Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Help removing bts.scour.com


  • Please log in to reply
15 replies to this topic

#1 senare

senare

  • Members
  • 71 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:13 PM

Posted 06 September 2012 - 08:51 PM

Being redirected to bts.scour.com for the last couple of days. I've not done anything other than make sure that malwarebytes is updated and I've loaded web of trust on opera (I use that browser to surf for the most part). What do I need to do next?

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:13 PM

Posted 06 September 2012 - 08:53 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 senare

senare
  • Topic Starter

  • Members
  • 71 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:13 PM

Posted 07 September 2012 - 11:49 AM

TDSSkiller Log

11:46:37.0378 14332 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
11:46:37.0955 14332 ============================================================
11:46:37.0955 14332 Current date / time: 2012/09/07 11:46:37.0955
11:46:37.0955 14332 SystemInfo:
11:46:37.0955 14332
11:46:37.0955 14332 OS Version: 6.0.6002 ServicePack: 2.0
11:46:37.0955 14332 Product type: Workstation
11:46:37.0955 14332 ComputerName: SENARE-PC
11:46:37.0955 14332 UserName: Sena Re
11:46:37.0955 14332 Windows directory: C:\Windows
11:46:37.0955 14332 System windows directory: C:\Windows
11:46:37.0955 14332 Processor architecture: Intel x86
11:46:37.0955 14332 Number of processors: 2
11:46:37.0955 14332 Page size: 0x1000
11:46:37.0955 14332 Boot type: Normal boot
11:46:37.0955 14332 ============================================================
11:46:39.0983 14332 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
11:46:39.0999 14332 ============================================================
11:46:39.0999 14332 \Device\Harddisk0\DR0:
11:46:39.0999 14332 MBR partitions:
11:46:39.0999 14332 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x23800, BlocksNum 0x1E00000
11:46:39.0999 14332 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1E23800, BlocksNum 0x10BF5800
11:46:39.0999 14332 ============================================================
11:46:40.0093 14332 C: <-> \Device\Harddisk0\DR0\Partition2
11:46:40.0139 14332 E: <-> \Device\Harddisk0\DR0\Partition1
11:46:40.0139 14332 ============================================================
11:46:40.0139 14332 Initialize success
11:46:40.0139 14332 ============================================================
11:47:01.0995 11484 ============================================================
11:47:01.0995 11484 Scan started
11:47:01.0995 11484 Mode: Manual; TDLFS;
11:47:01.0995 11484 ============================================================
11:47:05.0474 11484 ================ Scan system memory ========================
11:47:05.0474 11484 System memory - ok
11:47:05.0474 11484 ================ Scan services =============================
11:47:05.0879 11484 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
11:47:05.0895 11484 ACPI - ok
11:47:06.0113 11484 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
11:47:06.0238 11484 AdobeARMservice - ok
11:47:06.0301 11484 [ B2B64AF436FACCFA854DD397027C5360 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
11:47:06.0316 11484 AdobeFlashPlayerUpdateSvc - ok
11:47:06.0379 11484 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
11:47:06.0394 11484 adp94xx - ok
11:47:06.0441 11484 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys
11:47:06.0441 11484 adpahci - ok
11:47:06.0472 11484 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
11:47:06.0472 11484 adpu160m - ok
11:47:06.0566 11484 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
11:47:06.0566 11484 adpu320 - ok
11:47:06.0925 11484 [ E690647AE0B4111E3D82FCE27FDFD9B4 ] AdvancedSystemCareService5 C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
11:47:07.0268 11484 AdvancedSystemCareService5 - ok
11:47:07.0315 11484 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
11:47:07.0315 11484 AeLookupSvc - ok
11:47:07.0549 11484 [ 827DBC22C96EECF6D36A13162FABAFD3 ] AESTFilters C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_0145da1d\aestsrv.exe
11:47:07.0642 11484 AESTFilters - ok
11:47:07.0705 11484 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
11:47:08.0126 11484 AFD - ok
11:47:08.0141 11484 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys
11:47:08.0157 11484 agp440 - ok
11:47:08.0188 11484 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
11:47:08.0204 11484 aic78xx - ok
11:47:08.0219 11484 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
11:47:08.0219 11484 ALG - ok
11:47:08.0235 11484 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys
11:47:08.0251 11484 aliide - ok
11:47:08.0282 11484 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys
11:47:08.0282 11484 amdagp - ok
11:47:08.0282 11484 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys
11:47:08.0297 11484 amdide - ok
11:47:08.0297 11484 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
11:47:08.0313 11484 AmdK7 - ok
11:47:08.0313 11484 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
11:47:08.0329 11484 AmdK8 - ok
11:47:08.0360 11484 [ 448DA519F3B6FFA158C513156053181E ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
11:47:08.0469 11484 ApfiltrService - ok
11:47:08.0485 11484 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
11:47:08.0485 11484 Appinfo - ok
11:47:08.0500 11484 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys
11:47:08.0516 11484 arc - ok
11:47:08.0531 11484 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys
11:47:08.0547 11484 arcsas - ok
11:47:08.0578 11484 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
11:47:08.0578 11484 AsyncMac - ok
11:47:08.0609 11484 [ 0D83C87A801A3DFCD1BF73893FE7518C ] atapi C:\Windows\system32\drivers\atapi.sys
11:47:08.0812 11484 atapi - ok
11:47:09.0124 11484 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:47:09.0265 11484 AudioEndpointBuilder - ok
11:47:09.0265 11484 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
11:47:09.0280 11484 Audiosrv - ok
11:47:09.0311 11484 [ 423C7B87E886AC93D22936EA82665F83 ] BCM42RLY C:\Windows\system32\drivers\BCM42RLY.sys
11:47:09.0483 11484 BCM42RLY - ok
11:47:09.0545 11484 [ 41A70777E892C3DEA606758366566A77 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl6.sys
11:47:09.0733 11484 BCM43XX - ok
11:47:09.0795 11484 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
11:47:09.0795 11484 Beep - ok
11:47:09.0842 11484 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
11:47:09.0857 11484 blbdrive - ok
11:47:09.0920 11484 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
11:47:10.0045 11484 Bonjour Service - ok
11:47:10.0107 11484 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
11:47:10.0169 11484 bowser - ok
11:47:10.0232 11484 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
11:47:10.0247 11484 BrFiltLo - ok
11:47:10.0279 11484 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
11:47:10.0279 11484 BrFiltUp - ok
11:47:10.0341 11484 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
11:47:10.0341 11484 Browser - ok
11:47:10.0403 11484 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
11:47:10.0403 11484 Brserid - ok
11:47:10.0435 11484 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
11:47:10.0450 11484 BrSerWdm - ok
11:47:10.0450 11484 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
11:47:10.0466 11484 BrUsbMdm - ok
11:47:10.0481 11484 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
11:47:10.0481 11484 BrUsbSer - ok
11:47:10.0513 11484 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
11:47:10.0513 11484 BTHMODEM - ok
11:47:10.0544 11484 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
11:47:10.0544 11484 cdfs - ok
11:47:10.0575 11484 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
11:47:10.0591 11484 cdrom - ok
11:47:10.0606 11484 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
11:47:10.0606 11484 CertPropSvc - ok
11:47:10.0669 11484 [ 1C7B1E36F3CED9E4B0B13385E627FE8B ] cfwids C:\Windows\system32\drivers\cfwids.sys
11:47:10.0762 11484 cfwids - ok
11:47:10.0809 11484 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys
11:47:10.0825 11484 circlass - ok
11:47:10.0965 11484 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
11:47:10.0981 11484 CLFS - ok
11:47:11.0043 11484 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:47:11.0043 11484 clr_optimization_v2.0.50727_32 - ok
11:47:11.0105 11484 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:47:11.0230 11484 clr_optimization_v4.0.30319_32 - ok
11:47:11.0293 11484 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
11:47:11.0308 11484 CmBatt - ok
11:47:11.0339 11484 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys
11:47:11.0355 11484 cmdide - ok
11:47:11.0480 11484 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
11:47:11.0480 11484 Compbatt - ok
11:47:11.0542 11484 COMSysApp - ok
11:47:11.0651 11484 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
11:47:11.0667 11484 crcdisk - ok
11:47:11.0698 11484 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys
11:47:11.0714 11484 Crusoe - ok
11:47:11.0776 11484 [ 75C6A297E364014840B48ECCD7525E30 ] CryptSvc C:\Windows\system32\cryptsvc.dll
11:47:11.0792 11484 CryptSvc - ok
11:47:11.0995 11484 [ DB66841A22E3F51030C7671F33B2D290 ] DAZContentManagementService C:\Program Files\DAZ 3D\Content Management Service\ContentManagementServer.exe
11:47:12.0104 11484 DAZContentManagementService - ok
11:47:12.0166 11484 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
11:47:12.0182 11484 DcomLaunch - ok
11:47:12.0213 11484 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
11:47:12.0369 11484 DfsC - ok
11:47:12.0853 11484 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
11:47:13.0055 11484 DFSR - ok
11:47:13.0102 11484 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
11:47:13.0102 11484 Dhcp - ok
11:47:13.0118 11484 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
11:47:13.0133 11484 disk - ok
11:47:13.0180 11484 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
11:47:13.0274 11484 Dnscache - ok
11:47:13.0336 11484 [ 0840ABBBDF438691EE65A20040635CBE ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe
11:47:13.0430 11484 DockLoginService - ok
11:47:13.0477 11484 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
11:47:13.0477 11484 dot3svc - ok
11:47:13.0711 11484 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
11:47:13.0726 11484 DPS - ok
11:47:13.0851 11484 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
11:47:13.0867 11484 drmkaud - ok
11:47:14.0007 11484 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
11:47:14.0132 11484 DXGKrnl - ok
11:47:14.0163 11484 [ 908ED85B7806E8AF3AF5E9B74F7809D4 ] e1express C:\Windows\system32\DRIVERS\e1e6032.sys
11:47:14.0179 11484 e1express - ok
11:47:14.0194 11484 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
11:47:14.0210 11484 E1G60 - ok
11:47:14.0272 11484 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
11:47:14.0288 11484 EapHost - ok
11:47:14.0303 11484 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
11:47:14.0319 11484 Ecache - ok
11:47:14.0397 11484 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
11:47:14.0397 11484 ehRecvr - ok
11:47:14.0413 11484 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
11:47:14.0413 11484 ehSched - ok
11:47:14.0459 11484 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
11:47:14.0475 11484 ehstart - ok
11:47:14.0522 11484 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys
11:47:14.0537 11484 elxstor - ok
11:47:14.0584 11484 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
11:47:14.0584 11484 EMDMgmt - ok
11:47:14.0600 11484 [ F2A80DE2D1B7116052C09CB4D4CA1416 ] ErrDev C:\Windows\system32\drivers\errdev.sys
11:47:14.0693 11484 ErrDev - ok
11:47:14.0974 11484 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
11:47:14.0974 11484 EventSystem - ok
11:47:15.0037 11484 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
11:47:15.0052 11484 exfat - ok
11:47:15.0099 11484 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
11:47:15.0115 11484 fastfat - ok
11:47:15.0146 11484 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
11:47:15.0161 11484 fdc - ok
11:47:15.0224 11484 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
11:47:15.0224 11484 fdPHost - ok
11:47:15.0255 11484 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
11:47:15.0255 11484 FDResPub - ok
11:47:15.0271 11484 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
11:47:15.0271 11484 FileInfo - ok
11:47:15.0333 11484 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
11:47:15.0333 11484 Filetrace - ok
11:47:15.0364 11484 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
11:47:15.0364 11484 flpydisk - ok
11:47:15.0411 11484 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
11:47:15.0411 11484 FltMgr - ok
11:47:15.0505 11484 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
11:47:15.0629 11484 FontCache - ok
11:47:15.0723 11484 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
11:47:15.0723 11484 FontCache3.0.0.0 - ok
11:47:16.0051 11484 [ 81B4A2C6C9BD17FFB6031A0A61C09764 ] FreeAgentGoNext Service C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
11:47:16.0144 11484 FreeAgentGoNext Service - ok
11:47:16.0191 11484 [ D909075FA72C090F27AA926C32CB4612 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
11:47:16.0347 11484 fssfltr - ok
11:47:16.0581 11484 [ 40CDFAD174B3D5E80F95DDA003C0B97F ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe
11:47:16.0721 11484 fsssvc - ok
11:47:16.0768 11484 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
11:47:16.0877 11484 Fs_Rec - ok
11:47:16.0909 11484 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
11:47:16.0909 11484 gagp30kx - ok
11:47:16.0987 11484 [ D3316F6E3C011435F36E3D6E49B3196C ] GoToAssist C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
11:47:17.0080 11484 GoToAssist - ok
11:47:17.0127 11484 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
11:47:17.0143 11484 gpsvc - ok
11:47:17.0189 11484 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
11:47:17.0205 11484 HDAudBus - ok
11:47:17.0252 11484 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
11:47:17.0252 11484 HidBth - ok
11:47:17.0267 11484 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
11:47:17.0267 11484 HidIr - ok
11:47:17.0314 11484 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\system32\hidserv.dll
11:47:17.0330 11484 hidserv - ok
11:47:17.0345 11484 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
11:47:17.0345 11484 HidUsb - ok
11:47:17.0377 11484 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
11:47:17.0392 11484 hkmsvc - ok
11:47:17.0408 11484 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
11:47:17.0423 11484 HpCISSs - ok
11:47:17.0517 11484 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
11:47:17.0533 11484 HTTP - ok
11:47:17.0626 11484 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys
11:47:17.0626 11484 i2omp - ok
11:47:17.0642 11484 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
11:47:17.0657 11484 i8042prt - ok
11:47:18.0188 11484 [ 7B96206E4BDD2FE582F0DBC46F5F410E ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
11:47:18.0391 11484 IAANTMON - ok
11:47:18.0437 11484 [ 4B80B97CBF0782B3BB3057F88D42C367 ] iaStor C:\Windows\system32\drivers\iastor.sys
11:47:18.0437 11484 iaStor - ok
11:47:18.0515 11484 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
11:47:18.0531 11484 iaStorV - ok
11:47:18.0781 11484 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
11:47:18.0796 11484 idsvc - ok
11:47:19.0061 11484 [ 938753888EADDB29D4B3754139EC19E8 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
11:47:19.0280 11484 igfx - ok
11:47:19.0311 11484 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
11:47:19.0311 11484 iirsp - ok
11:47:19.0358 11484 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
11:47:19.0373 11484 IKEEXT - ok
11:47:19.0405 11484 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
11:47:19.0420 11484 intelide - ok
11:47:19.0436 11484 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
11:47:19.0436 11484 intelppm - ok
