Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

malware removal


  • Please log in to reply
11 replies to this topic

#1 BNN

BNN

  • Members
  • 72 posts
  • OFFLINE
  •  
  • Local time:06:56 PM

Posted 09 September 2012 - 09:11 AM

hello
can you help remove widdit search?

tanks

I have windows vista

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:56 PM

Posted 09 September 2012 - 09:13 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 BNN

BNN
  • Topic Starter

  • Members
  • 72 posts
  • OFFLINE
  •  
  • Local time:06:56 PM

Posted 09 September 2012 - 01:01 PM

Hi
run the 3 apps. ESET found 20 suspicious files and deleted /quarantined them.
10:41:52.0656 4304 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
10:41:53.0083 4304 ============================================================
10:41:53.0083 4304 Current date / time: 2012/09/09 10:41:53.0083
10:41:53.0083 4304 SystemInfo:
10:41:53.0083 4304
10:41:53.0083 4304 OS Version: 6.0.6000 ServicePack: 0.0
10:41:53.0083 4304 Product type: Workstation
10:41:53.0083 4304 ComputerName: VALUED-11599CE5
10:41:53.0084 4304 UserName: Luis Sanchez
10:41:53.0084 4304 Windows directory: C:\Windows
10:41:53.0084 4304 System windows directory: C:\Windows
10:41:53.0084 4304 Processor architecture: Intel x86
10:41:53.0084 4304 Number of processors: 1
10:41:53.0084 4304 Page size: 0x1000
10:41:53.0084 4304 Boot type: Normal boot
10:41:53.0084 4304 ============================================================
10:41:55.0107 4304 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
10:41:55.0170 4304 ============================================================
10:41:55.0171 4304 \Device\Harddisk0\DR0:
10:41:55.0193 4304 MBR partitions:
10:41:55.0193 4304 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xAEC789, BlocksNum 0x8A21D38
10:41:55.0193 4304 ============================================================
10:41:55.0357 4304 C: <-> \Device\Harddisk0\DR0\Partition1
10:41:55.0415 4304 ============================================================
10:41:55.0415 4304 Initialize success
10:41:55.0415 4304 ============================================================
10:42:31.0554 5508 ============================================================
10:42:31.0554 5508 Scan started
10:42:31.0554 5508 Mode: Manual; TDLFS;
10:42:31.0554 5508 ============================================================
10:42:32.0779 5508 ================ Scan system memory ========================
10:42:32.0779 5508 System memory - ok
10:42:32.0779 5508 ================ Scan services =============================
10:42:32.0956 5508 [ 71574A98093D94BDBB3CB74E272D29A5 ] a2acc C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2accx86.sys
10:42:32.0959 5508 a2acc - ok
10:42:33.0125 5508 [ AF700DE877CE4D3BAFD6F0C0BFFE0FE1 ] a2AntiMalware C:\Program Files\Emsisoft Anti-Malware\a2service.exe
10:42:33.0202 5508 a2AntiMalware - ok
10:42:33.0357 5508 [ 84FC6DF81212D16BE5C4F441682FECCC ] ACPI C:\Windows\system32\drivers\acpi.sys
10:42:33.0364 5508 ACPI - ok
10:42:33.0440 5508 [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
10:42:33.0451 5508 adp94xx - ok
10:42:33.0483 5508 [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci C:\Windows\system32\drivers\adpahci.sys
10:42:33.0490 5508 adpahci - ok
10:42:33.0537 5508 [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
10:42:33.0541 5508 adpu160m - ok
10:42:33.0559 5508 [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320 C:\Windows\system32\drivers\adpu320.sys
10:42:33.0567 5508 adpu320 - ok
10:42:33.0645 5508 [ 15E655BAA989444F56787EF558823643 ] AegisP C:\Windows\system32\DRIVERS\AegisP.sys
10:42:33.0647 5508 AegisP - ok
10:42:33.0690 5508 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
10:42:33.0692 5508 AeLookupSvc - ok
10:42:33.0752 5508 [ 5D24CAF8EFD924A875698FF28384DB8B ] AFD C:\Windows\system32\drivers\afd.sys
10:42:33.0759 5508 AFD - ok
10:42:33.0834 5508 [ EF23439CDD587F64C2C1B8825CEAD7D8 ] agp440 C:\Windows\system32\drivers\agp440.sys
10:42:33.0836 5508 agp440 - ok
10:42:33.0867 5508 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
10:42:33.0870 5508 aic78xx - ok
10:42:33.0885 5508 [ E69FB0E3112C40FDC0EF7D21A52DC951 ] ALG C:\Windows\System32\alg.exe
10:42:33.0888 5508 ALG - ok
10:42:33.0935 5508 [ 90395B64600EBB4552E26E178C94B2E4 ] aliide C:\Windows\system32\drivers\aliide.sys
10:42:33.0980 5508 aliide - ok
10:42:34.0016 5508 [ 2B13E304C9DFDFA5EB582F6A149FA2C7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
10:42:34.0019 5508 amdagp - ok
10:42:34.0039 5508 [ 0577DF1D323FE75A739C787893D300EA ] amdide C:\Windows\system32\drivers\amdide.sys
10:42:34.0041 5508 amdide - ok
10:42:34.0071 5508 [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
10:42:34.0073 5508 AmdK7 - ok
10:42:34.0084 5508 [ 0CA0071DA4315B00FC1328CA86B425DA ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
10:42:34.0086 5508 AmdK8 - ok
10:42:34.0153 5508 [ B21FCBC58CB13BAC70F74B5AC5DA7409 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
10:42:34.0156 5508 ApfiltrService - ok
10:42:34.0225 5508 [ CFA455816879F06F1C4E5BBF9E8AEF7D ] Appinfo C:\Windows\System32\appinfo.dll
10:42:34.0226 5508 Appinfo - ok
10:42:34.0329 5508 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:42:34.0332 5508 Apple Mobile Device - ok
10:42:34.0404 5508 [ 5F673180268BB1FDB69C99B6619FE379 ] arc C:\Windows\system32\drivers\arc.sys
10:42:34.0407 5508 arc - ok
10:42:34.0461 5508 [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas C:\Windows\system32\drivers\arcsas.sys
10:42:34.0464 5508 arcsas - ok
10:42:34.0578 5508 [ F5DC168BF77572D51BE28BA261B30CB4 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
10:42:34.0580 5508 aswFsBlk - ok
10:42:34.0649 5508 [ F76E51561562AC4105DBBE53FC99BC10 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
10:42:34.0664 5508 aswMonFlt - ok
10:42:34.0699 5508 [ B7D5E4486BA658ED08624D8084ABB830 ] aswRdr C:\Windows\system32\drivers\aswRdr.sys
10:42:34.0701 5508 aswRdr - ok
10:42:34.0822 5508 [ 30E45AF8B4D83176CA850FC9699E860B ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
10:42:34.0838 5508 aswSnx - ok
10:42:34.0873 5508 [ F04BDBCB965C05C51F4A7DE7B62063D6 ] aswSP C:\Windows\system32\drivers\aswSP.sys
10:42:34.0881 5508 aswSP - ok
10:42:34.0908 5508 [ DFE9152ABFA89BB8CFDC057409B2D4DA ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
10:42:34.0910 5508 aswTdi - ok
10:42:34.0963 5508 [ E86CF7CE67D5DE898F27EF884DC357D8 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
10:42:34.0965 5508 AsyncMac - ok
10:42:35.0024 5508 [ B35CFCEF838382AB6490B321C87EDF17 ] atapi C:\Windows\system32\drivers\atapi.sys
10:42:35.0025 5508 atapi - ok
10:42:35.0100 5508 [ E760FC1BD68F7F6F1B17EB4E8D9480B0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:42:35.0107 5508 AudioEndpointBuilder - ok
10:42:35.0119 5508 [ E760FC1BD68F7F6F1B17EB4E8D9480B0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
10:42:35.0126 5508 Audiosrv - ok
10:42:35.0213 5508 [ 04AC21E821F259845BD7367CEE057290 ] avast! Antivirus C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
10:42:35.0215 5508 avast! Antivirus - ok
10:42:35.0276 5508 [ AC3DD1708B22761EBD7CBE14DCC3B5D7 ] Beep C:\Windows\system32\drivers\Beep.sys
10:42:35.0278 5508 Beep - ok
10:42:35.0328 5508 [ 98EBDFFB824A7C265337D68DD480E45C ] BFE C:\Windows\System32\bfe.dll
10:42:35.0335 5508 BFE - ok
10:42:35.0417 5508 [ DA551697E34D2B9943C8B1C8EAFFE89A ] BITS C:\Windows\System32\qmgr.dll
10:42:35.0439 5508 BITS - ok
10:42:35.0446 5508 blbdrive - ok
10:42:35.0529 5508 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
10:42:35.0537 5508 Bonjour Service - ok
10:42:35.0562 5508 [ 913CD06FBE9105CE6077E90FD4418561 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
10:42:35.0565 5508 bowser - ok
10:42:35.0598 5508 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
10:42:35.0600 5508 BrFiltLo - ok
10:42:35.0656 5508 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
10:42:35.0657 5508 BrFiltUp - ok
10:42:35.0712 5508 [ BEB6470532B7461D7BB426E3FACB424F ] Browser C:\Windows\System32\browser.dll
10:42:35.0716 5508 Browser - ok
10:42:35.0749 5508 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
10:42:35.0753 5508 Brserid - ok
10:42:35.0787 5508 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
10:42:35.0789 5508 BrSerWdm - ok
10:42:35.0811 5508 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
10:42:35.0816 5508 BrUsbMdm - ok
10:42:35.0832 5508 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
10:42:35.0834 5508 BrUsbSer - ok
10:42:35.0854 5508 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
10:42:35.0856 5508 BTHMODEM - ok
10:42:35.0892 5508 [ 58EE7F5E68310BC8D4E7CEBD8358C12E ] BthServ C:\Windows\System32\bthserv.dll
10:42:35.0900 5508 BthServ - ok
10:42:35.0951 5508 BTWUSB - ok
10:42:35.0976 5508 [ 6C3A437FC873C6F6A4FC620B6888CB86 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
10:42:35.0985 5508 cdfs - ok
10:42:36.0056 5508 [ 8D1866E61AF096AE8B582454F5E4D303 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
10:42:36.0059 5508 cdrom - ok
10:42:36.0130 5508 [ 0600E04315FE543802A379D5D23C8BE0 ] CertPropSvc C:\Windows\System32\certprop.dll
10:42:36.0132 5508 CertPropSvc - ok
10:42:36.0174 5508 [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass C:\Windows\system32\drivers\circlass.sys
10:42:36.0177 5508 circlass - ok
10:42:36.0229 5508 [ 1B84FD0937D3B99AF9BA38DDFF3DAF54 ] CLFS C:\Windows\system32\CLFS.sys
10:42:36.0235 5508 CLFS - ok
10:42:36.0320 5508 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:42:36.0324 5508 clr_optimization_v2.0.50727_32 - ok
10:42:36.0377 5508 [ ED97AD3DF1B9005989EAF149BF06C821 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
10:42:36.0379 5508 CmBatt - ok
10:42:36.0399 5508 [ 45201046C776FFDAF3FC8A0029C581C8 ] cmdide C:\Windows\system32\drivers\cmdide.sys
10:42:36.0403 5508 cmdide - ok
10:42:36.0422 5508 [ 722936AFB75A7F509662B69B5632F48A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
10:42:36.0428 5508 Compbatt - ok
10:42:36.0440 5508 COMSysApp - ok
10:42:36.0470 5508 [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
10:42:36.0472 5508 crcdisk - ok
10:42:36.0501 5508 [ 22A7F883508176489F559EE745B5BF5D ] Crusoe C:\Windows\system32\drivers\crusoe.sys
10:42:36.0503 5508 Crusoe - ok
10:42:36.0576 5508 [ 1C26FB097170A2A91066D1E3A24366E3 ] CryptSvc C:\Windows\system32\cryptsvc.dll
10:42:36.0579 5508 CryptSvc - ok
10:42:36.0676 5508 [ 7B981222A257D076885BFFB66F19B7CE ] DcomLaunch C:\Windows\system32\rpcss.dll
10:42:36.0693 5508 DcomLaunch - ok
10:42:36.0725 5508 [ A7179DE59AE269AB70345527894CCD7C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
10:42:36.0728 5508 DfsC - ok
10:42:36.0869 5508 [ E0D584AA76C7D845BA9F3A788260528F ] DFSR C:\Windows\system32\DFSR.exe
10:42:36.0918 5508 DFSR - ok
10:42:37.0014 5508 [ DC45739BC22D528D2B3E50D3F6761750 ] Dhcp C:\Windows\System32\dhcpcsvc.dll
10:42:37.0021 5508 Dhcp - ok
10:42:37.0117 5508 [ 841AF4C4D41D3E3B2F244E976B0F7963 ] disk C:\Windows\system32\drivers\disk.sys
10:42:37.0119 5508 disk - ok
10:42:37.0157 5508 [ EECBA1DD142BF8693C476BE8F32FE253 ] Dnscache C:\Windows\System32\dnsrslvr.dll
10:42:37.0160 5508 Dnscache - ok
10:42:37.0228 5508 [ 1F795D214820E496BF1124434A6DB546 ] dot3svc C:\Windows\System32\dot3svc.dll
10:42:37.0234 5508 dot3svc - ok
10:42:37.0307 5508 [ 57B2D433A08B95E4F1B53A919937F3E5 ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
10:42:37.0311 5508 Dot4 - ok
10:42:37.0375 5508 [ D93FA484BB62FBE7E5EF335C5415D3CF ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
10:42:37.0378 5508 Dot4Print - ok
10:42:37.0418 5508 [ 599742C4260FB3E8EDB3BE148B8CE856 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
10:42:37.0420 5508 dot4usb - ok
10:42:37.0479 5508 [ 032C90AD677BF7B7A8013D6087C7A921 ] DPS C:\Windows\system32\dps.dll
10:42:37.0487 5508 DPS - ok
10:42:37.0547 5508 [ EE472CD2C01F6F8E8AA1FA06FFEF61B6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
10:42:37.0549 5508 drmkaud - ok
10:42:37.0594 5508 [ 334988883DE69ADB27E2CF9F9715BBDB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
10:42:37.0607 5508 DXGKrnl - ok
10:42:37.0703 5508 [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
10:42:37.0707 5508 E1G60 - ok
10:42:37.0752 5508 [ 90A0A875642E18618010645311B4E89E ] EapHost C:\Windows\System32\eapsvc.dll
10:42:37.0755 5508 EapHost - ok
10:42:37.0805 5508 [ 0EFC7531B936EE57FDB4E837664C509F ] Ecache C:\Windows\system32\drivers\ecache.sys
10:42:37.0809 5508 Ecache - ok
10:42:37.0906 5508 [ B4580122B0A7B263B6EE9ACBA69C8013 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
10:42:37.0913 5508 ehRecvr - ok
10:42:37.0955 5508 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
10:42:37.0959 5508 ehSched - ok
10:42:38.0022 5508 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
10:42:38.0024 5508 ehstart - ok
10:42:38.0057 5508 [ 7EC42EC12A4BAC14BCCA99FB06F2D125 ] elagopro C:\Windows\system32\DRIVERS\elagopro.sys
10:42:38.0059 5508 elagopro - ok
10:42:38.0081 5508 [ DFEABB7CFFFADEA4A912AB95BDC3177A ] elaunidr C:\Windows\system32\DRIVERS\elaunidr.sys
10:42:38.0082 5508 elaunidr - ok
10:42:38.0144 5508 [ E8F3F21A71720C84BCF423B80028359F ] elxstor C:\Windows\system32\drivers\elxstor.sys
10:42:38.0153 5508 elxstor - ok
10:42:38.0236 5508 [ 3226FDA08988526E819E364E8CCE4CEE ] EMDMgmt C:\Windows\system32\emdmgmt.dll
10:42:38.0249 5508 EMDMgmt - ok
10:42:38.0340 5508 [ 7B4971C3D43525175A4EA0D143E0412E ] EventSystem C:\Windows\system32\es.dll
10:42:38.0348 5508 EventSystem - ok
10:42:38.0455 5508 [ 2B1284C4EC97CC204F8430F5CCC2992F ] EvtEng C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
10:42:38.0466 5508 EvtEng - ok
10:42:38.0491 5508 [ 84A317CB0B3954D3768CDCD018DBF670 ] fastfat C:\Windows\system32\drivers\fastfat.sys
10:42:38.0496 5508 fastfat - ok
10:42:38.0555 5508 [ 63BDADA84951B9C03E641800E176898A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
10:42:38.0557 5508 fdc - ok
10:42:38.0611 5508 [ E43BCE1A77D6FD4ED5F8E0482B9E7DF1 ] fdPHost C:\Windows\system32\fdPHost.dll
10:42:38.0614 5508 fdPHost - ok
10:42:38.0634 5508 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
