Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Viruses, random saves, and other oddities


  • Please log in to reply
11 replies to this topic

#1 FakeMoustache

FakeMoustache

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:03:31 PM

Posted 23 September 2012 - 09:23 AM

First, thank you for this site. I'm really at my wits' end. I hope my horrid computer skills/knowledge aren't too comical.

My adventure began about a week ago. I was surfing the Internet and noticed some strange things happening; it was much slower than usual, IE would terminate for no reason, and finally, I began getting an insistant prompt to "update" my Adobe Acrobat, as well as McAfee notices that Artemis and ZeroAccess were being blocked. I didn't click anything; I unplugged the Internet and ran a scan for viruses. McAfee found something called "Pinkslipbot.mem." It couldn't remove it, so I went to their forum and was directed to try Malwarebytes.

That found 0Access (is that the same as Zero Access?) and Sirefef and claimed to remove them, but no mention of Pinkslipbot. I ran McAfee again (and then Malwarebytes, and then Stinger), and this time all scans came back clean. They're still coming back clean, but my computer is still doing strange things, too. The virus-removal software is working fine, the programs I've tried work fine, I can access the Internet, I can boot in Safe Mode... but the thing is, when I try to delete my browsing history, said browsing history is instead saved in Temporary Internet Files under files with bizarre all-caps names (I stopped using the "Delete Browsing History" and instead have been clearing out my cookies and such manually). I can still run Stinger, but when it scans for rootkits, the report is giving me the message "Not Scanned" instead of "Clean." I'm also getting a prompt to update Java, although that could be legit (I do really need to update it and I've been afraid to execute anything since this started, for fear it'll make things worse).

Now, I do use this computer for banking (I called and had my passwords changed over the phone as soon as the computer began acting funny), and I've been told by several the only way it'll really be safe for that again is to do a total wipe and reinstall everything. I will if I have to, but I'd rather not go that far. I'm not an expert (blazes, I'm not even a skilled novice), so any suggestions?

EDIT: I'm sorry, I got so worked up I forgot. I'm using Windows Vista.

Edited by FakeMoustache, 23 September 2012 - 09:26 AM.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:31 PM

Posted 23 September 2012 - 09:26 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 FakeMoustache

FakeMoustache
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:03:31 PM

Posted 23 September 2012 - 09:14 PM

ENET also found something called Kryptic.

TDSSKiller log:

18:21:49.0603 5116 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
18:21:51.0606 5116 ============================================================
18:21:51.0606 5116 Current date / time: 2012/09/23 18:21:51.0606
18:21:51.0606 5116 SystemInfo:
18:21:51.0606 5116
18:21:51.0606 5116 OS Version: 6.0.6002 ServicePack: 2.0
18:21:51.0606 5116 Product type: Workstation
18:21:51.0606 5116 ComputerName: SANDERSON-PC
18:21:51.0607 5116 UserName: Sanderson
18:21:51.0607 5116 Windows directory: C:\Windows
18:21:51.0607 5116 System windows directory: C:\Windows
18:21:51.0607 5116 Processor architecture: Intel x86
18:21:51.0607 5116 Number of processors: 1
18:21:51.0607 5116 Page size: 0x1000
18:21:51.0607 5116 Boot type: Normal boot
18:21:51.0607 5116 ============================================================
18:21:52.0343 5116 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0xA181, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000050
18:21:52.0348 5116 ============================================================
18:21:52.0348 5116 \Device\Harddisk0\DR0:
18:21:52.0348 5116 MBR partitions:
18:21:52.0348 5116 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x23C02611
18:21:52.0348 5116 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x23C02650, BlocksNum 0x182ACC0
18:21:52.0348 5116 ============================================================
18:21:52.0376 5116 C: <-> \Device\Harddisk0\DR0\Partition1
18:21:52.0423 5116 D: <-> \Device\Harddisk0\DR0\Partition2
18:21:52.0423 5116 ============================================================
18:21:52.0424 5116 Initialize success
18:21:52.0424 5116 ============================================================
18:21:54.0897 5336 ============================================================
18:21:54.0897 5336 Scan started
18:21:54.0897 5336 Mode: Manual;
18:21:54.0897 5336 ============================================================
18:21:55.0234 5336 ================ Scan system memory ========================
18:21:55.0234 5336 System memory - ok
18:21:55.0241 5336 ================ Scan services =============================
18:21:55.0453 5336 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
18:21:55.0461 5336 ACPI - ok
18:21:55.0544 5336 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
18:21:55.0558 5336 adp94xx - ok
18:21:55.0608 5336 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys
18:21:55.0618 5336 adpahci - ok
18:21:55.0646 5336 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
18:21:55.0650 5336 adpu160m - ok
18:21:55.0703 5336 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
18:21:55.0714 5336 adpu320 - ok
18:21:55.0765 5336 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:21:55.0767 5336 AeLookupSvc - ok
18:21:55.0842 5336 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
18:21:55.0848 5336 AFD - ok
18:21:55.0947 5336 [ 9C9D3B7A05445B1AB2DF4D0C4D6B77E8 ] AgereModemAudio C:\Program Files\LSI SoftModem\agrsmsvc.exe
18:21:55.0948 5336 AgereModemAudio - ok
18:21:56.0046 5336 [ 724262247645120A28C2743B7278A91A ] AgereSoftModem C:\Windows\system32\DRIVERS\AGRSM.sys
18:21:56.0076 5336 AgereSoftModem - ok
18:21:56.0160 5336 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys
18:21:56.0164 5336 agp440 - ok
18:21:56.0215 5336 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
18:21:56.0218 5336 aic78xx - ok
18:21:56.0279 5336 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
18:21:56.0283 5336 ALG - ok
18:21:56.0324 5336 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys
18:21:56.0327 5336 aliide - ok
18:21:56.0380 5336 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys
18:21:56.0383 5336 amdagp - ok
18:21:56.0430 5336 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys
18:21:56.0433 5336 amdide - ok
18:21:56.0474 5336 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
18:21:56.0478 5336 AmdK7 - ok
18:21:56.0540 5336 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
18:21:56.0545 5336 AmdK8 - ok
18:21:56.0595 5336 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
18:21:56.0599 5336 Appinfo - ok
18:21:56.0631 5336 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys
18:21:56.0635 5336 arc - ok
18:21:56.0681 5336 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys
18:21:56.0685 5336 arcsas - ok
18:21:56.0728 5336 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:21:56.0731 5336 AsyncMac - ok
18:21:56.0781 5336 [ 2D9C903DC76A66813D350A562DE40ED9 ] atapi C:\Windows\system32\drivers\atapi.sys
18:21:56.0784 5336 atapi - ok
18:21:56.0821 5336 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:21:56.0827 5336 AudioEndpointBuilder - ok
18:21:56.0842 5336 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
18:21:56.0846 5336 Audiosrv - ok
18:21:56.0870 5336 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
18:21:56.0873 5336 Beep - ok
18:21:56.0915 5336 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
18:21:56.0922 5336 BFE - ok
18:21:56.0967 5336 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\System32\qmgr.dll
18:21:56.0979 5336 BITS - ok
18:21:56.0998 5336 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
18:21:57.0000 5336 blbdrive - ok
18:21:57.0040 5336 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:21:57.0042 5336 bowser - ok
18:21:57.0070 5336 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
18:21:57.0071 5336 BrFiltLo - ok
18:21:57.0090 5336 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
18:21:57.0094 5336 BrFiltUp - ok
18:21:57.0132 5336 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
18:21:57.0134 5336 Browser - ok
18:21:57.0162 5336 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
18:21:57.0165 5336 Brserid - ok
18:21:57.0184 5336 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
18:21:57.0186 5336 BrSerWdm - ok