11:47:19.0483 11484 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
11:47:19.0498 11484 IPBusEnum - ok
11:47:19.0514 11484 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:47:19.0514 11484 IpFilterDriver - ok
11:47:19.0529 11484 IpInIp - ok
11:47:19.0576 11484 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
11:47:19.0576 11484 IPMIDRV - ok
11:47:19.0607 11484 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
11:47:19.0623 11484 IPNAT - ok
11:47:19.0623 11484 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
11:47:19.0639 11484 IRENUM - ok
11:47:19.0670 11484 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys
11:47:19.0670 11484 isapnp - ok
11:47:19.0717 11484 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
11:47:19.0732 11484 iScsiPrt - ok
11:47:19.0748 11484 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
11:47:19.0779 11484 iteatapi - ok
11:47:19.0873 11484 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
11:47:19.0888 11484 iteraid - ok
11:47:19.0966 11484 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
11:47:19.0982 11484 kbdclass - ok
11:47:20.0013 11484 [ 18247836959BA67E3511B62846B9C2E0 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
11:47:20.0029 11484 kbdhid - ok
11:47:20.0044 11484 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
11:47:20.0107 11484 KeyIso - ok
11:47:20.0185 11484 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
11:47:20.0294 11484 KSecDD - ok
11:47:20.0341 11484 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
11:47:20.0356 11484 KtmRm - ok
11:47:20.0387 11484 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\system32\srvsvc.dll
11:47:20.0465 11484 LanmanServer - ok
11:47:20.0497 11484 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:47:20.0512 11484 LanmanWorkstation - ok
11:47:20.0543 11484 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
11:47:20.0543 11484 lltdio - ok
11:47:20.0606 11484 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
11:47:20.0621 11484 lltdsvc - ok
11:47:20.0637 11484 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
11:47:20.0653 11484 lmhosts - ok
11:47:20.0684 11484 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
11:47:20.0684 11484 LSI_FC - ok
11:47:20.0731 11484 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
11:47:20.0731 11484 LSI_SAS - ok
11:47:20.0762 11484 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
11:47:20.0777 11484 LSI_SCSI - ok
11:47:20.0809 11484 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
11:47:20.0824 11484 luafv - ok
11:47:20.0887 11484 [ DDF15A42E27E8EFE27B18FD403151A86 ] MatSvc C:\Program Files\Microsoft Fix it Center\Matsvc.exe
11:47:20.0996 11484 MatSvc - ok
11:47:21.0183 11484 [ 7E6932EEDA54C8EAF7DC6C2225261B85 ] McAfee SiteAdvisor Service C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
11:47:21.0245 11484 McAfee SiteAdvisor Service - ok
11:47:21.0261 11484 [ 7E6932EEDA54C8EAF7DC6C2225261B85 ] McMPFSvc C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
11:47:21.0261 11484 McMPFSvc - ok
11:47:21.0277 11484 [ 7E6932EEDA54C8EAF7DC6C2225261B85 ] mcmscsvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
11:47:21.0277 11484 mcmscsvc - ok
11:47:21.0292 11484 [ 7E6932EEDA54C8EAF7DC6C2225261B85 ] McNaiAnn C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
11:47:21.0292 11484 McNaiAnn - ok
11:47:21.0308 11484 [ 7E6932EEDA54C8EAF7DC6C2225261B85 ] McNASvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
11:47:21.0308 11484 McNASvc - ok
11:47:21.0448 11484 [ B3CD9ADE1C2665124CA34125B331B0B4 ] McODS C:\Program Files\McAfee\VirusScan\mcods.exe
11:47:21.0604 11484 McODS - ok
11:47:21.0635 11484 [ 7E6932EEDA54C8EAF7DC6C2225261B85 ] McProxy C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
11:47:21.0635 11484 McProxy - ok
11:47:21.0713 11484 [ 593FA4C378818ECE76BA64A11AD56CF2 ] McShield C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
11:47:21.0823 11484 McShield - ok
11:47:21.0869 11484 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
11:47:21.0869 11484 Mcx2Svc - ok
11:47:21.0901 11484 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys
11:47:21.0901 11484 megasas - ok
11:47:21.0947 11484 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys
11:47:21.0963 11484 MegaSR - ok
11:47:21.0994 11484 [ 43C31BDF404A6D7A7AC1BFD5EAD2A566 ] mfeapfk C:\Windows\system32\drivers\mfeapfk.sys
11:47:22.0103 11484 mfeapfk - ok
11:47:22.0181 11484 [ C1DC5F42D3367F33B6451BE78B38BD46 ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
11:47:22.0244 11484 mfeavfk - ok
11:47:22.0275 11484 mfeavfk01 - ok
11:47:22.0306 11484 [ 0435C43F4C2BE01B84868AD2A906397B ] mfebopk C:\Windows\system32\drivers\mfebopk.sys
11:47:22.0415 11484 mfebopk - ok
11:47:22.0431 11484 [ 7E1F8B1BDC8240F08BD358B3A466C005 ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
11:47:22.0556 11484 mfefire - ok
11:47:22.0618 11484 [ 4EA6FF90015424517843E931448E00F1 ] mfefirek C:\Windows\system32\drivers\mfefirek.sys
11:47:22.0712 11484 mfefirek - ok
11:47:22.0759 11484 [ D1E998748BA24A731106611D535C6BBF ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
11:47:22.0946 11484 mfehidk - ok
11:47:23.0039 11484 [ AC04A618AEF3DE0FCE91C766F9E069DA ] mfenlfk C:\Windows\system32\DRIVERS\mfenlfk.sys
11:47:23.0211 11484 mfenlfk - ok
11:47:23.0242 11484 [ F454A13377F0A006D20A8C14A753C432 ] mferkdet C:\Windows\system32\drivers\mferkdet.sys
11:47:23.0507 11484 mferkdet - ok
11:47:23.0570 11484 [ B10C4EFD40810C08F4B44DF2EFCB54F7 ] mfevtp C:\Windows\system32\mfevtps.exe
11:47:23.0710 11484 mfevtp - ok
11:47:23.0757 11484 [ F284337AEDB7483DF8A5FA840647E2B0 ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys
11:47:23.0866 11484 mfewfpk - ok
11:47:23.0897 11484 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
11:47:23.0913 11484 MMCSS - ok
11:47:23.0929 11484 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
11:47:23.0944 11484 Modem - ok
11:47:23.0991 11484 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
11:47:23.0991 11484 monitor - ok
11:47:24.0007 11484 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
11:47:24.0007 11484 mouclass - ok
11:47:24.0022 11484 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
11:47:24.0038 11484 mouhid - ok
11:47:24.0053 11484 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
11:47:24.0069 11484 MountMgr - ok
11:47:24.0100 11484 [ E8D79312373F254DC13F3965BDB3D521 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
11:47:24.0209 11484 MozillaMaintenance - ok
11:47:24.0241 11484 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys
11:47:24.0256 11484 mpio - ok
11:47:24.0272 11484 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
11:47:24.0287 11484 mpsdrv - ok
11:47:24.0287 11484 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
11:47:24.0303 11484 Mraid35x - ok
11:47:24.0334 11484 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
11:47:24.0350 11484 MRxDAV - ok
11:47:24.0381 11484 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
11:47:24.0709 11484 mrxsmb - ok
11:47:24.0755 11484 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:47:24.0989 11484 mrxsmb10 - ok
11:47:25.0021 11484 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:47:25.0208 11484 mrxsmb20 - ok
11:47:25.0301 11484 [ F70590424EEFBF5C27A40C67AFDB8383 ] msahci C:\Windows\system32\drivers\msahci.sys
11:47:25.0520 11484 msahci - ok
11:47:25.0645 11484 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys
11:47:25.0660 11484 msdsm - ok
11:47:25.0707 11484 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
11:47:25.0723 11484 MSDTC - ok
11:47:26.0191 11484 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
11:47:26.0206 11484 Msfs - ok
11:47:26.0269 11484 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
11:47:26.0284 11484 msisadrv - ok
11:47:26.0315 11484 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
11:47:26.0331 11484 MSiSCSI - ok
11:47:26.0331 11484 msiserver - ok
11:47:26.0393 11484 [ 7E6932EEDA54C8EAF7DC6C2225261B85 ] MSK80Service C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
11:47:26.0393 11484 MSK80Service - ok
11:47:26.0425 11484 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
11:47:26.0440 11484 MSKSSRV - ok
11:47:26.0440 11484 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
11:47:26.0456 11484 MSPCLOCK - ok
11:47:26.0456 11484 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
11:47:26.0471 11484 MSPQM - ok
11:47:26.0518 11484 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
11:47:26.0518 11484 MsRPC - ok
11:47:26.0565 11484 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
11:47:26.0565 11484 mssmbios - ok
11:47:26.0565 11484 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
11:47:26.0581 11484 MSTEE - ok
11:47:26.0596 11484 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
11:47:26.0612 11484 Mup - ok
11:47:26.0643 11484 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
11:47:26.0659 11484 napagent - ok
11:47:26.0690 11484 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
11:47:26.0690 11484 NativeWifiP - ok
11:47:26.0846 11484 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
11:47:26.0861 11484 NDIS - ok
11:47:26.0893 11484 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
11:47:26.0893 11484 NdisTapi - ok
11:47:26.0908 11484 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
11:47:26.0924 11484 Ndisuio - ok
11:47:26.0939 11484 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
11:47:26.0955 11484 NdisWan - ok
11:47:26.0955 11484 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
11:47:26.0971 11484 NDProxy - ok
11:47:27.0017 11484 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
11:47:27.0017 11484 NetBIOS - ok
11:47:27.0064 11484 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
11:47:27.0080 11484 netbt - ok
11:47:27.0142 11484 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
11:47:27.0158 11484 Netlogon - ok
11:47:27.0189 11484 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
11:47:27.0205 11484 Netman - ok
11:47:27.0220 11484 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
11:47:27.0236 11484 netprofm - ok
11:47:27.0267 11484 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:47:27.0267 11484 NetTcpPortSharing - ok
11:47:27.0314 11484 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
11:47:27.0314 11484 nfrd960 - ok
11:47:27.0345 11484 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
11:47:27.0345 11484 NlaSvc - ok
11:47:27.0439 11484 [ CD569FA91EC6F59D045C19D0D3850F44 ] nmservice C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
11:47:27.0595 11484 nmservice - ok
11:47:27.0641 11484 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
11:47:27.0641 11484 Npfs - ok
11:47:27.0657 11484 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
11:47:27.0673 11484 nsi - ok
11:47:27.0704 11484 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
11:47:27.0704 11484 nsiproxy - ok
11:47:27.0766 11484 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
11:47:27.0797 11484 Ntfs - ok
11:47:27.0891 11484 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
11:47:27.0907 11484 ntrigdigi - ok
11:47:27.0953 11484 [ CF7E041663119E09D2E118521ADA9300 ] NuidFltr C:\Windows\system32\DRIVERS\NuidFltr.sys
11:47:28.0047 11484 NuidFltr - ok
11:47:28.0078 11484 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
11:47:28.0078 11484 Null - ok
11:47:28.0125 11484 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys
11:47:28.0125 11484 nvraid - ok
11:47:28.0156 11484 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys
11:47:28.0156 11484 nvstor - ok
11:47:28.0187 11484 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
11:47:28.0203 11484 nv_agp - ok
11:47:28.0203 11484 NwlnkFlt - ok
11:47:28.0219 11484 NwlnkFwd - ok
11:47:28.0250 11484 [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
11:47:28.0250 11484 ohci1394 - ok
11:47:28.0297 11484 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
11:47:28.0328 11484 p2pimsvc - ok
11:47:28.0343 11484 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
11:47:28.0343 11484 p2psvc - ok
11:47:28.0375 11484 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
11:47:28.0390 11484 Parport - ok
11:47:28.0421 11484 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
11:47:28.0640 11484 partmgr - ok
11:47:28.0671 11484 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
11:47:28.0687 11484 Parvdm - ok
11:47:28.0718 11484 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
11:47:28.0733 11484 PcaSvc - ok
11:47:28.0749 11484 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
11:47:28.0765 11484 pci - ok
11:47:28.0796 11484 [ FC175F5DDAB666D7F4D17449A547626F ] pciide C:\Windows\system32\drivers\pciide.sys
11:47:28.0796 11484 pciide - ok
11:47:28.0843 11484 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
11:47:28.0858 11484 pcmcia - ok
11:47:28.0936 11484 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
11:47:29.0061 11484 PEAUTH - ok
11:47:29.0139 11484 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
11:47:29.0201 11484 pla - ok
11:47:29.0233 11484 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
11:47:29.0248 11484 PlugPlay - ok
11:47:29.0279 11484 [ 3DE33BCE4A930EDF57BD1F742823BCD8 ] pnarp C:\Windows\system32\DRIVERS\pnarp.sys
11:47:29.0342 11484 pnarp - ok
11:47:29.0373 11484 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
11:47:29.0389 11484 PNRPAutoReg - ok
11:47:29.0389 11484 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
11:47:29.0404 11484 PNRPsvc - ok
11:47:29.0435 11484 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
11:47:29.0435 11484 PolicyAgent - ok
11:47:29.0482 11484 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
11:47:29.0482 11484 PptpMiniport - ok
11:47:29.0513 11484 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys
11:47:29.0513 11484 Processor - ok
11:47:29.0545 11484 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
11:47:29.0560 11484 ProfSvc - ok
11:47:29.0576 11484 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
11:47:29.0591 11484 ProtectedStorage - ok
11:47:29.0607 11484 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
11:47:29.0623 11484 PSched - ok
11:47:29.0654 11484 [ D24DFD16A1E2A76034DF5AA18125C35D ] PSI C:\Windows\system32\DRIVERS\psi_mf.sys
11:47:29.0841 11484 PSI - ok
11:47:29.0903 11484 [ BC37A428BD4B3B8F0AD2FD2DF0822851 ] PTDUBus C:\Windows\system32\DRIVERS\PTDUBus.sys
11:47:30.0106 11484 PTDUBus - ok
11:47:30.0215 11484 [ 0BC211B0320F17851E8C24ACE775EA44 ] PTDUMdm C:\Windows\system32\DRIVERS\PTDUMdm.sys
11:47:30.0403 11484 PTDUMdm - ok
11:47:30.0449 11484 [ 3EA007FFC7A6B9C9F56324FB16584904 ] PTDUVsp C:\Windows\system32\DRIVERS\PTDUVsp.sys
11:47:30.0621 11484 PTDUVsp - ok
11:47:30.0730 11484 [ A49E0D84D6744746F3053980F73F897A ] PTDUWWAN C:\Windows\system32\DRIVERS\PTDUWWAN.sys
11:47:30.0902 11484 PTDUWWAN - ok
11:47:31.0042 11484 [ 53EFA6066E7FFAA1AD91C7FB40FFD2EC ] purendis C:\Windows\system32\DRIVERS\purendis.sys
11:47:31.0151 11484 purendis - ok
11:47:31.0198 11484 [ 03E0FE281823BA64B3782F5B38950E73 ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
11:47:31.0401 11484 PxHelp20 - ok
11:47:31.0557 11484 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
11:47:31.0588 11484 ql2300 - ok
11:47:31.0619 11484 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
11:47:31.0635 11484 ql40xx - ok
11:47:31.0682 11484 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
11:47:31.0697 11484 QWAVE - ok
11:47:31.0729 11484 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
11:47:31.0729 11484 QWAVEdrv - ok
11:47:31.0838 11484 [ E642B131FB74CAF4BB8A014F31113142 ] R300 C:\Windows\system32\DRIVERS\atikmdag.sys
11:47:31.0885 11484 R300 - ok
11:47:31.0900 11484 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
11:47:31.0900 11484 RasAcd - ok
11:47:31.0931 11484 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
11:47:31.0947 11484 RasAuto - ok
11:47:31.0963 11484 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
11:47:31.0978 11484 Rasl2tp - ok
11:47:31.0994 11484 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
11:47:32.0009 11484 RasMan - ok
11:47:32.0025 11484 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
11:47:32.0041 11484 RasPppoe - ok
11:47:32.0041 11484 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