10:42:38.0637 5508 FDResPub - ok
10:42:38.0662 5508 [ 65773D6115C037FFD7EF8280AE85EB9D ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
10:42:38.0669 5508 FileInfo - ok
10:42:38.0695 5508 [ C226DD0DE060745F3E042F58DCF78402 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
10:42:38.0697 5508 Filetrace - ok
10:42:38.0717 5508 [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
10:42:38.0719 5508 flpydisk - ok
10:42:38.0747 5508 [ A6A8DA7AE4D53394AB22AC3AB6D3F5D3 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
10:42:38.0752 5508 FltMgr - ok
10:42:38.0866 5508 [ C9BE08664611DDAF98E2331E9288B00B ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
10:42:38.0868 5508 FontCache3.0.0.0 - ok
10:42:38.0906 5508 [ 66A078591208BAA210C7634B11EB392C ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
10:42:38.0909 5508 Fs_Rec - ok
10:42:38.0946 5508 [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
10:42:38.0950 5508 gagp30kx - ok
10:42:39.0025 5508 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
10:42:39.0028 5508 GEARAspiWDM - ok
10:42:39.0118 5508 [ BCF6589C42D8F6A20F33EF133FFE0524 ] gpsvc C:\Windows\System32\gpsvc.dll
10:42:39.0133 5508 gpsvc - ok
10:42:39.0254 5508 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
10:42:39.0258 5508 gupdate - ok
10:42:39.0277 5508 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
10:42:39.0278 5508 gupdatem - ok
10:42:39.0350 5508 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:42:39.0356 5508 HdAudAddService - ok
10:42:39.0399 5508 [ 0DB613A7E427B5663563677796FD5258 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
10:42:39.0401 5508 HDAudBus - ok
10:42:39.0446 5508 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
10:42:39.0449 5508 HidBth - ok
10:42:39.0467 5508 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
10:42:39.0474 5508 HidIr - ok
10:42:39.0519 5508 [ 8FA640195279ACE21BEA91396A0054FC ] hidserv C:\Windows\System32\hidserv.dll
10:42:39.0523 5508 hidserv - ok
10:42:39.0539 5508 [ 3C64042B95E583B366BA4E5D2450235E ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
10:42:39.0542 5508 HidUsb - ok
10:42:39.0600 5508 [ D40AA05E29BF6ED29B139F044B461E9B ] hkmsvc C:\Windows\system32\kmsvc.dll
10:42:39.0605 5508 hkmsvc - ok
10:42:39.0642 5508 [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
10:42:39.0644 5508 HpCISSs - ok
10:42:39.0790 5508 [ E4E285A3766B4A57401FEEAF66CB07B5 ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
10:42:39.0796 5508 hpqcxs08 - ok
10:42:39.0844 5508 [ EE4C7A4CF2316701FFDE90F404520265 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
10:42:39.0848 5508 hpqddsvc - ok
10:42:39.0929 5508 [ BE0A81F4337367CE94BB20E65B3D57C8 ] HSFHWAZL C:\Windows\system32\DRIVERS\HSFHWAZL.sys
10:42:39.0934 5508 HSFHWAZL - ok
10:42:40.0011 5508 [ B46AA158F25CCBF03B12971B4C7F4723 ] HSF_DPV C:\Windows\system32\DRIVERS\HSF_DPV.sys
10:42:40.0031 5508 HSF_DPV - ok
10:42:40.0103 5508 [ EA24FE637D974A8A31BC650F478E3533 ] HTTP C:\Windows\system32\drivers\HTTP.sys
10:42:40.0111 5508 HTTP - ok
10:42:40.0169 5508 [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp C:\Windows\system32\drivers\i2omp.sys
10:42:40.0171 5508 i2omp - ok
10:42:40.0232 5508 [ 1C9EE072BAA3ABB460B91D7EE9152660 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
10:42:40.0234 5508 i8042prt - ok
10:42:40.0356 5508 [ 496DB78E6A0C4C44023D9A92B4A7AC31 ] ialm C:\Windows\system32\DRIVERS\igdkmd32.sys
10:42:40.0389 5508 ialm - ok
10:42:40.0433 5508 [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
10:42:40.0464 5508 iaStorV - ok
10:42:40.0534 5508 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
10:42:40.0537 5508 IDriverT - ok
10:42:40.0647 5508 [ 7B630ACAED64FEF0C3E1CF255CB56686 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
10:42:40.0667 5508 idsvc - ok
10:42:40.0692 5508 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
10:42:40.0698 5508 iirsp - ok
10:42:40.0765 5508 [ 35662FE4D8622F667AA5A5568F7F1B40 ] IKEEXT C:\Windows\System32\ikeext.dll
10:42:40.0776 5508 IKEEXT - ok
10:42:40.0830 5508 [ 988981C840084F480BA9E3319CEBDE1B ] intelide C:\Windows\system32\drivers\intelide.sys
10:42:40.0832 5508 intelide - ok
10:42:40.0875 5508 [ CE44CC04262F28216DD4341E9E36A16F ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
10:42:40.0882 5508 intelppm - ok
10:42:40.0919 5508 [ 88CF5281ED9880D74DC9011CF8B5262D ] IPBusEnum C:\Windows\system32\ipbusenum.dll
10:42:40.0923 5508 IPBusEnum - ok
10:42:40.0964 5508 [ 880C6F86CC3F551B8FEA2C11141268C0 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:42:40.0967 5508 IpFilterDriver - ok
10:42:41.0017 5508 [ ECC9AD72CFC4AB41CF6A9BCC11F9FEF6 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
10:42:41.0022 5508 iphlpsvc - ok
10:42:41.0039 5508 IpInIp - ok
10:42:41.0078 5508 [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
10:42:41.0081 5508 IPMIDRV - ok
10:42:41.0107 5508 [ 10077C35845101548037DF04FD1A420B ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
10:42:41.0111 5508 IPNAT - ok
10:42:41.0218 5508 [ 57EDB35EA2FECA88F8B17C0C095C9A56 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
10:42:41.0237 5508 iPod Service - ok
10:42:41.0270 5508 [ A82F328F4792304184642D6D397BB1E3 ] IRENUM C:\Windows\system32\drivers\irenum.sys
10:42:41.0272 5508 IRENUM - ok
10:42:41.0322 5508 [ 350FCA7E73CF65BCEF43FAE1E4E91293 ] isapnp C:\Windows\system32\drivers\isapnp.sys
10:42:41.0324 5508 isapnp - ok
10:42:41.0389 5508 [ 4DCA456D4D5723F8FA9C6760D240B0DF ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
10:42:41.0394 5508 iScsiPrt - ok
10:42:41.0425 5508 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
10:42:41.0427 5508 iteatapi - ok
10:42:41.0455 5508 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
10:42:41.0458 5508 iteraid - ok
10:42:41.0508 5508 [ B076B2AB806B3F696DAB21375389101C ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
10:42:41.0510 5508 kbdclass - ok
10:42:41.0572 5508 [ ED61DBC6603F612B7338283EDBACBC4B ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
10:42:41.0574 5508 kbdhid - ok
10:42:41.0633 5508 [ C731B1FE449D4E9CEA358C9D55B69BE9 ] KeyIso C:\Windows\system32\lsass.exe
10:42:41.0642 5508 KeyIso - ok
10:42:41.0687 5508 [ 0A829977B078DEA11641FC2AF87CEADE ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
10:42:41.0696 5508 KSecDD - ok
10:42:41.0769 5508 [ 45C537FE5DDE9A0146AEFF76E615737D ] KtmRm C:\Windows\system32\msdtckrm.dll
10:42:41.0779 5508 KtmRm - ok
10:42:41.0831 5508 [ 53D1482FC1AA36AC015A85E6CF2146BD ] LanmanServer C:\Windows\System32\srvsvc.dll
10:42:41.0839 5508 LanmanServer - ok
10:42:41.0911 5508 [ 435F0F6DC87A4B5DA78F1FA309884189 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:42:41.0921 5508 LanmanWorkstation - ok
10:42:41.0970 5508 [ FD015B4F95DAA2B712F0E372A116FBAD ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
10:42:41.0973 5508 lltdio - ok
10:42:42.0032 5508 [ 7450DBCF754391DD6363FFFD5EF0E789 ] lltdsvc C:\Windows\System32\lltdsvc.dll
10:42:42.0040 5508 lltdsvc - ok
10:42:42.0077 5508 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
10:42:42.0081 5508 lmhosts - ok
10:42:42.0122 5508 [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
10:42:42.0148 5508 LSI_FC - ok
10:42:42.0185 5508 [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
10:42:42.0187 5508 LSI_SAS - ok
10:42:42.0200 5508 [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
10:42:42.0203 5508 LSI_SCSI - ok
10:42:42.0232 5508 [ 42885BB44B6E065B8575A8DD6C430C52 ] luafv C:\Windows\system32\drivers\luafv.sys
10:42:42.0235 5508 luafv - ok
10:42:42.0308 5508 [ 9FB982DE1C8DD769F8ED681DD878B12F ] lvpopflt C:\Windows\system32\DRIVERS\lvpopflt.sys
10:42:42.0311 5508 lvpopflt - ok
10:42:42.0372 5508 [ 1A7DB7A00A4B0D8DA24CD691A4547291 ] LVPr2Mon C:\Windows\system32\DRIVERS\LVPr2Mon.sys
10:42:42.0374 5508 LVPr2Mon - ok
10:42:42.0468 5508 [ 0DDFDCAA92C7F553328DB06BA599BEA9 ] LVPrcSrv C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
10:42:42.0470 5508 LVPrcSrv - ok
10:42:42.0548 5508 [ 37072EC9299E825F4335CC554B6FAC6A ] LVRS C:\Windows\system32\DRIVERS\lvrs.sys
10:42:42.0555 5508 LVRS - ok
10:42:42.0568 5508 LVUSBSta - ok
10:42:42.0978 5508 [ A240E42A7402E927A71B6E8AA4629B13 ] LVUVC C:\Windows\system32\DRIVERS\lvuvc.sys
10:42:43.0325 5508 LVUVC - ok
10:42:43.0376 5508 [ E93C1AD58E88A0846EAEE10671C2A8F3 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
10:42:43.0381 5508 Mcx2Svc - ok
10:42:43.0420 5508 [ 74F4372AF97A587ECEC527EC34955712 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
10:42:43.0423 5508 mdmxsdk - ok
10:42:43.0481 5508 [ D153B14FC6598EAE8422A2037553ADCE ] megasas C:\Windows\system32\drivers\megasas.sys
10:42:43.0483 5508 megasas - ok
10:42:43.0525 5508 [ B7521F69C0A9B29D356157229376FB21 ] MHN C:\Windows\System32\mhn.dll
10:42:43.0530 5508 MHN - ok
10:42:43.0557 5508 [ 7F2F1D2815A6449D346FCCCBC569FBD6 ] MHNDRV C:\Windows\system32\DRIVERS\mhndrv.sys
10:42:43.0559 5508 MHNDRV - ok
10:42:43.0607 5508 [ 9DFA3A459AF0954AA85B4F7622AD87BB ] MMCSS C:\Windows\system32\mmcss.dll
10:42:43.0612 5508 MMCSS - ok
10:42:43.0636 5508 [ 21755967298A46FB6ADFEC9DB6012211 ] Modem C:\Windows\system32\drivers\modem.sys
10:42:43.0638 5508 Modem - ok
10:42:43.0676 5508 [ 7446E104A5FE5987CA9E4983FBAC4F97 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
10:42:43.0679 5508 monitor - ok
10:42:43.0717 5508 [ 5FBA13C1A1841B0885D316ED3589489D ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
10:42:43.0719 5508 mouclass - ok
10:42:43.0783 5508 [ B569B5C5D3BDE545DF3A6AF512CCCDBA ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
10:42:43.0785 5508 mouhid - ok
10:42:43.0813 5508 [ 01F1E5A3E4877C931CBB31613FEC16A6 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
10:42:43.0816 5508 MountMgr - ok
10:42:43.0896 5508 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
10:42:43.0899 5508 MozillaMaintenance - ok
10:42:43.0973 5508 [ 583A41F26278D9E0EA548163D6139397 ] mpio C:\Windows\system32\drivers\mpio.sys
10:42:43.0976 5508 mpio - ok
10:42:44.0020 5508 [ 6E7A7F0C1193EE5648443FE2D4B789EC ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
10:42:44.0023 5508 mpsdrv - ok
10:42:44.0077 5508 [ 563ED845885C6A7C09A7715D8BD0585C ] MpsSvc C:\Windows\system32\mpssvc.dll
10:42:44.0090 5508 MpsSvc - ok
10:42:44.0115 5508 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
10:42:44.0117 5508 Mraid35x - ok
10:42:44.0145 5508 [ 1D8828B98EE309D65E006F0829E280E5 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
10:42:44.0149 5508 MRxDAV - ok
10:42:44.0203 5508 [ 8AF705CE1BB907932157FAB821170F27 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
10:42:44.0207 5508 mrxsmb - ok
10:42:44.0241 5508 [ 47E13AB23371BE3279EEF22BBFA2C1BE ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:42:44.0247 5508 mrxsmb10 - ok
10:42:44.0264 5508 [ 90B3FC7BD6B3D7EE7635DEBBA2187F66 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:42:44.0267 5508 mrxsmb20 - ok
10:42:44.0285 5508 [ 742AED7939E734C36B7E8D6228CE26B7 ] msahci C:\Windows\system32\drivers\msahci.sys
10:42:44.0292 5508 msahci - ok
10:42:44.0320 5508 [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm C:\Windows\system32\drivers\msdsm.sys
10:42:44.0323 5508 msdsm - ok
10:42:44.0364 5508 [ BC64A92D821EFEA8BAB8E8CAF1B668BC ] MSDTC C:\Windows\System32\msdtc.exe
10:42:44.0370 5508 MSDTC - ok
10:42:44.0400 5508 [ 729EAFEFD4E7417165F353A18DBE947D ] Msfs C:\Windows\system32\drivers\Msfs.sys
10:42:44.0402 5508 Msfs - ok
10:42:44.0465 5508 [ 5F454A16A5146CD91A176D70F0CFA3EC ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
10:42:44.0467 5508 msisadrv - ok
10:42:44.0523 5508 [ 8ACF956D9154E893E789881430C12632 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
10:42:44.0530 5508 MSiSCSI - ok
10:42:44.0548 5508 msiserver - ok
10:42:44.0575 5508 [ 892CEDEFA7E0FFE7BE8DA651B651D047 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
10:42:44.0578 5508 MSKSSRV - ok
10:42:44.0599 5508 [ AE2CB1DA69B2676B4CEE2A501AF5871C ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
10:42:44.0601 5508 MSPCLOCK - ok
10:42:44.0632 5508 [ F910DA84FA90C44A3ADDB7CD874463FD ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
10:42:44.0634 5508 MSPQM - ok
10:42:44.0664 5508 [ 84571C0AE07647BA38D493F5F0015DF7 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
10:42:44.0669 5508 MsRPC - ok
10:42:44.0693 5508 [ 4385C80EDE885E25492D408CAD91BD6F ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
10:42:44.0695 5508 mssmbios - ok
10:42:44.0729 5508 [ C826DD1373F38AFD9CA46EC3C436A14E ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
10:42:44.0731 5508 MSTEE - ok
10:42:44.0749 5508 [ FA7AA70050CF5E2D15DE00941E5665E5 ] Mup C:\Windows\system32\Drivers\mup.sys
10:42:44.0751 5508 Mup - ok
10:42:44.0819 5508 [ 1CDBB5D002FE2BC5300AA20550D8A52E ] napagent C:\Windows\system32\qagentRT.dll
10:42:44.0830 5508 napagent - ok
10:42:44.0884 5508 [ 6DA4A0FC7C0E83DF0CB3CFD0A514C3BC ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
10:42:44.0900 5508 NativeWifiP - ok
10:42:45.0000 5508 [ 227C11E1E7CF6EF8AFB2A238D209760C ] NDIS C:\Windows\system32\drivers\ndis.sys
10:42:45.0012 5508 NDIS - ok
10:42:45.0052 5508 [ 81659CDCBD0F9A9E07E6878AD8C78D3F ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
10:42:45.0053 5508 NdisTapi - ok
10:42:45.0079 5508 [ 5DE5EE546BF40838EBE0E01CB629DF64 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
10:42:45.0082 5508 Ndisuio - ok
10:42:45.0106 5508 [ 397402ADCBB8946223A1950101F6CD94 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
10:42:45.0115 5508 NdisWan - ok
10:42:45.0146 5508 [ 1B24FA907AF283199A81B3BB37E5E526 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
10:42:45.0149 5508 NDProxy - ok
10:42:45.0220 5508 [ A081CB6FB9A12668F233EB5414BE3A0E ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
10:42:45.0223 5508 Net Driver HPZ12 - ok
10:42:45.0241 5508 [ 356DBB9F98E8DC1028DD3092FCEEB877 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
10:42:45.0248 5508 NetBIOS - ok
10:42:45.0283 5508 [ E3A168912E7EEFC3BD3B814720D68B41 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
10:42:45.0288 5508 netbt - ok
