.0371 1876 ql40xx - ok
07:38:39.0397 1876 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
07:38:39.0403 1876 QWAVE - ok
07:38:39.0425 1876 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
07:38:39.0426 1876 QWAVEdrv - ok
07:38:39.0430 1876 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
07:38:39.0431 1876 RasAcd - ok
07:38:39.0443 1876 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
07:38:39.0447 1876 RasAuto - ok
07:38:39.0460 1876 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
07:38:39.0462 1876 Rasl2tp - ok
07:38:39.0478 1876 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
07:38:39.0484 1876 RasMan - ok
07:38:39.0498 1876 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
07:38:39.0499 1876 RasPppoe - ok
07:38:39.0505 1876 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
07:38:39.0507 1876 RasSstp - ok
07:38:39.0524 1876 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
07:38:39.0528 1876 rdbss - ok
07:38:39.0535 1876 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
07:38:39.0537 1876 RDPCDD - ok
07:38:39.0558 1876 rdpdr (943b18305eae3935598a9b4a3d560b4c) C:\Windows\system32\drivers\rdpdr.sys
07:38:39.0563 1876 rdpdr - ok
07:38:39.0567 1876 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
07:38:39.0568 1876 RDPENCDD - ok
07:38:39.0618 1876 RDPWD (c127ebd5afab31524662c48dfceb773a) C:\Windows\system32\drivers\RDPWD.sys
07:38:39.0632 1876 RDPWD - ok
07:38:39.0652 1876 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
07:38:39.0655 1876 RemoteAccess - ok
07:38:39.0681 1876 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
07:38:39.0684 1876 RemoteRegistry - ok
07:38:39.0726 1876 RimUsb (4f4a4c09cc5be58a76cac1c337e004e6) C:\Windows\system32\Drivers\RimUsb.sys
07:38:39.0737 1876 RimUsb - ok
07:38:39.0794 1876 RimVSerPort (3a5633ad615e2b15291bd0b1b97ccd8a) C:\Windows\system32\DRIVERS\RimSerial.sys
07:38:39.0803 1876 RimVSerPort - ok
07:38:39.0821 1876 ROOTMODEM (75e8a6bfa7374aba833ae92bf41ae4e6) C:\Windows\system32\Drivers\RootMdm.sys
07:38:39.0822 1876 ROOTMODEM - ok
07:38:39.0843 1876 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
07:38:39.0845 1876 RpcLocator - ok
07:38:39.0881 1876 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
07:38:39.0887 1876 RpcSs - ok
07:38:39.0894 1876 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
07:38:39.0896 1876 rspndr - ok
07:38:39.0926 1876 RTL8169 (58629139a5f17e4e74854c2eb39fe518) C:\Windows\system32\DRIVERS\Rtlh86.sys
07:38:39.0930 1876 RTL8169 - ok
07:38:39.0953 1876 SamSs (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
07:38:39.0954 1876 SamSs - ok
07:38:39.0979 1876 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
07:38:39.0981 1876 sbp2port - ok
07:38:39.0999 1876 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
07:38:40.0002 1876 SCardSvr - ok
07:38:40.0049 1876 SCDEmu (20b2751cd4c8f3fd989739ca661b9f30) C:\Windows\system32\drivers\SCDEmu.sys
07:38:40.0051 1876 SCDEmu - ok
07:38:40.0088 1876 Schedule (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
07:38:40.0093 1876 Schedule - ok
07:38:40.0107 1876 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
07:38:40.0108 1876 SCPolicySvc - ok
07:38:40.0121 1876 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
07:38:40.0124 1876 SDRSVC - ok
07:38:40.0253 1876 SeaPort (cc781378e7eda615d2cdca3b17829fa4) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
07:38:40.0256 1876 SeaPort - ok
07:38:40.0276 1876 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
07:38:40.0277 1876 secdrv - ok
07:38:40.0290 1876 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
07:38:40.0293 1876 seclogon - ok
07:38:40.0304 1876 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\system32\sens.dll
07:38:40.0308 1876 SENS - ok
07:38:40.0330 1876 Serenum (ce9ec966638ef0b10b864ddedf62a099) C:\Windows\system32\DRIVERS\serenum.sys
07:38:40.0332 1876 Serenum - ok
07:38:40.0345 1876 Serial (6d663022db3e7058907784ae14b69898) C:\Windows\system32\DRIVERS\serial.sys
07:38:40.0348 1876 Serial - ok
07:38:40.0371 1876 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
07:38:40.0373 1876 sermouse - ok
07:38:40.0459 1876 ServiceLayer (e802089fec30a95fdfd218995308f9b3) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
07:38:40.0468 1876 ServiceLayer - ok
07:38:40.0491 1876 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
07:38:40.0494 1876 SessionEnv - ok
07:38:40.0513 1876 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
07:38:40.0515 1876 sffdisk - ok
07:38:40.0524 1876 sffp_mmc (e5eafe85815bd89095fef3144a09ab68) C:\Windows\system32\drivers\sffp_mmc.sys
07:38:40.0526 1876 sffp_mmc - ok
07:38:40.0533 1876 sffp_sd (9f66a46c55d6f1ccabc79bb7afccc545) C:\Windows\system32\drivers\sffp_sd.sys
07:38:40.0534 1876 sffp_sd - ok
07:38:40.0545 1876 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
07:38:40.0546 1876 sfloppy - ok
07:38:40.0583 1876 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
07:38:40.0587 1876 SharedAccess - ok
07:38:40.0637 1876 ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
07:38:40.0642 1876 ShellHWDetection - ok
07:38:40.0664 1876 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
07:38:40.0666 1876 sisagp - ok
07:38:40.0682 1876 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
07:38:40.0684 1876 SiSRaid2 - ok
07:38:40.0692 1876 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
07:38:40.0694 1876 SiSRaid4 - ok
07:38:40.0808 1876 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
07:38:40.0827 1876 slsvc - ok
07:38:40.0891 1876 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
07:38:40.0895 1876 SLUINotify - ok
07:38:40.0918 1876 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
07:38:40.0921 1876 Smb - ok
07:38:40.0947 1876 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
07:38:40.0950 1876 SNMPTRAP - ok
07:38:41.0328 1876 SNPSTD3 (11bb0e11d42cc3a43d741d9b30839be1) C:\Windows\system32\DRIVERS\snpstd3.sys
07:38:41.0494 1876 SNPSTD3 - ok
07:38:41.0569 1876 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
07:38:41.0571 1876 spldr - ok
07:38:41.0593 1876 Spooler (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
07:38:41.0596 1876 Spooler - ok
07:38:41.0637 1876 sptd (d390675b8ce45e5fb359338e5e649329) C:\Windows\system32\Drivers\sptd.sys
07:38:41.0638 1876 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: d390675b8ce45e5fb359338e5e649329
07:38:41.0639 1876 sptd ( LockedFile.Multi.Generic ) - warning
07:38:41.0639 1876 sptd - detected LockedFile.Multi.Generic (1)
07:38:41.0682 1876 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
07:38:41.0685 1876 srv - ok
07:38:41.0716 1876 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
07:38:41.0718 1876 srv2 - ok
07:38:41.0724 1876 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
07:38:41.0726 1876 srvnet - ok
07:38:41.0767 1876 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
07:38:41.0770 1876 SSDPSRV - ok
07:38:41.0802 1876 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
07:38:41.0806 1876 SstpSvc - ok
07:38:41.0911 1876 Stereo Service (8d01686ae82b466f4cd074f31f2942ca) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
07:38:41.0913 1876 Stereo Service - ok
07:38:41.0936 1876 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
07:38:41.0940 1876 stisvc - ok
07:38:41.0959 1876 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
07:38:41.0960 1876 swenum - ok
07:38:42.0049 1876 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
07:38:42.0052 1876 SwitchBoard - ok
07:38:42.0077 1876 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
07:38:42.0082 1876 swprv - ok
07:38:42.0092 1876 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
07:38:42.0094 1876 Symc8xx - ok
07:38:42.0103 1876 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
07:38:42.0105 1876 Sym_hi - ok
07:38:42.0121 1876 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
07:38:42.0123 1876 Sym_u3 - ok
07:38:42.0152 1876 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
07:38:42.0161 1876 SysMain - ok
07:38:42.0174 1876 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
07:38:42.0179 1876 TabletInputService - ok
07:38:42.0193 1876 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
07:38:42.0198 1876 TapiSrv - ok
07:38:42.0209 1876 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
07:38:42.0214 1876 TBS - ok
07:38:42.0284 1876 Tcpip (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\drivers\tcpip.sys
07:38:42.0295 1876 Tcpip - ok
07:38:42.0305 1876 Tcpip6 (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\DRIVERS\tcpip.sys
07:38:42.0312 1876 Tcpip6 - ok
07:38:42.0328 1876 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
07:38:42.0329 1876 tcpipreg - ok
07:38:42.0339 1876 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
07:38:42.0341 1876 TDPIPE - ok
07:38:42.0348 1876 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
07:38:42.0350 1876 TDTCP - ok
07:38:42.0356 1876 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
07:38:42.0359 1876 tdx - ok
07:38:42.0370 1876 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
07:38:42.0372 1876 TermDD - ok
07:38:42.0412 1876 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