11:47:32.0056 11484 RasSstp - ok
11:47:32.0072 11484 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
11:47:32.0087 11484 rdbss - ok
11:47:32.0134 11484 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
11:47:32.0134 11484 RDPCDD - ok
11:47:32.0165 11484 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
11:47:32.0181 11484 rdpdr - ok
11:47:32.0197 11484 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
11:47:32.0197 11484 RDPENCDD - ok
11:47:32.0259 11484 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
11:47:32.0571 11484 RDPWD - ok
11:47:32.0633 11484 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
11:47:32.0633 11484 RemoteAccess - ok
11:47:32.0696 11484 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
11:47:32.0711 11484 RemoteRegistry - ok
11:47:32.0727 11484 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
11:47:32.0743 11484 RpcLocator - ok
11:47:32.0789 11484 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
11:47:32.0789 11484 RpcSs - ok
11:47:32.0836 11484 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
11:47:32.0836 11484 rspndr - ok
11:47:32.0867 11484 [ D97D8259293B7A82CB891F37F997DF3F ] RTSTOR C:\Windows\system32\drivers\RTSTOR.SYS
11:47:33.0008 11484 RTSTOR - ok
11:47:33.0023 11484 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
11:47:33.0023 11484 SamSs - ok
11:47:33.0039 11484 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
11:47:33.0055 11484 sbp2port - ok
11:47:33.0086 11484 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
11:47:33.0086 11484 SCardSvr - ok
11:47:33.0148 11484 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
11:47:33.0211 11484 Schedule - ok
11:47:33.0226 11484 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
11:47:33.0226 11484 SCPolicySvc - ok
11:47:33.0257 11484 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
11:47:33.0257 11484 SDRSVC - ok
11:47:33.0289 11484 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
11:47:33.0289 11484 secdrv - ok
11:47:33.0304 11484 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
11:47:33.0320 11484 seclogon - ok
11:47:33.0398 11484 [ 2D0599DD0124764FC939C59985C860DE ] Secunia PSI Agent C:\Program Files\Secunia\PSI\PSIA.exe
11:47:33.0538 11484 Secunia PSI Agent - ok
11:47:33.0632 11484 [ 20B9E1ADBC58958B480933E4DA005DFB ] Secunia Update Agent C:\Program Files\Secunia\PSI\sua.exe
11:47:33.0772 11484 Secunia Update Agent - ok
11:47:33.0819 11484 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll
11:47:33.0819 11484 SENS - ok
11:47:33.0835 11484 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
11:47:33.0850 11484 Serenum - ok
11:47:33.0866 11484 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
11:47:33.0881 11484 Serial - ok
11:47:33.0881 11484 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
11:47:33.0881 11484 sermouse - ok
11:47:33.0913 11484 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
11:47:33.0928 11484 SessionEnv - ok
11:47:33.0928 11484 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
11:47:33.0944 11484 sffdisk - ok
11:47:33.0959 11484 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
11:47:33.0959 11484 sffp_mmc - ok
11:47:33.0975 11484 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
11:47:33.0975 11484 sffp_sd - ok
11:47:33.0991 11484 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
11:47:33.0991 11484 sfloppy - ok
11:47:34.0069 11484 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:47:34.0147 11484 ShellHWDetection - ok
11:47:34.0162 11484 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys
11:47:34.0162 11484 sisagp - ok
11:47:34.0193 11484 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
11:47:34.0209 11484 SiSRaid2 - ok
11:47:34.0240 11484 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
11:47:34.0240 11484 SiSRaid4 - ok
11:47:34.0381 11484 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
11:47:34.0490 11484 slsvc - ok
11:47:34.0552 11484 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
11:47:34.0568 11484 SLUINotify - ok
11:47:34.0599 11484 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
11:47:34.0599 11484 Smb - ok
11:47:34.0646 11484 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
11:47:34.0646 11484 SNMPTRAP - ok
11:47:34.0771 11484 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
11:47:34.0786 11484 spldr - ok
11:47:34.0817 11484 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
11:47:34.0911 11484 Spooler - ok
11:47:34.0958 11484 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
11:47:35.0207 11484 srv - ok
11:47:35.0254 11484 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
11:47:35.0379 11484 srv2 - ok
11:47:35.0457 11484 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
11:47:35.0582 11484 srvnet - ok
11:47:35.0660 11484 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
11:47:35.0675 11484 SSDPSRV - ok
11:47:35.0691 11484 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
11:47:35.0707 11484 SstpSvc - ok
11:47:35.0816 11484 [ BF8B7E3C4AF6E29025519A70469061A6 ] STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_0145da1d\STacSV.exe
11:47:35.0941 11484 STacSV - ok
11:47:36.0112 11484 [ 02B3EF45094F090E397EEA46CBED7B9E ] STHDA C:\Windows\system32\DRIVERS\stwrt.sys
11:47:36.0299 11484 STHDA - ok
11:47:36.0362 11484 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
11:47:36.0377 11484 stisvc - ok
11:47:36.0409 11484 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
11:47:36.0424 11484 swenum - ok
11:47:36.0533 11484 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
11:47:36.0674 11484 SwitchBoard - ok
11:47:36.0767 11484 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
11:47:36.0783 11484 swprv - ok
11:47:36.0814 11484 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
11:47:36.0830 11484 Symc8xx - ok
11:47:36.0845 11484 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
11:47:36.0845 11484 Sym_hi - ok
11:47:36.0861 11484 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
11:47:36.0861 11484 Sym_u3 - ok
11:47:36.0908 11484 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
11:47:36.0923 11484 SysMain - ok
11:47:36.0970 11484 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:47:36.0986 11484 TabletInputService - ok
11:47:37.0001 11484 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
11:47:37.0017 11484 TapiSrv - ok
11:47:37.0048 11484 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
11:47:37.0064 11484 TBS - ok
11:47:37.0142 11484 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
11:47:37.0235 11484 Tcpip - ok
11:47:37.0267 11484 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
11:47:37.0267 11484 Tcpip6 - ok
11:47:37.0376 11484 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
11:47:37.0376 11484 tcpipreg - ok
11:47:37.0516 11484 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
11:47:37.0516 11484 TDPIPE - ok
11:47:37.0532 11484 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
11:47:37.0532 11484 TDTCP - ok
11:47:37.0610 11484 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
11:47:37.0610 11484 tdx - ok
11:47:37.0625 11484 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
11:47:37.0641 11484 TermDD - ok
11:47:37.0657 11484 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
11:47:37.0688 11484 TermService - ok
11:47:37.0703 11484 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
11:47:37.0703 11484 Themes - ok
11:47:37.0719 11484 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
11:47:37.0719 11484 THREADORDER - ok
11:47:37.0766 11484 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
11:47:37.0766 11484 TrkWks - ok
11:47:37.0828 11484 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:47:37.0828 11484 TrustedInstaller - ok
11:47:37.0859 11484 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
11:47:37.0875 11484 tssecsrv - ok
11:47:37.0906 11484 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
11:47:37.0906 11484 tunmp - ok
11:47:37.0922 11484 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
11:47:37.0937 11484 tunnel - ok
11:47:37.0937 11484 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys
11:47:37.0953 11484 uagp35 - ok
11:47:37.0984 11484 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
11:47:38.0000 11484 udfs - ok
11:47:38.0062 11484 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
11:47:38.0078 11484 UI0Detect - ok
11:47:38.0109 11484 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
11:47:38.0109 11484 uliagpkx - ok
11:47:38.0140 11484 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys
11:47:38.0156 11484 uliahci - ok
11:47:38.0187 11484 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
11:47:38.0203 11484 UlSata - ok
11:47:38.0234 11484 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
11:47:38.0249 11484 ulsata2 - ok
11:47:38.0281 11484 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
11:47:38.0281 11484 umbus - ok
11:47:38.0312 11484 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
11:47:38.0327 11484 upnphost - ok
11:47:38.0359 11484 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
11:47:38.0374 11484 usbccgp - ok
11:47:38.0374 11484 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
11:47:38.0390 11484 usbcir - ok
11:47:38.0468 11484 [ 3D045EAA73414BE8F877F292A84ABBA2 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
11:47:38.0686 11484 usbehci - ok
11:47:38.0733 11484 [ 1AE77A4C4E4F526EF9759C31A123F2B0 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
11:47:38.0905 11484 usbhub - ok
11:47:39.0014 11484 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
11:47:39.0029 11484 usbohci - ok
11:47:39.0045 11484 [ B51E52ACF758BE00EF3A58EA452FE360 ] usbprint C:\Windows\system32\drivers\usbprint.sys
11:47:39.0061 11484 usbprint - ok
11:47:39.0076 11484 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:47:39.0092 11484 USBSTOR - ok
11:47:39.0123 11484 [ F69C1AAD04F28415F3FBE99FBE56030B ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
11:47:39.0248 11484 usbuhci - ok
11:47:39.0388 11484 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
11:47:39.0404 11484 UxSms - ok
11:47:39.0419 11484 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
11:47:39.0435 11484 vds - ok
11:47:39.0466 11484 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
11:47:39.0466 11484 vga - ok
11:47:39.0544 11484 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
11:47:39.0544 11484 VgaSave - ok
11:47:39.0716 11484 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys
11:47:39.0731 11484 viaagp - ok
11:47:39.0809 11484 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys
11:47:39.0809 11484 ViaC7 - ok
11:47:39.0841 11484 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys
11:47:39.0856 11484 viaide - ok
11:47:40.0371 11484 [ 00A204BE7084B214605DB4D433C9A7E2 ] Viewpoint Service C:\Program Files\Viewpoint\Common\ViewpointService.exe
11:47:40.0480 11484 Viewpoint Service - ok
11:47:40.0543 11484 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
11:47:40.0543 11484 volmgr - ok
11:47:40.0589 11484 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
11:47:40.0605 11484 volmgrx - ok
11:47:40.0621 11484 [ 147281C01FCB1DF9252DE2A10D5E7093 ] volsnap C:\Windows\system32\drivers\volsnap.sys
11:47:40.0636 11484 volsnap - ok
11:47:40.0667 11484 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
11:47:40.0683 11484 vsmraid - ok
11:47:40.0777 11484 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
11:47:40.0808 11484 VSS - ok
11:47:40.0886 11484 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
11:47:40.0901 11484 W32Time - ok
11:47:40.0933 11484 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
11:47:40.0933 11484 WacomPen - ok
11:47:40.0964 11484 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
11:47:40.0964 11484 Wanarp - ok
11:47:40.0979 11484 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
11:47:40.0979 11484 Wanarpv6 - ok
11:47:40.0995 11484 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
11:47:41.0011 11484 wcncsvc - ok
11:47:41.0073 11484 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:47:41.0089 11484 WcsPlugInService - ok
11:47:41.0104 11484 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys
11:47:41.0104 11484 Wd - ok
11:47:41.0167 11484 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
11:47:41.0182 11484 Wdf01000 - ok
11:47:41.0213 11484 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
11:47:41.0213 11484 WdiServiceHost - ok
11:47:41.0245 11484 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
11:47:41.0245 11484 WdiSystemHost - ok
11:47:41.0276 11484 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
11:47:41.0291 11484 WebClient - ok
11:47:41.0338 11484 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
11:47:41.0432 11484 Wecsvc - ok
11:47:41.0463 11484 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
11:47:41.0479 11484 wercplsupport - ok
11:47:41.0557 11484 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
11:47:41.0572 11484 WerSvc - ok
11:47:41.0588 11484 WinHttpAutoProxySvc - ok
11:47:41.0635 11484 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
11:47:41.0650 11484 Winmgmt - ok
11:47:41.0728 11484 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
11:47:41.0869 11484 WinRM - ok
11:47:41.0962 11484 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
11:47:41.0978 11484 Wlansvc - ok
11:47:42.0071 11484 [ 6067ACEF367E79914AF628FA1E9B5330 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
11:47:42.0196 11484 wlcrasvc - ok
11:47:42.0321 11484 [ FB01D4AE207B9EFDBABFC55DC95C7E31 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:47:42.0446 11484 wlidsvc - ok
11:47:42.0461 11484 wltrysvc - ok
11:47:42.0493 11484 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
11:47:42.0493 11484 WmiAcpi - ok
11:47:42.0524 11484 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
11:47:42.0539 11484 wmiApSrv - ok
11:47:42.0664 11484 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
11:47:42.0680 11484 WMPNetworkSvc - ok
11:47:42.0695 11484 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
11:47:42.0711 11484 WPCSvc - ok
11:47:42.0727 11484 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
11:47:42.0742 11484 WPDBusEnum - ok
11:47:42.0773 11484 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
11:47:42.0773 11484 WpdUsb - ok
11:47:42.0883 11484 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
11:47:43.0039 11484 WPFFontCache_v0400 - ok
11:47:43.0085 11484 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
11:47:43.0101 11484 ws2ifsl - ok
11:47:43.0117 11484 WSearch - ok
11:47:43.0148 11484 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
11:47:43.0163 11484 WUDFRd - ok
11:47:43.0195 11484 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll
11:47:43.0210 11484 wudfsvc - ok
11:47:43.0257 11484 yksvc - ok
11:47:43.0304 11484 [ 1A51DF1A5C658D534ED980D18F7982DE ] yukonwlh C:\Windows\system32\DRIVERS\yk60x86.sys
11:47:43.0429 11484 yukonwlh - ok
11:47:43.0444 11484 ================ Scan global ===============================
11:47:43.0491 11484 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
11:47:43.0553 11484 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
11:47:43.0631 11484 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
11:47:43.0694 11484 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
11:47:43.0694 11484 [Global] - ok
11:47:43.0694 11484 ================ Scan MBR ==================================
11:47:43.0709 11484 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
11:47:44.0458 11484 \Device\Harddisk0\DR0 - ok
11:47:44.0458 11484 ================ Scan VBR ==================================
11:47:44.0505 11484 [ DBCA870CE063CD1D8E4955BDD6EB1AB8 ] \Device\Harddisk0\DR0\Partition1
11:47:44.0505 11484 \Device\Harddisk0\DR0\Partition1 - ok
11:47:44.0552 11484 [ 70F973CCEF0E8BE54E7C446CD68EEE84 ] \Device\Harddisk0\DR0\Partition2
11:47:44.0552 11484 \Device\Harddisk0\DR0\Partition2 - ok
11:47:44.0552 11484 ============================================================
11:47:44.0552 11484 Scan finished
11:47:44.0552 11484 ============================================================
11:47:44.0567 13788 Detected object count: 0
11:47:44.0567 13788 Actual detected object count: 0

