Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Redirecting web searches/Mozilla not opening


  • Please log in to reply
16 replies to this topic

#1 haser77

haser77

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:02:13 AM

Posted 13 August 2012 - 09:57 PM

Whenever I go to google on internet explorer or mozilla fox, in order to find out information on a person ,topic, etc, The browser redirects itself to a different website to something called "forex.com".Also,Mozilla firefox does not pop up when I click on it.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:13 AM

Posted 13 August 2012 - 10:03 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 haser77

haser77
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:02:13 AM

Posted 17 August 2012 - 01:06 PM

TDS Killer Results

13:57:18.0699 8780 TDSS rootkit removing tool 2.8.6.0 Aug 13 2012 17:24:05
13:57:18.0944 8780 ============================================================
13:57:18.0945 8780 Current date / time: 2012/08/17 13:57:18.0944
13:57:18.0945 8780 SystemInfo:
13:57:18.0945 8780
13:57:18.0945 8780 OS Version: 6.1.7601 ServicePack: 1.0
13:57:18.0945 8780 Product type: Workstation
13:57:18.0945 8780 ComputerName: JADESANYA-HP
13:57:18.0945 8780 UserName: jadesanya
13:57:18.0945 8780 Windows directory: C:\Windows
13:57:18.0945 8780 System windows directory: C:\Windows
13:57:18.0945 8780 Running under WOW64
13:57:18.0945 8780 Processor architecture: Intel x64
13:57:18.0945 8780 Number of processors: 4
13:57:18.0945 8780 Page size: 0x1000
13:57:18.0945 8780 Boot type: Normal boot
13:57:18.0945 8780 ============================================================
13:57:19.0553 8780 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:57:19.0565 8780 ============================================================
13:57:19.0565 8780 \Device\Harddisk0\DR0:
13:57:19.0565 8780 MBR partitions:
13:57:19.0565 8780 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
13:57:19.0565 8780 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x3858A800
13:57:19.0565 8780 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x385EE800, BlocksNum 0x1D63800
13:57:19.0565 8780 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x3A352000, BlocksNum 0x33830
13:57:19.0565 8780 ============================================================
13:57:19.0591 8780 C: <-> \Device\Harddisk0\DR0\Partition2
13:57:19.0651 8780 D: <-> \Device\Harddisk0\DR0\Partition3
13:57:19.0660 8780 F: <-> \Device\Harddisk0\DR0\Partition4
13:57:19.0660 8780 ============================================================
13:57:19.0660 8780 Initialize success
13:57:19.0660 8780 ============================================================
13:58:33.0696 4444 ============================================================
13:58:33.0696 4444 Scan started
13:58:33.0696 4444 Mode: Manual;
13:58:33.0696 4444 ============================================================
13:58:33.0973 4444 ================ Scan services =============================
13:58:34.0237 4444 [ a87d604aea360176311474c87a63bb88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
13:58:34.0243 4444 1394ohci - ok
13:58:34.0278 4444 [ d81d9e70b8a6dd14d42d7b4efa65d5f2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
13:58:34.0283 4444 ACPI - ok
13:58:34.0298 4444 [ 99f8e788246d495ce3794d7e7821d2ca ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
13:58:34.0300 4444 AcpiPmi - ok
13:58:34.0442 4444 [ 11a52cf7b265631deeb24c6149309eff ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:58:34.0444 4444 AdobeARMservice - ok
13:58:34.0526 4444 [ 2f6b34b83843f0c5118b63ac634f5bf4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
13:58:34.0537 4444 adp94xx - ok
13:58:34.0589 4444 [ 597f78224ee9224ea1a13d6350ced962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
13:58:34.0595 4444 adpahci - ok
13:58:34.0625 4444 [ e109549c90f62fb570b9540c4b148e54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
13:58:34.0630 4444 adpu320 - ok
13:58:34.0687 4444 [ 4b78b431f225fd8624c5655cb1de7b61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
13:58:34.0688 4444 AeLookupSvc - ok
13:58:34.0740 4444 [ 1c7857b62de5994a75b054a9fd4c3825 ] AFD C:\Windows\system32\drivers\afd.sys
13:58:34.0746 4444 AFD - ok
13:58:34.0819 4444 [ 608c14dba7299d8cb6ed035a68a15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
13:58:34.0822 4444 agp440 - ok
13:58:34.0840 4444 [ 3290d6946b5e30e70414990574883ddb ] ALG C:\Windows\System32\alg.exe
13:58:34.0842 4444 ALG - ok
13:58:34.0888 4444 [ 5812713a477a3ad7363c7438ca2ee038 ] aliide C:\Windows\system32\drivers\aliide.sys
13:58:34.0890 4444 aliide - ok
13:58:34.0956 4444 [ 1ff8b4431c353ce385c875f194924c0c ] amdide C:\Windows\system32\drivers\amdide.sys
13:58:34.0958 4444 amdide - ok
13:58:34.0983 4444 [ 7024f087cff1833a806193ef9d22cda9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
13:58:34.0986 4444 AmdK8 - ok
13:58:35.0011 4444 [ 1e56388b3fe0d031c44144eb8c4d6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
13:58:35.0013 4444 AmdPPM - ok
13:58:35.0046 4444 [ d4121ae6d0c0e7e13aa221aa57ef2d49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
13:58:35.0050 4444 amdsata - ok
13:58:35.0105 4444 [ f67f933e79241ed32ff46a4f29b5120b ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
13:58:35.0109 4444 amdsbs - ok
13:58:35.0192 4444 [ 540daf1cea6094886d72126fd7c33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
13:58:35.0194 4444 amdxata - ok
13:58:35.0263 4444 [ 89a69c3f2f319b43379399547526d952 ] AppID C:\Windows\system32\drivers\appid.sys
13:58:35.0265 4444 AppID - ok
13:58:35.0394 4444 [ 0bc381a15355a3982216f7172f545de1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
13:58:35.0396 4444 AppIDSvc - ok
13:58:35.0452 4444 [ 3977d4a871ca0d4f2ed1e7db46829731 ] Appinfo C:\Windows\System32\appinfo.dll
13:58:35.0453 4444 Appinfo - ok
13:58:35.0544 4444 [ 3debbecf665dcdde3a95d9b902010817 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:58:35.0546 4444 Apple Mobile Device - ok
13:58:35.0603 4444 [ c484f8ceb1717c540242531db7845c4e ] arc C:\Windows\system32\drivers\arc.sys
13:58:35.0605 4444 arc - ok
13:58:35.0622 4444 [ 019af6924aefe7839f61c830227fe79c ] arcsas C:\Windows\system32\drivers\arcsas.sys
13:58:35.0625 4444 arcsas - ok
13:58:35.0737 4444 [ 769765ce2cc62867468cea93969b2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
13:58:35.0739 4444 AsyncMac - ok
13:58:35.0754 4444 [ 02062c0b390b7729edc9e69c680a6f3c ] atapi C:\Windows\system32\drivers\atapi.sys
13:58:35.0756 4444 atapi - ok
13:58:35.0799 4444 [ f23fef6d569fce88671949894a8becf1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:58:35.0810 4444 AudioEndpointBuilder - ok
13:58:35.0825 4444 [ f23fef6d569fce88671949894a8becf1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
13:58:35.0832 4444 AudioSrv - ok
13:58:35.0883 4444 [ a6bf31a71b409dfa8cac83159e1e2aff ] AxInstSV C:\Windows\System32\AxInstSV.dll
13:58:35.0887 4444 AxInstSV - ok
13:58:35.0933 4444 [ 3e5b191307609f7514148c6832bb0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
13:58:35.0941 4444 b06bdrv - ok
13:58:35.0976 4444 [ b5ace6968304a3900eeb1ebfd9622df2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
13:58:35.0981 4444 b57nd60a - ok
13:58:36.0045 4444 [ 93ee7d9c35ae7e9ffda148d7805f1421 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
13:58:36.0050 4444 BBSvc - ok
13:58:36.0137 4444 [ 9e84a931dbee0292e38ed672f6293a99 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
13:58:36.0150 4444 BCM43XX - ok
13:58:36.0182 4444 [ fde360167101b4e45a96f939f388aeb0 ] BDESVC C:\Windows\System32\bdesvc.dll
13:58:36.0184 4444 BDESVC - ok
13:58:36.0244 4444 [ 16a47ce2decc9b099349a5f840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
13:58:36.0245 4444 Beep - ok
13:58:36.0303 4444 [ 82974d6a2fd19445cc5171fc378668a4 ] BFE C:\Windows\System32\bfe.dll
13:58:36.0311 4444 BFE - ok
13:58:36.0592 4444 [ e99f59342171101ee2446d0cd1a60a8d ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.6.1.8\Definitions\BASHDefs\20120811.003\BHDrvx64.sys
13:58:36.0615 4444 BHDrvx64 - ok
13:58:36.0697 4444 [ 1ea7969e3271cbc59e1730697dc74682 ] BITS C:\Windows\system32\qmgr.dll
13:58:36.0713 4444 BITS - ok
13:58:36.0754 4444 [ 61583ee3c3a17003c4acd0475646b4d3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
13:58:36.0756 4444 blbdrive - ok
13:58:36.0855 4444 [ ebbcd5dfbb1de70e8f4af8fa59e401fd ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
13:58:36.0862 4444 Bonjour Service - ok
13:58:36.0956 4444 [ 6c02a83164f5cc0a262f4199f0871cf5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
13:58:36.0959 4444 bowser - ok
13:58:36.0986 4444 [ f09eee9edc320b5e1501f749fde686c8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
13:58:36.0987 4444 BrFiltLo - ok
13:58:37.0003 4444 [ b114d3098e9bdb8bea8b053685831be6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
13:58:37.0004 4444 BrFiltUp - ok
13:58:37.0039 4444 [ 05f5a0d14a2ee1d8255c2aa0e9e8e694 ] Browser C:\Windows\System32\browser.dll
13:58:37.0042 4444 Browser - ok
13:58:37.0083 4444 [ 43bea8d483bf1870f018e2d02e06a5bd ] Brserid C:\Windows\System32\Drivers\Brserid.sys
13:58:37.0088 4444 Brserid - ok
13:58:37.0112 4444 [ a6eca2151b08a09caceca35c07f05b42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
13:58:37.0114 4444 BrSerWdm - ok
13:58:37.0233 4444 [ b79968002c277e869cf38bd22cd61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
13:58:37.0236 4444 BrUsbMdm - ok
13:58:37.0256 4444 [ a87528880231c54e75ea7a44943b38bf ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
13:58:37.0258 4444 BrUsbSer - ok
13:58:37.0284 4444 [ 9da669f11d1f894ab4eb69bf546a42e8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
13:58:37.0287 4444 BTHMODEM - ok
13:58:37.0321 4444 [ 95f9c2976059462cbbf227f7aab10de9 ] bthserv C:\Windows\system32\bthserv.dll
13:58:37.0323 4444 bthserv - ok
13:58:37.0339 4444 catchme - ok
13:58:37.0443 4444 [ 2c6ffcca37b002aab3c7c31a6d780a76 ] ccSet_NAV C:\Windows\system32\drivers\NAVx64\1308000.00E\ccSetx64.sys
13:58:37.0448 4444 ccSet_NAV - ok
13:58:37.0489 4444 [ b8bd2bb284668c84865658c77574381a ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
13:58:37.0492 4444 cdfs - ok
13:58:37.0561 4444 [ f036ce71586e93d94dab220d7bdf4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
13:58:37.0565 4444 cdrom - ok
13:58:37.0624 4444 [ f17d1d393bbc69c5322fbfafaca28c7f ] CertPropSvc C:\Windows\System32\certprop.dll
13:58:37.0626 4444 CertPropSvc - ok
13:58:37.0745 4444 [ d7cd5c4e1b71fa62050515314cfb52cf ] circlass C:\Windows\system32\drivers\circlass.sys
13:58:37.0748 4444 circlass - ok
13:58:37.0792 4444 [ fe1ec06f2253f691fe36217c592a0206 ] CLFS C:\Windows\system32\CLFS.sys
13:58:37.0800 4444 CLFS - ok
13:58:37.0874 4444 [ d88040f816fda31c3b466f0fa0918f29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:58:37.0890 4444 clr_optimization_v2.0.50727_32 - ok
13:58:37.0966 4444 [ d1ceea2b47cb998321c579651ce3e4f8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:58:37.0969 4444 clr_optimization_v2.0.50727_64 - ok
13:58:38.0096 4444 [ c5a75eb48e2344abdc162bda79e16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:58:38.0101 4444 clr_optimization_v4.0.30319_32 - ok
13:58:38.0136 4444 [ c6f9af94dcd58122a4d7e89db6bed29d ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:58:38.0140 4444 clr_optimization_v4.0.30319_64 - ok
13:58:38.0207 4444 [ 50f92c943f18b070f166d019dfab3d9a ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys
13:58:38.0209 4444 clwvd - ok
13:58:38.0254 4444 [ 0840155d0bddf1190f84a663c284bd33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
13:58:38.0256 4444 CmBatt - ok
13:58:38.0324 4444 [ e19d3f095812725d88f9001985b94edd ] cmdide C:\Windows\system32\drivers\cmdide.sys
13:58:38.0327 4444 cmdide - ok
13:58:38.0384 4444 [ 9ac4f97c2d3e93367e2148ea940cd2cd ] CNG C:\Windows\system32\Drivers\cng.sys
13:58:38.0390 4444 CNG - ok
13:58:38.0461 4444 [ 102de219c3f61415f964c88e9085ad14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
13:58:38.0462 4444 Compbatt - ok
13:58:38.0555 4444 [ 03edb043586cceba243d689bdda370a8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
13:58:38.0557 4444 CompositeBus - ok
13:58:38.0596 4444 COMSysApp - ok
13:58:38.0697 4444 [ 1c827878a998c18847245fe1f34ee597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
13:58:38.0699 4444 crcdisk - ok
13:58:38.0787 4444 [ 4f5414602e2544a4554d95517948b705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
13:58:38.0790 4444 CryptSvc - ok
13:58:38.0828 4444 [ 5c627d1b1138676c0a7ab2c2c190d123 ] DcomLaunch C:\Windows\system32\rpcss.dll
13:58:38.0840 4444 DcomLaunch - ok
13:58:38.0889 4444 [ 3cec7631a84943677aa8fa8ee5b6b43d ] defragsvc C:\Windows\System32\defragsvc.dll
13:58:38.0895 4444 defragsvc - ok
13:58:38.0934 4444 [ 9bb2ef44eaa163b29c4a4587887a0fe4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