07:38:42.0419 1876 TermService - ok
07:38:42.0472 1876 Themes (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
07:38:42.0477 1876 Themes - ok
07:38:42.0495 1876 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
07:38:42.0498 1876 THREADORDER - ok
07:38:42.0510 1876 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
07:38:42.0514 1876 TrkWks - ok
07:38:42.0553 1876 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
07:38:42.0554 1876 TrustedInstaller - ok
07:38:42.0570 1876 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
07:38:42.0572 1876 tssecsrv - ok
07:38:42.0587 1876 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
07:38:42.0589 1876 tunmp - ok
07:38:42.0632 1876 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
07:38:42.0634 1876 tunnel - ok
07:38:42.0652 1876 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
07:38:42.0655 1876 uagp35 - ok
07:38:42.0676 1876 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
07:38:42.0678 1876 udfs - ok
07:38:42.0702 1876 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
07:38:42.0706 1876 UI0Detect - ok
07:38:42.0724 1876 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
07:38:42.0726 1876 uliagpkx - ok
07:38:42.0742 1876 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
07:38:42.0745 1876 uliahci - ok
07:38:42.0768 1876 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
07:38:42.0770 1876 UlSata - ok
07:38:42.0781 1876 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
07:38:42.0783 1876 ulsata2 - ok
07:38:42.0797 1876 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
07:38:42.0799 1876 umbus - ok
07:38:42.0819 1876 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
07:38:42.0824 1876 upnphost - ok
07:38:42.0864 1876 upperdev (47f5f9d837d80ffd5882a14db9da0a67) C:\Windows\system32\DRIVERS\usbser_lowerflt.sys
07:38:42.0875 1876 upperdev - ok
07:38:42.0920 1876 USBAAPL (eafe1e00739afe6c51487a050e772e17) C:\Windows\system32\Drivers\usbaapl.sys
07:38:42.0969 1876 USBAAPL - ok
07:38:43.0008 1876 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
07:38:43.0009 1876 usbccgp - ok
07:38:43.0048 1876 USBCCID (32c068eaf37c92d7194eee1faa1e7853) C:\Windows\system32\DRIVERS\usbccid.sys
07:38:43.0050 1876 USBCCID - ok
07:38:43.0074 1876 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
07:38:43.0076 1876 usbcir - ok
07:38:43.0110 1876 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
07:38:43.0111 1876 usbehci - ok
07:38:43.0125 1876 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
07:38:43.0128 1876 usbhub - ok
07:38:43.0154 1876 usbohci (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys
07:38:43.0155 1876 usbohci - ok
07:38:43.0174 1876 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys
07:38:43.0176 1876 usbprint - ok
07:38:43.0251 1876 usbser (d575246188f63de0accf6eac5fb59e6a) C:\Windows\system32\drivers\usbser.sys
07:38:43.0253 1876 usbser - ok
07:38:43.0302 1876 UsbserFilt (e44f0d17be0908b58dcc99ccb99c6c32) C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys
07:38:43.0313 1876 UsbserFilt - ok
07:38:43.0329 1876 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
07:38:43.0331 1876 USBSTOR - ok
07:38:43.0344 1876 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
07:38:43.0345 1876 usbuhci - ok
07:38:43.0363 1876 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
07:38:43.0365 1876 UxSms - ok
07:38:43.0398 1876 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
07:38:43.0406 1876 vds - ok
07:38:43.0420 1876 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
07:38:43.0422 1876 vga - ok
07:38:43.0434 1876 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
07:38:43.0435 1876 VgaSave - ok
07:38:43.0447 1876 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
07:38:43.0449 1876 viaagp - ok
07:38:43.0457 1876 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
07:38:43.0459 1876 ViaC7 - ok
07:38:43.0472 1876 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
07:38:43.0474 1876 viaide - ok
07:38:43.0494 1876 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
07:38:43.0496 1876 volmgr - ok
07:38:43.0512 1876 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
07:38:43.0516 1876 volmgrx - ok
07:38:43.0528 1876 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
07:38:43.0532 1876 volsnap - ok
07:38:43.0546 1876 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
07:38:43.0549 1876 vsmraid - ok
07:38:43.0603 1876 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
07:38:43.0619 1876 VSS - ok
07:38:43.0638 1876 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
07:38:43.0644 1876 W32Time - ok
07:38:43.0692 1876 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
07:38:43.0694 1876 WacomPen - ok
07:38:43.0782 1876 WajamUpdater (4aa2cc5979aff984227364f2c23b04f3) C:\Program Files\Wajam\Updater\WajamUpdater.exe
07:38:43.0784 1876 WajamUpdater - ok
07:38:43.0793 1876 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
07:38:43.0795 1876 Wanarp - ok
07:38:43.0798 1876 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
07:38:43.0799 1876 Wanarpv6 - ok
07:38:43.0835 1876 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
07:38:43.0842 1876 wcncsvc - ok
07:38:43.0853 1876 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
07:38:43.0856 1876 WcsPlugInService - ok
07:38:43.0873 1876 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
07:38:43.0875 1876 Wd - ok
07:38:43.0928 1876 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
07:38:43.0933 1876 Wdf01000 - ok
07:38:43.0944 1876 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
07:38:43.0948 1876 WdiServiceHost - ok
07:38:43.0951 1876 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
07:38:43.0954 1876 WdiSystemHost - ok
07:38:43.0967 1876 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
07:38:43.0971 1876 WebClient - ok
07:38:44.0013 1876 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
07:38:44.0018 1876 Wecsvc - ok
07:38:44.0025 1876 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
07:38:44.0029 1876 wercplsupport - ok
07:38:44.0042 1876 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
07:38:44.0046 1876 WerSvc - ok
07:38:44.0136 1876 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
07:38:44.0139 1876 WinDefend - ok
07:38:44.0181 1876 windrvNT (ce291805cb4cd561a5a569df4e28e41f) C:\Windows\system32\windrvNT.sys
07:38:44.0184 1876 windrvNT - ok
07:38:44.0187 1876 WinHttpAutoProxySvc - ok
07:38:44.0218 1876 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
07:38:44.0220 1876 Winmgmt - ok
07:38:44.0293 1876 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
07:38:44.0307 1876 WinRM - ok
07:38:44.0346 1876 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
07:38:44.0354 1876 Wlansvc - ok
07:38:44.0456 1876 wlcrasvc (6067acef367e79914af628fa1e9b5330) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
07:38:44.0457 1876 wlcrasvc - ok
07:38:44.0539 1876 wlidsvc (0a70f4022ec2e14c159efc4f69aa2477) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
07:38:44.0549 1876 wlidsvc - ok
07:38:44.0623 1876 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
07:38:44.0624 1876 WmiAcpi - ok
07:38:44.0656 1876 wmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
07:38:44.0658 1876 wmiApSrv - ok
07:38:44.0763 1876 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
07:38:44.0768 1876 WMPNetworkSvc - ok
07:38:44.0795 1876 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
07:38:44.0799 1876 WPCSvc - ok
07:38:44.0843 1876 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
07:38:44.0847 1876 WPDBusEnum - ok
07:38:44.0906 1876 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
07:38:44.0908 1876 WpdUsb - ok
07:38:44.0991 1876 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
07:38:44.0995 1876 WPFFontCache_v0400 - ok
07:38:45.0019 1876 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
07:38:45.0021 1876 ws2ifsl - ok
07:38:45.0036 1876 wscsvc (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\system32\wscsvc.dll
07:38:45.0040 1876 wscsvc - ok
07:38:45.0043 1876 WSearch - ok
07:38:45.0145 1876 wuauserv (fc3ec24fce372c89423e015a2ac1a31e) C:\Windows\system32\wuaueng.dll
07:38:45.0170 1876 wuauserv - ok
07:38:45.0260 1876 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
07:38:45.0262 1876 WUDFRd - ok
07:38:45.0280 1876 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
07:38:45.0284 1876 wudfsvc - ok
07:38:45.0413 1876 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
07:38:45.0418 1876 YahooAUService - ok
07:38:45.0428 1876 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
07:38:45.0870 1876 \Device\Harddisk0\DR0 - ok
07:38:45.0874 1876 Boot (0x1200) (3d262b6c9f166b72a1a536c3103aa0a6) \Device\Harddisk0\DR0\Partition0
07:38:45.0876 1876 \Device\Harddisk0\DR0\Partition0 - ok
07:38:45.0877 1876 ============================================================
07:38:45.0877 1876 Scan finished
07:38:45.0877 1876 ============================================================
07:38:45.0888 5560 Detected object count: 1
07:38:45.0888 5560 Actual detected object count: 1
07:39:03.0540 5560 sptd ( LockedFile.Multi.Generic ) - skipped by user
07:39:03.0540 5560 sptd ( LockedFile.Multi.Generic ) - User select action: Skip