#4 senare

senare
  • Topic Starter

  • Members
  • 71 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:13 PM

Posted 07 September 2012 - 12:44 PM

aswNBR log

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-09-07 11:50:27
-----------------------------
11:50:27.057 OS Version: Windows 6.0.6002 Service Pack 2
11:50:27.088 Number of processors: 2 586 0x170A
11:50:27.088 ComputerName: SENARE-PC UserName: Sena Re
11:51:20.191 Initialze error 0 - driver not loaded
11:55:01.945 AVAST engine defs: 12090700
11:55:24.970 The log file has been saved successfully to "C:\Users\Sena Re\Desktop\aswMBR.txt"


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-09-07 11:56:04
-----------------------------
11:56:04.688 OS Version: Windows 6.0.6002 Service Pack 2
11:56:04.688 Number of processors: 2 586 0x170A
11:56:04.688 ComputerName: SENARE-PC UserName: Sena Re
11:56:05.780 Initialize success
11:56:17.355 AVAST engine defs: 12090700
11:56:29.913 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
11:56:29.913 Disk 0 Vendor: TOSHIBA_ FG01 Size: 152627MB BusType: 3
11:56:29.944 Disk 0 MBR read successfully
11:56:29.944 Disk 0 MBR scan
11:56:29.975 Disk 0 Windows VISTA default MBR code
11:56:29.975 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 70 MB offset 63
11:56:30.007 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 15360 MB offset 145408
11:56:30.038 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 137195 MB offset 31602688
11:56:30.069 Disk 0 scanning sectors +312578048
11:56:30.147 Disk 0 scanning C:\Windows\system32\drivers
11:56:41.207 File: C:\Windows\system32\drivers\netbt.zys **INFECTED** Win32:Sirefef-AKS [Drp]
11:56:49.054 Disk 0 trace - called modules:
11:56:49.085 ntkrnlpa.exe CLASSPNP.SYS disk.sys iastor.sys hal.dll
11:56:49.101 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86cef0f8]
11:56:49.101 3 CLASSPNP.SYS[883a58b3] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x84d9f028]
11:56:50.224 AVAST engine scan C:\Windows
11:56:54.187 AVAST engine scan C:\Windows\system32
12:03:42.907 AVAST engine scan C:\Windows\system32\drivers
12:04:01.424 File: C:\Windows\system32\drivers\netbt.zys **INFECTED** Win32:Sirefef-AKS [Drp]
12:04:18.100 AVAST engine scan C:\Users\Sena Re
12:32:34.210 AVAST engine scan C:\ProgramData
12:42:05.623 Scan finished successfully
12:42:39.771 Disk 0 MBR has been saved successfully to "C:\Users\Sena Re\Desktop\MBR.dat"
12:42:39.865 The log file has been saved successfully to "C:\Users\Sena Re\Desktop\aswMBR.txt"

#5 senare

senare
  • Topic Starter

  • Members
  • 71 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:13 PM

Posted 07 September 2012 - 03:07 PM

eset log

C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll Win32/Adware.Yontoo.B application cleaned by deleting - quarantined
Operating memory multiple threats

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:13 PM

Posted 07 September 2012 - 04:01 PM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.



Download

adware cleaner

Launch it click on Delete

post the generated log

download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here

#7 senare

senare
  • Topic Starter

  • Members
  • 71 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:13 PM

Posted 07 September 2012 - 09:11 PM

MiniToolBox by Farbar Version: 23-07-2012
Ran by Sena Re (administrator) on 07-09-2012 at 20:56:55
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



::1 localhost
127.0.0.1 localhost
127.0.0.1 activate.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com

========================= IP Configuration: ================================

Dell Wireless 1397 WLAN Mini-Card = Wireless Network Connection (Connected)
Marvell Yukon 88E8040 PCI-E Fast Ethernet Controller = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : SenaRe-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : tu.ok.cox.net

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : tu.ok.cox.net
Description . . . . . . . . . . . : Dell Wireless 1397 WLAN Mini-Card
Physical Address. . . . . . . . . : 00-22-5F-CC-28-6E
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::2dfb:526e:bef0:bd3a%12(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.101(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Friday, September 07, 2012 8:24:16 PM
Lease Expires . . . . . . . . . . : Saturday, September 08, 2012 8:24:15 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 285221471
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-41-51-96-00-25-64-43-53-FB
DNS Servers . . . . . . . . . . . : 68.105.28.11
68.105.29.11
68.105.28.12
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Marvell Yukon 88E8040 PCI-E Fast Ethernet Controller
Physical Address. . . . . . . . . : 00-25-64-43-53-FB
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 6:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{78DD2C6A-1AD9-4BC4-AB4B-52F156941FE1}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 7:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{2C0324BD-787F-4B17-ACE0-68A810F847B3}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.tu.ok.cox.net
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 13:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.tu.ok.cox.net
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: cdns1.cox.net
Address: 68.105.28.11

Name: google.com
Addresses: 2001:4860:4007:801::1007
74.125.224.195
74.125.224.196
74.125.224.197
74.125.224.198
74.125.224.199
74.125.224.200
74.125.224.201
74.125.224.206
74.125.224.192
74.125.224.193
74.125.224.194



Pinging google.com [74.125.224.161] with 32 bytes of data:

Reply from 74.125.224.161: bytes=32 time=108ms TTL=53

Reply from 74.125.224.161: bytes=32 time=55ms TTL=53



Ping statistics for 74.125.224.161:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 55ms, Maximum = 108ms, Average = 81ms

Server: cdns1.cox.net
Address: 68.105.28.11

Name: yahoo.com
Addresses: 98.139.183.24
72.30.38.140
98.138.253.109



Pinging yahoo.com [98.138.253.109] with 32 bytes of data:

Reply from 98.138.253.109: bytes=32 time=51ms TTL=53

Reply from 98.138.253.109: bytes=32 time=61ms TTL=53



Ping statistics for 98.138.253.109:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 51ms, Maximum = 61ms, Average = 56ms

Server: cdns1.cox.net
Address: 68.105.28.11

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:

Request timed out.

Request timed out.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
12 ...00 22 5f cc 28 6e ...... Dell Wireless 1397 WLAN Mini-Card
11 ...00 25 64 43 53 fb ...... Marvell Yukon 88E8040 PCI-E Fast Ethernet Controller
1 ........................... Software Loopback Interface 1
13 ...00 00 00 00 00 00 00 e0 isatap.{78DD2C6A-1AD9-4BC4-AB4B-52F156941FE1}
10 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
15 ...00 00 00 00 00 00 00 e0 isatap.{2C0324BD-787F-4B17-ACE0-68A810F847B3}
16 ...00 00 00 00 00 00 00 e0 isatap.tu.ok.cox.net
17 ...00 00 00 00 00 00 00 e0 isatap.tu.ok.cox.net
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.101 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.101 281
192.168.1.101 255.255.255.255 On-link 192.168.1.101 281
192.168.1.255 255.255.255.255 On-link 192.168.1.101 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.101 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.101 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
12 281 fe80::/64 On-link
12 281 fe80::2dfb:526e:bef0:bd3a/128
On-link
1 306 ff00::/8 On-link
12 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Catalog5 06 C:\Windows\System32\winrnr.dll [19968] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 mswsock.dll [File Not found] ()
Catalog9 02 mswsock.dll [File Not found] ()
Catalog9 03 mswsock.dll [File Not found] ()
Catalog9 04 mswsock.dll [File Not found] ()
Catalog9 05 mswsock.dll [File Not found] ()
Catalog9 06 mswsock.dll [File Not found] ()
Catalog9 07 mswsock.dll [File Not found] ()
Catalog9 08 mswsock.dll [File Not found] ()
Catalog9 09 mswsock.dll [File Not found] ()
Catalog9 10 mswsock.dll [File Not found] ()
Catalog9 11 mswsock.dll [File Not found] ()
Catalog9 12 mswsock.dll [File Not found] ()
Catalog9 13 mswsock.dll [File Not found] ()
Catalog9 14 mswsock.dll [File Not found] ()
Catalog9 15 mswsock.dll [File Not found] ()
Catalog9 16 mswsock.dll [File Not found] ()
Catalog9 17 mswsock.dll [File Not found] ()
Catalog9 18 mswsock.dll [File Not found] ()
Catalog9 19 mswsock.dll [File Not found] ()
Catalog9 20 mswsock.dll [File Not found] ()
Catalog9 21 mswsock.dll [File Not found] ()
Catalog9 22 mswsock.dll [File Not found] ()
Catalog9 23 mswsock.dll [File Not found] ()
Catalog9 24 mswsock.dll [File Not found] ()
Catalog9 25 mswsock.dll [File Not found] ()
Catalog9 26 mswsock.dll [File Not found] ()
Catalog9 27 mswsock.dll [File Not found] ()
Catalog9 28 mswsock.dll [File Not found] ()

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/07/2012 08:25:40 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/07/2012 05:47:01 PM) (Source: McLogEvent) (User: NT AUTHORITY)NT AUTHORITY
Description: A thread in process C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe took longer than 90000 ms to complete a request.

The process will be terminated.
Thread id : 15356 (0x3bfc)

Thread address : 0x77625CD4

Thread message :

Build VSCORE.14.4.0.387 / 5400.1158
Object being scanned = \Device\HarddiskVolume3\Users\Sena Re\Desktop\MiniToolBox.exe
by C:\Windows\system32\SearchProtocolHost.exe
4(0)(0)
4(0)(0)
7200(0)(0)
7595(0)(0)
7005(0)(0)
7004(0)(0)
5006(0)(0)
5004(0)(0)

Error: (09/07/2012 03:08:28 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15740

Error: (09/07/2012 03:08:28 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15740

Error: (09/07/2012 03:08:28 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/07/2012 02:13:39 PM) (Source: Perflib) (User: )
Description: PNRPsvcC:\Windows\system32\pnrpperf.dll4

Error: (09/07/2012 02:13:34 PM) (Source: Perflib) (User: )
Description: EmdCacheC:\Windows\system32\emdmgmt.dll4

Error: (09/06/2012 08:53:51 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 16380

Error: (09/06/2012 08:53:51 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 16380

Error: (09/06/2012 08:53:51 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (09/07/2012 08:25:40 PM) (Source: Service Control Manager) (User: )
Description: IPsec Policy AgentBFE

Error: (09/07/2012 08:25:40 PM) (Source: Service Control Manager) (User: )
Description: IKE and AuthIP IPsec Keying ModulesBFE

Error: (09/07/2012 08:25:40 PM) (Source: Service Control Manager) (User: )
Description: Computer Browser%%1060

Error: (09/07/2012 08:25:40 PM) (Source: Service Control Manager) (User: )
Description: PANTECH UM175 WWAN Driver%%1058

Error: (09/07/2012 08:25:40 PM) (Source: Service Control Manager) (User: )
Description: Intel® PRO/1000 NDIS 6 Adapter Driver%%1058

Error: (09/07/2012 08:25:40 PM) (Source: Service Control Manager) (User: )
Description: Intel® PRO/1000 PCI Express Network Connection Driver%%1058

Error: (09/07/2012 05:50:10 PM) (Source: DCOM) (User: )
Description: {C98F04D7-CD30-4BB0-B7D7-8DD7448520F2}

Error: (09/07/2012 05:49:41 PM) (Source: Service Control Manager) (User: )
Description: McAfee Scanner1

Error: (09/07/2012 05:49:34 PM) (Source: Service Control Manager) (User: )
Description: McAfee McShield150001Restart the service