13:58:38.0937 4444 DfsC - ok
13:58:38.0966 4444 [ 43d808f5d9e1a18e5eeb5ebc83969e4e ] Dhcp C:\Windows\system32\dhcpcore.dll
13:58:38.0971 4444 Dhcp - ok
13:58:39.0015 4444 [ 13096b05847ec78f0977f2c0f79e9ab3 ] discache C:\Windows\system32\drivers\discache.sys
13:58:39.0016 4444 discache - ok
13:58:39.0057 4444 [ 9819eee8b5ea3784ec4af3b137a5244c ] Disk C:\Windows\system32\drivers\disk.sys
13:58:39.0059 4444 Disk - ok
13:58:39.0087 4444 [ 16835866aaa693c7d7fceba8fff706e4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
13:58:39.0091 4444 Dnscache - ok
13:58:39.0117 4444 [ b1fb3ddca0fdf408750d5843591afbc6 ] dot3svc C:\Windows\System32\dot3svc.dll
13:58:39.0122 4444 dot3svc - ok
13:58:39.0148 4444 [ b26f4f737e8f9df4f31af6cf31d05820 ] DPS C:\Windows\system32\dps.dll
13:58:39.0151 4444 DPS - ok
13:58:39.0177 4444 [ 9b19f34400d24df84c858a421c205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
13:58:39.0178 4444 drmkaud - ok
13:58:39.0217 4444 [ f5bee30450e18e6b83a5012c100616fd ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
13:58:39.0232 4444 DXGKrnl - ok
13:58:39.0305 4444 [ e2dda8726da9cb5b2c4000c9018a9633 ] EapHost C:\Windows\System32\eapsvc.dll
13:58:39.0309 4444 EapHost - ok
13:58:39.0397 4444 [ dc5d737f51be844d8c82c695eb17372f ] ebdrv C:\Windows\system32\drivers\evbda.sys
13:58:39.0451 4444 ebdrv - ok
13:58:39.0528 4444 [ 4353ff94d47a0a9d52b89eccf0cdb013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
13:58:39.0535 4444 eeCtrl - ok
13:58:39.0559 4444 [ c118a82cd78818c29ab228366ebf81c3 ] EFS C:\Windows\System32\lsass.exe
13:58:39.0562 4444 EFS - ok
13:58:39.0680 4444 [ c4002b6b41975f057d98c439030cea07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
13:58:39.0691 4444 ehRecvr - ok
13:58:39.0711 4444 [ 4705e8ef9934482c5bb488ce28afc681 ] ehSched C:\Windows\ehome\ehsched.exe
13:58:39.0713 4444 ehSched - ok
13:58:39.0747 4444 [ 0e5da5369a0fcaea12456dd852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
13:58:39.0754 4444 elxstor - ok
13:58:39.0815 4444 [ c5bccb378d0a896304a3e71be7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
13:58:39.0818 4444 EraserUtilRebootDrv - ok
13:58:39.0885 4444 [ 34a3c54752046e79a126e15c51db409b ] ErrDev C:\Windows\system32\drivers\errdev.sys
13:58:39.0887 4444 ErrDev - ok
13:58:39.0945 4444 [ 4166f82be4d24938977dd1746be9b8a0 ] EventSystem C:\Windows\system32\es.dll
13:58:39.0951 4444 EventSystem - ok
13:58:39.0970 4444 [ a510c654ec00c1e9bdd91eeb3a59823b ] exfat C:\Windows\system32\drivers\exfat.sys
13:58:39.0973 4444 exfat - ok
13:58:39.0996 4444 ezSharedSvc - ok
13:58:40.0057 4444 [ 0adc83218b66a6db380c330836f3e36d ] fastfat C:\Windows\system32\drivers\fastfat.sys
13:58:40.0062 4444 fastfat - ok
13:58:40.0105 4444 [ dbefd454f8318a0ef691fdd2eaab44eb ] Fax C:\Windows\system32\fxssvc.exe
13:58:40.0117 4444 Fax - ok
13:58:40.0136 4444 [ d765d19cd8ef61f650c384f62fac00ab ] fdc C:\Windows\system32\drivers\fdc.sys
13:58:40.0138 4444 fdc - ok
13:58:40.0199 4444 [ 0438cab2e03f4fb61455a7956026fe86 ] fdPHost C:\Windows\system32\fdPHost.dll
13:58:40.0201 4444 fdPHost - ok
13:58:40.0217 4444 [ 802496cb59a30349f9a6dd22d6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
13:58:40.0219 4444 FDResPub - ok
13:58:40.0243 4444 [ 655661be46b5f5f3fd454e2c3095b930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
13:58:40.0245 4444 FileInfo - ok
13:58:40.0280 4444 [ 5f671ab5bc87eea04ec38a6cd5962a47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
13:58:40.0281 4444 Filetrace - ok
13:58:40.0309 4444 [ c172a0f53008eaeb8ea33fe10e177af5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
13:58:40.0311 4444 flpydisk - ok
13:58:40.0344 4444 [ da6b67270fd9db3697b20fce94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
13:58:40.0348 4444 FltMgr - ok
13:58:40.0397 4444 [ 5c4cb4086fb83115b153e47add961a0c ] FontCache C:\Windows\system32\FntCache.dll
13:58:40.0412 4444 FontCache - ok
13:58:40.0455 4444 [ a8b7f3818ab65695e3a0bb3279f6dce6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:58:40.0456 4444 FontCache3.0.0.0 - ok
13:58:40.0473 4444 [ d43703496149971890703b4b1b723eac ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
13:58:40.0475 4444 FsDepends - ok
13:58:40.0588 4444 [ 6bd9295cc032dd3077c671fccf579a7b ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
13:58:40.0590 4444 Fs_Rec - ok
13:58:40.0636 4444 [ 1f7b25b858fa27015169fe95e54108ed ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
13:58:40.0639 4444 fvevol - ok
13:58:40.0667 4444 [ 8c778d335c9d272cfd3298ab02abe3b6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
13:58:40.0670 4444 gagp30kx - ok
13:58:40.0712 4444 [ c403c5db49a0f9aaf4f2128edc0106d8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
13:58:40.0717 4444 GamesAppService - ok
13:58:40.0749 4444 [ e403aacf8c7bb11375122d2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:58:40.0751 4444 GEARAspiWDM - ok
13:58:40.0807 4444 [ 277bbc7e1aa1ee957f573a10eca7ef3a ] gpsvc C:\Windows\System32\gpsvc.dll
13:58:40.0818 4444 gpsvc - ok
13:58:40.0950 4444 [ 506708142bc63daba64f2d3ad1dcd5bf ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:58:40.0953 4444 gupdate - ok
13:58:40.0970 4444 [ 506708142bc63daba64f2d3ad1dcd5bf ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:58:40.0971 4444 gupdatem - ok
13:58:41.0031 4444 [ f2523ef6460fc42405b12248338ab2f0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
13:58:41.0033 4444 hcw85cir - ok
13:58:41.0125 4444 [ 975761c778e33cd22498059b91e7373a ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:58:41.0131 4444 HdAudAddService - ok
13:58:41.0153 4444 [ 97bfed39b6b79eb12cddbfeed51f56bb ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
13:58:41.0155 4444 HDAudBus - ok
13:58:41.0248 4444 [ b6ac71aaa2b10848f57fc49d55a651af ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
13:58:41.0249 4444 HECIx64 - ok
13:58:41.0269 4444 [ 78e86380454a7b10a5eb255dc44a355f ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
13:58:41.0271 4444 HidBatt - ok
13:58:41.0286 4444 [ 7fd2a313f7afe5c4dab14798c48dd104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
13:58:41.0289 4444 HidBth - ok
13:58:41.0301 4444 [ 0a77d29f311b88cfae3b13f9c1a73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
13:58:41.0303 4444 HidIr - ok
13:58:41.0328 4444 [ bd9eb3958f213f96b97b1d897dee006d ] hidserv C:\Windows\System32\hidserv.dll
13:58:41.0329 4444 hidserv - ok
13:58:41.0422 4444 [ 9592090a7e2b61cd582b612b6df70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
13:58:41.0424 4444 HidUsb - ok
13:58:41.0459 4444 [ 387e72e739e15e3d37907a86d9ff98e2 ] hkmsvc C:\Windows\system32\kmsvc.dll
13:58:41.0462 4444 hkmsvc - ok
13:58:41.0476 4444 [ efdfb3dd38a4376f93e7985173813abd ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:58:41.0482 4444 HomeGroupListener - ok
13:58:41.0565 4444 [ 908acb1f594274965a53926b10c81e89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:58:41.0570 4444 HomeGroupProvider - ok
13:58:41.0712 4444 [ 13bb1114451c63bfb41ba7daa4d70a29 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
13:58:41.0714 4444 HP Support Assistant Service - ok
13:58:41.0763 4444 [ 7b8c1b09c11e8db7c4480abd7d17e821 ] HPAuto C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
13:58:41.0773 4444 HPAuto - ok
13:58:41.0798 4444 [ 6a181452d4e240b8ecc7614b9a19bde9 ] HPClientSvc C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
13:58:41.0803 4444 HPClientSvc - ok
13:58:41.0895 4444 [ c5d2f308e1c12a5c328ef549696dbc05 ] hpCMSrv C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
13:58:41.0911 4444 hpCMSrv - ok
13:58:42.0111 4444 [ b19ff523b533a3f198b9239e1749c940 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
13:58:42.0115 4444 HPDrvMntSvc.exe - ok
13:58:42.0245 4444 [ 01091b900e15878b4434f9c726c4541d ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
13:58:42.0260 4444 hpqwmiex - ok
13:58:42.0296 4444 [ 39d2abcd392f3d8a6dce7b60ae7b8efc ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
13:58:42.0299 4444 HpSAMD - ok
13:58:42.0393 4444 [ 171000873eb522e5ea3dd4c4e0b689b2 ] HPWMISVC C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
13:58:42.0395 4444 HPWMISVC - ok
13:58:42.0447 4444 [ 0ea7de1acb728dd5a369fd742d6eee28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
13:58:42.0457 4444 HTTP - ok
13:58:42.0489 4444 [ a5462bd6884960c9dc85ed49d34ff392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
13:58:42.0490 4444 hwpolicy - ok
13:58:42.0530 4444 [ fa55c73d4affa7ee23ac4be53b4592d3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
13:58:42.0533 4444 i8042prt - ok
13:58:42.0643 4444 [ 26cf4275034214ecedd8ec17b0a18a99 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
13:58:42.0647 4444 iaStor - ok
13:58:42.0800 4444 [ e79a8e33bd136d14bae1fa20eb2ef124 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
13:58:42.0802 4444 IAStorDataMgrSvc - ok
13:58:42.0907 4444 [ aaaf44db3bd0b9d1fb6969b23ecc8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
13:58:42.0913 4444 iaStorV - ok
13:58:43.0010 4444 [ 3a0ff117b4adc5abe4d968e26a337158 ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
13:58:43.0038 4444 IconMan_R - ok
13:58:43.0142 4444 [ 5988fc40f8db5b0739cd1e3a5d0d78bd ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:58:43.0154 4444 idsvc - ok
13:58:43.0311 4444 [ ce0bf35c79e03bb89da6b14fac838605 ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.6.1.8\Definitions\IPSDefs\20120815.002\IDSvia64.sys
13:58:43.0320 4444 IDSVia64 - ok
13:58:43.0667 4444 [ 6383899c5f964d71b0f96b81fbe59bb8 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
13:58:43.0977 4444 igfx - ok
13:58:44.0004 4444 [ 5c18831c61933628f5bb0ea2675b9d21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
13:58:44.0006 4444 iirsp - ok
13:58:44.0112 4444 [ fcd84c381e0140af901e58d48882d26b ] IKEEXT C:\Windows\System32\ikeext.dll
13:58:44.0124 4444 IKEEXT - ok
13:58:44.0162 4444 [ dd587a55390ed2295bce6d36ad567da9 ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
13:58:44.0165 4444 Impcd - ok
13:58:44.0193 4444 [ fc727061c0f47c8059e88e05d5c8e381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
13:58:44.0198 4444 IntcDAud - ok
13:58:44.0232 4444 [ f00f20e70c6ec3aa366910083a0518aa ] intelide C:\Windows\system32\drivers\intelide.sys
13:58:44.0234 4444 intelide - ok
13:58:44.0256 4444 [ ada036632c664caa754079041cf1f8c1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
13:58:44.0257 4444 intelppm - ok
13:58:44.0291 4444 [ 098a91c54546a3b878dad6a7e90a455b ] IPBusEnum C:\Windows\system32\ipbusenum.dll
13:58:44.0293 4444 IPBusEnum - ok
13:58:44.0305 4444 [ c9f0e1bd74365a8771590e9008d22ab6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:58:44.0307 4444 IpFilterDriver - ok
13:58:44.0331 4444 [ a34a587fffd45fa649fba6d03784d257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
13:58:44.0338 4444 iphlpsvc - ok
13:58:44.0365 4444 [ 0fc1aea580957aa8817b8f305d18ca3a ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
13:58:44.0368 4444 IPMIDRV - ok
13:58:44.0392 4444 [ af9b39a7e7b6caa203b3862582e9f2d0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
13:58:44.0395 4444 IPNAT - ok
13:58:44.0446 4444 [ ee4c2a137c7088911a8919effc9812e7 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
13:58:44.0456 4444 iPod Service - ok
13:58:44.0541 4444 [ 3abf5e7213eb28966d55d58b515d5ce9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
13:58:44.0543 4444 IRENUM - ok
13:58:44.0565 4444 [ 2f7b28dc3e1183e5eb418df55c204f38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
13:58:44.0568 4444 isapnp - ok
13:58:44.0586 4444 [ d931d7309deb2317035b07c9f9e6b0bd ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
13:58:44.0590 4444 iScsiPrt - ok
13:58:44.0655 4444 [ bc02336f1cba7dcc7d1213bb588a68a5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
13:58:44.0657 4444 kbdclass - ok
13:58:44.0760 4444 [ 0705eff5b42a9db58548eec3b26bb484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
13:58:44.0762 4444 kbdhid - ok
13:58:44.0783 4444 [ c118a82cd78818c29ab228366ebf81c3 ] KeyIso C:\Windows\system32\lsass.exe
13:58:44.0785 4444 KeyIso - ok
13:58:44.0865 4444 [ 97a7070aea4c058b6418519e869a63b4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
13:58:44.0868 4444 KSecDD - ok
13:58:44.0898 4444 [ 26c43a7c2862447ec59deda188d1da07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
13:58:44.0901 4444 KSecPkg - ok
13:58:45.0046 4444 [ 6869281e78cb31a43e969f06b57347c4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
13:58:45.0047 4444 ksthunk - ok
13:58:45.0082 4444 [ 6ab66e16aa859232f64deb66887a8c9c ] KtmRm C:\Windows\system32\msdtckrm.dll
13:58:45.0090 4444 KtmRm - ok
13:58:45.0225 4444 [ d9f42719019740baa6d1c6d536cbdaa6 ] LanmanServer C:\Windows\System32\srvsvc.dll
13:58:45.0230 4444 LanmanServer - ok