10:42:45.0314 5508 [ C731B1FE449D4E9CEA358C9D55B69BE9 ] Netlogon C:\Windows\system32\lsass.exe
10:42:45.0318 5508 Netlogon - ok
10:42:45.0384 5508 [ 90A4DAE28B94497F83BEA0F2A3B77092 ] Netman C:\Windows\System32\netman.dll
10:42:45.0393 5508 Netman - ok
10:42:45.0431 5508 [ 7C5C3D9CEEE838856B828AB6F98A2857 ] netprofm C:\Windows\System32\netprofm.dll
10:42:45.0440 5508 netprofm - ok
10:42:45.0486 5508 [ 0AD5876EF4E9EB77C8F93EB5B2FFF386 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
10:42:45.0490 5508 NetTcpPortSharing - ok
10:42:45.0636 5508 [ A15F219208843A5A210C8CB391384453 ] NETw3v32 C:\Windows\system32\DRIVERS\NETw3v32.sys
10:42:45.0676 5508 NETw3v32 - ok
10:42:45.0731 5508 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
10:42:45.0734 5508 nfrd960 - ok
10:42:45.0792 5508 [ C424117A562F2DE37A42266894C79AEB ] NlaSvc C:\Windows\System32\nlasvc.dll
10:42:45.0800 5508 NlaSvc - ok
10:42:45.0829 5508 [ 4F9832BEB9FAFD8CEB0E541F1323B26E ] Npfs C:\Windows\system32\drivers\Npfs.sys
10:42:45.0831 5508 Npfs - ok
10:42:45.0851 5508 [ 23B8201A363DE0E649FC75EE9874DEE2 ] nsi C:\Windows\system32\nsisvc.dll
10:42:45.0856 5508 nsi - ok
10:42:45.0887 5508 [ B488DFEC274DE1FC9D653870EF2587BE ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
10:42:45.0889 5508 nsiproxy - ok
10:42:45.0984 5508 [ 37430AA7A66D7A63407ADC2C0D05E9F6 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
10:42:46.0006 5508 Ntfs - ok
10:42:46.0046 5508 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
10:42:46.0048 5508 ntrigdigi - ok
10:42:46.0093 5508 [ EC5EFB3C60F1B624648344A328BCE596 ] Null C:\Windows\system32\drivers\Null.sys
10:42:46.0095 5508 Null - ok
10:42:46.0148 5508 [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid C:\Windows\system32\drivers\nvraid.sys
10:42:46.0152 5508 nvraid - ok
10:42:46.0179 5508 [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor C:\Windows\system32\drivers\nvstor.sys
10:42:46.0182 5508 nvstor - ok
10:42:46.0210 5508 [ 07C186427EB8FCC3D8D7927187F260F7 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
10:42:46.0215 5508 nv_agp - ok
10:42:46.0226 5508 NwlnkFlt - ok
10:42:46.0243 5508 NwlnkFwd - ok
10:42:46.0276 5508 [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
10:42:46.0279 5508 ohci1394 - ok
10:42:46.0352 5508 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:42:46.0354 5508 ose - ok
10:42:46.0436 5508 [ 016D01D3B8FB976A193C7434BED8DCCF ] p2pimsvc C:\Windows\system32\p2psvc.dll
10:42:46.0454 5508 p2pimsvc - ok
10:42:46.0481 5508 [ 016D01D3B8FB976A193C7434BED8DCCF ] p2psvc C:\Windows\system32\p2psvc.dll
10:42:46.0492 5508 p2psvc - ok
10:42:46.0515 5508 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
10:42:46.0523 5508 Parport - ok
10:42:46.0560 5508 [ 555A5B2C8022983BC7467BC925B222EE ] partmgr C:\Windows\system32\drivers\partmgr.sys
10:42:46.0563 5508 partmgr - ok
10:42:46.0590 5508 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
10:42:46.0591 5508 Parvdm - ok
10:42:46.0621 5508 [ D8C5C215C932233A4F1D7F368F4E4E65 ] PcaSvc C:\Windows\System32\pcasvc.dll
10:42:46.0626 5508 PcaSvc - ok
10:42:46.0703 5508 [ 1085D75657807E0E8B32F9E19A1647C3 ] pci C:\Windows\system32\drivers\pci.sys
10:42:46.0708 5508 pci - ok
10:42:46.0727 5508 [ 3B1901E401473E03EB8C874271E50C26 ] pciide C:\Windows\system32\drivers\pciide.sys
10:42:46.0729 5508 pciide - ok
10:42:46.0750 5508 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
10:42:46.0759 5508 pcmcia - ok
10:42:46.0837 5508 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
10:42:46.0857 5508 PEAUTH - ok
10:42:46.0987 5508 [ CD05A38D166BEADE18030BAFC0C0A939 ] pla C:\Windows\system32\pla.dll
10:42:47.0025 5508 pla - ok
10:42:47.0082 5508 [ 747BB4C31F3B6E8D1B5ED0AD61518CB5 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
10:42:47.0092 5508 PlugPlay - ok
10:42:47.0145 5508 [ 65BC271F337637731D3C71455AE1F476 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
10:42:47.0149 5508 Pml Driver HPZ12 - ok
10:42:47.0203 5508 [ 016D01D3B8FB976A193C7434BED8DCCF ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
10:42:47.0213 5508 PNRPAutoReg - ok
10:42:47.0263 5508 [ 016D01D3B8FB976A193C7434BED8DCCF ] PNRPsvc C:\Windows\system32\p2psvc.dll
10:42:47.0273 5508 PNRPsvc - ok
10:42:47.0347 5508 [ 5EBDEC613BD377CE9A85382BE5C6B83B ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
10:42:47.0357 5508 PolicyAgent - ok
10:42:47.0419 5508 [ 6C359AC71D7B550A0D41F9DB4563CE05 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
10:42:47.0422 5508 PptpMiniport - ok
10:42:47.0447 5508 [ 0E3CEF5D28B40CF273281D620C50700A ] Processor C:\Windows\system32\drivers\processr.sys
10:42:47.0450 5508 Processor - ok
10:42:47.0508 5508 [ 213112E152E68F0E4705E36F052A2880 ] ProfSvc C:\Windows\system32\profsvc.dll
10:42:47.0516 5508 ProfSvc - ok
10:42:47.0546 5508 [ C731B1FE449D4E9CEA358C9D55B69BE9 ] ProtectedStorage C:\Windows\system32\lsass.exe
10:42:47.0550 5508 ProtectedStorage - ok
10:42:47.0601 5508 [ 2C8BAE55247C4E09352E870292E4D1AB ] PSched C:\Windows\system32\DRIVERS\pacer.sys
10:42:47.0608 5508 PSched - ok
10:42:47.0654 5508 [ D24DFD16A1E2A76034DF5AA18125C35D ] PSI C:\Windows\system32\DRIVERS\psi_mf.sys
10:42:47.0656 5508 PSI - ok
10:42:47.0705 5508 [ D86B4A68565E444D76457F14172C875A ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
10:42:47.0746 5508 PxHelp20 - ok
10:42:47.0860 5508 [ CCDAC889326317792480C0A67156A1EC ] ql2300 C:\Windows\system32\drivers\ql2300.sys
10:42:47.0897 5508 ql2300 - ok
10:42:47.0934 5508 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
10:42:47.0937 5508 ql40xx - ok
10:42:48.0025 5508 [ CA61BDFD3713A7CE75F2812AFC431594 ] QWAVE C:\Windows\system32\qwave.dll
10:42:48.0035 5508 QWAVE - ok
10:42:48.0069 5508 [ D2B3E2B7426DC23E185FBC73C8936C12 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
10:42:48.0072 5508 QWAVEdrv - ok
10:42:48.0175 5508 [ 8F97D374AD1857E1EED85A79F29A1D3D ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
10:42:48.0181 5508 RapiMgr - ok
10:42:48.0208 5508 [ BD7B30F55B3649506DD8B3D38F571D2A ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
10:42:48.0211 5508 RasAcd - ok
10:42:48.0229 5508 [ F14F4AAB9F54D099FE99192BDB100AC9 ] RasAuto C:\Windows\System32\rasauto.dll
10:42:48.0241 5508 RasAuto - ok
10:42:48.0271 5508 [ 88587DD843E2059848995B407B67F6CF ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
10:42:48.0300 5508 Rasl2tp - ok
10:42:48.0387 5508 [ 11D65E29BC9D1E4114D18FE68194394C ] RasMan C:\Windows\System32\rasmans.dll
10:42:48.0413 5508 RasMan - ok
10:42:48.0453 5508 [ CCF4E9C6CBBAC81437F88CB2AE0B6C96 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
10:42:48.0478 5508 RasPppoe - ok
10:42:48.0611 5508 [ 54129C5D9581BBEC8BD1EBD3BA813F47 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
10:42:48.0687 5508 rdbss - ok
10:42:48.0722 5508 [ 794585276B5D7FCA9F3FC15543F9F0B9 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
10:42:48.0724 5508 RDPCDD - ok
10:42:48.0806 5508 [ E8BD98D46F2ED77132BA927FCCB47D8B ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
10:42:48.0830 5508 rdpdr - ok
10:42:48.0862 5508 [ 980B56E2E273E19D3A9D72D5C420F008 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
10:42:48.0875 5508 RDPENCDD - ok
10:42:48.0932 5508 [ 8830E790A74A96605FABA74F9665BB3C ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
10:42:48.0984 5508 RDPWD - ok
10:42:49.0053 5508 [ C35EC743558ED20FBC99C47616F9415E ] RegSrvc C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
10:42:49.0097 5508 RegSrvc - ok
10:42:49.0247 5508 [ 6C1A43C589EE8011A1EBFD51C01B77CE ] RemoteAccess C:\Windows\System32\mprdim.dll
10:42:49.0266 5508 RemoteAccess - ok
10:42:49.0340 5508 [ 9A043808667C8C1893DA7275AF373F0E ] RemoteRegistry C:\Windows\system32\regsvc.dll
10:42:49.0376 5508 RemoteRegistry - ok
10:42:49.0443 5508 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
10:42:49.0446 5508 RpcLocator - ok
10:42:49.0654 5508 [ 7B981222A257D076885BFFB66F19B7CE ] RpcSs C:\Windows\system32\rpcss.dll
10:42:49.0663 5508 RpcSs - ok
10:42:49.0743 5508 [ 97E939D2128FEC5D5A3E6E79B290A2F4 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
10:42:49.0788 5508 rspndr - ok
10:42:50.0039 5508 [ D72566C2E6A9EE9BA5B0D1F855AF74CF ] S24EventMonitor C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
10:42:50.0193 5508 S24EventMonitor - ok
10:42:50.0311 5508 [ D4661148E44816B6501BE8F4466D65B0 ] s24trans C:\Windows\system32\DRIVERS\s24trans.sys
10:42:50.0336 5508 s24trans - ok
10:42:50.0388 5508 [ C731B1FE449D4E9CEA358C9D55B69BE9 ] SamSs C:\Windows\system32\lsass.exe
10:42:50.0392 5508 SamSs - ok
10:42:50.0443 5508 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
10:42:50.0447 5508 sbp2port - ok
10:42:50.0509 5508 [ 565B4B9E5AD2F2F18A4F8AAFA6C06BBB ] SCardSvr C:\Windows\System32\SCardSvr.dll
10:42:50.0548 5508 SCardSvr - ok
10:42:50.0786 5508 [ 886CEC884B5BE29AB9828B8AB46B11F7 ] Schedule C:\Windows\system32\schedsvc.dll
10:42:50.0871 5508 Schedule - ok
10:42:50.0908 5508 [ 0600E04315FE543802A379D5D23C8BE0 ] SCPolicySvc C:\Windows\System32\certprop.dll
10:42:50.0909 5508 SCPolicySvc - ok
10:42:50.0955 5508 [ F7B6BF02240D0A764ADF8C8966735552 ] SDRSVC C:\Windows\System32\SDRSVC.dll
10:42:50.0962 5508 SDRSVC - ok
10:42:51.0059 5508 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
10:42:51.0079 5508 secdrv - ok
10:42:51.0141 5508 [ 8388C4133DDBE62AD7BC3EC9F14271ED ] seclogon C:\Windows\system32\seclogon.dll
10:42:51.0150 5508 seclogon - ok
10:42:51.0275 5508 [ 7198BBFBE46C0070257278C536386687 ] Secunia PSI Agent C:\Program Files\Secunia\PSI\PSIA.exe
10:42:51.0298 5508 Secunia PSI Agent - ok
10:42:51.0328 5508 Secunia Update Agent - ok
10:42:51.0366 5508 [ 34350AE2C1D33D21C7305F861BD8DAD8 ] SENS C:\Windows\System32\sens.dll
10:42:51.0371 5508 SENS - ok
10:42:51.0398 5508 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
10:42:51.0399 5508 Serenum - ok
10:42:51.0431 5508 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
10:42:51.0447 5508 Serial - ok
10:42:51.0483 5508 [ 450ACCD77EC5CEA720C1CDB9E26B953B ] sermouse C:\Windows\system32\drivers\sermouse.sys
10:42:51.0485 5508 sermouse - ok
10:42:51.0586 5508 [ 78878235DA4DF0D116E86837A0A21DF8 ] SessionEnv C:\Windows\system32\sessenv.dll
10:42:51.0607 5508 SessionEnv - ok
10:42:51.0661 5508 [ 103B79418DA647736EE95645F305F68A ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
10:42:51.0700 5508 sffdisk - ok
10:42:51.0756 5508 [ 8FD08A310645FE872EEEC6E08C6BF3EE ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
10:42:51.0785 5508 sffp_mmc - ok
10:42:51.0821 5508 [ 9CFA05FCFCB7124E69CFC812B72F9614 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
10:42:51.0824 5508 sffp_sd - ok
10:42:51.0844 5508 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
10:42:51.0847 5508 sfloppy - ok
10:42:51.0887 5508 [ 9A82BF4C90B00A63150A606A1E2FD82B ] SharedAccess C:\Windows\System32\ipnathlp.dll
10:42:51.0895 5508 SharedAccess - ok
10:42:51.0956 5508 [ B264DFA21677728613267FE63802B332 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:42:51.0972 5508 ShellHWDetection - ok
10:42:52.0004 5508 [ D2A595D6EEBEEAF4334F8E50EFBC9931 ] sisagp C:\Windows\system32\drivers\sisagp.sys
10:42:52.0007 5508 sisagp - ok
10:42:52.0048 5508 [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
10:42:52.0050 5508 SiSRaid2 - ok
10:42:52.0099 5508 [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
10:42:52.0102 5508 SiSRaid4 - ok
10:42:52.0270 5508 [ A1DCD30534835CB67733AD00175125A6 ] slsvc C:\Windows\system32\SLsvc.exe
10:42:52.0352 5508 slsvc - ok
10:42:52.0391 5508 [ 56DA296E7B376A727E7BDC5AC7FBEE02 ] SLUINotify C:\Windows\system32\SLUINotify.dll
10:42:52.0403 5508 SLUINotify - ok
10:42:52.0433 5508 [ AC0D90738ADB51A6FD12FF00874A2162 ] Smb C:\Windows\system32\DRIVERS\smb.sys
10:42:52.0436 5508 Smb - ok
10:42:52.0508 5508 [ BE6038E0A7D2E2FE69107E41A0265831 ] SNC C:\Windows\system32\Drivers\SonyNC.sys
10:42:52.0511 5508 SNC - ok
10:42:52.0543 5508 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
10:42:52.0549 5508 SNMPTRAP - ok
10:42:52.0595 5508 [ 426F9B029AA9162CECCF65369457D046 ] spldr C:\Windows\system32\drivers\spldr.sys
10:42:52.0598 5508 spldr - ok
10:42:52.0632 5508 [ DA612EF2556776DF2630B68BF2D48935 ] Spooler C:\Windows\System32\spoolsv.exe
10:42:52.0641 5508 Spooler - ok
10:42:52.0738 5508 [ 3FE4C643D69ADDB0D3768FFFF32E0D3D ] SQ931 C:\Windows\system32\Drivers\Capt931a.sys
10:42:52.0750 5508 SQ931 - ok
10:42:52.0841 5508 [ 038579C35F7CAD4A4BBF735DBF83277D ] srv C:\Windows\system32\DRIVERS\srv.sys
10:42:52.0849 5508 srv - ok
10:42:52.0903 5508 [ 6971A757AF8CB5E2CBCBB76CC530DB6C ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
10:42:52.0907 5508 srv2 - ok
10:42:52.0940 5508 [ 9E1A4603B874EEBCE0298113951ABEFB ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
10:42:52.0944 5508 srvnet - ok
10:42:53.0026 5508 [ D6870895FE46A464A19141440EB6CC1E ] sscdbus C:\Windows\system32\DRIVERS\sscdbus.sys
10:42:53.0029 5508 sscdbus - ok
10:42:53.0095 5508 [ 0FE167362E4689B716CDC8D93ADEDDA8 ] sscdmdfl C:\Windows\system32\DRIVERS\sscdmdfl.sys
10:42:53.0097 5508 sscdmdfl - ok
10:42:53.0123 5508 [ 55A15707E32B6709242AD127E62CA55A ] sscdmdm C:\Windows\system32\DRIVERS\sscdmdm.sys
10:42:53.0127 5508 sscdmdm - ok
10:42:53.0173 5508 [ 9FA66E361A99F8920C7609BAE6814A0E ] sscdserd C:\Windows\system32\DRIVERS\sscdserd.sys
10:42:53.0177 5508 sscdserd - ok
10:42:53.0239 5508 [ 8D3E4BAFF8B3997138C38EB1B600519A ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
10:42:53.0247 5508 SSDPSRV - ok
10:42:53.0335 5508 [ A941E099EF46E3CC12F898CBE1C39910 ] stisvc C:\Windows\System32\wiaservc.dll
10:42:53.0351 5508 stisvc - ok
10:42:53.0398 5508 [ 1379BDB336F8158C176A465E30759F57 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
10:42:53.0401 5508 swenum - ok
10:42:53.0434 5508 [ 749ADA8D6C18A08ADFEDE69CBF5DB2E0 ] swprv C:\Windows\System32\swprv.dll
10:42:53.0446 5508 swprv - ok
10:42:53.0600 5508 [ 96BB13EF21DD3887E43A1263F97C6C2E ] Symantec Core LC C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
10:42:53.0632 5508 Symantec Core LC - ok
10:42:53.0657 5508 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
10:42:53.0660 5508 Symc8xx - ok