18:21:57.0212 5336 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
18:21:57.0213 5336 BrUsbMdm - ok
18:21:57.0237 5336 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
18:21:57.0239 5336 BrUsbSer - ok
18:21:57.0262 5336 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
18:21:57.0268 5336 BTHMODEM - ok
18:21:57.0297 5336 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:21:57.0299 5336 cdfs - ok
18:21:57.0333 5336 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
18:21:57.0335 5336 cdrom - ok
18:21:57.0371 5336 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
18:21:57.0373 5336 CertPropSvc - ok
18:21:57.0443 5336 [ 1C7B1E36F3CED9E4B0B13385E627FE8B ] cfwids C:\Windows\system32\drivers\cfwids.sys
18:21:57.0446 5336 cfwids - ok
18:21:57.0464 5336 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys
18:21:57.0466 5336 circlass - ok
18:21:57.0494 5336 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
18:21:57.0499 5336 CLFS - ok
18:21:57.0568 5336 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:21:57.0570 5336 clr_optimization_v2.0.50727_32 - ok
18:21:57.0635 5336 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:21:57.0638 5336 clr_optimization_v4.0.30319_32 - ok
18:21:57.0663 5336 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys
18:21:57.0665 5336 cmdide - ok
18:21:57.0684 5336 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\drivers\compbatt.sys
18:21:57.0686 5336 Compbatt - ok
18:21:57.0701 5336 COMSysApp - ok
18:21:57.0719 5336 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
18:21:57.0721 5336 crcdisk - ok
18:21:57.0746 5336 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys
18:21:57.0748 5336 Crusoe - ok
18:21:57.0823 5336 [ 75C6A297E364014840B48ECCD7525E30 ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:21:57.0827 5336 CryptSvc - ok
18:21:57.0911 5336 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
18:21:57.0921 5336 DcomLaunch - ok
18:21:57.0958 5336 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:21:57.0961 5336 DfsC - ok
18:21:58.0064 5336 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
18:21:58.0106 5336 DFSR - ok
18:21:58.0171 5336 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
18:21:58.0175 5336 Dhcp - ok
18:21:58.0228 5336 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
18:21:58.0230 5336 disk - ok
18:21:58.0308 5336 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:21:58.0312 5336 Dnscache - ok
18:21:58.0350 5336 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
18:21:58.0354 5336 dot3svc - ok
18:21:58.0385 5336 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
18:21:58.0390 5336 DPS - ok
18:21:58.0434 5336 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:21:58.0436 5336 drmkaud - ok
18:21:58.0478 5336 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:21:58.0487 5336 DXGKrnl - ok
18:21:58.0540 5336 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
18:21:58.0544 5336 E1G60 - ok
18:21:58.0584 5336 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
18:21:58.0587 5336 EapHost - ok
18:21:58.0646 5336 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
18:21:58.0650 5336 Ecache - ok
18:21:58.0701 5336 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
18:21:58.0710 5336 ehRecvr - ok
18:21:58.0740 5336 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
18:21:58.0744 5336 ehSched - ok
18:21:58.0774 5336 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
18:21:58.0776 5336 ehstart - ok
18:21:58.0837 5336 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys
18:21:58.0843 5336 elxstor - ok
18:21:58.0889 5336 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
18:21:58.0897 5336 EMDMgmt - ok
18:21:58.0928 5336 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys
18:21:58.0929 5336 ErrDev - ok
18:21:58.0966 5336 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
18:21:58.0973 5336 EventSystem - ok
18:21:59.0025 5336 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
18:21:59.0028 5336 exfat - ok
18:21:59.0071 5336 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:21:59.0075 5336 fastfat - ok
18:21:59.0108 5336 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
18:21:59.0110 5336 fdc - ok
18:21:59.0148 5336 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
18:21:59.0150 5336 fdPHost - ok
18:21:59.0172 5336 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
18:21:59.0174 5336 FDResPub - ok
18:21:59.0193 5336 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:21:59.0195 5336 FileInfo - ok
18:21:59.0221 5336 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:21:59.0223 5336 Filetrace - ok
18:21:59.0247 5336 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
18:21:59.0249 5336 flpydisk - ok
18:21:59.0283 5336 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:21:59.0287 5336 FltMgr - ok
18:21:59.0345 5336 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
18:21:59.0430 5336 FontCache - ok
18:21:59.0484 5336 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
18:21:59.0486 5336 FontCache3.0.0.0 - ok
18:21:59.0517 5336 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:21:59.0518 5336 Fs_Rec - ok
18:21:59.0552 5336 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
18:21:59.0554 5336 gagp30kx - ok
18:21:59.0612 5336 [ DB3D8979064CE299927CC1DA57E9A659 ] GameConsoleService C:\Program Files\HP Games\HP Game Console\GameConsoleService.exe
18:21:59.0617 5336 GameConsoleService - ok
18:21:59.0661 5336 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
18:21:59.0671 5336 gpsvc - ok
18:21:59.0709 5336 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
18:21:59.0724 5336 HDAudBus - ok
18:21:59.0745 5336 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
18:21:59.0746 5336 HidBth - ok
18:21:59.0766 5336 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