13:58:45.0400 4444 [ 851a1382eed3e3a7476db004f4ee3e1a ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:58:45.0407 4444 LanmanWorkstation - ok
13:58:45.0583 4444 [ 1538831cf8ad2979a04c423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
13:58:45.0586 4444 lltdio - ok
13:58:45.0601 4444 [ c1185803384ab3feed115f79f109427f ] lltdsvc C:\Windows\System32\lltdsvc.dll
13:58:45.0607 4444 lltdsvc - ok
13:58:45.0634 4444 [ f993a32249b66c9d622ea5592a8b76b8 ] lmhosts C:\Windows\System32\lmhsvc.dll
13:58:45.0636 4444 lmhosts - ok
13:58:45.0785 4444 [ 9d8b95c0eae145c46bc4a727b23da395 ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
13:58:45.0791 4444 LMS - ok
13:58:45.0842 4444 [ 1a93e54eb0ece102495a51266dcdb6a6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
13:58:45.0845 4444 LSI_FC - ok
13:58:45.0887 4444 [ 1047184a9fdc8bdbff857175875ee810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
13:58:45.0890 4444 LSI_SAS - ok
13:58:45.0924 4444 [ 30f5c0de1ee8b5bc9306c1f0e4a75f93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
13:58:45.0926 4444 LSI_SAS2 - ok
13:58:45.0955 4444 [ 0504eacaff0d3c8aed161c4b0d369d4a ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
13:58:45.0957 4444 LSI_SCSI - ok
13:58:45.0998 4444 [ 43d0f98e1d56ccddb0d5254cff7b356e ] luafv C:\Windows\system32\drivers\luafv.sys
13:58:46.0001 4444 luafv - ok
13:58:46.0234 4444 [ f453d1e6d881e8f8717e20ccd4199e85 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
13:58:46.0239 4444 McComponentHostService - ok
13:58:46.0379 4444 [ 0be09cd858abf9df6ed259d57a1a1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
13:58:46.0384 4444 Mcx2Svc - ok
13:58:46.0401 4444 [ a55805f747c6edb6a9080d7c633bd0f4 ] megasas C:\Windows\system32\drivers\megasas.sys
13:58:46.0403 4444 megasas - ok
13:58:46.0473 4444 [ baf74ce0072480c3b6b7c13b2a94d6b3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
13:58:46.0478 4444 MegaSR - ok
13:58:46.0556 4444 [ e40e80d0304a73e8d269f7141d77250b ] MMCSS C:\Windows\system32\mmcss.dll
13:58:46.0560 4444 MMCSS - ok
13:58:46.0602 4444 [ 800ba92f7010378b09f9ed9270f07137 ] Modem C:\Windows\system32\drivers\modem.sys
13:58:46.0604 4444 Modem - ok
13:58:46.0630 4444 [ b03d591dc7da45ece20b3b467e6aadaa ] monitor C:\Windows\system32\DRIVERS\monitor.sys
13:58:46.0631 4444 monitor - ok
13:58:46.0702 4444 [ 7d27ea49f3c1f687d357e77a470aea99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
13:58:46.0705 4444 mouclass - ok
13:58:46.0721 4444 [ d3bf052c40b0c4166d9fd86a4288c1e6 ] mouhid C:\Windows\system32\drivers\mouhid.sys
13:58:46.0723 4444 mouhid - ok
13:58:46.0748 4444 [ 32e7a3d591d671a6df2db515a5cbe0fa ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
13:58:46.0750 4444 mountmgr - ok
13:58:46.0855 4444 [ 46297fa8e30a6007f14118fc2b942fbc ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
13:58:46.0858 4444 MozillaMaintenance - ok
13:58:46.0889 4444 [ a44b420d30bd56e145d6a2bc8768ec58 ] mpio C:\Windows\system32\drivers\mpio.sys
13:58:46.0893 4444 mpio - ok
13:58:46.0910 4444 [ 6c38c9e45ae0ea2fa5e551f2ed5e978f ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
13:58:46.0913 4444 mpsdrv - ok
13:58:47.0026 4444 [ 54ffc9c8898113ace189d4aa7199d2c1 ] MpsSvc C:\Windows\system32\mpssvc.dll
13:58:47.0036 4444 MpsSvc - ok
13:58:47.0073 4444 [ dc722758b8261e1abafd31a3c0a66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
13:58:47.0075 4444 MRxDAV - ok
13:58:47.0164 4444 [ a5d9106a73dc88564c825d317cac68ac ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
13:58:47.0169 4444 mrxsmb - ok
13:58:47.0194 4444 [ d711b3c1d5f42c0c2415687be09fc163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:58:47.0199 4444 mrxsmb10 - ok
13:58:47.0214 4444 [ 9423e9d355c8d303e76b8cfbd8a5c30c ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:58:47.0218 4444 mrxsmb20 - ok
13:58:47.0234 4444 [ c25f0bafa182cbca2dd3c851c2e75796 ] msahci C:\Windows\system32\drivers\msahci.sys
13:58:47.0236 4444 msahci - ok
13:58:47.0323 4444 [ db801a638d011b9633829eb6f663c900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
13:58:47.0328 4444 msdsm - ok
13:58:47.0350 4444 [ de0ece52236cfa3ed2dbfc03f28253a8 ] MSDTC C:\Windows\System32\msdtc.exe
13:58:47.0354 4444 MSDTC - ok
13:58:47.0390 4444 [ aa3fb40e17ce1388fa1bedab50ea8f96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
13:58:47.0391 4444 Msfs - ok
13:58:47.0487 4444 [ f9d215a46a8b9753f61767fa72a20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
13:58:47.0489 4444 mshidkmdf - ok
13:58:47.0519 4444 [ d916874bbd4f8b07bfb7fa9b3ccae29d ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
13:58:47.0521 4444 msisadrv - ok
13:58:47.0553 4444 [ 808e98ff49b155c522e6400953177b08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
13:58:47.0557 4444 MSiSCSI - ok
13:58:47.0563 4444 msiserver - ok
13:58:47.0578 4444 [ 49ccf2c4fea34ffad8b1b59d49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
13:58:47.0581 4444 MSKSSRV - ok
13:58:47.0603 4444 [ bdd71ace35a232104ddd349ee70e1ab3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
13:58:47.0604 4444 MSPCLOCK - ok
13:58:47.0624 4444 [ 4ed981241db27c3383d72092b618a1d0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
13:58:47.0626 4444 MSPQM - ok
13:58:47.0652 4444 [ 759a9eeb0fa9ed79da1fb7d4ef78866d ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
13:58:47.0659 4444 MsRPC - ok
13:58:47.0711 4444 [ 0eed230e37515a0eaee3c2e1bc97b288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
13:58:47.0712 4444 mssmbios - ok
13:58:47.0725 4444 [ 2e66f9ecb30b4221a318c92ac2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
13:58:47.0726 4444 MSTEE - ok
13:58:47.0767 4444 [ 7ea404308934e675bffde8edf0757bcd ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
13:58:47.0769 4444 MTConfig - ok
13:58:47.0795 4444 [ f9a18612fd3526fe473c1bda678d61c8 ] Mup C:\Windows\system32\Drivers\mup.sys
13:58:47.0798 4444 Mup - ok
13:58:47.0840 4444 [ 582ac6d9873e31dfa28a4547270862dd ] napagent C:\Windows\system32\qagentRT.dll
13:58:47.0847 4444 napagent - ok
13:58:47.0889 4444 [ 1ea3749c4114db3e3161156ffffa6b33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
13:58:47.0895 4444 NativeWifiP - ok
13:58:48.0278 4444 [ f2840dbfe9322f35557219ae82cc4597 ] NAV C:\Program Files (x86)\Norton AntiVirus\Engine\19.8.0.14\ccSvcHst.exe
13:58:48.0280 4444 NAV - ok
13:58:48.0341 4444 [ 8043d41f881d6ace40b854ad6e32217f ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.6.1.8\Definitions\VirusDefs\20120816.048\ENG64.SYS
13:58:48.0343 4444 NAVENG - ok
13:58:48.0418 4444 [ 9a9ab2fc45d701daed465d14980f1305 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.6.1.8\Definitions\VirusDefs\20120816.048\EX64.SYS
13:58:48.0437 4444 NAVEX15 - ok
13:58:48.0518 4444 [ c38b8ae57f78915905064a9a24dc1586 ] NDIS C:\Windows\system32\drivers\ndis.sys
13:58:48.0531 4444 NDIS - ok
13:58:48.0552 4444 [ 9f9a1f53aad7da4d6fef5bb73ab811ac ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
13:58:48.0554 4444 NdisCap - ok
13:58:48.0576 4444 [ 30639c932d9fef22b31268fe25a1b6e5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
13:58:48.0577 4444 NdisTapi - ok
13:58:48.0591 4444 [ 136185f9fb2cc61e573e676aa5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
13:58:48.0593 4444 Ndisuio - ok
13:58:48.0606 4444 [ 53f7305169863f0a2bddc49e116c2e11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
13:58:48.0609 4444 NdisWan - ok
13:58:48.0639 4444 [ 015c0d8e0e0421b4cfd48cffe2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
13:58:48.0641 4444 NDProxy - ok
13:58:48.0663 4444 [ 86743d9f5d2b1048062b14b1d84501c4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
13:58:48.0664 4444 NetBIOS - ok
13:58:48.0680 4444 [ 09594d1089c523423b32a4229263f068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
13:58:48.0684 4444 NetBT - ok
13:58:48.0699 4444 [ c118a82cd78818c29ab228366ebf81c3 ] Netlogon C:\Windows\system32\lsass.exe
13:58:48.0700 4444 Netlogon - ok
13:58:48.0749 4444 [ 847d3ae376c0817161a14a82c8922a9e ] Netman C:\Windows\System32\netman.dll
13:58:48.0756 4444 Netman - ok
13:58:48.0792 4444 [ 5f28111c648f1e24f7dbc87cdeb091b8 ] netprofm C:\Windows\System32\netprofm.dll
13:58:48.0798 4444 netprofm - ok
13:58:48.0903 4444 [ a98071e3e1e5e503462cc9e0ded91a36 ] netr28x C:\Windows\system32\DRIVERS\netr28x.sys
13:58:48.0926 4444 netr28x - ok
13:58:48.0951 4444 [ 3e5a36127e201ddf663176b66828fafe ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:58:48.0954 4444 NetTcpPortSharing - ok
13:58:48.0990 4444 [ 77889813be4d166cdab78ddba990da92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
13:58:48.0992 4444 nfrd960 - ok
13:58:49.0035 4444 [ 1ee99a89cc788ada662441d1e9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
13:58:49.0039 4444 NlaSvc - ok
13:58:49.0172 4444 [ 1e4c4ab5c9b8dd13179bbdc75a2a01f7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
13:58:49.0174 4444 Npfs - ok
13:58:49.0221 4444 [ d54bfdf3e0c953f823b3d0bfe4732528 ] nsi C:\Windows\system32\nsisvc.dll
13:58:49.0223 4444 nsi - ok
13:58:49.0236 4444 [ e7f5ae18af4168178a642a9247c63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
13:58:49.0237 4444 nsiproxy - ok
13:58:49.0305 4444 [ a2f74975097f52a00745f9637451fdd8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
13:58:49.0325 4444 Ntfs - ok
13:58:49.0331 4444 [ 9899284589f75fa8724ff3d16aed75c1 ] Null C:\Windows\system32\drivers\Null.sys
13:58:49.0332 4444 Null - ok
13:58:49.0385 4444 [ a85b4f2ef3a7304a5399ef0526423040 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys
13:58:49.0393 4444 NVENETFD - ok
13:58:49.0439 4444 [ 0a92cb65770442ed0dc44834632f66ad ] nvraid C:\Windows\system32\drivers\nvraid.sys
13:58:49.0442 4444 nvraid - ok
13:58:49.0462 4444 [ dab0e87525c10052bf65f06152f37e4a ] nvstor C:\Windows\system32\drivers\nvstor.sys
13:58:49.0465 4444 nvstor - ok
13:58:49.0531 4444 [ 270d7cd42d6e3979f6dd0146650f0e05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
13:58:49.0534 4444 nv_agp - ok
13:58:49.0566 4444 [ 3589478e4b22ce21b41fa1bfc0b8b8a0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
13:58:49.0568 4444 ohci1394 - ok
13:58:49.0644 4444 [ 9d10f99a6712e28f8acd5641e3a7ea6b ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:58:49.0648 4444 ose - ok
13:58:49.0890 4444 [ 61bffb5f57ad12f83ab64b7181829b34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
13:58:50.0183 4444 osppsvc - ok
13:58:50.0267 4444 [ 3eac4455472cc2c97107b5291e0dcafe ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
13:58:50.0274 4444 p2pimsvc - ok
13:58:50.0337 4444 [ 927463ecb02179f88e4b9a17568c63c3 ] p2psvc C:\Windows\system32\p2psvc.dll
13:58:50.0345 4444 p2psvc - ok
13:58:50.0382 4444 [ 0086431c29c35be1dbc43f52cc273887 ] Parport C:\Windows\system32\drivers\parport.sys
13:58:50.0385 4444 Parport - ok
13:58:50.0412 4444 [ e9766131eeade40a27dc27d2d68fba9c ] partmgr C:\Windows\system32\drivers\partmgr.sys
13:58:50.0414 4444 partmgr - ok
13:58:50.0537 4444 [ 3aeaa8b561e63452c655dc0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
13:58:50.0541 4444 PcaSvc - ok
13:58:50.0573 4444 [ 94575c0571d1462a0f70bde6bd6ee6b3 ] pci C:\Windows\system32\drivers\pci.sys
13:58:50.0577 4444 pci - ok
13:58:50.0723 4444 [ b5b8b5ef2e5cb34df8dcf8831e3534fa ] pciide C:\Windows\system32\drivers\pciide.sys
13:58:50.0725 4444 pciide - ok
13:58:50.0749 4444 [ b2e81d4e87ce48589f98cb8c05b01f2f ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
13:58:50.0754 4444 pcmcia - ok
13:58:50.0784 4444 [ d6b9c2e1a11a3a4b26a182ffef18f603 ] pcw C:\Windows\system32\drivers\pcw.sys
13:58:50.0786 4444 pcw - ok
13:58:50.0808 4444 [ 68769c3356b3be5d1c732c97b9a80d6e ] PEAUTH C:\Windows\system32\drivers\peauth.sys
13:58:50.0819 4444 PEAUTH - ok
13:58:50.0912 4444 [ e495e408c93141e8fc72dc0c6046ddfa ] PerfHost C:\Windows\SysWow64\perfhost.exe
13:58:50.0915 4444 PerfHost - ok
13:58:51.0094 4444 [ c7cf6a6e137463219e1259e3f0f0dd6c ] pla C:\Windows\system32\pla.dll
13:58:51.0117 4444 pla - ok
13:58:51.0350 4444 [ 25fbdef06c4d92815b353f6e792c8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
13:58:51.0359 4444 PlugPlay - ok
13:58:51.0382 4444 [ 7195581cec9bb7d12abe54036acc2e38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
13:58:51.0384 4444 PNRPAutoReg - ok
13:58:51.0409 4444 [ 3eac4455472cc2c97107b5291e0dcafe ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
13:58:51.0412 4444 PNRPsvc - ok
13:58:51.0454 4444 [ 4f15d75adf6156bf56eced6d4a55c389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
13:58:51.0461 4444 PolicyAgent - ok
13:58:51.0503 4444 [ 6ba9d927dded70bd1a9caded45f8b184 ] Power C:\Windows\system32\umpo.dll
13:58:51.0507 4444 Power - ok
13:58:51.0683 4444 [ f92a2c41117a11a00be01ca01a7fcde9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
13:58:51.0688 4444 PptpMiniport - ok
13:58:51.0705 4444 [ 0d922e23c041efb1c3fac2a6f943c9bf ] Processor C:\Windows\system32\drivers\processr.sys
13:58:51.0709 4444 Processor - ok