10:42:53.0710 5508 [ B226F8A4D780ACDF76145B58BB791D5B ] symlcbrd C:\WINDOWS\system32\drivers\symlcbrd.sys
10:42:53.0712 5508 symlcbrd - ok
10:42:53.0743 5508 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
10:42:53.0790 5508 Sym_hi - ok
10:42:53.0856 5508 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
10:42:53.0902 5508 Sym_u3 - ok
10:42:53.0997 5508 [ 8F2B5FEDE18BD3C4C926CBF88E6F1264 ] SysMain C:\Windows\system32\sysmain.dll
10:42:54.0014 5508 SysMain - ok
10:42:54.0071 5508 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:42:54.0079 5508 TabletInputService - ok
10:42:54.0133 5508 [ EF3DD33C740FC2F82E7E4622F1C49289 ] TapiSrv C:\Windows\System32\tapisrv.dll
10:42:54.0145 5508 TapiSrv - ok
10:42:54.0222 5508 [ EBB2AB0E249202B1D9C734B3DCF712C0 ] tbhMonitor.exe C:\Program Files\tbh\monitor\bin\tbhMonitor.exe
10:42:54.0225 5508 tbhMonitor.exe - ok
10:42:54.0250 5508 [ 68FA52794AE9ACC61BDE16FE0956B414 ] TBS C:\Windows\System32\tbssvc.dll
10:42:54.0260 5508 TBS - ok
10:42:54.0339 5508 [ 4A82FA8F0DF67AA354580C3FAAF8BDE3 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
10:42:54.0359 5508 Tcpip - ok
10:42:54.0394 5508 [ 4A82FA8F0DF67AA354580C3FAAF8BDE3 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
10:42:54.0402 5508 Tcpip6 - ok
10:42:54.0454 5508 [ 5CE0C4A7B12D0067DAD527D72B68C726 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
10:42:54.0457 5508 tcpipreg - ok
10:42:54.0508 5508 [ 964248AEF49C31FA6A93201A73FFAF50 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
10:42:54.0510 5508 TDPIPE - ok
10:42:54.0549 5508 [ 7D2C1AE1648A60FCE4AA0F7982E419D3 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
10:42:54.0552 5508 TDTCP - ok
10:42:54.0582 5508 [ AB4FDE8AF4A0270A46A001C08CBCE1C2 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
10:42:54.0585 5508 tdx - ok
10:42:54.0615 5508 [ 2C549BD9DD091FBFAA0A2A48E82EC2FB ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
10:42:54.0618 5508 TermDD - ok
10:42:54.0692 5508 [ FAD71C1E8E4047B154E899AE31EB8CAA ] TermService C:\Windows\System32\termsrv.dll
10:42:54.0706 5508 TermService - ok
10:42:54.0735 5508 [ B264DFA21677728613267FE63802B332 ] Themes C:\Windows\system32\shsvcs.dll
10:42:54.0741 5508 Themes - ok
10:42:54.0765 5508 [ 9DFA3A459AF0954AA85B4F7622AD87BB ] THREADORDER C:\Windows\system32\mmcss.dll
10:42:54.0770 5508 THREADORDER - ok
10:42:54.0828 5508 [ 26587CE8E6C6F16B8B4E7E2C16FA00BF ] ti21sony C:\Windows\system32\drivers\ti21sony.sys
10:42:54.0835 5508 ti21sony - ok
10:42:54.0913 5508 [ 18720B71393AD23954D69A361E500F47 ] TlntSvr C:\Windows\System32\tlntsvr.exe
10:42:54.0921 5508 TlntSvr - ok
10:42:54.0950 5508 [ 6BBA0582C0025D43729A1112D3B57897 ] TrkWks C:\Windows\System32\trkwks.dll
10:42:54.0958 5508 TrkWks - ok
10:42:55.0061 5508 [ 34E388A395FEDBA1D0511ED39BBF4074 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:42:55.0063 5508 TrustedInstaller - ok
10:42:55.0157 5508 [ 29F0ECA726F0D51F7E048BDB0B372F29 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
10:42:55.0159 5508 tssecsrv - ok
10:42:55.0219 5508 [ 65E953BC0084D44498B51F59784D2A82 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
10:42:55.0221 5508 tunmp - ok
10:42:55.0268 5508 [ 4A39BDA5E0FD30BDF4884F9D33AE6105 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
10:42:55.0271 5508 tunnel - ok
10:42:55.0302 5508 [ C3ADE15414120033A36C0F293D4A4121 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
10:42:55.0309 5508 uagp35 - ok
10:42:55.0348 5508 [ 6348DA98707CEDA8A0DFB05820E17732 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
10:42:55.0355 5508 udfs - ok
10:42:55.0428 5508 [ 24A333F4F14DCFB6FF6D5A1B9E5D79DD ] UI0Detect C:\Windows\system32\UI0Detect.exe
10:42:55.0435 5508 UI0Detect - ok
10:42:55.0463 5508 [ 75E6890EBFCE0841D3291B02E7A8BDB0 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
10:42:55.0466 5508 uliagpkx - ok
10:42:55.0503 5508 [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci C:\Windows\system32\drivers\uliahci.sys
10:42:55.0510 5508 uliahci - ok
10:42:55.0529 5508 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
10:42:55.0537 5508 UlSata - ok
10:42:55.0571 5508 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
10:42:55.0593 5508 ulsata2 - ok
10:42:55.0637 5508 [ 3FB78F1D1DD86D87BECECD9DFFA24DD9 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
10:42:55.0639 5508 umbus - ok
10:42:55.0774 5508 [ 1E9993AC255B3220BCE71FE9E056BBC9 ] Updater Service for StartNow Toolbar C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe
10:42:55.0780 5508 Updater Service for StartNow Toolbar - ok
10:42:55.0844 5508 [ 8EB871A3DEB6B3D5A85EB6DDFC390B59 ] upnphost C:\Windows\System32\upnphost.dll
10:42:55.0857 5508 upnphost - ok
10:42:55.0919 5508 [ 83CAFCB53201BBAC04D822F32438E244 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
10:42:55.0921 5508 USBAAPL - ok
10:42:55.0968 5508 [ F6BF998AE33E3FB6C7D27F0560F1173F ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
10:42:55.0972 5508 usbaudio - ok
10:42:56.0025 5508 [ B0BA9CAFFE9B0555EC0317F30CB79CD2 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
10:42:56.0029 5508 usbccgp - ok
10:42:56.0092 5508 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
10:42:56.0096 5508 usbcir - ok
10:42:56.0173 5508 [ C9FCD05B0A80EA08C2768E5A279B14DE ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
10:42:56.0176 5508 usbehci - ok
10:42:56.0206 5508 [ 5E44F7D957F7560DA06BFE6B84B58A35 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
10:42:56.0211 5508 usbhub - ok
10:42:56.0259 5508 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
10:42:56.0261 5508 usbohci - ok
10:42:56.0314 5508 [ B51E52ACF758BE00EF3A58EA452FE360 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
10:42:56.0316 5508 usbprint - ok
10:42:56.0356 5508 [ B1F95285C08DDFE00C0B955462637EC7 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
10:42:56.0378 5508 usbscan - ok
10:42:56.0457 5508 [ 7887CE56934E7F104E98C975F47353C5 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:42:56.0486 5508 USBSTOR - ok
10:42:56.0525 5508 [ D864735B0BFCB65440960A0B7CC1A38D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
10:42:56.0559 5508 usbuhci - ok
10:42:56.0643 5508 [ 0A6B81F01BC86399482E27E6FDA7B33B ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
10:42:56.0647 5508 usbvideo - ok
10:42:56.0735 5508 [ DB4721908DAA0383EE82FFE430AEBAE1 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
10:42:56.0759 5508 usb_rndisx - ok
10:42:56.0841 5508 [ F79D0D7C9004474CB42746D9B2C30A2B ] UxSms C:\Windows\System32\uxsms.dll
10:42:56.0870 5508 UxSms - ok
10:42:56.0976 5508 [ C9D0BAFEE0D0A2681F048CA61BC0DA96 ] vds C:\Windows\System32\vds.exe
10:42:57.0044 5508 vds - ok
10:42:57.0094 5508 [ 7D92BE0028ECDEDEC74617009084B5EF ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
10:42:57.0116 5508 vga - ok
10:42:57.0170 5508 [ 17A8F877314E4067F8C8172CC6D9101C ] VgaSave C:\Windows\System32\drivers\vga.sys
10:42:57.0172 5508 VgaSave - ok
10:42:57.0228 5508 [ 045D9961E591CF0674A920B6BA3BA5CB ] viaagp C:\Windows\system32\drivers\viaagp.sys
10:42:57.0230 5508 viaagp - ok
10:42:57.0279 5508 [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
10:42:57.0305 5508 ViaC7 - ok
10:42:57.0343 5508 [ FD2E3175FCADA350C7AB4521DCA187EC ] viaide C:\Windows\system32\drivers\viaide.sys
10:42:57.0361 5508 viaide - ok
10:42:57.0542 5508 [ 5F974FDE801C73952770736BECDE11E7 ] Viewpoint Manager Service C:\Program Files\Viewpoint\Common\ViewpointService.exe
10:42:57.0568 5508 Viewpoint Manager Service - ok
10:42:57.0610 5508 [ 103E84C95832D0ED93507997CC7B54E8 ] volmgr C:\Windows\system32\drivers\volmgr.sys
10:42:57.0646 5508 volmgr - ok
10:42:57.0721 5508 [ 294DA8D3F965F6A8DB934A83C7B461FF ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
10:42:57.0768 5508 volmgrx - ok
10:42:57.0831 5508 [ 80DC0C9BCB579ED9815001A4D37CBFD5 ] volsnap C:\Windows\system32\drivers\volsnap.sys
10:42:57.0857 5508 volsnap - ok
10:42:57.0917 5508 [ D984439746D42B30FC65A4C3546C6829 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
10:42:57.0941 5508 vsmraid - ok
10:42:58.0211 5508 [ E0E29D9EF2524ABD11749C7C2FD7F607 ] VSS C:\Windows\system32\vssvc.exe
10:42:58.0337 5508 VSS - ok
10:42:58.0487 5508 [ 62B0D0F6F5580D9D0DFA5E0B466FF2ED ] W32Time C:\Windows\system32\w32time.dll
10:42:58.0541 5508 W32Time - ok
10:42:58.0651 5508 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
10:42:58.0679 5508 WacomPen - ok
10:42:58.0730 5508 [ 6798C1209A53B5A0DED8D437C45145FF ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
10:42:58.0753 5508 Wanarp - ok
10:42:58.0821 5508 [ 6798C1209A53B5A0DED8D437C45145FF ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
10:42:58.0823 5508 Wanarpv6 - ok
10:42:59.0062 5508 [ 59E19BD13C3BDB857646B9E436BA27F7 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
10:42:59.0133 5508 WcesComm - ok
10:42:59.0288 5508 [ C1B19162E0509CEAB4CDF664E139D956 ] wcncsvc C:\Windows\System32\wcncsvc.dll
10:42:59.0324 5508 wcncsvc - ok
10:42:59.0368 5508 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:42:59.0387 5508 WcsPlugInService - ok
10:42:59.0444 5508 [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd C:\Windows\system32\drivers\wd.sys
10:42:59.0446 5508 Wd - ok
10:42:59.0593 5508 [ 7B5F66E4A2219C7D9DAF9E738480E534 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
10:42:59.0609 5508 Wdf01000 - ok
10:42:59.0674 5508 [ 2A424B89B14EF17A3D06BCB5A8F79601 ] WdiServiceHost C:\Windows\system32\wdi.dll
10:42:59.0703 5508 WdiServiceHost - ok
10:42:59.0722 5508 [ 2A424B89B14EF17A3D06BCB5A8F79601 ] WdiSystemHost C:\Windows\system32\wdi.dll
10:42:59.0733 5508 WdiSystemHost - ok
10:42:59.0777 5508 [ 01E41C264EEDCB827820A1909162579F ] WebClient C:\Windows\System32\webclnt.dll
10:42:59.0787 5508 WebClient - ok
10:42:59.0870 5508 [ 9CF67FF7F8D34CBF115D0C278B9F74AA ] Wecsvc C:\Windows\system32\wecsvc.dll
10:42:59.0881 5508 Wecsvc - ok
10:42:59.0903 5508 [ B68CAB45DB1DAB59D92ACADFAD6364A8 ] wercplsupport C:\Windows\System32\wercplsupport.dll
10:42:59.0910 5508 wercplsupport - ok
10:42:59.0942 5508 [ 36BA0707680EF4236FD752BEE982CC25 ] WerSvc C:\Windows\System32\WerSvc.dll
10:42:59.0956 5508 WerSvc - ok
10:43:00.0131 5508 [ 317DC24899AD7A06E3430BF45F292989 ] winachsf C:\Windows\system32\DRIVERS\HSF_CNXT.sys
10:43:00.0181 5508 winachsf - ok
10:43:00.0605 5508 [ 0D5AD0E71FF5DDAC5DD2F443B499ABD0 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
10:43:00.0611 5508 WinDefend - ok
10:43:00.0635 5508 WinHttpAutoProxySvc - ok
10:43:00.0790 5508 [ 38A7B89DE4E3417C122317949667FDD8 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
10:43:00.0794 5508 Winmgmt - ok
10:43:00.0885 5508 [ 3F6823040030C3E4DA1CF11CD40B7534 ] WinRM C:\Windows\system32\WsmSvc.dll
10:43:00.0930 5508 WinRM - ok
10:43:01.0026 5508 [ 7640ACEA41348BFEF34B76E245501261 ] Wlansvc C:\Windows\System32\wlansvc.dll
10:43:01.0043 5508 Wlansvc - ok
10:43:01.0145 5508 [ 20263DAFD033D30F151BB87568386769 ] WmcCds c:\program files\windows media connect\mswmccds.exe
10:43:01.0158 5508 WmcCds - ok
10:43:01.0217 5508 [ 1DD015A69235DCFAE18B5F98FB50BE23 ] WmcCdsLs C:\Program Files\Windows Media Connect\mswmcls.exe
10:43:01.0218 5508 WmcCdsLs - ok
10:43:01.0274 5508 [ 701A9F884A294327E9141D73746EE279 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
10:43:01.0276 5508 WmiAcpi - ok
10:43:01.0366 5508 [ A279323BEE5FFFAFDA222910BCE92132 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
10:43:01.0370 5508 wmiApSrv - ok
10:43:01.0475 5508 [ ACB2E63D50157E3EA7140F29D9E76A48 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
10:43:01.0497 5508 WMPNetworkSvc - ok
10:43:01.0540 5508 [ 3D3B3B80C12ABE506F56930C46422C28 ] WPCSvc C:\Windows\System32\wpcsvc.dll
10:43:01.0550 5508 WPCSvc - ok
10:43:01.0589 5508 [ C24844A1D0D9528B19D5BC266B8CD572 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
10:43:01.0596 5508 WPDBusEnum - ok
10:43:01.0647 5508 [ 2D27171B16A577EF14C1273668753485 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
10:43:01.0650 5508 WpdUsb - ok
10:43:01.0680 5508 [ 84620AECDCFD2A7A14E6263927D8C0ED ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
10:43:01.0704 5508 ws2ifsl - ok
10:43:01.0738 5508 [ F97CBB919AF6D0A6643D1A59C15014D1 ] wscsvc C:\Windows\system32\wscsvc.dll
10:43:01.0746 5508 wscsvc - ok
10:43:01.0754 5508 WSearch - ok
10:43:01.0917 5508 [ 6298277B73C77FA99106B271A7525163 ] wuauserv C:\Windows\system32\wuaueng.dll
10:43:01.0966 5508 wuauserv - ok
10:43:02.0050 5508 [ A2AAFCC8A204736296D937C7C545B53F ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
10:43:02.0074 5508 WUDFRd - ok
10:43:02.0124 5508 [ DB5BF5AAB72B1B99B5331231D09EBB26 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
10:43:02.0131 5508 wudfsvc - ok
10:43:02.0302 5508 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
10:43:02.0321 5508 YahooAUService - ok
10:43:02.0374 5508 [ 7D1F3B131D503EF43EE594B5A2B9B427 ] yukonwlh C:\Windows\system32\DRIVERS\yk60x86.sys
10:43:02.0380 5508 yukonwlh - ok
10:43:02.0408 5508 ================ Scan global ===============================
10:43:02.0460 5508 [ 8CD98A8EC9CADAF4E051CDCAC15C96C4 ] C:\Windows\system32\basesrv.dll
10:43:02.0510 5508 [ E3F137ADC0A9D7F3A2E4F557272FE6B3 ] C:\Windows\system32\winsrv.dll
10:43:02.0543 5508 [ E3F137ADC0A9D7F3A2E4F557272FE6B3 ] C:\Windows\system32\winsrv.dll
10:43:02.0596 5508 [ 329CF3C97CE4C19375C8ABCABAE258B0 ] C:\Windows\system32\services.exe
10:43:02.0611 5508 [Global] - ok
10:43:02.0616 5508 ================ Scan MBR ==================================
10:43:02.0639 5508 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
10:43:03.0020 5508 \Device\Harddisk0\DR0 - ok
10:43:03.0024 5508 ================ Scan VBR ==================================
10:43:03.0029 5508 [ 134A90992882132C9206EBFF5AA9E3D8 ] \Device\Harddisk0\DR0\Partition1
10:43:03.0031 5508 \Device\Harddisk0\DR0\Partition1 - ok
10:43:03.0035 5508 ============================================================
10:43:03.0035 5508 Scan finished
10:43:03.0035 5508 ============================================================
10:43:03.0063 4292 Detected object count: 0
10:43:03.0063 4292 Actual detected object count: 0
10:44:22.0880 2164 Deinitialize success