#4 Logix69

Logix69
  • Topic Starter

  • Members
  • 104 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Kent
  • Local time:05:07 PM

Posted 06 August 2012 - 01:53 AM

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-06 07:42:32
-----------------------------
07:42:32.732 OS Version: Windows 6.0.6002 Service Pack 2
07:42:32.733 Number of processors: 4 586 0x402
07:42:32.733 ComputerName: CARL-PC UserName: Carl
07:42:35.071 Initialize success
07:44:15.765 AVAST engine defs: 12080501
07:44:31.991 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
07:44:31.993 Disk 0 Vendor: Hitachi_HDT721050SLA360 ST3OA3AA Size: 476940MB BusType: 3
07:44:32.013 Disk 0 MBR read successfully
07:44:32.016 Disk 0 MBR scan
07:44:32.021 Disk 0 Windows VISTA default MBR code
07:44:32.024 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 485929 MB offset 63
07:44:32.032 Disk 0 scanning sectors +976752000
07:44:32.095 Disk 0 scanning C:\Windows\system32\drivers
07:44:39.498 Service scanning
07:44:40.743 Modules scanning
07:44:41.125 Disk 0 trace - called modules:
07:44:41.130 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll >>UNKNOWN [0x8491a1e8]<<
07:44:41.132 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x860ee980]
07:44:41.136 3 CLASSPNP.SYS[8b1a08b3] -> nt!IofCallDriver -> [0x857ac918]
07:44:41.140 5 acpi.sys[827266bc] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x857bc528]
07:44:41.143 \Driver\atapi[0x857a44a8] -> IRP_MJ_CREATE -> 0x8491a1e8
07:44:41.215 AVAST engine scan C:\Windows
07:44:42.449 AVAST engine scan C:\Windows\system32
07:47:17.887 AVAST engine scan C:\Windows\system32\drivers
07:47:34.626 AVAST engine scan C:\Users\Carl
07:52:30.447 Disk 0 MBR has been saved successfully to "C:\Users\Carl\Desktop\MBR.dat"
07:52:30.448 The log file has been saved successfully to "C:\Users\Carl\Desktop\aswMBR.txt"

#5 Logix69

Logix69
  • Topic Starter

  • Members
  • 104 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Kent
  • Local time:05:07 PM

Posted 06 August 2012 - 03:05 AM

C:\Qoobox\Quarantine\C\Users\Carl\AppData\Roaming\mderyn.dll.vir a variant of Win32/Medfos.BL trojan
C:\Qoobox\Quarantine\C\Windows\Installer\{df578d48-0eda-bc93-2cb7-08cc90813f88}\U\00000004.@.vir Win32/Conedex.D trojan
C:\Qoobox\Quarantine\C\Windows\Installer\{df578d48-0eda-bc93-2cb7-08cc90813f88}\U\000000cb.@.vir Win32/Conedex.E trojan
C:\Qoobox\Quarantine\C\Windows\Installer\{df578d48-0eda-bc93-2cb7-08cc90813f88}\U\80000000.@.vir a variant of Win32/Sirefef.FA trojan
C:\Qoobox\Quarantine\C\Windows\Installer\{df578d48-0eda-bc93-2cb7-08cc90813f88}\U\80000032.@.vir a variant of Win32/Sirefef.FD trojan
C:\Qoobox\Quarantine\C\Windows\System32\services.exe.vir Win32/Sirefef.FB.Gen trojan
C:\Users\Carl\AppData\Local\{21B3F551-D976-11E1-8270-B8AC6F996F26}\chrome\content\browser.xul JS/Redirector.NIQ trojan

#6 Logix69

Logix69
  • Topic Starter

  • Members
  • 104 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Kent
  • Local time:05:07 PM

Posted 06 August 2012 - 03:50 AM

just thought i would run another scan as the first one i didn't click delete infected files so i changed settings as well and now have found 11 infections i will post log as soon as it has finished

#7 Logix69

Logix69
  • Topic Starter

  • Members
  • 104 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Kent
  • Local time:05:07 PM

Posted 06 August 2012 - 04:26 AM

C:\Program Files\Cheat Engine 6.1\cheatengine-i386.exe a variant of Win32/HackTool.CheatEngine.AB application cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Users\Carl\AppData\Roaming\mderyn.dll.vir a variant of Win32/Medfos.BL trojan cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Windows\Installer\{df578d48-0eda-bc93-2cb7-08cc90813f88}\U\00000004.@.vir Win32/Conedex.D trojan cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Windows\Installer\{df578d48-0eda-bc93-2cb7-08cc90813f88}\U\000000cb.@.vir Win32/Conedex.E trojan cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Windows\Installer\{df578d48-0eda-bc93-2cb7-08cc90813f88}\U\80000000.@.vir a variant of Win32/Sirefef.FA trojan cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Windows\Installer\{df578d48-0eda-bc93-2cb7-08cc90813f88}\U\80000032.@.vir a variant of Win32/Sirefef.FD trojan cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Windows\System32\services.exe.vir Win32/Sirefef.FB.Gen trojan deleted - quarantined
C:\Users\Carl\AppData\Local\{21B3F551-D976-11E1-8270-B8AC6F996F26}\chrome\content\browser.xul JS/Redirector.NIQ trojan cleaned by deleting - quarantined
C:\Users\Carl\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1\66a26301-51117ea7 a variant of Java/TrojanDownloader.Agent.NEL trojan deleted - quarantined
C:\Users\Carl\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33\1e426e61-5f5fd2ec Java/Exploit.CVE-2012-0507.V trojan deleted - quarantined
C:\Users\Carl\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59\47363e7b-1076dd75 a variant of Java/JShrink.A application deleted - quarantined