13:58:51.0738 4444 [ 53e83f1f6cf9d62f32801cf66d8352a8 ] ProfSvc C:\Windows\system32\profsvc.dll
13:58:51.0743 4444 ProfSvc - ok
13:58:51.0760 4444 [ c118a82cd78818c29ab228366ebf81c3 ] ProtectedStorage C:\Windows\system32\lsass.exe
13:58:51.0761 4444 ProtectedStorage - ok
13:58:51.0868 4444 [ 0557cf5a2556bd58e26384169d72438d ] Psched C:\Windows\system32\DRIVERS\pacer.sys
13:58:51.0870 4444 Psched - ok
13:58:51.0934 4444 [ a53a15a11ebfd21077463ee2c7afeef0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
13:58:51.0957 4444 ql2300 - ok
13:58:51.0986 4444 [ 4f6d12b51de1aaeff7dc58c4d75423c8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
13:58:51.0989 4444 ql40xx - ok
13:58:52.0019 4444 [ 906191634e99aea92c4816150bda3732 ] QWAVE C:\Windows\system32\qwave.dll
13:58:52.0024 4444 QWAVE - ok
13:58:52.0049 4444 [ 76707bb36430888d9ce9d705398adb6c ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
13:58:52.0050 4444 QWAVEdrv - ok
13:58:52.0065 4444 [ 5a0da8ad5762fa2d91678a8a01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
13:58:52.0067 4444 RasAcd - ok
13:58:52.0095 4444 [ 7ecff9b22276b73f43a99a15a6094e90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
13:58:52.0097 4444 RasAgileVpn - ok
13:58:52.0117 4444 [ 8f26510c5383b8dbe976de1cd00fc8c7 ] RasAuto C:\Windows\System32\rasauto.dll
13:58:52.0120 4444 RasAuto - ok
13:58:52.0138 4444 [ 471815800ae33e6f1c32fb1b97c490ca ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
13:58:52.0140 4444 Rasl2tp - ok
13:58:52.0175 4444 [ ee867a0870fc9e4972ba9eaad35651e2 ] RasMan C:\Windows\System32\rasmans.dll
13:58:52.0181 4444 RasMan - ok
13:58:52.0196 4444 [ 855c9b1cd4756c5e9a2aa58a15f58c25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
13:58:52.0198 4444 RasPppoe - ok
13:58:52.0209 4444 [ e8b1e447b008d07ff47d016c2b0eeecb ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
13:58:52.0211 4444 RasSstp - ok
13:58:52.0233 4444 [ 77f665941019a1594d887a74f301fa2f ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
13:58:52.0238 4444 rdbss - ok
13:58:52.0352 4444 [ 302da2a0539f2cf54d7c6cc30c1f2d8d ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
13:58:52.0354 4444 rdpbus - ok
13:58:52.0365 4444 [ cea6cc257fc9b7715f1c2b4849286d24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
13:58:52.0366 4444 RDPCDD - ok
13:58:52.0402 4444 [ bb5971a4f00659529a5c44831af22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
13:58:52.0403 4444 RDPENCDD - ok
13:58:52.0416 4444 [ 216f3fa57533d98e1f74ded70113177a ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
13:58:52.0417 4444 RDPREFMP - ok
13:58:52.0554 4444 [ e61608aa35e98999af9aaeeea6114b0a ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
13:58:52.0558 4444 RDPWD - ok
13:58:52.0582 4444 [ 34ed295fa0121c241bfef24764fc4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
13:58:52.0585 4444 rdyboost - ok
13:58:52.0614 4444 [ e4d94f24081440b5fc5aa556c7c62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
13:58:52.0618 4444 RemoteRegistry - ok
13:58:52.0727 4444 [ 085d18c71ab2611a3d61528132b6501e ] RoxioNow Service C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
13:58:52.0734 4444 RoxioNow Service - ok
13:58:52.0746 4444 [ e4dc58cf7b3ea515ae917ff0d402a7bb ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
13:58:52.0750 4444 RpcEptMapper - ok
13:58:52.0776 4444 [ d5ba242d4cf8e384db90e6a8ed850b8c ] RpcLocator C:\Windows\system32\locator.exe
13:58:52.0778 4444 RpcLocator - ok
13:58:52.0803 4444 [ 5c627d1b1138676c0a7ab2c2c190d123 ] RpcSs C:\Windows\system32\rpcss.dll
13:58:52.0807 4444 RpcSs - ok
13:58:52.0853 4444 [ 546d7f426776090b90ef5f195b6ae662 ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
13:58:52.0855 4444 RSPCIESTOR - ok
13:58:52.0882 4444 [ ddc86e4f8e7456261e637e3552e804ff ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
13:58:52.0885 4444 rspndr - ok
13:58:52.0992 4444 [ e50cfb92986dcab49de93788fd695813 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
13:58:53.0000 4444 RTL8167 - ok
13:58:53.0013 4444 [ c118a82cd78818c29ab228366ebf81c3 ] SamSs C:\Windows\system32\lsass.exe
13:58:53.0015 4444 SamSs - ok
13:58:53.0040 4444 [ ac03af3329579fffb455aa2daabbe22b ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
13:58:53.0043 4444 sbp2port - ok
13:58:53.0117 4444 [ 9b7395789e3791a3b6d000fe6f8b131e ] SCardSvr C:\Windows\System32\SCardSvr.dll
13:58:53.0123 4444 SCardSvr - ok
13:58:53.0140 4444 [ 253f38d0d7074c02ff8deb9836c97d2b ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
13:58:53.0142 4444 scfilter - ok
13:58:53.0183 4444 [ 262f6592c3299c005fd6bec90fc4463a ] Schedule C:\Windows\system32\schedsvc.dll
13:58:53.0197 4444 Schedule - ok
13:58:53.0230 4444 [ f17d1d393bbc69c5322fbfafaca28c7f ] SCPolicySvc C:\Windows\System32\certprop.dll
13:58:53.0231 4444 SCPolicySvc - ok
13:58:53.0248 4444 [ 111e0ebc0ad79cb0fa014b907b231cf0 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
13:58:53.0251 4444 sdbus - ok
13:58:53.0268 4444 [ 6ea4234dc55346e0709560fe7c2c1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
13:58:53.0271 4444 SDRSVC - ok
13:58:53.0352 4444 [ cc781378e7eda615d2cdca3b17829fa4 ] SeaPort C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
13:58:53.0357 4444 SeaPort - ok
13:58:53.0378 4444 [ 3ea8a16169c26afbeb544e0e48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
13:58:53.0380 4444 secdrv - ok
13:58:53.0403 4444 [ bc617a4e1b4fa8df523a061739a0bd87 ] seclogon C:\Windows\system32\seclogon.dll
13:58:53.0405 4444 seclogon - ok
13:58:53.0433 4444 [ c32ab8fa018ef34c0f113bd501436d21 ] SENS C:\Windows\system32\sens.dll
13:58:53.0435 4444 SENS - ok
13:58:53.0642 4444 [ 0336cffafaab87a11541f1cf1594b2b2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
13:58:53.0645 4444 SensrSvc - ok
13:58:53.0662 4444 [ cb624c0035412af0debec78c41f5ca1b ] Serenum C:\Windows\system32\drivers\serenum.sys
13:58:53.0664 4444 Serenum - ok
13:58:53.0689 4444 [ c1d8e28b2c2adfaec4ba89e9fda69bd6 ] Serial C:\Windows\system32\drivers\serial.sys
13:58:53.0691 4444 Serial - ok
13:58:53.0718 4444 [ 1c545a7d0691cc4a027396535691c3e3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
13:58:53.0720 4444 sermouse - ok
13:58:53.0770 4444 [ 0b6231bf38174a1628c4ac812cc75804 ] SessionEnv C:\Windows\system32\sessenv.dll
13:58:53.0773 4444 SessionEnv - ok
13:58:53.0790 4444 [ a554811bcd09279536440c964ae35bbf ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
13:58:53.0792 4444 sffdisk - ok
13:58:53.0808 4444 [ ff414f0baefeba59bc6c04b3db0b87bf ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
13:58:53.0809 4444 sffp_mmc - ok
13:58:53.0840 4444 [ dd85b78243a19b59f0637dcf284da63c ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
13:58:53.0842 4444 sffp_sd - ok
13:58:53.0891 4444 [ a9d601643a1647211a1ee2ec4e433ff4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
13:58:53.0892 4444 sfloppy - ok
13:58:53.0963 4444 [ b95f6501a2f8b2e78c697fec401970ce ] SharedAccess C:\Windows\System32\ipnathlp.dll
13:58:53.0972 4444 SharedAccess - ok
13:58:54.0133 4444 [ aaf932b4011d14052955d4b212a4da8d ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:58:54.0141 4444 ShellHWDetection - ok
13:58:54.0178 4444 [ 843caf1e5fde1ffd5ff768f23a51e2e1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
13:58:54.0180 4444 SiSRaid2 - ok
13:58:54.0193 4444 [ 6a6c106d42e9ffff8b9fcb4f754f6da4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
13:58:54.0196 4444 SiSRaid4 - ok
13:58:54.0366 4444 [ ea396139541706b4b433641d62ea53ce ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
13:58:54.0369 4444 SkypeUpdate - ok
13:58:54.0408 4444 [ 548260a7b8654e024dc30bf8a7c5baa4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
13:58:54.0411 4444 Smb - ok
13:58:54.0465 4444 [ 6313f223e817cc09aa41811daa7f541d ] SNMPTRAP C:\Windows\System32\snmptrap.exe
13:58:54.0468 4444 SNMPTRAP - ok
13:58:54.0484 4444 [ b9e31e5cacdfe584f34f730a677803f9 ] spldr C:\Windows\system32\drivers\spldr.sys
13:58:54.0486 4444 spldr - ok
13:58:54.0524 4444 [ 85daa09a98c9286d4ea2ba8d0e644377 ] Spooler C:\Windows\System32\spoolsv.exe
13:58:54.0533 4444 Spooler - ok
13:58:54.0614 4444 [ e17e0188bb90fae42d83e98707efa59c ] sppsvc C:\Windows\system32\sppsvc.exe
13:58:54.0663 4444 sppsvc - ok
13:58:54.0677 4444 [ 93d7d61317f3d4bc4f4e9f8a96a7de45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
13:58:54.0680 4444 sppuinotify - ok
13:58:54.0833 4444 [ 891793e00432fa055cf040605c260e49 ] SRTSP C:\Windows\System32\Drivers\NAVx64\1308000.00E\SRTSP64.SYS
13:58:54.0844 4444 SRTSP - ok
13:58:54.0870 4444 [ 1cb7bb3b0561fb5ecfe37f7731e8bf3e ] SRTSPX C:\Windows\system32\drivers\NAVx64\1308000.00E\SRTSPX64.SYS
13:58:54.0873 4444 SRTSPX - ok
13:58:55.0022 4444 [ 441fba48bff01fdb9d5969ebc1838f0b ] srv C:\Windows\system32\DRIVERS\srv.sys
13:58:55.0032 4444 srv - ok
13:58:55.0054 4444 [ b4adebbf5e3677cce9651e0f01f7cc28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
13:58:55.0060 4444 srv2 - ok
13:58:55.0098 4444 [ 0c4540311e11664b245a263e1154cef8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
13:58:55.0102 4444 SrvHsfHDA - ok
13:58:55.0149 4444 [ 02071d207a9858fbe3a48cbfd59c4a04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
13:58:55.0167 4444 SrvHsfV92 - ok
13:58:55.0224 4444 [ 18e40c245dbfaf36fd0134a7ef2df396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
13:58:55.0233 4444 SrvHsfWinac - ok
13:58:55.0271 4444 [ 27e461f0be5bff5fc737328f749538c3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
13:58:55.0274 4444 srvnet - ok
13:58:55.0340 4444 [ 51b52fbd583cde8aa9ba62b8b4298f33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
13:58:55.0344 4444 SSDPSRV - ok
13:58:55.0372 4444 [ ab7aebf58dad8daab7a6c45e6a8885cb ] SstpSvc C:\Windows\system32\sstpsvc.dll
13:58:55.0375 4444 SstpSvc - ok
13:58:55.0537 4444 [ a6b2ec3a2b6ad7c3f7b2f3495cade4c0 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
13:58:55.0543 4444 STacSV - ok
13:58:55.0575 4444 [ f3817967ed533d08327dc73bc4d5542a ] stexstor C:\Windows\system32\drivers\stexstor.sys
13:58:55.0577 4444 stexstor - ok
13:58:55.0615 4444 [ eba98394a7d58f7552c52192bd8fa7e6 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
13:58:55.0624 4444 STHDA - ok
13:58:55.0680 4444 [ 8dd52e8e6128f4b2da92ce27402871c1 ] stisvc C:\Windows\System32\wiaservc.dll
13:58:55.0691 4444 stisvc - ok
13:58:55.0715 4444 [ d01ec09b6711a5f8e7e6564a4d0fbc90 ] swenum C:\Windows\system32\drivers\swenum.sys
13:58:55.0717 4444 swenum - ok
13:58:55.0753 4444 [ e08e46fdd841b7184194011ca1955a0b ] swprv C:\Windows\System32\swprv.dll
13:58:55.0763 4444 swprv - ok
13:58:55.0801 4444 [ 8b2430762099598da40686f754632efd ] SymDS C:\Windows\system32\drivers\NAVx64\1308000.00E\SYMDS64.SYS
13:58:55.0809 4444 SymDS - ok
13:58:55.0869 4444 [ 5cb7f2fd7e30a0f52f93574bfc3a8041 ] SymEFA C:\Windows\system32\drivers\NAVx64\1308000.00E\SYMEFA64.SYS
13:58:55.0883 4444 SymEFA - ok
13:58:55.0933 4444 [ 894579207e39c465737e850a252ce4f2 ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
13:58:55.0936 4444 SymEvent - ok
13:58:55.0978 4444 [ 5013a76caaa1d7cf1c55214b490b4e35 ] SymIRON C:\Windows\system32\drivers\NAVx64\1308000.00E\Ironx64.SYS
13:58:55.0982 4444 SymIRON - ok
13:58:56.0194 4444 [ 3911bd0e68c010e5438a87706abbe9ab ] SymNetS C:\Windows\System32\Drivers\NAVx64\1308000.00E\SYMNETS.SYS
13:58:56.0202 4444 SymNetS - ok
13:58:56.0281 4444 [ c447977ed2a4ae9346fe3a0579a34d7c ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
13:58:56.0302 4444 SynTP - ok
13:58:56.0375 4444 [ bf9ccc0bf39b418c8d0ae8b05cf95b7d ] SysMain C:\Windows\system32\sysmain.dll
13:58:56.0402 4444 SysMain - ok
13:58:56.0416 4444 [ e3c61fd7b7c2557e1f1b0b4cec713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:58:56.0419 4444 TabletInputService - ok
13:58:56.0436 4444 [ 40f0849f65d13ee87b9a9ae3c1dd6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
13:58:56.0442 4444 TapiSrv - ok
13:58:56.0457 4444 [ 1be03ac720f4d302ea01d40f588162f6 ] TBS C:\Windows\System32\tbssvc.dll
13:58:56.0460 4444 TBS - ok
13:58:56.0550 4444 [ acb82bda8f46c84f465c1afa517dc4b9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
13:58:56.0571 4444 Tcpip - ok
13:58:56.0602 4444 [ acb82bda8f46c84f465c1afa517dc4b9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
13:58:56.0613 4444 TCPIP6 - ok
13:58:56.0642 4444 [ df687e3d8836bfb04fcc0615bf15a519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
13:58:56.0644 4444 tcpipreg - ok
13:58:56.0667 4444 [ 3371d21011695b16333a3934340c4e7c ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
13:58:56.0668 4444 TDPIPE - ok
13:58:56.0692 4444 [ 51c5eceb1cdee2468a1748be550cfbc8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
13:58:56.0693 4444 TDTCP - ok
13:58:56.0747 4444 [ ddad5a7ab24d8b65f8d724f5c20fd806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
13:58:56.0750 4444 tdx - ok
13:58:56.0775 4444 [ 561e7e1f06895d78de991e01dd0fb6e5 ] TermDD C:\Windows\system32\drivers\termdd.sys