Error: (09/07/2012 05:48:36 PM) (Source: DCOM) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}


Microsoft Office Sessions:
=========================
Error: (09/07/2012 08:25:40 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/07/2012 05:47:01 PM) (Source: McLogEvent)(User: NT AUTHORITY)NT AUTHORITY
Description: C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe9000015356 (0x3bfc)0x77625CD4
Build VSCORE.14.4.0.387 / 5400.1158
Object being scanned = \Device\HarddiskVolume3\Users\Sena Re\Desktop\MiniToolBox.exe
by C:\Windows\system32\SearchProtocolHost.exe
4(0)(0)
4(0)(0)
7200(0)(0)
7595(0)(0)
7005(0)(0)
7004(0)(0)
5006(0)(0)
5004(0)(0)

Error: (09/07/2012 03:08:28 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15740

Error: (09/07/2012 03:08:28 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15740

Error: (09/07/2012 03:08:28 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/07/2012 02:13:39 PM) (Source: Perflib)(User: )
Description: PNRPsvcC:\Windows\system32\pnrpperf.dll4

Error: (09/07/2012 02:13:34 PM) (Source: Perflib)(User: )
Description: EmdCacheC:\Windows\system32\emdmgmt.dll4

Error: (09/06/2012 08:53:51 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 16380

Error: (09/06/2012 08:53:51 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 16380

Error: (09/06/2012 08:53:51 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second


=========================== Installed Programs ============================

7-Zip 9.20
Adobe AIR (Version: 3.4.0.2540)
Adobe Community Help (Version: 3.4.980)
Adobe Digital Editions
Adobe Download Assistant (Version: 1.2)
Adobe Flash Player 11 ActiveX (Version: 11.4.402.265)
Adobe Flash Player 11 Plugin (Version: 11.4.402.265)
Adobe Photoshop CS5.1 (Version: 12.1)
Adobe Reader X (10.1.4) (Version: 10.1.4)
Advanced SystemCare 5 (Version: 5.0.0)
Apple Application Support (Version: 2.1.5)
Apple Software Update (Version: 2.1.3.127)
Bonjour (Version: 3.0.0.10)
Carbonite Online Backup Setup (Version: 3.8.0)
CCleaner (Version: 3.22)
Cisco EAP-FAST Module (Version: 2.1.6)
Cisco LEAP Module (Version: 1.0.12)
Cisco Network Magic (Version: 5.5.09195.0)
Cisco PEAP Module (Version: 1.0.13)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
D3DX10 (Version: 15.4.2368.0902)
DAZ Content Management Service (Version: 4.8.1.7)
DAZ Studio 4 (Version: 4.0.3.47)
Dell Dock (Version: 2.0.0)
Dell Driver Download Manager (Version: 2.1.0.0)
Dell Edoc Viewer (Version: 1.0.0)
Dell Support Center (Version: 3.2.6032.47)
Dell Touchpad (Version: 7.1007.115.102)
Dell Wireless WLAN Card Utility (Version: 5.10.38.30)
Download Updater (AOL LLC)
DS4 Default Content (Version: 4.0.0.19)
ESET Online Scanner v3
FileHippo.com Update Checker
FileZilla Client 3.5.3 (Version: 3.5.3)
FoxyTunes for Firefox
Google Chrome (Version: 21.0.1180.89)
GoToAssist 8.0.0.514
Intel® Rapid Storage Technology (Version: 10.5.0.1029)
Intel® TV Wizard
Intel® Matrix Storage Manager
Java 7 Update 7 (Version: 7.0.70)
Java Auto Updater (Version: 2.1.9.0)
Java™ 6 Update 33 (Version: 6.0.330)
JavaFX 2.1.1 (Version: 2.1.1)
Junk Mail filter update (Version: 15.4.3502.0922)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
McAfee SecurityCenter (Version: 11.0.678)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Default Manager (Version: 2.0.69.0)
Microsoft Fix it Center (Version: 1.0.0100)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft VC9 runtime libraries (Version: 1.0.0)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Works (Version: 9.7.0621)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (Version: 1.00.0000)
Mozilla Firefox 15.0 (x86 en-GB) (Version: 15.0)
Mozilla Maintenance Service (Version: 15.0)
Mozilla Thunderbird 14.0 (x86 en-GB) (Version: 14.0)
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP3 Parser (KB2721691) (Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)
Network Magic (Version: 5.5.9195.0)
Notepad++ (Version: 6.1.6)
Opera 12.02 (Version: 12.02.1578)
PANTECH UM175 Driver (Version: 3.1.20.1215)
PDF Settings CS5 (Version: 10.0)
PowerDVD DX (Version: 8.2.5024)
Pure Networks Platform (Version: 11.2.09195.1)
QuickSet32 (Version: 9.6.21)
QuickTime (Version: 7.72.80.56)
Realtek USB 2.0 Card Reader (Version: 6.0.6000.20125)
RockMelt (Version: 0.16.91.483)
Seagate Manager Installer (Version: 2.01.0700)
Secunia PSI (2.0.0.3003)
Segoe UI (Version: 15.4.2271.0615)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Victoria 4.2 Base (Version: ps_pe069_Victoria4)
Victoria 4.2 Base DAZ Studio Content (Version: ps_pe069_Victoria4DS)
Viewpoint Media Player
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3538.0513)
Windows Live Family Safety (Version: 15.4.3538.0513)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live OneCare safety scanner (Version: 1.0.0.0)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8050.1202)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Yontoo 1.10.02 (Version: 1.10.02)

========================= Memory info: ===================================

Percentage of memory in use: 59%
Total physical RAM: 2007.63 MB
Available physical RAM: 804.13 MB
Total Pagefile: 4964.9 MB
Available Pagefile: 3217.73 MB
Total Virtual: 2047.88 MB
Available Virtual: 1946.18 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:133.98 GB) (Free:79.01 GB) NTFS
2 Drive e: (RECOVERY) (Fixed) (Total:15 GB) (Free:9.89 GB) NTFS

========================= Users: ========================================

User accounts for \\SENARE-PC

Administrator Guest Sena Re


**** End of log ****

Farbar Service Scanner Version: 06-08-2012
Ran by Sena Re (administrator) on 07-09-2012 at 21:00:30
Running from "C:\Users\Sena Re\Desktop"
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.

bfe Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.

BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


Other Services:
==============
Checking Start type of SharedAccess: ATTENTION!=====> Unable to retrieve start type of SharedAccess. The value does not exist.
Checking ImagePath of SharedAccess: ATTENTION!=====> Unable to retrieve ImagePath of SharedAccess. The value does not exist.
Checking ServiceDll of SharedAccess: ATTENTION!=====> Unable to retrieve ServiceDll of SharedAccess. The value does not exist.


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll
[2008-01-20 21:24] - [2008-01-20 21:24] - 0288256 ____A (Microsoft Corporation) E1499BD0FF76B1B2FBBF1AF339D91165

C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****

# AdwCleaner v2.000 - Logfile created 09/07/2012 at 21:01:59
# Updated 30/08/2012 by Xplode
# Operating system : Windows Vista ™ Home Premium Service Pack 2 (32 bits)
# User : Sena Re - SENARE-PC
# Boot Mode : Normal
# Running from : C:\Users\Sena Re\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Deleted on reboot : C:\Program Files\Viewpoint
File Deleted : C:\Program Files\Mozilla Firefox\plugins\npdnu.dll
File Deleted : C:\Program Files\Mozilla Firefox\plugins\npdnu.xpt
File Deleted : C:\Program Files\Mozilla Firefox\plugins\npdnupdater2.dll
File Deleted : C:\Program Files\Mozilla Firefox\plugins\npdnupdater2.xpt
File Deleted : C:\user.js
File Deleted : C:\Users\Sena Re\AppData\Roaming\Mozilla\Firefox\Profiles\mm5lj5wh.default\searchplugins\funmoods.xml
Folder Deleted : C:\Program Files\Common Files\Software Update Utility
Folder Deleted : C:\Program Files\Yontoo
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\ProgramData\Viewpoint
Folder Deleted : C:\Users\Sena Re\AppData\LocalLow\Funmoods
Folder Deleted : C:\Users\Sena Re\AppData\LocalLow\Viewpoint
Folder Deleted : C:\Users\Sena Re\AppData\Roaming\Mozilla\Firefox\Profiles\mm5lj5wh.default\Conduit
Folder Deleted : C:\Users\Sena Re\AppData\Roaming\Mozilla\Firefox\Profiles\mm5lj5wh.default\ConduitCommon
Folder Deleted : C:\Users\Sena Re\AppData\Roaming\Mozilla\Firefox\Profiles\mm5lj5wh.default\ConduitEngine

***** [Registry] *****

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SoftwareUpdUtility
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\SweetIm
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\dnu.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdate
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Key Deleted : HKLM\Software\Iminent
Key Deleted : HKLM\Software\MetaStream
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\facemoods
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Key Deleted : HKLM\Software\SweetIm
Key Deleted : HKLM\Software\Tarma Installer
Key Deleted : HKLM\Software\Viewpoint

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Restored : [HKCU\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]

-\\ Mozilla Firefox v15.0 (en-GB)

Profile name : default
File : C:\Users\Sena Re\AppData\Roaming\Mozilla\Firefox\Profiles\mm5lj5wh.default\prefs.js

C:\Users\Sena Re\AppData\Roaming\Mozilla\Firefox\Profiles\mm5lj5wh.default\user.js ... Deleted !