---------------------------------------------------------
aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-09-09 10:52:45
-----------------------------
10:52:45.318 OS Version: Windows 6.0.6000
10:52:45.318 Number of processors: 1 586 0xE08
10:52:45.318 ComputerName: VALUED-11599CE5 UserName: Luis Sanchez
10:52:48.671 Initialze error C000010E - driver not loaded
10:52:52.175 AVAST engine defs: 12090900
10:53:08.859 Scan error: Incorrect function.
10:54:56.008 The log file has been saved successfully to "C:\aswMBR.txt"


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-09-09 10:52:19
-----------------------------
10:52:19.551 OS Version: Windows 6.0.6000
10:52:19.551 Number of processors: 1 586 0xE08
10:52:19.551 ComputerName: VALUED-11599CE5 UserName: Luis Sanchez
10:52:44.645 Initialize success
10:52:52.050 AVAST engine defs: 12090900
13:38:28.414 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-1
13:38:28.430 Disk 0 Vendor: TOSHIBA_MK8032GSX AS111G Size: 76319MB BusType: 3
13:38:28.430 Disk 1 \Device\Harddisk1\DR1 -> \Device\0000006f
13:38:28.430 Disk 1 Vendor: ( Size: 76319MB BusType: 0
13:38:28.430 Disk 2 \Device\Harddisk2\DR2 -> \Device\00000070
13:38:28.445 Disk 2 Vendor: ( Size: 76319MB BusType: 0
13:38:28.492 Disk 0 MBR read successfully
13:38:28.492 Disk 0 MBR scan
13:38:28.633 Disk 0 Windows VISTA default MBR code
13:38:28.664 Disk 0 Partition 1 00 12 Compaq diag NTFS 5592 MB offset 63
13:38:28.680 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 70723 MB offset 11454345
13:38:28.695 Disk 0 scanning sectors +156296385
13:38:28.836 Disk 0 scanning C:\Windows\system32\drivers
13:38:48.889 Service scanning
13:39:23.050 Modules scanning
13:39:43.216 Disk 0 trace - called modules:
13:39:43.263 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS intelide.sys PCIIDEX.SYS atapi.sys
13:39:43.263 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x84bd7400]
13:39:43.278 3 ntkrnlpa.exe[820b07e2] -> nt!IofCallDriver -> [0x8443a928]
13:39:43.278 5 acpi.sys[8046932a] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-1[0x844383a8]
13:39:45.564 AVAST engine scan C:\Windows
13:40:03.800 AVAST engine scan C:\Windows\system32
13:42:56.218 AVAST engine scan C:\Windows\system32\drivers
13:43:26.530 AVAST engine scan C:\Users\Luis Sanchez
13:47:46.234 Disk 0 MBR has been saved successfully to "C:\MBR.dat"
13:47:46.250 The log file has been saved successfully to "C:\aswMBR.txt"