13:58:56.0779 4444 TermDD - ok
13:58:56.0832 4444 [ 2e648163254233755035b46dd7b89123 ] TermService C:\Windows\System32\termsrv.dll
13:58:56.0842 4444 TermService - ok
13:58:56.0858 4444 [ f0344071948d1a1fa732231785a0664c ] Themes C:\Windows\system32\themeservice.dll
13:58:56.0861 4444 Themes - ok
13:58:56.0895 4444 [ e40e80d0304a73e8d269f7141d77250b ] THREADORDER C:\Windows\system32\mmcss.dll
13:58:56.0896 4444 THREADORDER - ok
13:58:56.0933 4444 [ 7e7afd841694f6ac397e99d75cead49d ] TrkWks C:\Windows\System32\trkwks.dll
13:58:56.0936 4444 TrkWks - ok
13:58:57.0023 4444 [ 773212b2aaa24c1e31f10246b15b276c ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:58:57.0027 4444 TrustedInstaller - ok
13:58:57.0048 4444 [ ce18b2cdfc837c99e5fae9ca6cba5d30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
13:58:57.0049 4444 tssecsrv - ok
13:58:57.0079 4444 [ d11c783e3ef9a3c52c0ebe83cc5000e9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
13:58:57.0081 4444 TsUsbFlt - ok
13:58:57.0182 4444 [ 9cc2ccae8a84820eaecb886d477cbcb8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
13:58:57.0185 4444 TsUsbGD - ok
13:58:57.0225 4444 [ 3566a8daafa27af944f5d705eaa64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
13:58:57.0228 4444 tunnel - ok
13:58:57.0265 4444 [ b4dd609bd7e282bfc683cec7eaaaad67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
13:58:57.0268 4444 uagp35 - ok
13:58:57.0297 4444 [ ff4232a1a64012baa1fd97c7b67df593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
13:58:57.0303 4444 udfs - ok
13:58:57.0343 4444 [ 3cbdec8d06b9968aba702eba076364a1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
13:58:57.0346 4444 UI0Detect - ok
13:58:57.0404 4444 [ 4bfe1bc28391222894cbf1e7d0e42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
13:58:57.0406 4444 uliagpkx - ok
13:58:57.0438 4444 [ dc54a574663a895c8763af0fa1ff7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
13:58:57.0440 4444 umbus - ok
13:58:57.0456 4444 [ b2e8e8cb557b156da5493bbddcc1474d ] UmPass C:\Windows\system32\drivers\umpass.sys
13:58:57.0458 4444 UmPass - ok
13:58:57.0607 4444 [ 0b0b9f55b12767a755932c26b5fed715 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
13:58:57.0636 4444 UNS - ok
13:58:57.0662 4444 [ d47ec6a8e81633dd18d2436b19baf6de ] upnphost C:\Windows\System32\upnphost.dll
13:58:57.0667 4444 upnphost - ok
13:58:57.0694 4444 [ aa33fc47ed58c34e6e9261e4f850b7eb ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
13:58:57.0696 4444 USBAAPL64 - ok
13:58:57.0761 4444 [ 6f1a3157a1c89435352ceb543cdb359c ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
13:58:57.0764 4444 usbccgp - ok
13:58:57.0785 4444 [ af0892a803fdda7492f595368e3b68e7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
13:58:57.0787 4444 usbcir - ok
13:58:57.0816 4444 [ c025055fe7b87701eb042095df1a2d7b ] usbehci C:\Windows\system32\drivers\usbehci.sys
13:58:57.0818 4444 usbehci - ok
13:58:57.0836 4444 [ 287c6c9410b111b68b52ca298f7b8c24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
13:58:57.0841 4444 usbhub - ok
13:58:57.0855 4444 [ 9840fc418b4cbd632d3d0a667a725c31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
13:58:57.0856 4444 usbohci - ok
13:58:57.0896 4444 [ 73188f58fb384e75c4063d29413cee3d ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
13:58:57.0898 4444 usbprint - ok
13:58:57.0936 4444 [ aaa2513c8aed8b54b189fd0c6b1634c0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
13:58:57.0937 4444 usbscan - ok
13:58:57.0962 4444 [ fed648b01349a3c8395a5169db5fb7d6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:58:57.0964 4444 USBSTOR - ok
13:58:57.0981 4444 [ 62069a34518bcf9c1fd9e74b3f6db7cd ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
13:58:57.0983 4444 usbuhci - ok
13:58:58.0027 4444 [ 454800c2bc7f3927ce030141ee4f4c50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
13:58:58.0030 4444 usbvideo - ok
13:58:58.0155 4444 [ edbb23cbcf2cdf727d64ff9b51a6070e ] UxSms C:\Windows\System32\uxsms.dll
13:58:58.0158 4444 UxSms - ok
13:58:58.0172 4444 [ c118a82cd78818c29ab228366ebf81c3 ] VaultSvc C:\Windows\system32\lsass.exe
13:58:58.0174 4444 VaultSvc - ok
13:58:58.0221 4444 [ c5c876ccfc083ff3b128f933823e87bd ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
13:58:58.0223 4444 vdrvroot - ok
13:58:58.0250 4444 [ 8d6b481601d01a456e75c3210f1830be ] vds C:\Windows\System32\vds.exe
13:58:58.0259 4444 vds - ok
13:58:58.0393 4444 [ da4da3f5e02943c2dc8c6ed875de68dd ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
13:58:58.0395 4444 vga - ok
13:58:58.0410 4444 [ 53e92a310193cb3c03bea963de7d9cfc ] VgaSave C:\Windows\System32\drivers\vga.sys
13:58:58.0413 4444 VgaSave - ok
13:58:58.0439 4444 [ 2ce2df28c83aeaf30084e1b1eb253cbb ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
13:58:58.0442 4444 vhdmp - ok
13:58:58.0468 4444 [ e5689d93ffe4e5d66c0178761240dd54 ] viaide C:\Windows\system32\drivers\viaide.sys
13:58:58.0470 4444 viaide - ok
13:58:58.0495 4444 [ d2aafd421940f640b407aefaaebd91b0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
13:58:58.0497 4444 volmgr - ok
13:58:58.0520 4444 [ a255814907c89be58b79ef2f189b843b ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
13:58:58.0525 4444 volmgrx - ok
13:58:58.0557 4444 [ 0d08d2f3b3ff84e433346669b5e0f639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
13:58:58.0561 4444 volsnap - ok
13:58:58.0607 4444 [ 5e2016ea6ebaca03c04feac5f330d997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
13:58:58.0610 4444 vsmraid - ok
13:58:58.0667 4444 [ b60ba0bc31b0cb414593e169f6f21cc2 ] VSS C:\Windows\system32\vssvc.exe
13:58:58.0688 4444 VSS - ok
13:58:58.0716 4444 [ 36d4720b72b5c5d9cb2b9c29e9df67a1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
13:58:58.0718 4444 vwifibus - ok
13:58:58.0745 4444 [ 6a3d66263414ff0d6fa754c646612f3f ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
13:58:58.0746 4444 vwififlt - ok
13:58:58.0787 4444 [ 1c9d80cc3849b3788048078c26486e1a ] W32Time C:\Windows\system32\w32time.dll
13:58:58.0793 4444 W32Time - ok
13:58:58.0810 4444 [ 4e9440f4f152a7b944cb1663d3935a3e ] WacomPen C:\Windows\system32\drivers\wacompen.sys
13:58:58.0812 4444 WacomPen - ok
13:58:58.0846 4444 [ 356afd78a6ed4457169241ac3965230c ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
13:58:58.0849 4444 WANARP - ok
13:58:58.0865 4444 [ 356afd78a6ed4457169241ac3965230c ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
13:58:58.0865 4444 Wanarpv6 - ok
13:58:59.0031 4444 [ 3cec96de223e49eaae3651fcf8faea6c ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
13:58:59.0045 4444 WatAdminSvc - ok
13:58:59.0098 4444 [ 78f4e7f5c56cb9716238eb57da4b6a75 ] wbengine C:\Windows\system32\wbengine.exe
13:58:59.0114 4444 wbengine - ok
13:58:59.0137 4444 [ 3aa101e8edab2db4131333f4325c76a3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
13:58:59.0141 4444 WbioSrvc - ok
13:58:59.0164 4444 [ 7368a2afd46e5a4481d1de9d14848edd ] wcncsvc C:\Windows\System32\wcncsvc.dll
13:58:59.0170 4444 wcncsvc - ok
13:58:59.0294 4444 [ 20f7441334b18cee52027661df4a6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:58:59.0300 4444 WcsPlugInService - ok
13:58:59.0322 4444 [ 72889e16ff12ba0f235467d6091b17dc ] Wd C:\Windows\system32\drivers\wd.sys
13:58:59.0325 4444 Wd - ok
13:58:59.0364 4444 [ 441bd2d7b4f98134c3a4f9fa570fd250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
13:58:59.0372 4444 Wdf01000 - ok
13:58:59.0384 4444 [ bf1fc3f79b863c914687a737c2f3d681 ] WdiServiceHost C:\Windows\system32\wdi.dll
13:58:59.0387 4444 WdiServiceHost - ok
13:58:59.0391 4444 [ bf1fc3f79b863c914687a737c2f3d681 ] WdiSystemHost C:\Windows\system32\wdi.dll
13:58:59.0394 4444 WdiSystemHost - ok
13:58:59.0429 4444 [ 3db6d04e1c64272f8b14eb8bc4616280 ] WebClient C:\Windows\System32\webclnt.dll
13:58:59.0435 4444 WebClient - ok
13:58:59.0455 4444 [ c749025a679c5103e575e3b48e092c43 ] Wecsvc C:\Windows\system32\wecsvc.dll
13:58:59.0459 4444 Wecsvc - ok
13:58:59.0475 4444 [ 7e591867422dc788b9e5bd337a669a08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
13:58:59.0476 4444 wercplsupport - ok
13:58:59.0533 4444 [ 6d137963730144698cbd10f202e9f251 ] WerSvc C:\Windows\System32\WerSvc.dll
13:58:59.0536 4444 WerSvc - ok
13:58:59.0621 4444 [ 611b23304bf067451a9fdee01fbdd725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
13:58:59.0623 4444 WfpLwf - ok
13:58:59.0652 4444 [ 05ecaec3e4529a7153b3136ceb49f0ec ] WIMMount C:\Windows\system32\drivers\wimmount.sys
13:58:59.0653 4444 WIMMount - ok
13:58:59.0674 4444 WinDefend - ok
13:58:59.0680 4444 WinHttpAutoProxySvc - ok
13:58:59.0745 4444 [ 19b07e7e8915d701225da41cb3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
13:58:59.0748 4444 Winmgmt - ok
13:58:59.0901 4444 [ bcb1310604aa415c4508708975b3931e ] WinRM C:\Windows\system32\WsmSvc.dll
13:58:59.0928 4444 WinRM - ok
13:58:59.0976 4444 [ fe88b288356e7b47b74b13372add906d ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
13:58:59.0978 4444 WinUsb - ok
13:59:00.0029 4444 [ 4fada86e62f18a1b2f42ba18ae24e6aa ] Wlansvc C:\Windows\System32\wlansvc.dll
13:59:00.0040 4444 Wlansvc - ok
13:59:00.0091 4444 [ 06c8fa1cf39de6a735b54d906ba791c6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
13:59:00.0098 4444 wlcrasvc - ok
13:59:00.0339 4444 [ 2bacd71123f42cea603f4e205e1ae337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:59:00.0365 4444 wlidsvc - ok
13:59:00.0459 4444 [ f6ff8944478594d0e414d3f048f0d778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
13:59:00.0460 4444 WmiAcpi - ok
13:59:00.0494 4444 [ 38b84c94c5a8af291adfea478ae54f93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
13:59:00.0501 4444 wmiApSrv - ok
13:59:00.0525 4444 WMPNetworkSvc - ok
13:59:00.0553 4444 [ 96c6e7100d724c69fcf9e7bf590d1dca ] WPCSvc C:\Windows\System32\wpcsvc.dll
13:59:00.0557 4444 WPCSvc - ok
13:59:00.0581 4444 [ 93221146d4ebbf314c29b23cd6cc391d ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
13:59:00.0585 4444 WPDBusEnum - ok
13:59:00.0614 4444 [ 6bcc1d7d2fd2453957c5479a32364e52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
13:59:00.0617 4444 ws2ifsl - ok
13:59:00.0696 4444 [ e8b1fe6669397d1772d8196df0e57a9e ] wscsvc C:\Windows\system32\wscsvc.dll
13:59:00.0700 4444 wscsvc - ok
13:59:00.0704 4444 WSearch - ok
13:59:00.0868 4444 [ d9ef901dca379cfe914e9fa13b73b4c4 ] wuauserv C:\Windows\system32\wuaueng.dll
13:59:00.0904 4444 wuauserv - ok
13:59:00.0925 4444 [ d3381dc54c34d79b22cee0d65ba91b7c ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
13:59:00.0927 4444 WudfPf - ok
13:59:00.0977 4444 [ cf8d590be3373029d57af80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
13:59:00.0981 4444 WUDFRd - ok
13:59:01.0022 4444 [ 7a95c95b6c4cf292d689106bcae49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
13:59:01.0024 4444 wudfsvc - ok
13:59:01.0047 4444 [ 9a3452b3c2a46c073166c5cf49fad1ae ] WwanSvc C:\Windows\System32\wwansvc.dll
13:59:01.0051 4444 WwanSvc - ok
13:59:01.0130 4444 [ dd0042f0c3b606a6a8b92d49afb18ad6 ] YahooAUService C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
13:59:01.0136 4444 YahooAUService - ok
13:59:01.0142 4444 ================ Scan global ===============================
13:59:01.0172 4444 (ba0cd8c393e8c9f83354106093832c7b) C:\Windows\system32\basesrv.dll
13:59:01.0210 4444 (eb6a48cc998e1090e44e8e7f1009a640) C:\Windows\system32\winsrv.dll
13:59:01.0218 4444 (eb6a48cc998e1090e44e8e7f1009a640) C:\Windows\system32\winsrv.dll
13:59:01.0249 4444 (d6160f9d869ba3af0b787f971db56368) C:\Windows\system32\sxssrv.dll
13:59:01.0277 4444 (24acb7e5be595468e3b9aa488b9b4fcb) C:\Windows\system32\services.exe
13:59:01.0282 4444 [Global] - ok
13:59:01.0282 4444 ================ Scan MBR ==================================
13:59:01.0293 4444 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
13:59:01.0500 4444 \Device\Harddisk0\DR0 - ok
13:59:01.0501 4444 ================ Scan VBR ==================================
13:59:01.0506 4444 Boot (0x1200) (4964af15fc067bd41b89e4a0b4142ef0) \Device\Harddisk0\DR0\Partition1
13:59:01.0508 4444 \Device\Harddisk0\DR0\Partition1 - ok
13:59:01.0518 4444 Boot (0x1200) (44e58410775bbf626dacd1aec969f61f) \Device\Harddisk0\DR0\Partition2
13:59:01.0520 4444 \Device\Harddisk0\DR0\Partition2 - ok
13:59:01.0543 4444 Boot (0x1200) (b9baa6f3fa08eb2b5348328e5d803284) \Device\Harddisk0\DR0\Partition3
13:59:01.0545 4444 \Device\Harddisk0\DR0\Partition3 - ok
13:59:01.0566 4444 Boot (0x1200) (26dce66783a568a4e6dd7dc50e1fd807) \Device\Harddisk0\DR0\Partition4
13:59:01.0567 4444 \Device\Harddisk0\DR0\Partition4 - ok
13:59:01.0568 4444 ============================================================
13:59:01.0568 4444 Scan finished
13:59:01.0568 4444 ============================================================
13:59:01.0583 7068 Detected object count: 0
13:59:01.0583 7068 Actual detected object count: 0