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:07 PM

Posted 06 August 2012 - 07:29 AM

Download

systemlook

Launch it and copy this script and paste in the BOX

:filefind
services.exe
:folderfind
{df578d48-0eda-bc93-2cb7-08cc90813f88}

Click on LOOK,post the generated log

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#9 Logix69

Logix69
  • Topic Starter

  • Members
  • 104 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Kent
  • Local time:05:07 PM

Posted 06 August 2012 - 07:49 AM

SystemLook 30.07.11 by jpshortstuff
Log created at 13:47 on 06/08/2012 by Carl
Administrator - Elevation successful

========== filefind ==========

Searching for "services.exe"
C:\Windows\erdnt\cache\services.exe --a---- 279552 bytes [15:18 29/07/2012] [13:18 11/04/2009] D4E6D91C1349B7BFB3599A6ADA56851B
C:\Windows\System32\services.exe --a---- 279552 bytes [13:18 11/04/2009] [13:18 11/04/2009] D4E6D91C1349B7BFB3599A6ADA56851B
C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.exe --a---- 279552 bytes [13:18 11/04/2009] [13:18 11/04/2009] D4E6D91C1349B7BFB3599A6ADA56851B

========== folderfind ==========

Searching for "{df578d48-0eda-bc93-2cb7-08cc90813f88}"
C:\Qoobox\Quarantine\C\Windows\Installer\{df578d48-0eda-bc93-2cb7-08cc90813f88} d------ [14:53 29/07/2012]
C:\Users\Carl\AppData\Local\{df578d48-0eda-bc93-2cb7-08cc90813f88} d--hs-- [22:49 10/01/2012]
C:\Windows\Installer\{df578d48-0eda-bc93-2cb7-08cc90813f88} d------ [22:49 10/01/2012]

-= EOF =-

#10 Logix69

Logix69
  • Topic Starter

  • Members
  • 104 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Kent
  • Local time:05:07 PM

Posted 06 August 2012 - 10:00 AM

MiniToolBox by Farbar Version: 23-07-2012
Ran by Carl (administrator) on 06-08-2012 at 15:57:02
Microsoft® Windows Vista™ Home Basic Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Carl-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : home

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 00-E0-4D-BA-5C-86
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::dc18:953a:90eb:a1ca%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.5(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : 06 August 2012 15:07:10
Lease Expires . . . . . . . . . . : 07 August 2012 15:07:10
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 167829581
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-BF-92-48-00-E0-4D-BA-5C-86
DNS Servers . . . . . . . . . . . : 192.168.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 7:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fb:839:64a:3f57:fffa(Preferred)
Link-local IPv6 Address . . . . . : fe80::839:64a:3f57:fffa%11(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : isatap.home
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: myrouter.home
Address: 192.168.0.1

Name: google.com
Addresses: 2a00:1450:4009:804::1000
173.194.34.134
173.194.34.135
173.194.34.136
173.194.34.137
173.194.34.142
173.194.34.128
173.194.34.129
173.194.34.130
173.194.34.131
173.194.34.132
173.194.34.133



Pinging google.com [173.194.34.133] with 32 bytes of data:

Reply from 173.194.34.133: bytes=32 time=24ms TTL=57

Reply from 173.194.34.133: bytes=32 time=26ms TTL=57



Ping statistics for 173.194.34.133:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 24ms, Maximum = 26ms, Average = 25ms

Server: myrouter.home
Address: 192.168.0.1

Name: yahoo.com
Addresses: 72.30.38.140
98.139.183.24
209.191.122.70



Pinging yahoo.com [209.191.122.70] with 32 bytes of data:

Reply from 209.191.122.70: bytes=32 time=148ms TTL=52

Reply from 209.191.122.70: bytes=32 time=148ms TTL=52



Ping statistics for 209.191.122.70:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 148ms, Maximum = 148ms, Average = 148ms

Server: myrouter.home
Address: 192.168.0.1

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:

Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
10 ...00 e0 4d ba 5c 86 ...... Realtek PCIe GBE Family Controller
1 ........................... Software Loopback Interface 1
11 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
12 ...00 00 00 00 00 00 00 e0 isatap.home
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.5 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.5 276
192.168.0.5 255.255.255.255 On-link 192.168.0.5 276
192.168.0.255 255.255.255.255 On-link 192.168.0.5 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.5 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.0.5 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
11 18 ::/0 On-link
1 306 ::1/128 On-link
11 18 2001::/32 On-link
11 266 2001:0:5ef5:79fb:839:64a:3f57:fffa/128
On-link
10 276 fe80::/64 On-link
11 266 fe80::/64 On-link
11 266 fe80::839:64a:3f57:fffa/128
On-link
10 276 fe80::dc18:953a:90eb:a1ca/128
On-link
1 306 ff00::/8 On-link
11 266 ff00::/8 On-link
10 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [223232] (Microsoft Corporation)
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\System32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\System32\winrnr.dll [19968] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/06/2012 08:12:33 AM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\CARL\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\9BSQW8AB.DEFAULT\CACHE\9> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (08/06/2012 08:12:33 AM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\CARL\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\9BSQW8AB.DEFAULT\CACHE\9> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (08/06/2012 08:12:33 AM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\CARL\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\9BSQW8AB.DEFAULT\CACHE\8> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (08/06/2012 08:12:33 AM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\CARL\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\9BSQW8AB.DEFAULT\CACHE\8> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (08/06/2012 08:12:33 AM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\CARL\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\9BSQW8AB.DEFAULT\CACHE\7> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (08/06/2012 08:12:33 AM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\CARL\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\9BSQW8AB.DEFAULT\CACHE\7> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (08/06/2012 08:12:32 AM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\CARL\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\9BSQW8AB.DEFAULT\CACHE\6> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (08/06/2012 08:12:32 AM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\CARL\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\9BSQW8AB.DEFAULT\CACHE\6> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (08/06/2012 08:12:32 AM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\CARL\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\9BSQW8AB.DEFAULT\CACHE\5> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (08/06/2012 08:12:32 AM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\CARL\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\9BSQW8AB.DEFAULT\CACHE\5> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)


System errors:
=============
Error: (08/06/2012 07:24:48 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 21:26:46 on 05/08/2012 was unexpected.

Error: (08/05/2012 08:57:07 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 20:53:07 on 05/08/2012 was unexpected.