----------------------------------------------------------------------------------------
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\Burn4Free_Toolbar.dll Win32/Adware.Agent.NJT application cleaned by deleting - quarantined
C:\Program Files\StartNow Toolbar\Reactivate.exe a variant of Win32/Toolbar.Zugo application cleaned by deleting - quarantined
C:\Program Files\StartNow Toolbar\Toolbar32.dll a variant of Win32/Toolbar.Zugo application cleaned by deleting - quarantined
C:\Program Files\StartNow Toolbar\ToolbarBroker.exe a variant of Win32/Toolbar.Zugo application cleaned by deleting - quarantined
C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe a variant of Win32/Toolbar.Zugo application cleaned by deleting (after the next restart) - quarantined
C:\Program Files\Windows Searchqu Toolbar\Datamngr\BrowserConnection.dll Win32/Toolbar.SearchSuite application cleaned by deleting - quarantined
C:\Program Files\Windows Searchqu Toolbar\Datamngr\datamngr.dll a variant of Win32/Toolbar.SearchSuite application cleaned by deleting - quarantined
C:\Program Files\Windows Searchqu Toolbar\Datamngr\datamngrUI.exe a variant of Win32/Toolbar.SearchSuite application cleaned by deleting - quarantined
C:\Program Files\Windows Searchqu Toolbar\Datamngr\DnsBHO.dll probably a variant of Win32/Toolbar.SearchSuite application cleaned by deleting - quarantined
C:\Program Files\Windows Searchqu Toolbar\Datamngr\IEBHO.dll probably a variant of Win32/Toolbar.SearchSuite application cleaned by deleting - quarantined
C:\Users\Luis Sanchez\AppData\Local\Temp\NOD8E3F.tmp a variant of Win32/Toolbar.Zugo application cleaned by deleting - quarantined
C:\Users\Luis Sanchez\AppData\Local\Temp\ICReinstall\cnet_Setup_FreeBurner_exe(1).exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined
C:\Users\Luis Sanchez\AppData\Local\Temp\ICReinstall\cnet_Setup_FreeBurner_exe.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined
C:\Users\Luis Sanchez\AppData\Local\Temp\is1598539481\2998870_Setup.DAT Win32/Toolbar.SearchSuite application cleaned by deleting - quarantined
C:\Users\Luis Sanchez\AppData\Local\Temp\is1598539481\3232989_Setup.DAT Win32/Toolbar.SearchSuite application cleaned by deleting - quarantined
C:\Users\Luis Sanchez\AppData\Local\Temp\is1598539481\zgInstaller.exe Win32/Toolbar.Zugo application cleaned by deleting - quarantined
C:\Users\Luis Sanchez\Downloads\cnet_Setup_FreeBurner_exe(1).exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined
C:\Users\Luis Sanchez\Downloads\Setup_FreeBurner(1).exe Win32/Toolbar.SearchSuite application cleaned by deleting - quarantined
C:\Users\Luis Sanchez\Downloads\Setup_FreeBurner.exe Win32/Toolbar.SearchSuite application cleaned by deleting - quarantined
C:\Users\Luis Sanchez\Downloads\Documents\me 07-22-2011.scr a variant of Win32/Injector.NMD trojan deleted - quarantined
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RGW2EA4\updater-startnow-200-2.5-d[1].exe a variant of Win32/Toolbar.Zugo application cleaned by deleting - quarantined

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:56 PM

Posted 09 September 2012 - 07:33 PM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#5 BNN

BNN
  • Topic Starter

  • Members
  • 72 posts
  • OFFLINE
  •  
  • Local time:06:56 PM

Posted 10 September 2012 - 06:36 PM

hello
MBAM scan resulted in no infection found
mini toolbox:
MiniToolBox by Farbar Version: 23-07-2012
Ran by Luis Sanchez (administrator) on 10-09-2012 at 19:14:39
Microsoft® Windows Vista™ Home Premium (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
ProxyServer: http=127.0.0.1:6092

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

::1 localhost

127.0.0.1 localhost

========================= IP Configuration: ================================

Intel® PRO/Wireless 3945ABG Network Connection = Wireless Network Connection (Connected)
Marvell Yukon 88E8036 PCI-E Fast Ethernet Controller = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set interface luid=loopback_0 forwarding=disabled advertise=disabled mtu=0 metric=0 metric=0 nud=disabled basereachabletime=0 retransmittime=0 routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled
set interface luid=ethernet_1 forwarding=disabled advertise=disabled mtu=0 metric=0 metric=0 nud=disabled basereachabletime=0 retransmittime=0 routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled
set interface luid=ethernet_2 forwarding=disabled advertise=disabled mtu=0 metric=0 metric=0 nud=disabled basereachabletime=0 retransmittime=0 routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled
set interface luid=ethernet_4 forwarding=disabled advertise=disabled mtu=0 metric=0 metric=0 nud=disabled basereachabletime=0 retransmittime=0 routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled
set interface luid=wireless_0 forwarding=disabled advertise=disabled mtu=0 metric=0 metric=0 nud=disabled basereachabletime=0 retransmittime=0 routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled
set interface luid=ethernet_6 forwarding=disabled advertise=disabled mtu=0 metric=0 metric=0 nud=disabled basereachabletime=0 retransmittime=0 routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : VALUED-11599CE5
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : mbdaitalia.it

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : mbdaitalia.it
Description . . . . . . . . . . . : Intel® PRO/Wireless 3945ABG Network Connection
Physical Address. . . . . . . . . : 00-18-DE-77-6F-6B
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::159:87af:7235:c6fa%8(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.105(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Monday, September 10, 2012 6:20:58 PM
Lease Expires . . . . . . . . . . : Tuesday, September 11, 2012 6:20:58 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 184555742
DNS Servers . . . . . . . . . . . : 216.181.31.11
216.181.30.11
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Marvell Yukon 88E8036 PCI-E Fast Ethernet Controller
Physical Address. . . . . . . . . : 00-13-A9-7E-87-36
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection*:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{C2D9FF1D-CCE1-4BB1-8999-5D1BFB9E5C7A}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 2:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:1479:13a:3f57:fe96(Preferred)
Link-local IPv6 Address . . . . . : fe80::1479:13a:3f57:fe96%10(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Local Area Connection* 10:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{DB323396-F134-409A-906E-6580CC6D72A9}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.mbdaitalia.it
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 15:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.mbdaitalia.it
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 24:

Connection-specific DNS Suffix . : mbdaitalia.it
Description . . . . . . . . . . . : isatap.mbdaitalia.it
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::5efe:192.168.1.105%30(Preferred)
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 216.181.31.11
216.181.30.11
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: nj3dns.bw.iprimus.net
Address: 216.181.31.11:53

Name: google.com
Addresses: 74.125.139.101, 74.125.139.102, 74.125.139.113, 74.125.139.138
74.125.139.139, 74.125.139.100



Pinging google.com [74.125.139.100] with 32 bytes of data:



Reply from 74.125.139.100: bytes=32 time=27ms TTL=45

Reply from 74.125.139.100: bytes=32 time=36ms TTL=45



Ping statistics for 74.125.139.100:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 27ms, Maximum = 36ms, Average = 31ms

Server: nj3dns.bw.iprimus.net
Address: 216.181.31.11:53

Name: yahoo.com
Addresses: 72.30.38.140, 98.138.253.109, 98.139.183.24



Pinging yahoo.com [98.139.183.24] with 32 bytes of data:



Reply from 98.139.183.24: bytes=32 time=91ms TTL=46

Reply from 98.139.183.24: bytes=32 time=131ms TTL=47



Ping statistics for 98.139.183.24:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 91ms, Maximum = 131ms, Average = 111ms

Server: nj3dns.bw.iprimus.net
Address: 216.181.31.11:53

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:



Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
8 ...00 18 de 77 6f 6b ...... Intel® PRO/Wireless 3945ABG Network Connection
7 ...00 13 a9 7e 87 36 ...... Marvell Yukon 88E8036 PCI-E Fast Ethernet Controller
1 ........................... Software Loopback Interface 1
12 ...00 00 00 00 00 00 00 e0 isatap.{C2D9FF1D-CCE1-4BB1-8999-5D1BFB9E5C7A}
10 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
16 ...00 00 00 00 00 00 00 e0 isatap.{DB323396-F134-409A-906E-6580CC6D72A9}
17 ...00 00 00 00 00 00 00 e0 isatap.mbdaitalia.it
19 ...00 00 00 00 00 00 00 e0 isatap.mbdaitalia.it
30 ...00 00 00 00 00 00 00 e0 isatap.mbdaitalia.it
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.105 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.105 281
192.168.1.105 255.255.255.255 On-link 192.168.1.105 281
192.168.1.255 255.255.255.255 On-link 192.168.1.105 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.105 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.105 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
10 18 ::/0 On-link
1 306 ::1/128 On-link
10 18 2001::/32 On-link
10 266 2001:0:4137:9e76:1479:13a:3f57:fe96/128
On-link
8 281 fe80::/64 On-link
10 266 fe80::/64 On-link
30 286 fe80::5efe:192.168.1.105/128
On-link
8 281 fe80::159:87af:7235:c6fa/128
On-link
10 266 fe80::1479:13a:3f57:fe96/128
On-link
1 306 ff00::/8 On-link
10 266 ff00::/8 On-link
8 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [227328] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [19968] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/09/2012 09:03:13 PM) (Source: MsiInstaller) (User: NT AUTHORITY)NT AUTHORITY
Description: Product: Microsoft .NET Framework 1.1 - Update '{DAA94A2A-2A8D-4D3B-9DB8-56FBECED082D}' could not be installed. Error code 1603. Additional information is available in the log file C:\Windows\TEMP\NDP1.1sp1-KB953297-X86\NDP1.1sp1-KB953297-X86-msi.0.log.