#4 haser77

haser77
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:02:13 AM

Posted 17 August 2012 - 01:44 PM

aswMBR Results

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-17 14:07:34
-----------------------------
14:07:34.855 OS Version: Windows x64 6.1.7601 Service Pack 1
14:07:34.855 Number of processors: 4 586 0x2505
14:07:34.856 ComputerName: JADESANYA-HP UserName: jadesanya
14:07:37.440 Initialize success
14:08:22.408 AVAST engine defs: 12081700
14:08:40.032 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
14:08:40.035 Disk 0 Vendor: SAMSUNG_ 2AJ1 Size: 476940MB BusType: 3
14:08:40.049 Disk 0 MBR read successfully
14:08:40.053 Disk 0 MBR scan
14:08:40.060 Disk 0 Windows 7 default MBR code
14:08:40.070 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048
14:08:40.085 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 461589 MB offset 409600
14:08:40.121 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 15047 MB offset 945743872
14:08:40.144 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 103 MB offset 976560128
14:08:40.195 Disk 0 scanning C:\Windows\system32\drivers
14:08:50.871 Service scanning
14:09:16.908 Modules scanning
14:09:16.925 Disk 0 trace - called modules:
14:09:16.997 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
14:09:17.007 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800526f060]
14:09:17.018 3 CLASSPNP.SYS[fffff88001fc043f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004ff7050]
14:09:20.289 AVAST engine scan C:\Windows
14:09:23.906 AVAST engine scan C:\Windows\system32
14:12:46.030 AVAST engine scan C:\Windows\system32\drivers
14:13:21.936 AVAST engine scan C:\Users\jadesanya
14:36:10.337 AVAST engine scan C:\ProgramData
14:37:51.698 Scan finished successfully
14:42:29.664 Disk 0 MBR has been saved successfully to "C:\Users\jadesanya\Documents\MBR.dat"
14:42:29.669 The log file has been saved successfully to "C:\Users\jadesanya\Documents\aswMBR.txt"