Error: (07/29/2012 04:13:05 PM) (Source: DCOM) (User: )
Description: {AD3EDBCA-0901-415B-82E9-C16D3B65E38C}

Error: (07/29/2012 04:13:03 PM) (Source: Service Control Manager) (User: )
Description: PEVSystemStart

Error: (07/29/2012 04:09:47 PM) (Source: Service Control Manager) (User: )
Description: PEVSystemStart

Error: (07/29/2012 04:03:02 PM) (Source: Service Control Manager) (User: )
Description: Windows Update

Error: (07/29/2012 04:02:58 PM) (Source: Service Control Manager) (User: )
Description: PEVSystemStart

Error: (07/29/2012 04:00:17 PM) (Source: WMPNetworkSvc) (User: )
Description: WMPNetworkSvc0x80070424

Error: (07/29/2012 03:59:49 PM) (Source: WMPNetworkSvc) (User: )
Description: WMPNetworkSvc0x80070424

Error: (07/29/2012 03:59:33 PM) (Source: Service Control Manager) (User: )
Description: McAfee SiteAdvisor Service1


Microsoft Office Sessions:
=========================
Error: (03/16/2011 00:19:30 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6423.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1 seconds with 0 seconds of active time. This session ended with a crash.


=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
4Media HD Video Converter 6 (Version: 6.0.12.0914)
ACDSee Photo Manager 12 (Version: 12.0.344)
Adobe AIR (Version: 2.5.1.17730)
Adobe Anchor Service CS4 (Version: 2.0)
Adobe Bridge CS4 (Version: 3)
Adobe CMaps CS4 (Version: 2.0)
Adobe Community Help (Version: 3.0.0)
Adobe Community Help (Version: 3.0.0.400)
Adobe CSI CS4 (Version: 1)
Adobe Default Language CS4 (Version: 2.0)
Adobe Device Central CS4 (Version: 2)
Adobe Dreamweaver CS4 (Version: 10.0)
Adobe ExtendScript Toolkit CS4 (Version: 3.0.0)
Adobe Extension Manager CS4 (Version: 2.0)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.270)
Adobe Flash Player 11 Plugin (Version: 11.3.300.270)
Adobe Media Player (Version: 1.8)
Adobe Output Module (Version: 2.0)
Adobe PDF Library Files CS4 (Version: 9.0)
Adobe Photoshop CS5 (Version: 12.0)
Adobe Photoshop Elements 6.0 (Version: 6.0)
Adobe Reader X (10.1.3) (Version: 10.1.3)
Adobe Search for Help (Version: 1.0)
Adobe Service Manager Extension (Version: 1.0)
Adobe Setup (Version: 2.0)
Adobe Type Support CS4 (Version: 9.0)
Adobe Update Manager CS4 (Version: 6.0.0)
Adobe XMP Panels CS4 (Version: 2.0)
Amazon Kindle
ANNO 2070 (Version: 1.0.0.0)
Apple Application Support (Version: 2.1.7)
Apple Mobile Device Support (Version: 5.1.1.4)
Apple Software Update (Version: 2.1.3.127)
Ask Toolbar (Version: 1.15.4.0)
Ask Toolbar Updater (Version: 1.2.2.23821)
µTorrent (Version: 2.2.0)
AVG 2012 (Version: 12.0.2178)
AVG 2012 (Version: 12.0.2437)
AVG 2012 (Version: 2012.0.2178)
AviSynth 2.5
Bing Bar (Version: 7.0.609.0)
BitMeter
BlackBerry App World Browser Plugin (Version: 3.1.4.26)
BlackBerry Desktop Software 7.0 (Version: 7.0.0.59)
Bonjour (Version: 3.0.0.10)
calibre (Version: 0.8.5)
CamStudio OSS Desktop Recorder (Version: 2.6 Beta r294)
Cheat Engine 6.1
Connect (Version: 1.0.0.1)
ConvertXtoDVD 4.1.7.343 (Version: 4.1.7.343)
D3DX10 (Version: 15.4.2368.0902)
DivX Setup (Version: 2.6.1.8)
EASEUS Data Recovery Wizard Professional 4.3.6 (Version: 4.3.6)
ESET Online Scanner v3
Folder Lock
FVD Suite 3.0.0
Google Earth Plug-in (Version: 6.2.2.6613)
Google Update Helper (Version: 1.3.21.115)
iTunes (Version: 10.6.1.7)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 31 (Version: 6.0.310)
Junk Mail filter update (Version: 15.4.3502.0922)
kuler (Version: 2.0)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
ManyCam 3.0.80 (remove only) (Version: 3.0.80)
McAfee Security Scan Plus (Version: 2.0.181.2)
McAfee SiteAdvisor (Version: 3.5.227)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook Connector (Version: 14.0.5118.5000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Mozilla Firefox 14.0.1 (x86 en-GB) (Version: 14.0.1)
Mozilla Maintenance Service (Version: 14.0.1)
Mp3tag v2.49a (Version: v2.49a)
MSVC90_x86 (Version: 1.0.1.2)
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP3 Parser (KB2721691) (Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB973685) (Version: 4.30.2107.0)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)
Nokia Connectivity Cable Driver (Version: 7.1.69.0)
Nokia PC Suite (Version: 7.1.180.46)
Nokia Software Updater (Version: 3.0.605)
NVIDIA 3D Vision Driver 260.99 (Version: 260.99)
NVIDIA Control Panel 260.99 (Version: 260.99)
NVIDIA Graphics Driver 260.99 (Version: 260.99)
NVIDIA Install Application (Version: 2.0.14.0)
NVIDIA PhysX (Version: 9.10.0514)
NVIDIA PhysX System Software 9.10.0514 (Version: 9.10.0514)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.12.6099)
PC Connectivity Solution (Version: 11.5.22.0)
PDF Settings CS5 (Version: 10.0)
Photoshop Camera Raw (Version: 5.0)
PowerISO (Version: 4.7)
QuickTime (Version: 7.71.80.42)
RealNetworks - Microsoft Visual C++ 2005 Runtime (Version: 8.0)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer
Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista (Version: 1.00.0000)
RealUpgrade 1.1 (Version: 1.1.0)
RogueRemover 1.20 (Version: 1.20)
Roxio CinePlayer DVD Decoder for Windows Vista (Version: 1.0.0)
Segoe UI (Version: 15.4.2271.0615)
SIW version 1.73 (Version: 1.73)
Suite Shared Configuration CS4 (Version: 1.0)
System Requirements Lab
System Requirements Lab (Version: 4.1.71.0)
System Requirements Lab CYRI (Version: 4.4.26.0)
Ubisoft Game Launcher (Version: 1.0.0.0)
Unity Web Player (Version: )
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687310) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
uTorrentBar Toolbar (Version: 6.6.0.19)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
VLC media player 1.1.5 (Version: 1.1.5)
Wajam (Version: 1.42)
Windows Driver Package - Nokia Modem (02/25/2011 4.7) (Version: 02/25/2011 4.7)
Windows Driver Package - Nokia Modem (02/25/2011 7.01.0.9) (Version: 02/25/2011 7.01.0.9)
Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0) (Version: 08/22/2008 7.0.0.0)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3508.1109)
Windows Live Family Safety (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinRAR archiver
Xilisoft MP3 CD Burner (Version: 3.0.49.0911)
Yahoo! Messenger
Yahoo! Software Update
Yahoo! Toolbar

========================= Memory info: ===================================

Percentage of memory in use: 49%
Total physical RAM: 3326.37 MB
Available physical RAM: 1695.91 MB
Total Pagefile: 6881.25 MB
Available Pagefile: 5176.73 MB
Total Virtual: 2047.88 MB
Available Virtual: 1946.18 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:485.75 GB) (Free:256.06 GB) NTFS

========================= Users: ========================================

User accounts for \\CARL-PC

Administrator Carl Guest

#11 Logix69

Logix69
  • Topic Starter

  • Members
  • 104 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Kent
  • Local time:05:07 PM

Posted 06 August 2012 - 10:03 AM

Farbar Service Scanner Version: 04-08-2012 01
Ran by Carl (administrator) on 06-08-2012 at 16:00:58
Running from "C:\Users\Carl\Small Software\Virus Treatment"
Microsoft® Windows Vista™ Home Basic Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============
BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to retrieve start type of BITS. The value does not exist.
The ImagePath of BITS service is OK.
The ServiceDll of BITS service is OK.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============

sharedaccess Service is not running. Checking service configuration:
The start type of sharedaccess service is set to Auto
The ImagePath of sharedaccess service is OK.
The ServiceDll of sharedaccess service is OK.