Error: (09/09/2012 09:54:51 AM) (Source: Application Error) (User: )
Description: Faulting application firefox.exe, version 15.0.1.4631, time stamp 0x5047f9c5, faulting module xul.dll, version 15.0.1.4631, time stamp 0x5047f93b, exception code 0xc0000005, fault offset 0x0010e567,
process id 0x244, application start time 0xfirefox.exe0.

Error: (09/08/2012 09:02:46 PM) (Source: MsiInstaller) (User: NT AUTHORITY)NT AUTHORITY
Description: Product: Microsoft .NET Framework 1.1 - Update '{DAA94A2A-2A8D-4D3B-9DB8-56FBECED082D}' could not be installed. Error code 1603. Additional information is available in the log file C:\Windows\TEMP\NDP1.1sp1-KB953297-X86\NDP1.1sp1-KB953297-X86-msi.0.log.

Error: (09/07/2012 09:01:17 PM) (Source: MsiInstaller) (User: NT AUTHORITY)NT AUTHORITY
Description: Product: Microsoft .NET Framework 1.1 - Update '{DAA94A2A-2A8D-4D3B-9DB8-56FBECED082D}' could not be installed. Error code 1603. Additional information is available in the log file C:\Windows\TEMP\NDP1.1sp1-KB953297-X86\NDP1.1sp1-KB953297-X86-msi.0.log.

Error: (09/06/2012 09:01:55 PM) (Source: MsiInstaller) (User: NT AUTHORITY)NT AUTHORITY
Description: Product: Microsoft .NET Framework 1.1 - Update '{DAA94A2A-2A8D-4D3B-9DB8-56FBECED082D}' could not be installed. Error code 1603. Additional information is available in the log file C:\Windows\TEMP\NDP1.1sp1-KB953297-X86\NDP1.1sp1-KB953297-X86-msi.0.log.

Error: (09/05/2012 09:02:49 PM) (Source: MsiInstaller) (User: NT AUTHORITY)NT AUTHORITY
Description: Product: Microsoft .NET Framework 1.1 - Update '{DAA94A2A-2A8D-4D3B-9DB8-56FBECED082D}' could not be installed. Error code 1603. Additional information is available in the log file C:\Windows\TEMP\NDP1.1sp1-KB953297-X86\NDP1.1sp1-KB953297-X86-msi.0.log.

Error: (09/04/2012 09:02:01 PM) (Source: MsiInstaller) (User: NT AUTHORITY)NT AUTHORITY
Description: Product: Microsoft .NET Framework 1.1 - Update '{DAA94A2A-2A8D-4D3B-9DB8-56FBECED082D}' could not be installed. Error code 1603. Additional information is available in the log file C:\Windows\TEMP\NDP1.1sp1-KB953297-X86\NDP1.1sp1-KB953297-X86-msi.0.log.

Error: (09/04/2012 01:34:32 PM) (Source: Application Error) (User: )
Description: Faulting application MsiExec.exe, version 4.0.6000.16386, time stamp 0x4549af77, faulting module MSIFCEA.tmp, version 4.0.1.2101, time stamp 0x429cd2f6, exception code 0xc0000005, fault offset 0x0002d121,
process id 0x16f8, application start time 0xMsiExec.exe0.

Error: (09/04/2012 01:34:27 PM) (Source: Application Error) (User: )
Description: Faulting application MsiExec.exe, version 4.0.6000.16386, time stamp 0x4549af77, faulting module MSIFCEA.tmp, version 4.0.1.2101, time stamp 0x429cd2f6, exception code 0xc0000005, fault offset 0x00033828,
process id 0x16f8, application start time 0xMsiExec.exe0.

Error: (09/04/2012 01:25:41 PM) (Source: Application Error) (User: )
Description: Faulting application BtStackServer.exe, version 4.0.1.2101, time stamp 0x429cd6e1, faulting module btins.dll, version 6.0.6000.16386, time stamp 0x4549bdc9, exception code 0xc0000135, fault offset 0x00008fc7,
process id 0x132c, application start time 0xBtStackServer.exe0.


System errors:
=============
Error: (09/10/2012 07:15:16 PM) (Source: Service Control Manager) (User: )
Description: The Secunia Update Agent service failed to start due to the following error:
%%2

Error: (09/10/2012 07:15:15 PM) (Source: Service Control Manager) (User: )
Description: The Secunia Update Agent service failed to start due to the following error:
%%2

Error: (09/10/2012 07:15:14 PM) (Source: Service Control Manager) (User: )
Description: The Secunia Update Agent service failed to start due to the following error:
%%2

Error: (09/10/2012 07:15:14 PM) (Source: Service Control Manager) (User: )
Description: The Secunia Update Agent service failed to start due to the following error:
%%2

Error: (09/10/2012 07:15:13 PM) (Source: Service Control Manager) (User: )
Description: The Secunia Update Agent service failed to start due to the following error:
%%2

Error: (09/10/2012 07:15:13 PM) (Source: Service Control Manager) (User: )
Description: The Secunia Update Agent service failed to start due to the following error:
%%2

Error: (09/10/2012 07:15:12 PM) (Source: Service Control Manager) (User: )
Description: The Secunia Update Agent service failed to start due to the following error:
%%2

Error: (09/10/2012 07:15:12 PM) (Source: Service Control Manager) (User: )
Description: The Secunia Update Agent service failed to start due to the following error:
%%2

Error: (09/10/2012 07:15:11 PM) (Source: Service Control Manager) (User: )
Description: The Secunia Update Agent service failed to start due to the following error:
%%2

Error: (09/10/2012 07:15:11 PM) (Source: Service Control Manager) (User: )
Description: The Secunia Update Agent service failed to start due to the following error:
%%2


Microsoft Office Sessions:
=========================
Error: (09/09/2012 09:03:13 PM) (Source: MsiInstaller)(User: NT AUTHORITY)NT AUTHORITY
Description: Microsoft .NET Framework 1.1{DAA94A2A-2A8D-4D3B-9DB8-56FBECED082D}1603C:\Windows\TEMP\NDP1.1sp1-KB953297-X86\NDP1.1sp1-KB953297-X86-msi.0.log(NULL)

Error: (09/09/2012 09:54:51 AM) (Source: Application Error)(User: )
Description: firefox.exe15.0.1.46315047f9c5xul.dll15.0.1.46315047f93bc00000050010e56724401cd8e83648e34e8

Error: (09/08/2012 09:02:46 PM) (Source: MsiInstaller)(User: NT AUTHORITY)NT AUTHORITY
Description: Microsoft .NET Framework 1.1{DAA94A2A-2A8D-4D3B-9DB8-56FBECED082D}1603C:\Windows\TEMP\NDP1.1sp1-KB953297-X86\NDP1.1sp1-KB953297-X86-msi.0.log(NULL)

Error: (09/07/2012 09:01:17 PM) (Source: MsiInstaller)(User: NT AUTHORITY)NT AUTHORITY
Description: Microsoft .NET Framework 1.1{DAA94A2A-2A8D-4D3B-9DB8-56FBECED082D}1603C:\Windows\TEMP\NDP1.1sp1-KB953297-X86\NDP1.1sp1-KB953297-X86-msi.0.log(NULL)

Error: (09/06/2012 09:01:55 PM) (Source: MsiInstaller)(User: NT AUTHORITY)NT AUTHORITY
Description: Microsoft .NET Framework 1.1{DAA94A2A-2A8D-4D3B-9DB8-56FBECED082D}1603C:\Windows\TEMP\NDP1.1sp1-KB953297-X86\NDP1.1sp1-KB953297-X86-msi.0.log(NULL)

Error: (09/05/2012 09:02:49 PM) (Source: MsiInstaller)(User: NT AUTHORITY)NT AUTHORITY
Description: Microsoft .NET Framework 1.1{DAA94A2A-2A8D-4D3B-9DB8-56FBECED082D}1603C:\Windows\TEMP\NDP1.1sp1-KB953297-X86\NDP1.1sp1-KB953297-X86-msi.0.log(NULL)

Error: (09/04/2012 09:02:01 PM) (Source: MsiInstaller)(User: NT AUTHORITY)NT AUTHORITY
Description: Microsoft .NET Framework 1.1{DAA94A2A-2A8D-4D3B-9DB8-56FBECED082D}1603C:\Windows\TEMP\NDP1.1sp1-KB953297-X86\NDP1.1sp1-KB953297-X86-msi.0.log(NULL)

Error: (09/04/2012 01:34:32 PM) (Source: Application Error)(User: )
Description: MsiExec.exe4.0.6000.163864549af77MSIFCEA.tmp4.0.1.2101429cd2f6c00000050002d12116f801cd8ac244dd7b3b

Error: (09/04/2012 01:34:27 PM) (Source: Application Error)(User: )
Description: MsiExec.exe4.0.6000.163864549af77MSIFCEA.tmp4.0.1.2101429cd2f6c00000050003382816f801cd8ac244dd7b3b

Error: (09/04/2012 01:25:41 PM) (Source: Application Error)(User: )
Description: BtStackServer.exe4.0.1.2101429cd6e1btins.dll6.0.6000.163864549bdc9c000013500008fc7132c01cd8ac24d1ae75c