#5 haser77

haser77
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:02:13 AM

Posted 17 August 2012 - 06:17 PM

ESET

C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\MyBabylonTB.exe a variant of Win32/Toolbar.Babylon application cleaned by deleting - quarantined
C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.31.2\BabylonToolbarApp.dll a variant of Win32/Toolbar.Babylon application cleaned by deleting (after the next restart) - quarantined
C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.31.2\BabylonToolbarsrv.exe probably a variant of Win32/Toolbar.Babylon application cleaned by deleting - quarantined
C:\Program Files (x86)\Yontoo Layers Runtime\YontooIEClient.dll a variant of Win32/Adware.Yontoo.A application cleaned by deleting - quarantined
C:\ProgramData\Tarma Installer\{2E1037EA-038A-425F-86B9-6CD19B8497E9}\_Setupx.dll a variant of Win32/Adware.Yontoo.B application cleaned by deleting - quarantined
C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll a variant of Win32/Adware.Yontoo.B application cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll.vir a variant of Win32/Adware.Yontoo.B application cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\ProgramData\Tarma Installer\{DA00D550-BB91-4A26-AAE5-9172D626CAAE}\_Setupx.dll.vir a variant of Win32/Adware.Yontoo.B application cleaned by deleting - quarantined
C:\Users\jadesanya\AppData\Local\Temp\0.8297281073725994 a variant of Win32/Kryptik.AIZP trojan cleaned by deleting - quarantined
C:\Users\jadesanya\AppData\Local\Temp\NODBB0.tmp a variant of Win32/Toolbar.Babylon application cleaned by deleting (after the next restart) - quarantined
C:\Users\jadesanya\AppData\Local\Temp\YontooIEClient.dll a variant of Win32/Adware.Yontoo.A application cleaned by deleting - quarantined
C:\Users\jadesanya\AppData\Local\Temp\YontooSetup-Silent.exe Win32/Adware.Yontoo application cleaned by deleting - quarantined
C:\Users\jadesanya\AppData\Local\Temp\YontooLayers\background.html Win32/Adware.Yontoo.C application cleaned by deleting - quarantined
C:\Users\jadesanya\AppData\Roaming\Mozilla\Firefox\Profiles\z063ukod.default\extensions\plugin@yontoo.com\content\overlay.js Win32/Adware.Yontoo application cleaned by deleting - quarantined
C:\Users\jadesanya\Downloads\movie_player_1280.exe a variant of Win32/InstallIQ application cleaned by deleting - quarantined

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:13 AM

Posted 17 August 2012 - 06:21 PM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#7 haser77

haser77
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:02:13 AM

Posted 21 August 2012 - 02:33 PM

Mini Toolbox results

MiniToolBox by Farbar Version: 23-07-2012
Ran by jadesanya (administrator) on 21-08-2012 at 15:32:03
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Ralink RT5390 802.11b/g/n WiFi Adapter = Wireless Network Connection (Connected)
Realtek PCIe FE Family Controller = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : jadesanya-HP
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : home

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : bgm.bu.int
Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
Physical Address. . . . . . . . . : 78-E3-B5-57-5E-A7
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : Ralink RT5390 802.11b/g/n WiFi Adapter
Physical Address. . . . . . . . . : CC-AF-78-66-AA-07
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::b:b149:f83f:1926%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.7(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Monday, August 20, 2012 11:10:19 AM
Lease Expires . . . . . . . . . . : Wednesday, August 22, 2012 3:28:21 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 248295288
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-CA-17-D0-CC-AF-78-66-AA-07
DNS Servers . . . . . . . . . . . : 192.168.1.1
68.237.161.12
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.home:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter 6TO4 Adapter:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:10c7:1108:3f57:fef8(Preferred)
Link-local IPv6 Address . . . . . : fe80::10c7:1108:3f57:fef8%14(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.bgm.bu.int:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: Wireless_Broadband_Router.home
Address: 192.168.1.1

Name: google.com
Addresses: 2607:f8b0:4006:800::1000
173.194.43.39
173.194.43.41
173.194.43.35
173.194.43.38
173.194.43.46
173.194.43.37
173.194.43.34
173.194.43.33
173.194.43.32
173.194.43.40
173.194.43.36


Pinging google.com [173.194.43.41] with 32 bytes of data:
Reply from 173.194.43.41: bytes=32 time=13ms TTL=252
Reply from 173.194.43.41: bytes=32 time=12ms TTL=252

Ping statistics for 173.194.43.41:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 12ms, Maximum = 13ms, Average = 12ms
Server: Wireless_Broadband_Router.home
Address: 192.168.1.1

Name: yahoo.com
Addresses: 98.138.253.109
98.139.183.24
72.30.38.140


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=64ms TTL=50
Reply from 98.139.183.24: bytes=32 time=74ms TTL=49

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 64ms, Maximum = 74ms, Average = 69ms
Server: Wireless_Broadband_Router.home
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
12...78 e3 b5 57 5e a7 ......Realtek PCIe FE Family Controller
11...cc af 78 66 aa 07 ......Ralink RT5390 802.11b/g/n WiFi Adapter
1...........................Software Loopback Interface 1
16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
13...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
14...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.7 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.7 281
192.168.1.7 255.255.255.255 On-link 192.168.1.7 281
192.168.1.255 255.255.255.255 On-link 192.168.1.7 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.7 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.7 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
14 58 ::/0 On-link
1 306 ::1/128 On-link
14 58 2001::/32 On-link
14 306 2001:0:4137:9e76:10c7:1108:3f57:fef8/128
On-link
11 281 fe80::/64 On-link
14 306 fe80::/64 On-link
11 281 fe80::b:b149:f83f:1926/128
On-link
14 306 fe80::10c7:1108:3f57:fef8/128
On-link
1 306 ff00::/8 On-link
14 306 ff00::/8 On-link
11 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/20/2012 07:12:09 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2059

Error: (08/20/2012 07:12:09 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2059

Error: (08/20/2012 07:12:09 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/20/2012 07:12:08 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1061

Error: (08/20/2012 07:12:08 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1061

Error: (08/20/2012 07:12:08 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/20/2012 04:03:30 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4181

Error: (08/20/2012 04:03:30 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4181

Error: (08/20/2012 04:03:30 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/20/2012 04:03:29 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3167


System errors:
=============
Error: (08/19/2012 01:11:26 PM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (08/17/2012 07:12:35 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.

Error: (08/17/2012 05:00:57 PM) (Source: DCOM) (User: )
Description: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2}

Error: (08/16/2012 08:53:21 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the NAV service.

Error: (08/15/2012 06:03:51 PM) (Source: DCOM) (User: )
Description: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2}

Error: (08/13/2012 00:28:05 PM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (08/10/2012 01:19:56 PM) (Source: DCOM) (User: )
Description: {216DA6DC-BFD5-4724-817A-05A759C8F9A2}

Error: (08/09/2012 06:12:13 PM) (Source: DCOM) (User: )
Description: {C332C124-340D-4430-AA0D-C75602876FCC}

Error: (08/08/2012 06:58:15 PM) (Source: DCOM) (User: )
Description: {C332C124-340D-4430-AA0D-C75602876FCC}

Error: (08/08/2012 11:25:37 AM) (Source: Server) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{7B869D6C-356A-4F6F-9D10-FA79D3BAE20F} because another computer on the network has the same name. The server could not start.


Microsoft Office Sessions:
=========================
Error: (08/20/2012 07:12:09 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2059

Error: (08/20/2012 07:12:09 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2059

Error: (08/20/2012 07:12:09 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/20/2012 07:12:08 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1061

Error: (08/20/2012 07:12:08 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1061

Error: (08/20/2012 07:12:08 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/20/2012 04:03:30 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4181

Error: (08/20/2012 04:03:30 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4181

Error: (08/20/2012 04:03:30 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/20/2012 04:03:29 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3167


=========================== Installed Programs ============================

4shared Toolbar
4Sync
Adobe Flash Player 10 ActiveX (Version: 10.3.183.7)
Adobe Flash Player 11 Plugin 64-bit (Version: 11.1.102.55)
Adobe Reader X (10.1.0) MUI (Version: 10.1.0)
Adobe Shockwave Player 11.5 (Version: 11.5.9.620)
Agatha Christie - Peril at End House (Version: 2.2.0.95)
Apple Application Support (Version: 2.1.6)
Apple Mobile Device Support (Version: 4.0.0.97)
Apple Software Update (Version: 2.1.3.127)
Ask Toolbar (Version: 1.15.4.0)
Ask Toolbar Updater (Version: 1.2.2.23821)
Babylon
Babylon toolbar on IE
Bejeweled 2 Deluxe (Version: 2.2.0.95)
Bejeweled 3 (Version: 2.2.0.95)
Bing Bar (Version: 7.0.610.0)
Blackhawk Striker 2 (Version: 2.2.0.95)
Blasterball 3 (Version: 2.2.0.95)
Blio (Version: 2.2.6699)
Bonjour (Version: 3.0.0.10)
Bounce Symphony (Version: 2.2.0.95)
Build-a-lot 2 (Version: 2.2.0.95)
Cake Mania (Version: 2.2.0.95)
Chuzzle Deluxe (Version: 2.2.0.95)
Coupon Printer for Windows (Version: 5.0.0.1)
CyberLink YouCam (Version: 3.5.1.4305)
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Diner Dash 2 Restaurant Rescue (Version: 2.2.0.95)
Dora's World Adventure (Version: 2.2.0.95)
Energy Star Digital Logo (Version: 1.0.1)
ESET Online Scanner v3
ESU for Microsoft Windows 7 (Version: 1.0.0)
Evernote v. 4.2.2 (Version: 4.2.2.3979)
Farm Frenzy (Version: 2.2.0.95)
Fast Search (Version: 3.3.5)
FATE - The Traitor Soul (Version: 2.2.0.95)
FLV Runner Toolbar (Version: 6.9.0.16)
Google Earth Plug-in (Version: 6.2.2.6613)
Google Update Helper (Version: 1.3.21.115)
Hewlett-Packard ACLM.NET v1.1.2.0 (Version: 1.00.0000)
HP Auto (Version: 1.0.12935.3667)
HP Client Services (Version: 1.1.12938.3539)
HP Connection Manager (Version: 4.1.22.1)
HP Customer Experience Enhancements (Version: 6.0.1.7)
HP Documentation (Version: 1.2.0.0)
HP Games (Version: 1.0.2.4)
HP MovieStore (Version: 1.0.047)
HP MovieStore (Version: 2.0)
HP On Screen Display (Version: 1.2.2)
HP Power Manager (Version: 1.4.4)
HP Quick Launch (Version: 2.4.4)
HP Setup (Version: 8.6.4530.3651)
HP Setup Manager (Version: 1.1.13253.3682)
HP Software Framework (Version: 4.1.13.1)
HP Support Assistant (Version: 6.1.12.1)
IDT Audio (Version: 1.0.6341.0)
Intel® Control Center (Version: 1.2.1.1007)
Intel® Management Engine Components (Version: 6.0.0.1179)
Intel® Processor Graphics (Version: 8.15.10.2372)
Intel® Rapid Storage Technology (Version: 10.5.0.1026)
iTunes (Version: 10.5.3.3)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 24 (64-bit) (Version: 6.0.240)
Java™ 6 Update 31 (Version: 6.0.310)
Junk Mail filter update (Version: 15.4.3502.0922)
Mah Jong Medley (Version: 2.2.0.95)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
McAfee Security Scan Plus (Version: 2.0.181.2)
MeFeedia (Version: 1.0.0.1)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Home and Student 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
Mozilla Firefox 14.0.1 (x86 en-US) (Version: 14.0.1)
Mozilla Maintenance Service (Version: 14.0.1)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Mystery P.I. - Stolen in San Francisco (Version: 2.2.0.95)
Namco All-Stars PAC-MAN (Version: 2.2.0.95)
Norton AntiVirus (Version: 19.8.0.14)
PC Optimizer Pro (Version: 6.1.7.4)
Penguins! (Version: 2.2.0.95)
Plants vs. Zombies - Game of the Year (Version: 2.2.0.95)
PlayReady PC Runtime x86 (Version: 1.3.0)
Poker Superstars III (Version: 2.2.0.95)
Polar Bowler (Version: 2.2.0.95)
Polar Golfer (Version: 2.2.0.95)
Ralink RT5390 802.11b/g/n WiFi Adapter (Version: 3.02.02.0)
Realtek Ethernet Controller Driver (Version: 7.45.516.2011)
Realtek PCIE Card Reader (Version: 6.1.7600.77)
Recovery Manager (Version: 2.0.0)
RoxioNow Player (Version: 1.9.5.103)
Skype Click to Call (Version: 5.6.8442)
Skype™ 5.10 (Version: 5.10.116)
Slingo Supreme (Version: 2.2.0.95)
Spotify (Version: 0.6.4)
Synaptics TouchPad Driver (Version: 15.3.11.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598289) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update Installer for WildTangent Games App
Virtual Villagers 4 - The Tree of Life (Version: 2.2.0.95)
Wheel of Fortune 2 (Version: 2.2.0.95)
WildTangent Games App (HP Games) (Version: 4.0.5.2)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Yahoo! Detect
Yahoo! Software Update
Yahoo! Toolbar
Yontoo 1.10.02 (Version: 1.10.02)
Zuma Deluxe (Version: 2.2.0.95)