Deleted : user_pref("CT2438727.DialogsAlignMode", "LTR");
Deleted : user_pref("CT2438727.FirstTimeFF3", true);
Deleted : user_pref("CT2438727.Initialize", true);
Deleted : user_pref("CT2438727.InitializeCommonPrefs", true);
Deleted : user_pref("CT2438727.InstalledDate", "Wed May 19 2010 21:36:46 GMT-0500 (Central Daylight Time)");
Deleted : user_pref("CT2438727.IsGrouping", false);
Deleted : user_pref("CT2438727.IsMulticommunity", false);
Deleted : user_pref("CT2438727.IsOpenThankYouPage", true);
Deleted : user_pref("CT2438727.IsOpenUninstallPage", true);
Deleted : user_pref("CT2438727.LanguagePackLastCheckTime", "Wed May 19 2010 21:36:46 GMT-0500 (Central Dayligh[...]
Deleted : user_pref("CT2438727.Locale", "en");
Deleted : user_pref("CT2438727.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT2438727.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT2438727.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT2438727.SHRINK_TOOLBAR", 1);
Deleted : user_pref("CT2438727.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...]
Deleted : user_pref("CT2438727.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT2438727.SettingsCheckIntervalMin", 120);
Deleted : user_pref("CT2438727.SettingsLastCheckTime", "Wed May 19 2010 21:36:45 GMT-0500 (Central Daylight Ti[...]
Deleted : user_pref("CT2438727.SettingsLastUpdate", "1272193463");
Deleted : user_pref("CT2438727.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT2438727.ThirdPartyComponentsLastCheck", "Wed May 19 2010 21:36:45 GMT-0500 (Central Day[...]
Deleted : user_pref("CT2438727.ThirdPartyComponentsLastUpdate", "1269281492");
Deleted : user_pref("CT2438727.ValidationData_Toolbar", 2);
Deleted : user_pref("CT2438727.alertChannelId", "832836");
Deleted : user_pref("CT2786678..clientLogIsEnabled", true);
Deleted : user_pref("CT2786678..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Deleted : user_pref("CT2786678..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Deleted : user_pref("CT2786678.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT2786678.CTID", "CT2786678");
Deleted : user_pref("CT2786678.CurrentServerDate", "27-6-2011");
Deleted : user_pref("CT2786678.DialogsAlignMode", "LTR");
Deleted : user_pref("CT2786678.DialogsGetterLastCheckTime", "Sun Jun 26 2011 18:00:17 GMT-0500 (Central Daylig[...]
Deleted : user_pref("CT2786678.DownloadReferralCookieData", "");
Deleted : user_pref("CT2786678.EMailNotifierPollDate", "Sun Jun 26 2011 18:00:16 GMT-0500 (Central Daylight Ti[...]
Deleted : user_pref("CT2786678.FeedLastCount5690698542593514850", 339);
Deleted : user_pref("CT2786678.FeedPollDate2429156812186649977", "Sun Jun 26 2011 18:00:18 GMT-0500 (Central D[...]
Deleted : user_pref("CT2786678.FeedPollDate2429156813040823546", "Sun Jun 26 2011 18:00:17 GMT-0500 (Central D[...]
Deleted : user_pref("CT2786678.FeedPollDate2429156813130095866", "Sun Jun 26 2011 18:00:17 GMT-0500 (Central D[...]
Deleted : user_pref("CT2786678.FeedPollDate2429156813224203613", "Sun Jun 26 2011 18:00:17 GMT-0500 (Central D[...]
Deleted : user_pref("CT2786678.FeedPollDate2429156813230837251", "Sun Jun 26 2011 18:00:18 GMT-0500 (Central D[...]
Deleted : user_pref("CT2786678.FeedPollDate2429156813454291735", "Sun Jun 26 2011 18:00:17 GMT-0500 (Central D[...]
Deleted : user_pref("CT2786678.FeedPollDate2429156813729834876", "Sun Jun 26 2011 18:00:17 GMT-0500 (Central D[...]
Deleted : user_pref("CT2786678.FeedPollDate2429156813860870021", "Sun Jun 26 2011 18:00:18 GMT-0500 (Central D[...]
Deleted : user_pref("CT2786678.FeedPollDate2429156814264681793", "Sun Jun 26 2011 18:00:18 GMT-0500 (Central D[...]
Deleted : user_pref("CT2786678.FeedPollDate2429156814863075366", "Sun Jun 26 2011 18:00:17 GMT-0500 (Central D[...]
Deleted : user_pref("CT2786678.FeedPollDate2429156815257761081", "Sun Jun 26 2011 18:00:17 GMT-0500 (Central D[...]
Deleted : user_pref("CT2786678.FeedTTL2429156813040823546", 15);
Deleted : user_pref("CT2786678.FeedTTL2429156813130095866", 10);
Deleted : user_pref("CT2786678.FeedTTL2429156813454291735", 5);
Deleted : user_pref("CT2786678.FeedTTL2429156814264681793", 5);
Deleted : user_pref("CT2786678.FirstServerDate", "15-6-2011");
Deleted : user_pref("CT2786678.FirstTime", true);
Deleted : user_pref("CT2786678.FirstTimeFF3", true);
Deleted : user_pref("CT2786678.FixPageNotFoundErrors", false);
Deleted : user_pref("CT2786678.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT2786678.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT2786678.HasUserGlobalKeys", true);
Deleted : user_pref("CT2786678.HomePageProtectorEnabled", false);
Deleted : user_pref("CT2786678.Initialize", true);
Deleted : user_pref("CT2786678.InitializeCommonPrefs", true);
Deleted : user_pref("CT2786678.InstallationAndCookieDataSentCount", 3);
Deleted : user_pref("CT2786678.InstallationType", "UnknownIntegration");
Deleted : user_pref("CT2786678.InstalledDate", "Wed Jun 15 2011 14:28:47 GMT-0500 (Central Daylight Time)");
Deleted : user_pref("CT2786678.IsGrouping", false);
Deleted : user_pref("CT2786678.IsMulticommunity", false);
Deleted : user_pref("CT2786678.IsOpenThankYouPage", true);
Deleted : user_pref("CT2786678.IsOpenUninstallPage", false);
Deleted : user_pref("CT2786678.LanguagePackLastCheckTime", "Sun Jun 26 2011 18:00:20 GMT-0500 (Central Dayligh[...]
Deleted : user_pref("CT2786678.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT2786678.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT2786678.LastLogin_3.3.3.2", "Wed Jun 15 2011 18:28:47 GMT-0500 (Central Daylight Time)"[...]
Deleted : user_pref("CT2786678.LastLogin_3.5.0.12", "Sun Jun 26 2011 18:00:18 GMT-0500 (Central Daylight Time)[...]
Deleted : user_pref("CT2786678.LatestVersion", "3.3.3.2");
Deleted : user_pref("CT2786678.Locale", "en");
Deleted : user_pref("CT2786678.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT2786678.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT2786678.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT2786678.MyStuffEnabledAtInstallation", true);
Deleted : user_pref("CT2786678.SearchEngineBeforeUnload", "Google");
Deleted : user_pref("CT2786678.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT2786678.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT278[...]
Deleted : user_pref("CT2786678.SearchInNewTabEnabled", true);
Deleted : user_pref("CT2786678.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT2786678.SearchInNewTabLastCheckTime", "Sun Jun 26 2011 18:00:18 GMT-0500 (Central Dayli[...]
Deleted : user_pref("CT2786678.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT2786678.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Deleted : user_pref("CT2786678.SearchProtectorEnabled", false);
Deleted : user_pref("CT2786678.SearchProtectorToolbarDisabled", false);
Deleted : user_pref("CT2786678.ServiceMapLastCheckTime", "Sun Jun 26 2011 18:00:15 GMT-0500 (Central Daylight [...]
Deleted : user_pref("CT2786678.SettingsLastCheckTime", "Sun Jun 26 2011 18:00:15 GMT-0500 (Central Daylight Ti[...]
Deleted : user_pref("CT2786678.SettingsLastUpdate", "1308223219");
Deleted : user_pref("CT2786678.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT2786678.ThirdPartyComponentsLastCheck", "Wed Jun 15 2011 14:28:40 GMT-0500 (Central Day[...]
Deleted : user_pref("CT2786678.ThirdPartyComponentsLastUpdate", "1246786978");
Deleted : user_pref("CT2786678.ToolbarShrinkedFromSetup", false);
Deleted : user_pref("CT2786678.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2786678");
Deleted : user_pref("CT2786678.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,OurTo[...]
Deleted : user_pref("CT2786678.Uninstall", true);
Deleted : user_pref("CT2786678.UserID", "UN69898737981651543");
Deleted : user_pref("CT2786678.ValidationData_Toolbar", 0);
Deleted : user_pref("CT2786678.WeatherNetwork", "");
Deleted : user_pref("CT2786678.WeatherPollDate", "Sun Jun 26 2011 18:00:18 GMT-0500 (Central Daylight Time)");
Deleted : user_pref("CT2786678.WeatherUnit", "F");
Deleted : user_pref("CT2786678.alertChannelId", "1178763");
Deleted : user_pref("CT2786678.backendstorage.url_history", "687474703A2F2F6261726469637765622E636F6D2F666F727[...]
Deleted : user_pref("CT2786678.backendstorage.url_history_time", "31333038313931333739323633");
Deleted : user_pref("CT2786678.generalConfigFromLogin", "{\"SocialDomains\":\"social.conduit.com;apps.conduit.[...]
Deleted : user_pref("CT2786678.globalFirstTimeInfoLastCheckTime", "Sun Jun 26 2011 18:00:18 GMT-0500 (Central [...]
Deleted : user_pref("CT2786678.homepageProtectorEnableByLogin", true);
Deleted : user_pref("CT2786678.initDone", true);
Deleted : user_pref("CT2786678.isAppTrackingManagerOn", true);
Deleted : user_pref("CT2786678.myStuffEnabled", true);
Deleted : user_pref("CT2786678.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT2786678.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT2786678.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT2786678.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT2786678.oldAppsList", "129295695672325902,129295695672325903,111,1000234,12929569801701[...]
Deleted : user_pref("CT2786678.searchProtectorDialogDelayInSec", 10);
Deleted : user_pref("CT2786678.searchProtectorEnableByLogin", true);
Deleted : user_pref("CT2786678.testingCtid", "");
Deleted : user_pref("CT2786678.toolbarAppMetaDataLastCheckTime", "Sun Jun 26 2011 18:00:17 GMT-0500 (Central D[...]
Deleted : user_pref("CT2786678.toolbarContextMenuLastCheckTime", "Wed Jun 15 2011 14:28:51 GMT-0500 (Central D[...]
Deleted : user_pref("CT2786678.usagesFlag", 2);
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alert.services.conduit.com/Alerts/AlertServices.asmx/GetHost[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1178763/1174448/US", "\"0\"[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/832836/828639/US", "\"0\"")[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/US", "\"0\"")[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2786678", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.3.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.5.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2786678",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=3/13/20[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2786678/CT2786678[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"634[...]
Deleted : user_pref("CommunityToolbar.EngineHiddenByUser", true);
Deleted : user_pref("CommunityToolbar.EngineOwner", "CT2786678");
Deleted : user_pref("CommunityToolbar.EngineOwnerGuid", "{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}");
Deleted : user_pref("CommunityToolbar.EngineOwnerToolbarId", "utorrentbar");
Deleted : user_pref("CommunityToolbar.IsEngineShown", false);
Deleted : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Deleted : user_pref("CommunityToolbar.OriginalEngineOwner", "CT2786678");
Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}");
Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "utorrentbar");
Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://click.w3i.com/?Programid=132&Elem[...]
Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT2438727,ConduitEngine,CT2786678");
Deleted : user_pref("CommunityToolbar.ToolbarsList2", "ConduitEngine,CT2786678");
Deleted : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Wed Jun 15 2011 14:28:41 GMT-05[...]
Deleted : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Deleted : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Sun Jun 19 2011 14:11:48 GMT-0500 (Centr[...]
Deleted : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.alert.locale", "en");
Deleted : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Deleted : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Wed Jun 22 2011 19:09:47 GMT-0500 (Central D[...]
Deleted : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559");
Deleted : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.alert.userId", "{1f833b67-41d9-459b-b27e-9f39f1fc9141}");
Deleted : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Sun Jun 26 2011 18:00:21 GMT-0500 (Cen[...]
Deleted : user_pref("CommunityToolbar.globalUserId", "fa7f9b35-0523-4adf-bbd2-27e57ee2d121");
Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.killedEngine", true);
Deleted : user_pref("ConduitEngine.AppTrackingLastCheckTime", "Wed Jun 15 2011 17:28:40 GMT-0500 (Central Dayl[...]
Deleted : user_pref("ConduitEngine.CTID", "ConduitEngine");
Deleted : user_pref("ConduitEngine.DialogsGetterLastCheckTime", "Wed Jun 15 2011 14:28:43 GMT-0500 (Central Da[...]
Deleted : user_pref("ConduitEngine.FirstServerDate", "06/15/2011 22");
Deleted : user_pref("ConduitEngine.FirstTime", true);
Deleted : user_pref("ConduitEngine.FirstTimeFF3", true);
Deleted : user_pref("ConduitEngine.FixPageNotFoundErrors", false);
Deleted : user_pref("ConduitEngine.HasUserGlobalKeys", true);
Deleted : user_pref("ConduitEngine.HideEngineAfterRestart", true);
Deleted : user_pref("ConduitEngine.Initialize", true);
Deleted : user_pref("ConduitEngine.InitializeCommonPrefs", true);
Deleted : user_pref("ConduitEngine.InstallationType", "UnknownIntegration");
Deleted : user_pref("ConduitEngine.InstalledDate", "Wed Jun 15 2011 14:28:40 GMT-0500 (Central Daylight Time)"[...]
Deleted : user_pref("ConduitEngine.IsMulticommunity", false);
Deleted : user_pref("ConduitEngine.IsOpenThankYouPage", false);
Deleted : user_pref("ConduitEngine.IsOpenUninstallPage", false);
Deleted : user_pref("ConduitEngine.LanguagePackLastCheckTime", "Wed Jun 15 2011 14:28:46 GMT-0500 (Central Day[...]
Deleted : user_pref("ConduitEngine.LastLogin_3.3.3.2", "Wed Jun 15 2011 17:28:41 GMT-0500 (Central Daylight Ti[...]
Deleted : user_pref("ConduitEngine.PublisherContainerWidth", 0);
Deleted : user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
Deleted : user_pref("ConduitEngine.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=C[...]
Deleted : user_pref("ConduitEngine.SettingsLastCheckTime", "Wed Jun 15 2011 17:28:40 GMT-0500 (Central Dayligh[...]
Deleted : user_pref("ConduitEngine.UserID", "UN64768192551406619");
Deleted : user_pref("ConduitEngine.engineLocale", "en-US");
Deleted : user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Wed Jun 15 2011 14:28:43 GMT-0500 (Centr[...]
Deleted : user_pref("ConduitEngine.globalFirstTimeInfoLastCheckTime", "Wed Jun 15 2011 18:28:46 GMT-0500 (Cent[...]
Deleted : user_pref("ConduitEngine.initDone", true);
Deleted : user_pref("ConduitEngine.isAppTrackingManagerOn", true);
Deleted : user_pref("aol_toolbar.surf.date", "2");
Deleted : user_pref("aol_toolbar.surf.lastDate", "3");
Deleted : user_pref("aol_toolbar.surf.lastMonth", "0");
Deleted : user_pref("aol_toolbar.surf.lastYear", "2010");
Deleted : user_pref("aol_toolbar.surf.month", "2");
Deleted : user_pref("aol_toolbar.surf.prevMonth", "2");
Deleted : user_pref("aol_toolbar.surf.total", "4");
Deleted : user_pref("aol_toolbar.surf.week", "2");
Deleted : user_pref("aol_toolbar.surf.year", "2");
Deleted : user_pref("browser.search.defaulturl", "hxxp://aim.search.aol.com/search/search?query={searchTerms}&[...]
Deleted : user_pref("extensions.engine@conduit.com.install-event-fired", true);
Deleted : user_pref("extensions.ffxtlbr@funmoods.com.install-event-fired", true);
Deleted : user_pref("extensions.funmoods.SimilarSitesStorage-pid2", "c010bf59870bef71");
Deleted : user_pref("extensions.funmoods.admin", false);
Deleted : user_pref("extensions.funmoods.aflt", "nvnew");
Deleted : user_pref("extensions.funmoods.cntry", "US");
Deleted : user_pref("extensions.funmoods.dfltLng", "");
Deleted : user_pref("extensions.funmoods.dfltSrch", true);
Deleted : user_pref("extensions.funmoods.excTlbr", false);
Deleted : user_pref("extensions.funmoods.hdrMd5", "A7301F66069246083F6AE27374A6EAFF");
Deleted : user_pref("extensions.funmoods.hmpg", true);
Deleted : user_pref("extensions.funmoods.id", "c811b77500000000000000225fcc286e");
Deleted : user_pref("extensions.funmoods.instlDay", "15449");
Deleted : user_pref("extensions.funmoods.instlRef", "");
Deleted : user_pref("extensions.funmoods.isDcmntCmplt", false);
Deleted : user_pref("extensions.funmoods.lastVrsnTs", "1.5.11.1612:25:28");
Deleted : user_pref("extensions.funmoods.newTab", true);
Deleted : user_pref("extensions.funmoods.newTabUrl", "hxxp://start.funmoods.com/?f=2&a=nvnew");
Deleted : user_pref("extensions.funmoods.noFFXTlbr", false);
Deleted : user_pref("extensions.funmoods.prdct", "funmoods");
Deleted : user_pref("extensions.funmoods.prtnrId", "funmoods");
Deleted : user_pref("extensions.funmoods.sg", "none");
Deleted : user_pref("extensions.funmoods.smplGrp", "none");
Deleted : user_pref("extensions.funmoods.srchPrvdr", "Search");
Deleted : user_pref("extensions.funmoods.tlbrId", "base");
Deleted : user_pref("extensions.funmoods.tlbrSrchUrl", "hxxp://start.funmoods.com/results.php?f=3&a=nvnew&q=")[...]
Deleted : user_pref("extensions.funmoods.vrsn", "1.5.11.16");
Deleted : user_pref("extensions.funmoods.vrsnTs", "1.5.11.1612:25:28");
Deleted : user_pref("extensions.funmoods.vrsni", "1.5.11.16");
Deleted : user_pref("extensions.funmoods_i.aflt", "nvnew");
Deleted : user_pref("extensions.funmoods_i.dfltLng", "");
Deleted : user_pref("extensions.funmoods_i.dfltSrch", true);
Deleted : user_pref("extensions.funmoods_i.dnsErr", true);
Deleted : user_pref("extensions.funmoods_i.excTlbr", false);
Deleted : user_pref("extensions.funmoods_i.hmpg", true);
Deleted : user_pref("extensions.funmoods_i.hmpgUrl", "hxxp://start.funmoods.com/?f=1&a=nvnew");
Deleted : user_pref("extensions.funmoods_i.id", "c811b77500000000000000225fcc286e");
Deleted : user_pref("extensions.funmoods_i.instlDay", "15449");
Deleted : user_pref("extensions.funmoods_i.instlRef", "");
Deleted : user_pref("extensions.funmoods_i.newTab", true);
Deleted : user_pref("extensions.funmoods_i.newTabUrl", "hxxp://start.funmoods.com/?f=2&a=nvnew");
Deleted : user_pref("extensions.funmoods_i.prdct", "funmoods");
Deleted : user_pref("extensions.funmoods_i.prtnrId", "funmoods");
Deleted : user_pref("extensions.funmoods_i.smplGrp", "none");
Deleted : user_pref("extensions.funmoods_i.srchPrvdr", "Search");
Deleted : user_pref("extensions.funmoods_i.tlbrId", "base");
Deleted : user_pref("extensions.funmoods_i.tlbrSrchUrl", "hxxp://start.funmoods.com/results.php?f=3&a=nvnew&q=[...]
Deleted : user_pref("extensions.funmoods_i.vrsn", "1.5.11.16");
Deleted : user_pref("extensions.funmoods_i.vrsnTs", "1.5.11.1612:25:28");
Deleted : user_pref("extensions.funmoods_i.vrsni", "1.5.11.16");

-\\ Google Chrome v21.0.1180.89

File : C:\Users\Sena Re\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

-\\ Opera v12.2.1578.0

File : C:\Users\Sena Re\AppData\Roaming\Opera\Opera\operaprefs.ini

Deleted : application/x-mtx=6,,C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll,Meta[...]