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll
[2008-01-21 03:33] - [2008-01-21 03:33] - 0288256 ____A (Microsoft Corporation) E1499BD0FF76B1B2FBBF1AF339D91165

C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****

#12 Logix69

Logix69
  • Topic Starter

  • Members
  • 104 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Kent
  • Local time:05:07 PM

Posted 06 August 2012 - 10:17 AM

# AdwCleaner v1.800 - Logfile created 08/06/2012 at 16:04:26
# Updated 01/08/2012 by Xplode
# Operating system : Windows Vista ™ Home Basic Service Pack 2 (32 bits)
# User : Carl - CARL-PC
# Running from : C:\Users\Carl\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****

Stopped & Deleted : WajamUpdater

***** [Files / Folders] *****

Folder Deleted : C:\Users\Carl\AppData\Local\Conduit
Folder Deleted : C:\Users\Carl\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Folder Deleted : C:\Users\Carl\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Folder Deleted : C:\Users\Carl\AppData\Local\Wajam
Folder Deleted : C:\Users\Carl\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\Carl\AppData\LocalLow\BabylonToolbar
Folder Deleted : C:\Users\Carl\AppData\LocalLow\boost_interprocess
Folder Deleted : C:\Users\Carl\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Carl\AppData\LocalLow\ConduitEngine
Folder Deleted : C:\Users\Carl\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Carl\AppData\LocalLow\Toolbar4
Folder Deleted : C:\Users\Carl\AppData\LocalLow\uTorrentBar
Folder Deleted : C:\Users\Carl\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Carl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam
Folder Deleted : C:\Users\Carl\AppData\Roaming\Mozilla\Firefox\Profiles\9bsqw8ab.default\Conduit
Folder Deleted : C:\Users\Carl\AppData\Roaming\Mozilla\Firefox\Profiles\9bsqw8ab.default\ConduitEngine
Folder Deleted : C:\Users\Carl\AppData\Roaming\Mozilla\Firefox\Profiles\9bsqw8ab.default\CT2786678
Folder Deleted : C:\Users\Carl\AppData\Roaming\Mozilla\Firefox\Profiles\9bsqw8ab.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
Folder Deleted : C:\Users\Carl\AppData\Roaming\Mozilla\Firefox\Profiles\9bsqw8ab.default\extensions\engine@conduit.com
Folder Deleted : C:\Users\Carl\AppData\Roaming\Mozilla\Firefox\Profiles\9bsqw8ab.default\extensions\toolbar@ask.com
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\Program Files\Ask.com
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\uTorrentBar
Folder Deleted : C:\Program Files\Wajam
Folder Deleted : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml

***** [Registry] *****

[*] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2786678
Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\Wajam
Key Deleted : HKLM\SOFTWARE\APN
Key Deleted : HKLM\SOFTWARE\AskToolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\b
Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamBHO
Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamBHO.1
Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamDownloader
Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamDownloader.1
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Key Deleted : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentBar Toolbar
Key Deleted : HKLM\SOFTWARE\uTorrentBar
Key Deleted : HKLM\SOFTWARE\Wajam
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]

***** [Registre - GUID] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{524F869B-4043-4428-ABB7-5F8D2C24EF44}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D1623056-E2F4-4A60-AA45-003F7A17E2B0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2E2D4861-6FF2-42FC-ADBE-E5574C474AB9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DF29E5C1-AD6F-450C-A828-7CBC69263DB6}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D1623056-E2F4-4A60-AA45-003F7A17E2B0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D1623056-E2F4-4A60-AA45-003F7A17E2B0}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.bigseekpro.com/video2down/{541ECAA8-7F16-4B9A-856E-16B440FFD9A6} --> hxxp://www.google.com

-\\ Mozilla Firefox v14.0.1 (en-GB)

Profile name : default
File : C:\Users\Carl\AppData\Roaming\Mozilla\Firefox\Profiles\9bsqw8ab.default\prefs.js

C:\Users\Carl\AppData\Roaming\Mozilla\Firefox\Profiles\9bsqw8ab.default\user.js ... Deleted !