=========================== Installed Programs ============================

1400 (Version: 82.0.242.000)
1400_Help (Version: 82.0.242.000)
1400Trb (Version: 82.0.242.000)
32 Bit HP CIO Components Installer (Version: 7.1.8)
Adobe Flash Player 11 ActiveX (Version: 11.1.102.55)
Adobe Flash Player 11 Plugin (Version: 11.3.300.271)
Adobe Shockwave Player 11 (Version: 11)
AIM 6
AIO_CDB_ProductContext (Version: 82.0.242.000)
AIO_CDB_Software (Version: 82.0.242.000)
AIO_Scan (Version: 82.0.173.000)
Apple Application Support (Version: 2.1.7)
Apple Mobile Device Support (Version: 5.1.1.4)
Apple Software Update (Version: 2.1.3.127)
Ask Toolbar Updater (Version: 1.2.0.19709)
avast! Free Antivirus (Version: 7.0.1466.0)
Bonjour (Version: 3.0.0.10)
Browser Highlighter - Firefox (Version: 1.0.16601.2)
BufferChm (Version: 82.0.173.000)
Burn4Free CD and DVD
Burn4Free Toolbar (Version: 3.3.0.3)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Copy (Version: 120.0.214.000)
Creative MediaSource
Creative MuVo N200 Media Explorer
CustomerResearchQFolder (Version: 1.00.0000)
Destination Component (Version: 090.000.091.086)
DeviceDiscovery (Version: 110.0.180.000)
DeviceManagementQFolder (Version: 1.00.0000)
DocProc (Version: 8.1.0.0)
DocProcQFolder (Version: 1.00.0000)
Drivers Install For Linksys Easylink Advisor (Version: 2.0.9)
Emsisoft Anti-Malware 5.1 (Version: 5.1)
ESET Online Scanner v3
eSupportQFolder (Version: 1.00.0000)
Fax (Version: 120.0.194.000)
Foxit Reader (Version: 4.3.1.323)
Free Easy Burner V 5.1 (Version: 5.1.0.0)
GNU Backgammon (MAIN branch, 20091230 code)
Google Chrome (Version: 21.0.1180.89)
Google Earth (Version: 6.2.2.6613)
Google SketchUp 6 (Version: 6.0.01313)
Google SketchUp 6 (Version: 6.4.112)
Google Update Helper (Version: 1.3.21.115)
HiJackThis (Version: 1.0.0)
HP Customer Participation Program 8.0 (Version: 8.0)
HP Imaging Device Functions 8.0 (Version: 8.0)
HP OCR Software 8.0 (Version: 8.0)
HP Photosmart Essential (Version: 1.12.0.46)
HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B (Version: 8.0)
HP Product Assistant (Version: 100.000.001.000)
HP Solution Center 8.0 (Version: 8.0)
HP Update (Version: 5.003.001.001)
HPDiagnosticAlert (Version: 1.00.0000)
HPProductAssistant (Version: 82.0.173.000)
HPSSupply (Version: 2.1.3.0000)
ImageStation (Version: 1.0.0)
ImgBurn (Version: 2.5.7.0)
Intel® Graphics Media Accelerator Driver (Version: 6.14.10.4543)
Intel® PROSet/Wireless Software (Version: 10.5.0.0 API)
IrfanView (remove only) (Version: 4.27)
ISScript (Version: 3.00.185)
iTunes (Version: 10.6.1.7)
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 30 (Version: 6.0.300)
Linksys EasyLink Advisor 1.6 (0044)
LiveUpdate 2.7 (Symantec Corporation) (Version: 2.7.39.0)
Logitech Webcam Software (Version: 12.10.1113)
Logitech Webcam Software Driver Package (Version: 12.10.1110)
Macromedia Flash Player 8 (Version: 8.0.24.0)
Macromedia Flash Player 8 Plugin (Version: 8.0.24.0)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
MarketResearch (Version: 82.0.174.000)
mCore (Version: 7.00.0000)
mDriver (Version: 7.00.0000)
Meade Astronomical Software
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Data Access Components KB870669
Microsoft Digital Image Library 9 - Blocker (Version: 9.00.0000)
Microsoft Digital Image Starter Edition 2006 (Version: 11.0.0422)
Microsoft Digital Image Starter Edition 2006 Editor (Version: 11.0.0422)
Microsoft Digital Image Starter Edition 2006 Library (Version: 11.0.0422)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Standard Edition 2003 (Version: 11.0.8173.0)
Microsoft Text-to-Speech Engine 4.0 (English)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Works (Version: 08.05.0818)
mMHouse (Version: 7.00.0000)
Mozilla Firefox 15.0.1 (x86 en-US) (Version: 15.0.1)
Mozilla Maintenance Service (Version: 15.0.1)
mPfMgr (Version: 7.00.0000)
mProSafe (Version: 9.00.0000)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB941833) (Version: 4.20.9849.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MuVo Driver
mWlsSafe (Version: 9.00.0000)
mXML (Version: 7.00.0000)
Office 2003 Trial Assistant (Version: 1.0.0)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
Quicken 2006 (Version: 15.1.4.5)
QuickTime (Version: 7.71.80.42)
Scan (Version: 8.1.0.0)
Search Enhancement by AOL Search
Secunia PSI (2.0.0.3001)
Skype™ 5.5 (Version: 5.5.124)
Soft Data Fax Modem with SmartCP
SolutionCenter (Version: 82.0.188.000)
Sonic Encoders (Version: 1.00)
Sony Certificate PCH
SpywareBlaster 4.4 (Version: 4.4.0)
StartNow Toolbar (Version: 2.5.0)
Status (Version: 110.0.180.000)
Symantec KB-DocID:2003093015493306 (Version: 1.0.0.1)
Toolbox (Version: 82.0.173.000)
TrayApp (Version: 110.0.180.000)
UnloadSupport (Version: 1.00.0000)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
USB 2.0 Video Camera (Version: 0.1.0114.05)
VAIO Breeze Wallpaper (Version: 1.0.01.13200)
VAIO Light Flo Wallpaper
VAIO Original Screen Saver VAIO Cozy Screen SD Wide Contents
Viewpoint Media Player
WebFldrs XP (Version: 9.50.7523)
WebReg (Version: 82.0.173.000)
Windows Live Call (Version: 14.0.8117.0416)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Essentials (Version: 14.0.8117.0416)
Windows Live Essentials (Version: 14.0.8117.416)
Windows Live Messenger (Version: 14.0.8117.0416)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Media Connect
Windows Media Connect (Version: 1.0.0.0)
Windows Mobile® Device Handbook (Version: 1.0)
Windows Searchqu Toolbar (Version: 3.0.0.112202)
WinPatrol (Version: 20.0.2011.2)
Xvid 1.2.1 final uninstall (Version: 1.2)
Yahoo! Browser Services
Yahoo! BrowserPlus 2.9.8
Yahoo! Install Manager
Yahoo! Internet Mail
Yahoo! Messenger
Yahoo! Software Update
Yahoo! Toolbar

========================= Memory info: ===================================

Percentage of memory in use: 66%
Total physical RAM: 1525.56 MB
Available physical RAM: 505.22 MB
Total Pagefile: 3505.4 MB
Available Pagefile: 2413.25 MB
Total Virtual: 2047.88 MB
Available Virtual: 1973.21 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:69.07 GB) (Free:18.56 GB) NTFS

========================= Users: ========================================

User accounts for \\VALUED-11599CE5

Administrator ASPNET Guest
HelpAssistant Luis Sanchez SUPPORT_388945a0


**** End of log ****
FSS:
Farbar Service Scanner Version: 06-08-2012
Ran by Luis Sanchez (administrator) on 10-09-2012 at 19:19:20
Running from "C:\Users\Luis Sanchez\Downloads"
Microsoft® Windows Vista™ Home Premium (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll
[2008-03-07 04:33] - [2008-03-07 04:33] - 0265912 ____A (Microsoft Corporation) 0D5AD0E71FF5DDAC5DD2F443B499ABD0

C:\Windows\system32\ipnathlp.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****
AD
# AdwCleaner v2.001 - Logfile created 09/10/2012 at 19:21:53
# Updated 09/09/2012 by Xplode
# Operating system : Windows Vista ™ Home Premium (32 bits)
# User : Luis Sanchez - VALUED-11599CE5
# Boot Mode : Normal
# Running from : C:\Users\Luis Sanchez\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****

Stopped & Deleted : Viewpoint Manager Service

***** [Files / Folders] *****

File Deleted : C:\Program Files\Mozilla FireFox\searchplugins\Search_Results.xml
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\SearchResults.xml
File Deleted : C:\Users\Luis Sanchez\AppData\Roaming\Mozilla\Firefox\Profiles\0n1ikcjv.default\searchplugins\Search_Results.xml
File Deleted : C:\Users\Luis Sanchez\AppData\Roaming\Mozilla\Firefox\Profiles\0n1ikcjv.default\searchplugins\SearchResults.xml
File Deleted : C:\Users\LUISSA~1\AppData\Local\Temp\Searchqu.ini
File Deleted : C:\Users\LUISSA~1\AppData\Local\Temp\searchqutoolbar-manifest.xml
File Deleted : C:\Users\LUISSA~1\AppData\Local\Temp\SetupDataMngr_Searchqu.exe
Folder Deleted : C:\Program Files\Searchqu Toolbar
Folder Deleted : C:\Program Files\Viewpoint
Folder Deleted : C:\Program Files\Windows Searchqu Toolbar
Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\ProgramData\InstallMate
Folder Deleted : C:\ProgramData\Trymedia
Folder Deleted : C:\ProgramData\Viewpoint
Folder Deleted : C:\Users\Luis Sanchez\AppData\LocalLow\Searchqutoolbar
Folder Deleted : C:\Users\Luis Sanchez\AppData\Roaming\Mozilla\Firefox\Profiles\0n1ikcjv.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}
Folder Deleted : C:\Users\Luis Sanchez\AppData\Roaming\Mozilla\Firefox\Profiles\0n1ikcjv.default\Searchqutoolbar
Folder Deleted : C:\Users\LUISSA~1\AppData\Local\Temp\AskSearch

***** [Registry] *****

Data Deleted : HKLM\..\Windows [AppInit_DLLs] = C:\PROGRA~1\WI9130~1\Datamngr\IEBHO.dlldll
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2421}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Searchqu 0 MediaBar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\StartNow Toolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4F11ACBB-393F-4c86-A214-FF3D0D155CC3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5911488E-9D1E-40EC-8CBB-06B231CC153F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4F11ACBB-393F-4c86-A214-FF3D0D155CC3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5911488E-9D1E-40EC-8CBB-06B231CC153F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E13D095-45C3-4271-9475-F3B48227DD9F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKCU\Software\StartNow Toolbar
Key Deleted : HKCU\Software\Zugo
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7E8A36EA-2501-4ED3-A3C8-CFA9143FB169}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{FAA8C612-F1B6-461B-8B60-B54D74D9642E}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\Toolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ToolbarBroker.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2CBD2A57-2FD5-4F1A-9FC8-90ED48FA4187}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4F11ACBB-393F-4c86-A214-FF3D0D155CC3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5911488E-9D1E-40EC-8CBB-06B231CC153F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E13D095-45C3-4271-9475-F3B48227DD9F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1C888195-0160-4883-91B7-294C0CE2F277}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{99ACA0F7-D864-45CB-8C40-FD42A077E7CA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E65F40C8-3CEB-47C2-9E01-BF73323DF4E7}
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.BandObject
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.BandObject.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.ToolbarHelperObject
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.ToolbarHelperObject.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{38BF9661-BDA0-4A74-BB3B-576EC7AE16DC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6857AC4A-95B4-4E2C-B2D2-8A235FCCEF4A}
Key Deleted : HKLM\SOFTWARE\Classes\ZGClnt.Mngr
Key Deleted : HKLM\SOFTWARE\Classes\ZGClnt.Mngr.1
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\Software\MetaStream
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2CBD2A57-2FD5-4F1A-9FC8-90ED48FA4187}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2421}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Searchqu 0 MediaBar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\StartNow Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Key Deleted : HKLM\Software\StartNow Toolbar
Key Deleted : HKLM\Software\Viewpoint
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4F11ACBB-393F-4c86-A214-FF3D0D155CC3}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{4F11ACBB-393F-4c86-A214-FF3D0D155CC3}]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18904

Restored : [HKCU\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]

-\\ Mozilla Firefox v15.0.1 (en-US)

Profile name : default
File : C:\Users\Luis Sanchez\AppData\Roaming\Mozilla\Firefox\Profiles\0n1ikcjv.default\prefs.js

C:\Users\Luis Sanchez\AppData\Roaming\Mozilla\Firefox\Profiles\0n1ikcjv.default\user.js ... Deleted !

Deleted : user_pref("browser.search.order.1", "Web Search");
Deleted : user_pref("keyword.URL", "hxxp://dts.search-results.com/sr?src=ffb&appid=0&systemid=421&sr=0&q=");
Deleted : user_pref("{5911488E-9D1E-40ec-8CBB-06B231CC153F}.install_folder", "C:\\Program Files\\StartNow Tool[...]
Deleted : user_pref("{5911488E-9D1E-40ec-8CBB-06B231CC153F}.name", "StartNow Toolbar");
Deleted : user_pref("{5911488E-9D1E-40ec-8CBB-06B231CC153F}.startpage", "lf.startnow.com");

-\\ Google Chrome v21.0.1180.89

File : C:\Users\Luis Sanchez\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted [l.11] : homepage = "hxxp://www.searchnu.com/421",
Deleted [l.62] : search_url = "hxxp://www.searchqu.com//web?src=crb&appid=0&systemid=421&sr=0&q={searchTerms}",
Deleted [l.1232] : homepage = "hxxp://www.searchnu.com/421",

*************************

AdwCleaner[S1].txt - [8833 octets] - [10/09/2012 19:21:53]

########## EOF - C:\AdwCleaner[S1].txt - [8893 octets] ##########

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:56 PM

Posted 10 September 2012 - 09:07 PM

download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here

Any current issues?

#7 BNN

BNN
  • Topic Starter

  • Members
  • 72 posts
  • OFFLINE
  •  
  • Local time:06:56 PM

Posted 10 September 2012 - 09:16 PM

hi
I have not seen anymore the widdit search.
laptop crashed once after start up.

rkill
Rkill 2.3.11 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 09/10/2012 10:13:10 PM in x86 mode.
Windows Version: Windows Vista ™ Home Premium

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
* HKCU\SOFTWARE\Classes\.bat "@" exists and is set to batfile!
* HKCU\SOFTWARE\Classes\.bat has been deleted!

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* gpsvc => %windir%\system32\svchost.exe -k GPSvcGroup [Incorrect ImagePath]

Searching for Missing Digital Signatures:

* No issues found.

Program finished at: 09/10/2012 10:13:21 PM
Execution time: 0 hours(s), 0 minute(s), and 10 seconds(s)

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:56 PM

Posted 10 September 2012 - 09:19 PM

That looks good

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows-vista/Turn-System-Restore-on-or-off

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp

Update your flash player

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#9 BNN

BNN
  • Topic Starter

  • Members
  • 72 posts
  • OFFLINE
  •  
  • Local time:06:56 PM

Posted 11 September 2012 - 06:42 PM

hi
i did everything but run TFC: it locked up also in safe mode after a while
could you tell me what is the effect of widdit other than annoying ? thanks again

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:56 PM

Posted 11 September 2012 - 06:46 PM

Use this tool to remove temporary files

http://majorgeeks.com/ATF_Cleaner_d4949.html

could you tell me what is the effect of widdit other than annoying ? thanks again


It could redirect your webpages that can probably infect you.

#11 BNN

BNN
  • Topic Starter

  • Members
  • 72 posts
  • OFFLINE
  •  
  • Local time:06:56 PM

Posted 12 September 2012 - 06:21 AM

done, thanks
do you recommend do do this cleaning periodically?

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:56 PM

Posted 12 September 2012 - 09:18 AM

Not needed.Run frequent scans with your antivirus

safe surfing :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users