*************************

AdwCleaner[S1].txt - [29293 octets] - [07/09/2012 21:01:59]

########## EOF - C:\AdwCleaner[S1].txt - [29354 octets] ##########

Rkill 2.3.9 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 09/07/2012 09:10:15 PM in x86 mode.
Windows Version: Windows Vista ™ Home Premium Service Pack 2

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\Windows\System32\WLTRYSVC.EXE (PID: 1840) [WD-HEUR]
* C:\Windows\System32\bcmwltry.exe (PID: 1872) [WD-HEUR]
* C:\Windows\System32\WLTRAY.EXE (PID: 3752) [WD-HEUR]

3 proccesses terminated!

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
* HKCU\SOFTWARE\Classes\.exe "@" exists and is set to exefile!
* HKCU\SOFTWARE\Classes\.exe has been deleted!
* HKCU\SOFTWARE\Classes\.bat "@" exists and is set to batfile!
* HKCU\SOFTWARE\Classes\.bat has been deleted!
* HKCU\SOFTWARE\Classes\.com "@" exists and is set to comfile!
* HKCU\SOFTWARE\Classes\.com has been deleted!

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* Windows Firewall Authorization Driver (mpsdrv) is not Running.
Startup Type set to: Manual

* BFE [Missing Service]
* BITS [Missing Service]
* iphlpsvc [Missing Service]
* MpsSvc [Missing Service]
* WinDefend [Missing Service]
* wscsvc [Missing Service]
* wuauserv [Missing Service]

* SharedAccess [Missing ImagePath]

Searching for Missing Digital Signatures:

* No issues found.

Program finished at: 09/07/2012 09:10:26 PM
Execution time: 0 hours(s), 0 minute(s), and 11 seconds(s)

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:13 PM

Posted 07 September 2012 - 09:12 PM

Run the services repair tool

http://kb.eset.com/library/ESET/KB%20Team%20Only/Malware/ServicesRepair.exe

Post the new FSS log

download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the text contents here

#9 senare

senare
  • Topic Starter

  • Members
  • 71 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:13 PM

Posted 08 September 2012 - 08:41 AM

Farbar Service Scanner Version: 06-08-2012
Ran by Sena Re (administrator) on 08-09-2012 at 08:28:44
Running from "C:\Users\Sena Re\Desktop"
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll
[2008-01-20 21:24] - [2008-01-20 21:24] - 0288256 ____A (Microsoft Corporation) E1499BD0FF76B1B2FBBF1AF339D91165

C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****

Rkill 2.3.9 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 09/08/2012 08:29:58 AM in x86 mode.
Windows Version: Windows Vista ™ Home Premium Service Pack 2

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\Windows\System32\WLTRYSVC.EXE (PID: 1908) [WD-HEUR]
* C:\Windows\System32\bcmwltry.exe (PID: 1920) [WD-HEUR]
* C:\Windows\System32\WLTRAY.EXE (PID: 4580) [WD-HEUR]

3 proccesses terminated!

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Program finished at: 09/08/2012 08:30:16 AM
Execution time: 0 hours(s), 0 minute(s), and 17 seconds(s)