Deleted : user_pref("CT2786678..clientLogIsEnabled", false);
Deleted : user_pref("CT2786678..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Deleted : user_pref("CT2786678..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Deleted : user_pref("CT2786678.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT2786678.AppTrackingLastCheckTime", "Sat Jun 11 2011 09:30:07 GMT+0100 (GMT Daylight Tim[...]
Deleted : user_pref("CT2786678.CTID", "CT2786678");
Deleted : user_pref("CT2786678.CurrentServerDate", "25-6-2011");
Deleted : user_pref("CT2786678.DialogsAlignMode", "LTR");
Deleted : user_pref("CT2786678.DialogsGetterLastCheckTime", "Thu May 26 2011 10:30:40 GMT+0100 (GMT Daylight T[...]
Deleted : user_pref("CT2786678.DownloadReferralCookieData", "");
Deleted : user_pref("CT2786678.EMailNotifierCheckInterval", "5");
Deleted : user_pref("CT2786678.EMailNotifierLabelLength", 6);
Deleted : user_pref("CT2786678.EMailNotifierPollDate", "Sat Jun 25 2011 11:05:21 GMT+0100 (GMT Daylight Time)"[...]
Deleted : user_pref("CT2786678.EMailNotifierSound", "NONE");
Deleted : user_pref("CT2786678.FeedLastCount5690698542593514850", 550);
Deleted : user_pref("CT2786678.FeedPollDate129301619375443753", "Sun May 15 2011 10:06:03 GMT+0100 (GMT Daylig[...]
Deleted : user_pref("CT2786678.FeedPollDate129301619375443759", "Sun May 15 2011 10:06:03 GMT+0100 (GMT Daylig[...]
Deleted : user_pref("CT2786678.FeedPollDate129301619375444699", "Sun May 15 2011 10:06:00 GMT+0100 (GMT Daylig[...]
Deleted : user_pref("CT2786678.FeedPollDate129301619375444705", "Sun May 15 2011 10:06:00 GMT+0100 (GMT Daylig[...]
Deleted : user_pref("CT2786678.FeedPollDate129301619375444711", "Sun May 15 2011 10:06:00 GMT+0100 (GMT Daylig[...]
Deleted : user_pref("CT2786678.FeedPollDate129301619375444717", "Sun May 15 2011 10:06:02 GMT+0100 (GMT Daylig[...]
Deleted : user_pref("CT2786678.FeedPollDate129301619375444723", "Sun May 15 2011 10:06:02 GMT+0100 (GMT Daylig[...]
Deleted : user_pref("CT2786678.FeedPollDate129301619375444729", "Sun May 15 2011 10:06:03 GMT+0100 (GMT Daylig[...]
Deleted : user_pref("CT2786678.FeedPollDate129301619375444735", "Sun May 15 2011 10:06:03 GMT+0100 (GMT Daylig[...]
Deleted : user_pref("CT2786678.FeedPollDate129301619375444741", "Sun May 15 2011 10:06:03 GMT+0100 (GMT Daylig[...]
Deleted : user_pref("CT2786678.FeedPollDate129301619375444747", "Sun May 15 2011 10:06:03 GMT+0100 (GMT Daylig[...]
Deleted : user_pref("CT2786678.FeedPollDate2429156812186649977", "Sat Jun 25 2011 10:40:22 GMT+0100 (GMT Dayli[...]
Deleted : user_pref("CT2786678.FeedPollDate2429156813040823546", "Sat Jun 25 2011 10:40:22 GMT+0100 (GMT Dayli[...]
Deleted : user_pref("CT2786678.FeedPollDate2429156813130095866", "Sat Jun 25 2011 10:40:21 GMT+0100 (GMT Dayli[...]
Deleted : user_pref("CT2786678.FeedPollDate2429156813224203613", "Sat Jun 25 2011 10:40:21 GMT+0100 (GMT Dayli[...]
Deleted : user_pref("CT2786678.FeedPollDate2429156813230837251", "Sat Jun 25 2011 10:40:22 GMT+0100 (GMT Dayli[...]
Deleted : user_pref("CT2786678.FeedPollDate2429156813454291735", "Sat Jun 25 2011 10:40:22 GMT+0100 (GMT Dayli[...]
Deleted : user_pref("CT2786678.FeedPollDate2429156813729834876", "Sat Jun 25 2011 10:40:21 GMT+0100 (GMT Dayli[...]
Deleted : user_pref("CT2786678.FeedPollDate2429156813860870021", "Sat Jun 25 2011 10:40:22 GMT+0100 (GMT Dayli[...]
Deleted : user_pref("CT2786678.FeedPollDate2429156814264681793", "Sat Jun 25 2011 10:40:22 GMT+0100 (GMT Dayli[...]
Deleted : user_pref("CT2786678.FeedPollDate2429156814863075366", "Sat Jun 25 2011 10:40:22 GMT+0100 (GMT Dayli[...]
Deleted : user_pref("CT2786678.FeedPollDate2429156815257761081", "Sat Jun 25 2011 10:40:22 GMT+0100 (GMT Dayli[...]
Deleted : user_pref("CT2786678.FeedTTL129301619375444699", 10);
Deleted : user_pref("CT2786678.FeedTTL129301619375444723", 15);
Deleted : user_pref("CT2786678.FeedTTL129301619375444735", 5);
Deleted : user_pref("CT2786678.FeedTTL129301619375444747", 5);
Deleted : user_pref("CT2786678.FeedTTL2429156813040823546", 15);
Deleted : user_pref("CT2786678.FeedTTL2429156813130095866", 10);
Deleted : user_pref("CT2786678.FeedTTL2429156813454291735", 5);
Deleted : user_pref("CT2786678.FeedTTL2429156814264681793", 5);
Deleted : user_pref("CT2786678.FirstServerDate", "13-1-2011");
Deleted : user_pref("CT2786678.FirstTime", true);
Deleted : user_pref("CT2786678.FirstTimeFF3", true);
Deleted : user_pref("CT2786678.FixPageNotFoundErrors", false);
Deleted : user_pref("CT2786678.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT2786678.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT2786678.HasUserGlobalKeys", true);
Deleted : user_pref("CT2786678.Initialize", true);
Deleted : user_pref("CT2786678.InitializeCommonPrefs", true);
Deleted : user_pref("CT2786678.InstallationAndCookieDataSentCount", 3);
Deleted : user_pref("CT2786678.InstallationType", "UnknownIntegration");
Deleted : user_pref("CT2786678.InstalledDate", "Thu Jan 13 2011 11:02:38 GMT+0000 (GMT Standard Time)");
Deleted : user_pref("CT2786678.IsGrouping", false);
Deleted : user_pref("CT2786678.IsMulticommunity", false);
Deleted : user_pref("CT2786678.IsOpenThankYouPage", true);
Deleted : user_pref("CT2786678.IsOpenUninstallPage", false);
Deleted : user_pref("CT2786678.LanguagePackLastCheckTime", "Fri Jun 24 2011 18:56:32 GMT+0100 (GMT Daylight Ti[...]
Deleted : user_pref("CT2786678.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT2786678.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT2786678.LastLogin_3.2.5.2", "Tue May 24 2011 18:56:52 GMT+0100 (GMT Daylight Time)");
Deleted : user_pref("CT2786678.LastLogin_3.3.3.2", "Sat Jun 25 2011 10:40:20 GMT+0100 (GMT Daylight Time)");
Deleted : user_pref("CT2786678.LatestVersion", "3.3.3.2");
Deleted : user_pref("CT2786678.Locale", "en");
Deleted : user_pref("CT2786678.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT2786678.MCDetectTooltipShow", false);
Deleted : user_pref("CT2786678.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT2786678.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT2786678.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT2786678.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT278[...]
Deleted : user_pref("CT2786678.SearchInNewTabEnabled", true);
Deleted : user_pref("CT2786678.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT2786678.SearchInNewTabLastCheckTime", "Fri Jun 24 2011 18:56:32 GMT+0100 (GMT Daylight [...]
Deleted : user_pref("CT2786678.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT2786678.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Deleted : user_pref("CT2786678.ServiceMapLastCheckTime", "Fri Jun 24 2011 18:56:32 GMT+0100 (GMT Daylight Time[...]
Deleted : user_pref("CT2786678.SettingsLastCheckTime", "Sat Jun 25 2011 10:40:19 GMT+0100 (GMT Daylight Time)"[...]
Deleted : user_pref("CT2786678.SettingsLastUpdate", "1308223219");
Deleted : user_pref("CT2786678.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT2786678.ThirdPartyComponentsLastCheck", "Sun Jun 12 2011 19:28:30 GMT+0100 (GMT Dayligh[...]
Deleted : user_pref("CT2786678.ThirdPartyComponentsLastUpdate", "1246790578");
Deleted : user_pref("CT2786678.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2786678");
Deleted : user_pref("CT2786678.UserID", "UN87872063400250568");
Deleted : user_pref("CT2786678.ValidationData_Search", 0);
Deleted : user_pref("CT2786678.ValidationData_Toolbar", 2);
Deleted : user_pref("CT2786678.WeatherNetwork", "");
Deleted : user_pref("CT2786678.WeatherPollDate", "Sat Jun 25 2011 10:40:22 GMT+0100 (GMT Daylight Time)");
Deleted : user_pref("CT2786678.WeatherUnit", "C");
Deleted : user_pref("CT2786678.alertChannelId", "1178763");
Deleted : user_pref("CT2786678.backendstorage.pairingkey", "37423836363233463230454546423632314230444331314243[...]
Deleted : user_pref("CT2786678.backendstorage.scriptsource", "687474703A2F2F3132372E302E302E313A31303030302F67[...]
Deleted : user_pref("CT2786678.backendstorage.url_history", "6A6176617363726970743A5375626D6974446174612827416[...]
Deleted : user_pref("CT2786678.backendstorage.url_history_time", "31333038393936333336333430");
Deleted : user_pref("CT2786678.backendstorage.uttorrents", "7B226275696C64223A32333730332C226C6162656C223A5B5D[...]
Deleted : user_pref("CT2786678.components.1000080", true);
Deleted : user_pref("CT2786678.generalConfigFromLogin", "{\"SocialDomains\":\"social.conduit.com;apps.conduit.[...]
Deleted : user_pref("CT2786678.globalFirstTimeInfoLastCheckTime", "Sat Jun 25 2011 10:40:21 GMT+0100 (GMT Dayl[...]
Deleted : user_pref("CT2786678.isAppTrackingManagerOn", true);
Deleted : user_pref("CT2786678.myStuffEnabled", true);
Deleted : user_pref("CT2786678.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT2786678.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT2786678.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT2786678.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT2786678.oldAppsList", "129295695672325902,129295695672325903,1000234,129295698017012804[...]
Deleted : user_pref("CT2786678.testingCtid", "");
Deleted : user_pref("CT2786678.toolbarAppMetaDataLastCheckTime", "Fri Jun 24 2011 18:56:32 GMT+0100 (GMT Dayli[...]
Deleted : user_pref("CT2786678.toolbarContextMenuLastCheckTime", "Thu Jan 13 2011 11:02:38 GMT+0000 (GMT Stand[...]
Deleted : user_pref("CT2786678.usagesFlag", 2);
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1178763/1174448/UK", "\"0\"[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/UK", "\"0\"")[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2786678", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.3.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2786678",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/toolbar/", "\"63441682370827[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=1/11/20[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=3/13/20[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2786678/CT2786678[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=EB_LOCALE",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"634[...]
Deleted : user_pref("CommunityToolbar.EngineOwner", "CT2786678");
Deleted : user_pref("CommunityToolbar.EngineOwnerGuid", "{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}");
Deleted : user_pref("CommunityToolbar.EngineOwnerToolbarId", "utorrentbar");
Deleted : user_pref("CommunityToolbar.IsEngineShown", true);
Deleted : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Deleted : user_pref("CommunityToolbar.OriginalEngineOwner", "CT2786678");
Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}");
Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "utorrentbar");
Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr[...]
Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT2786678,ConduitEngine");
Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2786678,ConduitEngine");
Deleted : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Thu May 26 2011 10:30:42 GMT+01[...]
Deleted : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Deleted : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Tue Jun 28 2011 18:56:54 GMT+0100 (GMT D[...]
Deleted : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.alert.locale", "en");
Deleted : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Deleted : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Fri Jul 01 2011 11:01:30 GMT+0100 (GMT Dayli[...]
Deleted : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559");
Deleted : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.alert.userId", "aaa39da6-2693-4ba0-88a2-c4a694090dc7");
Deleted : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Fri Jun 24 2011 18:56:32 GMT+0100 (GMT[...]
Deleted : user_pref("CommunityToolbar.globalUserId", "27b50f7e-050e-40e7-935c-188f59d8f337");
Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Deleted : user_pref("ConduitEngine.AppTrackingLastCheckTime", "Tue Jun 14 2011 19:20:48 GMT+0100 (GMT Daylight[...]
Deleted : user_pref("ConduitEngine.CTID", "ConduitEngine");
Deleted : user_pref("ConduitEngine.DialogsGetterLastCheckTime", "Tue Jun 28 2011 18:56:45 GMT+0100 (GMT Daylig[...]
Deleted : user_pref("ConduitEngine.FirstServerDate", "01/13/2011 14");
Deleted : user_pref("ConduitEngine.FirstTime", true);
Deleted : user_pref("ConduitEngine.FirstTimeFF3", true);
Deleted : user_pref("ConduitEngine.FixPageNotFoundErrors", false);
Deleted : user_pref("ConduitEngine.HasUserGlobalKeys", true);
Deleted : user_pref("ConduitEngine.HideEngineAfterRestart", true);
Deleted : user_pref("ConduitEngine.Initialize", true);
Deleted : user_pref("ConduitEngine.InitializeCommonPrefs", true);
Deleted : user_pref("ConduitEngine.InstallationType", "UnknownIntegration");
Deleted : user_pref("ConduitEngine.InstalledDate", "Thu Jan 13 2011 11:02:38 GMT+0000 (GMT Standard Time)");
Deleted : user_pref("ConduitEngine.IsMulticommunity", false);
Deleted : user_pref("ConduitEngine.IsOpenThankYouPage", false);
Deleted : user_pref("ConduitEngine.IsOpenUninstallPage", false);
Deleted : user_pref("ConduitEngine.LanguagePackLastCheckTime", "Fri Jul 01 2011 11:01:30 GMT+0100 (GMT Dayligh[...]
Deleted : user_pref("ConduitEngine.LastLogin_3.2.5.2", "Tue May 24 2011 18:56:53 GMT+0100 (GMT Daylight Time)"[...]
Deleted : user_pref("ConduitEngine.LastLogin_3.3.3.2", "Fri Jul 01 2011 11:01:31 GMT+0100 (GMT Daylight Time)"[...]
Deleted : user_pref("ConduitEngine.PublisherContainerWidth", 0);
Deleted : user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
Deleted : user_pref("ConduitEngine.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=C[...]
Deleted : user_pref("ConduitEngine.SettingsLastCheckTime", "Fri Jul 01 2011 11:01:30 GMT+0100 (GMT Daylight Ti[...]
Deleted : user_pref("ConduitEngine.UserID", "UN86050298300957167");
Deleted : user_pref("ConduitEngine.engineLocale", "en-GB");
Deleted : user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Fri Jul 01 2011 11:01:30 GMT+0100 (GMT D[...]
Deleted : user_pref("ConduitEngine.globalFirstTimeInfoLastCheckTime", "Fri Jul 01 2011 11:01:31 GMT+0100 (GMT [...]
Deleted : user_pref("ConduitEngine.initDone", true);
Deleted : user_pref("ConduitEngine.isAppTrackingManagerOn", true);
Deleted : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
Deleted : user_pref("browser.search.order.1", "Search the web (Babylon)");
Deleted : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
Deleted : user_pref("extensions.BabylonToolbar_i.babExt", "");
Deleted : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=113480&tt=060612_7_");
Deleted : user_pref("extensions.BabylonToolbar_i.hardId", "ee0ff61500000000000000e04dba5c86");
Deleted : user_pref("extensions.BabylonToolbar_i.id", "ee0ff61500000000000000e04dba5c86");
Deleted : user_pref("extensions.BabylonToolbar_i.instlDay", "15515");
Deleted : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
Deleted : user_pref("extensions.BabylonToolbar_i.newTab", true);
Deleted : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://search.babylon.com/?affID=113480&tt=06061[...]
Deleted : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
Deleted : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
Deleted : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Deleted : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Deleted : user_pref("extensions.BabylonToolbar_i.tlbrId", "tb9");
Deleted : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
Deleted : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1721:14:23");
Deleted : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
Deleted : user_pref("extensions.engine@conduit.com.install-event-fired", true);