========================= Memory info: ===================================

Percentage of memory in use: 66%
Total physical RAM: 3893.86 MB
Available physical RAM: 1323.44 MB
Total Pagefile: 7785.91 MB
Available Pagefile: 5107.23 MB
Total Virtual: 4095.88 MB
Available Virtual: 3964.75 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:450.77 GB) (Free:403.8 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:14.69 GB) (Free:1.63 GB) NTFS
4 Drive f: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.08 GB) FAT32

========================= Users: ========================================

User accounts for \\JADESANYA-HP

Administrator Guest jadesanya


**** End of log ****

#8 haser77

haser77
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:02:13 AM

Posted 21 August 2012 - 02:36 PM

FSS Log

Farbar Service Scanner Version: 06-08-2012
Ran by jadesanya (administrator) on 21-08-2012 at 15:35:45
Running from "C:\Users\jadesanya\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7QFQPC7D"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

#9 haser77

haser77
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:02:13 AM

Posted 21 August 2012 - 02:42 PM

Adware Cleaner Log

# AdwCleaner v1.801 - Logfile created 08/21/2012 at 15:38:14
# Updated 14/08/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : jadesanya - JADESANYA-HP
# Boot Mode : Normal
# Running from : C:\Users\jadesanya\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ICCVIKFT\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Users\jadesanya\AppData\Local\Babylon
Folder Deleted : C:\Users\jadesanya\AppData\Local\Conduit
Folder Deleted : C:\Users\jadesanya\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\jadesanya\AppData\LocalLow\BabylonToolbar
Folder Deleted : C:\Users\jadesanya\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\jadesanya\AppData\LocalLow\FLV_Runner
Folder Deleted : C:\Users\jadesanya\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\jadesanya\AppData\Roaming\Babylon
Folder Deleted : C:\Users\jadesanya\AppData\Roaming\Mozilla\Firefox\Profiles\z063ukod.default\extensions\ffxtlbr@babylon.com
Folder Deleted : C:\Users\jadesanya\AppData\Roaming\Mozilla\Firefox\Profiles\z063ukod.default\extensions\plugin@yontoo.com
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\Tarma Installer
Deleted on reboot : C:\Program Files\Babylon
Folder Deleted : C:\Program Files (x86)\Ask.com
Folder Deleted : C:\Program Files (x86)\Babylon
Folder Deleted : C:\Program Files (x86)\BabylonToolbar
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\FLV_Runner
Folder Deleted : C:\Program Files (x86)\Free Offers from Freeze.com
Folder Deleted : C:\Program Files (x86)\Mozilla Firefox\Extensions\adapter@babylontc.com
Folder Deleted : C:\Program Files (x86)\Surf Canyon
Folder Deleted : C:\Program Files (x86)\Yontoo Layers Runtime
Folder Deleted : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
File Deleted : C:\Users\Public\Desktop\eBay.lnk
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml

***** [Registry] *****

[*] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3201318
Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\Babylon
Key Deleted : HKCU\Software\BabylonToolbar
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Translate this web page with Babylon
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Translate with Babylon
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKCU\Software\Surf Canyon
Key Deleted : HKLM\SOFTWARE\APN
Key Deleted : HKLM\SOFTWARE\AskToolbar
Key Deleted : HKLM\SOFTWARE\BabylonToolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\surfcanyon.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Key Deleted : HKLM\SOFTWARE\Classes\b
Key Deleted : HKLM\SOFTWARE\Classes\BabyDict
Key Deleted : HKLM\SOFTWARE\Classes\BabyGloss
Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\BabyOptFile
Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\surfcanyon.BhoSite
Key Deleted : HKLM\SOFTWARE\Classes\surfcanyon.BhoSite.1
Key Deleted : HKLM\SOFTWARE\Classes\surfcanyon.ShowSettings
Key Deleted : HKLM\SOFTWARE\Classes\surfcanyon.ShowSettings.1
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\FLV_Runner
Key Deleted : HKLM\SOFTWARE\Freeze.com
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Babylon.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Babylon
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FLV_Runner Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Surf Canyon
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Babylon Client]
[x64] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
[x64] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
[x64] Key Deleted : HKLM\SOFTWARE\Tarma Installer

***** [Registre - GUID] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{A3514F71-E63F-440B-8076-14226E21B2BF}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5AB7104A-B71F-49AD-9154-F7F8806AE848}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6AC0BB10-C922-45e2-857D-2A368FE749E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AAFFE112-08AB-4B91-8428-C008A22864FB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF390AA1-1E65-4825-B8E7-BE6B47BD56B8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BBD3C14-4C16-4989-8366-95BC9179779D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{07CEA379-7178-4758-9C80-969876E32395}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{68AD96A1-2A28-4841-ABD0-F5AA45F008C9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{95B92D92-8B7D-4A19-A3F1-43113B4DBCAF}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{BA3105E9-5DE6-4A1E-A819-6F5046AB67F5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{F72841F0-4EF1-4DF5-BCE5-B3AC8ACF5478}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3E8BE7DC-A804-40B9-8695-D6D5DF4A201F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9DDE48EA-4B6F-49E6-ACD0-D0172E3D0C14}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5AB7104A-B71F-49AD-9154-F7F8806AE848}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3BBD3C14-4C16-4989-8366-95BC9179779D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07CEA379-7178-4758-9C80-969876E32395}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5AB7104A-B71F-49AD-9154-F7F8806AE848}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3BBD3C14-4C16-4989-8366-95BC9179779D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5AB7104A-B71F-49AD-9154-F7F8806AE848}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3BBD3C14-4C16-4989-8366-95BC9179779D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07CEA379-7178-4758-9C80-969876E32395}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{3BBD3C14-4C16-4989-8366-95BC9179779D}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{3BBD3C14-4C16-4989-8366-95BC9179779D}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{3BBD3C14-4C16-4989-8366-95BC9179779D}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{3BBD3C14-4C16-4989-8366-95BC9179779D}]
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{68AD96A1-2A28-4841-ABD0-F5AA45F008C9}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{95B92D92-8B7D-4A19-A3F1-43113B4DBCAF}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
[x64] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.conduit.com?SearchSource=10&ctid=CT3201318 --> hxxp://www.google.com

-\\ Mozilla Firefox v14.0.1 (en-US)

Profile name : default
File : C:\Users\jadesanya\AppData\Roaming\Mozilla\Firefox\Profiles\z063ukod.default\prefs.js

C:\Users\jadesanya\AppData\Roaming\Mozilla\Firefox\Profiles\z063ukod.default\user.js ... Deleted !

Deleted : user_pref("browser.search.defaultengine", "Ask.com");
Deleted : user_pref("browser.search.defaultenginename", "Ask.com");
Deleted : user_pref("browser.search.defaultenginename,S", "S,S,S,S,S,S,S,S,S,S,S,S,S,S,S,S,S,S,S,S,S,S,S,S,S,S[...]
Deleted : user_pref("browser.search.order.1", "Ask.com");
Deleted : user_pref("browser.search.selectedEngine", "Ask.com");
Deleted : user_pref("extensions.BabylonToolbar.admin", false);
Deleted : user_pref("extensions.BabylonToolbar.aflt", "orgnl");
Deleted : user_pref("extensions.BabylonToolbar.bbDpng", 20);
Deleted : user_pref("extensions.BabylonToolbar.cntry", "US");
Deleted : user_pref("extensions.BabylonToolbar.dfltSrch", false);
Deleted : user_pref("extensions.BabylonToolbar.excTlbr", false);
Deleted : user_pref("extensions.BabylonToolbar.hdrMd5", "724C4AC4FF6BD7F3176466477EEF23D0");
Deleted : user_pref("extensions.BabylonToolbar.hmpg", false);
Deleted : user_pref("extensions.BabylonToolbar.id", "75db7b3d89af452a9252b401437778de");
Deleted : user_pref("extensions.BabylonToolbar.instlDay", "15402");
Deleted : user_pref("extensions.BabylonToolbar.lastActv", "3");
Deleted : user_pref("extensions.BabylonToolbar.lastDP", 20);
Deleted : user_pref("extensions.BabylonToolbar.lastVrsnTs", "");
Deleted : user_pref("extensions.BabylonToolbar.mntrFFxVrsn", "14.0");
Deleted : user_pref("extensions.BabylonToolbar.newTab", true);
Deleted : user_pref("extensions.BabylonToolbar.newTabUrl", "hxxp://search.babylon.com/?babsrc=NT_FFUP");
Deleted : user_pref("extensions.BabylonToolbar.noFFXTlbr", false);
Deleted : user_pref("extensions.BabylonToolbar.propectorlck", 84035451);
Deleted : user_pref("extensions.BabylonToolbar.sid", "75db7b3d89af452a9252b401437778de");
Deleted : user_pref("extensions.BabylonToolbar.smplGrp", "free");
Deleted : user_pref("extensions.aniweather.timeShifted", 1551296);
Deleted : user_pref("extensions.asktb.ff-original-keyword-url", "");
Deleted : user_pref("extensions.enabledAddons", "ffxtlbr@babylon.com:1.2.0,{4176DFF4-4698-11DE-BEEB-45DA55D895[...]
Deleted : user_pref("keyword.URL", "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=ORJ&o=100000031&loca[...]
Deleted : user_pref("keyword.URL,h", "hxxp://search.babylon.com/?babsrc=KW_def&AF=17014&q=");

*************************

AdwCleaner[S1].txt - [21213 octets] - [21/08/2012 15:38:14]

########## EOF - C:\AdwCleaner[S1].txt - [21342 octets] ##########

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:13 AM

Posted 21 August 2012 - 02:47 PM

Malwarebytes log?

Any current issues?

#11 haser77

haser77
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:02:13 AM

Posted 22 August 2012 - 12:27 PM

When I did a full scan i did as you said and clicked on show results and removed the threats. For the second scan I did a quick scan and no threats occured. I will give you the log for the full scan and quick scan


Malwarebytes full scan log:


Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.08.19.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
jadesanya :: JADESANYA-HP [administrator]

8/18/2012 11:32:01 PM
mbam-log-2012-08-18 (23-32-01).txt

Scan type: Full scan (C:\|D:\|F:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 371084
Time elapsed: 49 minute(s), 37 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Hewlett-Packard_Developme (Trojan.RedirRdll3.Gen) -> Data: rundll32.exe "C:\Users\jadesanya\AppData\Local\Microsoft\Hewlett-Packard_Developme\gzkkahzz.dll",CreateInstance -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

Malawarebytes quick scan log:

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 8377

Windows 6.1.7601 Service Pack 1
Internet Explorer 8.0.7601.17514

12/15/2011 3:24:35 PM
mbam-log-2011-12-15 (15-24-35).txt

Scan type: Quick scan
Objects scanned: 176267
Time elapsed: 5 minute(s), 35 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:13 AM

Posted 22 August 2012 - 12:44 PM

Any current issues>?

#13 haser77

haser77
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:02:13 AM

Posted 23 August 2012 - 02:28 PM

so far everything is good

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:13 AM

Posted 23 August 2012 - 02:55 PM

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp

Update your flash player

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#15 haser77

haser77
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:02:13 AM

Posted 27 August 2012 - 09:02 AM

when I try to create a new restore point the website say once I reach system protection I should click on drive and then configure. I don't have drive under available drives in systems protection.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users