"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files\common files\adobe\arm\1.0\adobearm.exe"
+ "AdobeAAMUpdater-1.0" "Adobe Updater Startup Utility" "Adobe Systems Incorporated" "c:\program files\common files\adobe\oobe\pdapp\uwa\updaterstartuputility.exe"
+ "AdobeCS5.5ServiceManager" "Adobe CS5.5 Service Manager" "Adobe Systems Incorporated" "c:\program files\common files\adobe\cs5.5servicemanager\cs5.5servicemanager.exe"
+ "Apoint" "Alps Pointing-device Driver" "Alps Electric Co., Ltd." "c:\program files\delltpad\apoint.exe"
+ "APSDaemon" "Apple Push" "Apple Inc." "c:\program files\common files\apple\apple application support\apsdaemon.exe"
+ "Broadcom Wireless Manager UI" "Dell Wireless WLAN Card Wireless Network Tray Applet" "Dell Inc." "c:\windows\system32\wltray.exe"
+ "CarboniteSetupLite" "Carbonite Setup Lite" "Carbonite, Inc." "c:\program files\carbonite\carbonitepreinstaller.exe"
+ "HotKeysCmds" "hkcmd Module" "Intel Corporation" "c:\windows\system32\hkcmd.exe"
+ "IAAnotif" "Event Monitor User Notification Tool" "Intel Corporation" "c:\program files\intel\intel matrix storage manager\iaanotif.exe"
+ "IgfxTray" "igfxTray Module" "Intel Corporation" "c:\windows\system32\igfxtray.exe"
+ "MaxMenuMgr" "FreeAgent™ Launcher" "Seagate LLC" "c:\program files\seagate\seagatemanager\freeagent status\stxmenumgr.exe"
+ "mcui_exe" "McAfee Security Center" "McAfee, Inc." "c:\program files\mcafee.com\agent\mcagent.exe"
+ "Microsoft Default Manager" "Microsoft Default Manager" "Microsoft Corporation" "c:\program files\microsoft\search enhancement pack\default manager\defmgr.exe"
+ "nmapp" "Network Magic Application" "Cisco Systems, Inc." "c:\program files\pure networks\network magic\nmapp.exe"
+ "nmctxth" "Pure Networks Platform Assistant" "Cisco Systems, Inc." "c:\program files\common files\pure networks shared\platform\nmctxth.exe"
+ "PDVDDXSrv" "CyberLink PowerDVD Resident Program" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\pdvddxsrv.exe"
+ "Persistence" "persistence Module" "Intel Corporation" "c:\windows\system32\igfxpers.exe"
+ "QuickSet" "QuickSet" "Dell Inc." "c:\program files\dell\quickset\quickset.exe"
+ "QuickTime Task" "QuickTime Task" "Apple Inc." "c:\program files\quicktime\qttask.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files\common files\java\java update\jusched.exe"
+ "SwitchBoard" "SwitchBoard Server (32 bit)" "Adobe Systems Incorporated" "c:\program files\common files\adobe\switchboard\switchboard.exe"
+ "SysTrayApp" "IDT PC Audio" "IDT, Inc." "c:\program files\idt\wdm\sttray.exe"
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "Secunia PSI Tray.lnk" "Secunia PSI Tray" "Secunia" "c:\program files\secunia\psi\psi_tray.exe"
"C:\Users\Sena Re\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "Dell Dock.lnk" "Dell Dock" "Stardock Corporation" "c:\program files\dell\delldock\delldock.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows Mail 7" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Advanced SystemCare 5" "Advanced SystemCare 5 Tray" "IObit" "c:\program files\iobit\advanced systemcare 5\asctray.exe"
+ "FileHippo.com" "FileHippo.com Update Checker" "FileHippo.com" "c:\program files\filehippo.com\updatechecker.exe"
+ "Google Update" "Google Installer" "Google Inc." "c:\users\sena re\appdata\local\google\update\googleupdate.exe"
+ "RockMelt Update" "RockMelt Installer" "RockMelt Inc." "c:\users\sena re\appdata\local\rockmelt\update\rockmeltupdate.exe"
+ "Sidebar" "Windows Sidebar" "Microsoft Corporation" "c:\program files\windows sidebar\sidebar.exe"
+ "WMPNSCFG" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "application/x-mfe-ipt" "McAfee MSC IE plugin DLL" "McAfee, Inc." "c:\program files\mcafee\msc\mcsniepl.dll"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "dssrequest" "SiteAdvisor" "McAfee, Inc." "c:\program files\mcafee\siteadvisor\mcieplg.dll"
+ "livecall" "Windows Live Messenger Protocol Handler Module" "Microsoft Corporation" "c:\program files\windows live\messenger\msgrapp.dll"
+ "ms-itss" "Microsoft® InfoTech Storage System Library" "Microsoft Corporation" "c:\program files\common files\microsoft shared\information retrieval\msitss.dll"
+ "msnim" "Windows Live Messenger Protocol Handler Module" "Microsoft Corporation" "c:\program files\windows live\messenger\msgrapp.dll"
+ "pure-go" "Pure Service Provider DLL" "Cisco Systems, Inc." "c:\program files\common files\pure networks shared\platform\puresp4.dll"
+ "sacore" "SiteAdvisor" "McAfee, Inc." "c:\program files\mcafee\siteadvisor\mcieplg.dll"
+ "wlmailhtml" "Windows Live Mail" "Microsoft Corporation" "c:\program files\windows live\mail\mailcomm.dll"
+ "wlpg" "Windows Live Album Download Protocol Handler" "Microsoft Corporation" "c:\program files\windows live\photo gallery\albumdownloadprotocolhandler.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files\7-zip\7-zip.dll"
+ "Advanced SystemCare" "ASCv5ExtMenu Module" "" "c:\program files\iobit\advanced systemcare 5\ascv5extmenu.dll"
+ "ANotepad++" "ShellHandler for Notepad++" "" "c:\program files\notepad++\nppshell_05.dll"
+ "McCtxMenuFrmWrk" "McAfee ContextMenu Framework" "McAfee, Inc." "c:\program files\mcafee\msc\mcctxmenufrmwrk.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files\7-zip\7-zip.dll"
+ "Advanced SystemCare" "ASCv5ExtMenu Module" "" "c:\program files\iobit\advanced systemcare 5\ascv5extmenu.dll"
+ "Network Magic Folders" "nmspce Dynamic Link Library" "Cisco Systems, Inc." "c:\program files\pure networks\network magic\nmspce2.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files\7-zip\7-zip.dll"
"HKLM\Software\Classes\Directory\Shellex\CopyHookHandlers" "" "" ""
+ "FileZilla3CopyHook" "fzshellext Dynamic Link Library" "" "c:\program files\filezilla ftp client\fzshellext.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll"
+ "Network Magic Folders" "nmspce Dynamic Link Library" "Cisco Systems, Inc." "c:\program files\pure networks\network magic\nmspce2.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
+ "McCtxMenuFrmWrk" "McAfee ContextMenu Framework" "McAfee, Inc." "c:\program files\mcafee\msc\mcctxmenufrmwrk.dll"
+ "Network Magic Folders" "nmspce Dynamic Link Library" "Cisco Systems, Inc." "c:\program files\pure networks\network magic\nmspce2.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files\java\jre7\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files\java\jre7\bin\ssv.dll"
+ "McAfee SiteAdvisor BHO" "SiteAdvisor" "McAfee, Inc." "c:\program files\mcafee\siteadvisor\mcieplg.dll"
+ "scriptproxy" "VSCore Script Scanner" "McAfee, Inc." "c:\program files\common files\mcafee\systemcore\scriptsn.20120626203939.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
+ "Windows Live Messenger Companion Helper" "Windows Live Messenger Companion Core" "Microsoft Corporation" "c:\program files\windows live\companion\companioncore.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "McAfee SiteAdvisor" "SiteAdvisor" "McAfee, Inc." "c:\program files\mcafee\siteadvisor\mcieplg.dll"
"Task Scheduler" "" "" ""
+ "\AdobeAAMUpdater-1.0-SenaRe-PC-Sena Re" "Adobe Updater Startup Utility" "Adobe Systems Incorporated" "c:\program files\common files\adobe\oobe\pdapp\uwa\updaterstartuputility.exe"
+ "\Apple\AppleSoftwareUpdate" "Apple Software Update" "Apple Inc." "c:\program files\apple software update\softwareupdate.exe"
+ "\CCleanerSkipUAC" "CCleaner" "Piriform Ltd" "c:\program files\ccleaner\ccleaner.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-1833670726-4138639855-2303237913-1000Core" "Google Installer" "Google Inc." "c:\users\sena re\appdata\local\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-1833670726-4138639855-2303237913-1000UA" "Google Installer" "Google Inc." "c:\users\sena re\appdata\local\google\update\googleupdate.exe"
+ "\Microsoft\Windows Defender\MP Scheduled Scan" "Windows Defender Command Line Utility" "Microsoft Corporation" "c:\program files\windows defender\mpcmdrun.exe"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" "Windows Live Social Object Extractor Engine" "Microsoft Corporation" "c:\program files\windows live\soxe\wlsoxe.dll"
+ "\Microsoft\Windows\WindowsCalendar\Reminders - Sena Re" "Windows Calendar" "Microsoft Corporation" "c:\program files\windows calendar\wincal.exe"
+ "\Microsoft\Windows\Wired\GatherWiredInfo" "" "" "c:\windows\system32\gatherwiredinfo.vbs"
+ "\Microsoft\Windows\Wireless\GatherWirelessInfo" "" "" "c:\windows\system32\gatherwirelessinfo.vbs"
+ "\PCDEventLauncher" "PC-Doctor Module" "PC-Doctor, Inc." "c:\program files\dell support center\sessionchecker.exe"
+ "\PCDoctorBackgroundMonitorTask" "PC-Doctor Module" "PC-Doctor, Inc." "c:\program files\dell support center\uaclauncher.exe"
+ "\RockMeltUpdateTaskUserS-1-5-21-1833670726-4138639855-2303237913-1000Core" "RockMelt Installer" "RockMelt Inc." "c:\users\sena re\appdata\local\rockmelt\update\rockmeltupdate.exe"
+ "\RockMeltUpdateTaskUserS-1-5-21-1833670726-4138639855-2303237913-1000UA" "RockMelt Installer" "RockMelt Inc." "c:\users\sena re\appdata\local\rockmelt\update\rockmeltupdate.exe"
+ "\SystemToolsDailyTest" "" "" "File not found: uaclauncher.exe"
+ "\tmp3C51" "" "" "File not found: applauncher.exe"
+ "\tmp48B1" "" "" "File not found: applauncher.exe"
+ "\tmp96CE" "Firefox" "Mozilla Corporation" "c:\program files\mozilla firefox\firefox.exe"
+ "\tmpF7B6" "Firefox" "Mozilla Corporation" "c:\program files\mozilla firefox\firefox.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeARMservice" "Adobe Acrobat Updater keeps your Adobe software up to date." "Adobe Systems Incorporated" "c:\program files\common files\adobe\arm\1.0\armsvc.exe"
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\system32\macromed\flash\flashplayerupdateservice.exe"
+ "AdvancedSystemCareService5" "Advanced SystemCare Service" "IObit" "c:\program files\iobit\advanced systemcare 5\ascservice.exe"
+ "AESTFilters" "Andrea filters APO access service (32-bit)" "Andrea Electronics Corporation" "c:\windows\system32\driverstore\filerepository\stwrt.inf_0145da1d\aestsrv.exe"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"
+ "DAZContentManagementService" "DAZ Content Management Service" "" "c:\program files\daz 3d\content management service\contentmanagementserver.exe"
+ "DockLoginService" "Dock Login Service" "Stardock Corporation" "c:\program files\dell\delldock\docklogin.exe"
+ "FreeAgentGoNext Service" "Seagate Service" "Seagate Technology LLC" "c:\program files\seagate\seagatemanager\sync\freeagentservice.exe"
+ "fsssvc" "This service enables Family Safety on the computer. If this service is not running, Family Safety will not work." "Microsoft Corporation" "c:\program files\windows live\family safety\fsssvc.exe"
+ "GoToAssist" "Citrix GoToAssist provides remote help to this PC." "Citrix Online, a division of Citrix Systems, Inc." "c:\program files\citrix\gotoassist\514\g2aservice.exe"
+ "IAANTMON" "RAID Monitor" "Intel Corporation" "c:\program files\intel\intel matrix storage manager\iaantmon.exe"
+ "MatSvc" "Microsoft Automated Troubleshooting Service" "Microsoft Corporation" "c:\program files\microsoft fix it center\matsvc.exe"
+ "McAfee SiteAdvisor Service" "McAfee SiteAdvisor Service" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McMPFSvc" "Helps protect your computer from intrusion and let's you manage your computer's trusted programs." "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "mcmscsvc" "McAfee Services" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McNaiAnn" "McAfee VirusScan Announcer" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McNASvc" "Allows McAfee applications to communicate securely on the local network." "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McODS" "McAfee Scanner" "McAfee, Inc." "c:\program files\mcafee\virusscan\mcods.exe"
+ "McProxy" "McAfee Proxy Service" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McShield" "McAfee OnAccess Scanner" "McAfee, Inc." "c:\program files\common files\mcafee\systemcore\mcshield.exe"
+ "mfefire" "Provides firewall services to McAfee products" "McAfee, Inc." "c:\program files\common files\mcafee\systemcore\mfefire.exe"
+ "mfevtp" "Provides validation trust protection services" "McAfee, Inc." "c:\windows\system32\mfevtps.exe"
+ "MozillaMaintenance" "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled." "Mozilla Foundation" "c:\program files\mozilla maintenance service\maintenanceservice.exe"
+ "MSK80Service" "This service filters e-mail messages on your computer" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "nmservice" "Enables Pure Networks Platform services such as file sharing, printer sharing, and network monitoring." "Cisco Systems, Inc." "c:\program files\common files\pure networks shared\platform\nmsrvc.exe"
+ "Secunia PSI Agent" "Performs routine software inspections of the system, the results of which can be seen in your Secunia Customer Area account" "Secunia" "c:\program files\secunia\psi\psia.exe"
+ "Secunia Update Agent" "Performs routine software inspections of the system, the results of which can be seen in your Secunia Customer Area account" "Secunia" "c:\program files\secunia\psi\sua.exe"
+ "STacSV" "Manages audio jack configurations." "IDT, Inc." "c:\windows\system32\driverstore\filerepository\stwrt.inf_0145da1d\stacsv.exe"
+ "SwitchBoard" "Adobe SwitchBoard" "Adobe Systems Incorporated" "c:\program files\common files\adobe\switchboard\switchboard.exe"
+ "Viewpoint Service" "Ensures Viewpoint 3D and Rich Media Technologies are up to date" "Viewpoint Corporation" "c:\program files\viewpoint\common\viewpointservice.exe"
+ "WinDefend" "Scan your computer for unwanted software, schedule scans, and get the latest unwanted software definitions." "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "wltrysvc" "Provides automatic configuration for the 802.11 adapter using the Broadcom supplicant." "" "c:\windows\system32\wltrysvc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
+ "yksvc" "Service for Marvell® Yukon® Network Adapters" "Marvell" "c:\windows\system32\ykx32coinst.dll"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "ApfiltrService" "Alps Touch Pad Driver" "Alps Electric Co., Ltd." "c:\windows\system32\drivers\apfiltr.sys"
+ "BCM42RLY" "Broadcom iLine10™ PCI Network Adapter Proxy Protocol Driver" "Broadcom Corporation" "c:\windows\system32\drivers\bcm42rly.sys"
+ "BCM43XX" "Broadcom 802.11 Network Adapter wireless driver" "Broadcom Corporation" "c:\windows\system32\drivers\bcmwl6.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "cfwids" "McAfee Personal Firewall IDS Plugin" "McAfee, Inc." "c:\windows\system32\drivers\cfwids.sys"
+ "e1express" "Intel® PRO/1000 Adapter NDIS 6 deserialized driver" "Intel Corporation" "c:\windows\system32\drivers\e1e6032.sys"
+ "E1G60" "Intel® PRO/1000 Adapter NDIS 6 deserialized driver" "Intel Corporation" "c:\windows\system32\drivers\e1g60i32.sys"
+ "iaStor" "Intel Rapid Storage Technology driver - x86" "Intel Corporation" "c:\windows\system32\drivers\iastor.sys"
+ "igfx" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdkmd32.sys"
+ "IpInIp" "IP in IP Tunnel Driver" "" "File not found: system32\DRIVERS\ipinip.sys"
+ "mfeapfk" "Access Protection Filter Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfeapfk.sys"
+ "mfeavfk" "Anti-Virus File System Filter Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfeavfk.sys"
+ "mfeavfk01" "" "" "File not found: C:\Windows\System32\Drivers\mfeavfk01.sys"
+ "mfebopk" "Buffer Overflow Protection Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfebopk.sys"
+ "mfefirek" "McAfee Core Firewall Engine Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfefirek.sys"
+ "mfehidk" "McAfee Link Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfehidk.sys"
+ "mfenlfk" "McAfee NDIS Light Filter" "McAfee, Inc." "c:\windows\system32\drivers\mfenlfk.sys"
+ "mferkdet" "McAfee Code Analysis Driver" "McAfee, Inc." "c:\windows\system32\drivers\mferkdet.sys"
+ "mfewfpk" "Anti-Virus Mini-Firewall Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfewfpk.sys"
+ "NwlnkFlt" "IPX Traffic Filter Driver" "" "File not found: system32\DRIVERS\nwlnkflt.sys"
+ "NwlnkFwd" "IPX Traffic Forwarder Driver" "" "File not found: system32\DRIVERS\nwlnkfwd.sys"
+ "pnarp" "Provides support for Pure Networks Platform device discovery." "Cisco Systems, Inc." "c:\windows\system32\drivers\pnarp.sys"
+ "PSI" "PSI mini-filter driver" "Secunia" "c:\windows\system32\drivers\psi_mf.sys"
+ "PTDUBus" "CDMA USB Composite Device Driver " "DEVGURU Co,LTD." "c:\windows\system32\drivers\ptdubus.sys"
+ "PTDUMdm" "PANTECH UM175 Drivers" "DEVGURU Co,LTD." "c:\windows\system32\drivers\ptdumdm.sys"
+ "PTDUVsp" "PANTECH UM175 Diagnostic Port" "DEVGURU Co,LTD." "c:\windows\system32\drivers\ptduvsp.sys"
+ "PTDUWWAN" "Wireless WAN Driver" "DEVGURU Co,LTD." "c:\windows\system32\drivers\ptduwwan.sys"
+ "purendis" "Provides support for Pure Networks Platform wireless adapter configuration." "Cisco Systems, Inc." "c:\windows\system32\drivers\purendis.sys"
+ "PxHelp20" "Px Engine Device Driver for Windows 2000/XP" "Sonic Solutions" "c:\windows\system32\drivers\pxhelp20.sys"
+ "R300" "ATI Radeon Kernel Mode Driver" "ATI Technologies Inc." "c:\windows\system32\drivers\atikmdag.sys"
+ "RTSTOR" "Realtek USB Mass Storage Driver for Vista" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtstor.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "STHDA" "IDT PC Audio" "IDT, Inc." "c:\windows\system32\drivers\stwrt.sys"
+ "yukonwlh" "Miniport Driver for Marvell Yukon Ethernet Controller." "Marvell" "c:\windows\system32\drivers\yk60x86.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\system32\iccvid.dll"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "9x8Resize" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Allocator Fix" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Bitmap" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Capture ASF Writer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "CyberLink Audio Decoder" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\kernel\movie\claud.ax"
+ "CyberLink Audio Effect" "CyberLink Audio Effect Filter" "CyberLink Corporation" "c:\program files\cyberlink\powerdvd dx\kernel\movie\claudfx.ax"
+ "CyberLink Audio Spectrum Analyzer" "CLAudSpa.ax" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\kernel\movie\claudspa.ax"
+ "CyberLink Audio Wizard" "CyberLink Audio Wizard Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\kernel\movie\claudwizard.ax"
+ "CyberLink AudioCD Filter" "CyberLink AudioCD Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\kernel\movie\claudiocd.ax"
+ "CyberLink Demultiplexer" "MPEG-2 Dempltiplexer" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\kernel\movie\cldemuxer.ax"
+ "CyberLink DVD Navigator" "CyberLink DVD Navigation Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\kernel\movie\clnavx.ax"
+ "CyberLink Line21 Decoder Filter" "CyberLink Line21 Decoder Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\kernel\movie\clline21.ax"
+ "Cyberlink SubTitle Importor" "CLSubTitle.ax" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\kernel\movie\clsubtitle.ax"
+ "CyberLink TimeStretch Filter" "CLAuTS.ax" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\kernel\movie\clauts.ax"
+ "CyberLink Video Effect" "CLVidFx" "CyberLink" "c:\program files\cyberlink\powerdvd dx\kernel\movie\clvidfx.ax"
+ "CyberLink Video/SP Decoder" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\kernel\movie\clvsd.ax"
+ "Frame Eater" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Multiple File Output" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Proxy Sink" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Proxy Source" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "Record Queue" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "ShotDetect" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Stetch" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WM VIH2 Fix" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Audio Analyzer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Black Frame Generator" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT FormatConversion" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Import Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Interlacer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Log Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT MuxDeMux Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Volume" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "GoToAssist" "Citrix Online GoToAssist" "Citrix Online, a division of Citrix Systems, Inc." "c:\program files\citrix\gotoassist\514\g2awinlogon.dll"
+ "igfxcui" "igfxdev Module" "Intel Corporation" "c:\windows\system32\igfxdev.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order" "" "" ""
+ "BCMLogon" "Dell Wireless WLAN Card Logon Provider" "Dell Inc." "c:\windows\system32\bcmlogon.dll"
"C:\Users\Sena Re\AppData\Local\Microsoft\Windows Sidebar\Settings.ini" "" "" ""
+ "" "" "" "C:\Users\Sena Re\AppData\Local\Microsoft\Windows Sidebar\Gadgets\WeatherBug.Gadget"
+ "Dark Calendar" "Browse the days of the calendar." "JoshyCarter" "C:\Users\Sena Re\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DarkCalendar.Gadget\en-US\Gadget.xml"
+ "Desk Essentials v2.2" "Combined ToDo list, Note list, Calculator Gadget" "Kinesys Ltd" "C:\Users\Sena Re\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DeskEssentials_2.2.gadget\Gadget.xml"

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:13 PM

Posted 08 September 2012 - 08:54 AM

Any current issues?

Download

system look

Launch it and copy this script
:filefind
netbt.zys

Click on LOOK,post the generated log

Edited by narenxp, 08 September 2012 - 08:54 AM.


#11 senare

senare
  • Topic Starter

  • Members
  • 71 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:13 PM

Posted 08 September 2012 - 12:37 PM

I don't seem to be having any issues. The redirect seems to be gone.

SystemLook 30.07.11 by jpshortstuff
Log created at 12:31 on 08/09/2012 by Sena Re
Administrator - Elevation successful

========== filefind ==========

Searching for "netbt.zys"
No files found.

-= EOF =-

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:13 PM

Posted 08 September 2012 - 12:48 PM

That looks good

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows-vista/Turn-System-Restore-on-or-off

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp

Update your flash player

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#13 senare

senare
  • Topic Starter

  • Members
  • 71 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:13 PM

Posted 08 September 2012 - 04:02 PM

Do I need to keep these programs on my comp?

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:13 PM

Posted 08 September 2012 - 04:03 PM

Remove them

#15 senare

senare
  • Topic Starter

  • Members
  • 71 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:13 PM

Posted 08 September 2012 - 04:10 PM

Thank you for your help!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users