*************************

AdwCleaner[S1].txt - [32203 octets] - [06/08/2012 16:04:26]

########## EOF - C:\AdwCleaner[S1].txt - [32332 octets] ##########

Cheers i hope thats all done, and finally got rid of that bleep Babylon thing in ie cheers if there is anything else u think i need to do just let me know, thx again

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:07 PM

Posted 06 August 2012 - 10:26 AM

Please update malwarebytes and scan,post the clean log alone


Open your C drive

On top,click on Organize-folder and search options

Click on View tab and scroll down

Check mark Show hidden files
Uncheck Hide operating system files


Click ok,now go to

C:\Users\Carl\AppData\Local\{df578d48-0eda-bc93-2cb7-08cc90813f88}
C:\Windows\Installer\{df578d48-0eda-bc93-2cb7-08cc90813f88}

delete the folders

Download

BITS

Launch it,click YES

Restart the PC,post the new FSS log

#14 Logix69

Logix69
  • Topic Starter

  • Members
  • 104 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Kent
  • Local time:05:07 PM

Posted 06 August 2012 - 10:49 AM

just doing the scan so be a 1hr or so as got so many files on computer could i ask what the bits registry software is???

#15 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:07 PM

Posted 06 August 2012 - 10:52 AM

BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to retrieve start type of BITS. The value does not exist.
The ImagePath of BITS service is OK.
The ServiceDll of BITS service is OK.


Thats part of your windows services .You can read it here

http://en.wikipedia.org/wiki/Background_Intelligent_Transfer_Service




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users