18:21:59.0767 5336 HidIr - ok
18:21:59.0805 5336 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\system32\hidserv.dll
18:21:59.0807 5336 hidserv - ok
18:21:59.0836 5336 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
18:21:59.0839 5336 HidUsb - ok
18:21:59.0871 5336 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
18:21:59.0874 5336 hkmsvc - ok
18:21:59.0959 5336 [ AA9EF0B395097F24D289F64445B2FD2E ] HP Health Check Service c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
18:21:59.0961 5336 HP Health Check Service - ok
18:21:59.0986 5336 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
18:21:59.0989 5336 HpCISSs - ok
18:22:00.0023 5336 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:22:00.0031 5336 HTTP - ok
18:22:00.0060 5336 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys
18:22:00.0062 5336 i2omp - ok
18:22:00.0107 5336 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
18:22:00.0110 5336 i8042prt - ok
18:22:00.0138 5336 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
18:22:00.0143 5336 iaStorV - ok
18:22:00.0200 5336 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:22:00.0213 5336 idsvc - ok
18:22:00.0247 5336 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
18:22:00.0249 5336 iirsp - ok
18:22:00.0291 5336 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
18:22:00.0299 5336 IKEEXT - ok
18:22:00.0401 5336 [ 84ED2154239F9D013BBD3220755ADA8B ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
18:22:00.0434 5336 IntcAzAudAddService - ok
18:22:00.0475 5336 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
18:22:00.0476 5336 intelide - ok
18:22:00.0493 5336 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
18:22:00.0495 5336 intelppm - ok
18:22:00.0529 5336 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:22:00.0532 5336 IPBusEnum - ok
18:22:00.0566 5336 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:22:00.0568 5336 IpFilterDriver - ok
18:22:00.0607 5336 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
18:22:00.0613 5336 iphlpsvc - ok
18:22:00.0625 5336 IpInIp - ok
18:22:00.0646 5336 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
18:22:00.0648 5336 IPMIDRV - ok
18:22:00.0667 5336 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
18:22:00.0669 5336 IPNAT - ok
18:22:00.0687 5336 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:22:00.0688 5336 IRENUM - ok
18:22:00.0709 5336 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys
18:22:00.0711 5336 isapnp - ok
18:22:00.0755 5336 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
18:22:00.0758 5336 iScsiPrt - ok
18:22:00.0777 5336 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
18:22:00.0779 5336 iteatapi - ok
18:22:00.0796 5336 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
18:22:00.0798 5336 iteraid - ok
18:22:00.0816 5336 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
18:22:00.0817 5336 kbdclass - ok
18:22:00.0846 5336 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
18:22:00.0854 5336 kbdhid - ok
18:22:00.0888 5336 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
18:22:00.0890 5336 KeyIso - ok
18:22:00.0924 5336 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:22:00.0932 5336 KSecDD - ok
18:22:00.0968 5336 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
18:22:00.0975 5336 KtmRm - ok
18:22:01.0008 5336 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\system32\srvsvc.dll
18:22:01.0013 5336 LanmanServer - ok
18:22:01.0056 5336 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:22:01.0069 5336 LanmanWorkstation - ok
18:22:01.0146 5336 [ DFEFF67508D3A9AEB1A85D7B0F513B24 ] LightScribeService c:\Program Files\Common Files\LightScribe\LSSrvc.exe
18:22:01.0147 5336 LightScribeService - ok
18:22:01.0174 5336 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:22:01.0176 5336 lltdio - ok
18:22:01.0211 5336 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:22:01.0216 5336 lltdsvc - ok
18:22:01.0241 5336 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
18:22:01.0246 5336 lmhosts - ok
18:22:01.0279 5336 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
18:22:01.0282 5336 LSI_FC - ok
18:22:01.0303 5336 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
18:22:01.0305 5336 LSI_SAS - ok
18:22:01.0329 5336 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
18:22:01.0341 5336 LSI_SCSI - ok
18:22:01.0368 5336 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
18:22:01.0373 5336 luafv - ok
18:22:01.0466 5336 [ 7E6932EEDA54C8EAF7DC6C2225261B85 ] McAfee SiteAdvisor Service C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
18:22:01.0468 5336 McAfee SiteAdvisor Service - ok
18:22:01.0535 5336 [ 3A346239CD2D75BE7F54BE7E28EB5E4F ] McAWFwk c:\PROGRA~1\mcafee\msc\mcawfwk.exe
18:22:01.0542 5336 McAWFwk - ok
18:22:01.0594 5336 [ 7E6932EEDA54C8EAF7DC6C2225261B85 ] McMPFSvc C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
18:22:01.0599 5336 McMPFSvc - ok
18:22:01.0632 5336 [ 7E6932EEDA54C8EAF7DC6C2225261B85 ] mcmscsvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
18:22:01.0638 5336 mcmscsvc - ok
18:22:01.0682 5336 [ 7E6932EEDA54C8EAF7DC6C2225261B85 ] McNaiAnn C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
18:22:01.0688 5336 McNaiAnn - ok
18:22:01.0711 5336 [ 7E6932EEDA54C8EAF7DC6C2225261B85 ] McNASvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
18:22:01.0715 5336 McNASvc - ok
18:22:01.0776 5336 [ 135AA9E9E7047B7DC1F753205D421A26 ] McODS C:\Program Files\McAfee\VirusScan\mcods.exe
18:22:01.0779 5336 McODS - ok
18:22:01.0792 5336 [ 7E6932EEDA54C8EAF7DC6C2225261B85 ] McOobeSv C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
18:22:01.0794 5336 McOobeSv - ok
18:22:01.0808 5336 [ 7E6932EEDA54C8EAF7DC6C2225261B85 ] McProxy C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
18:22:01.0811 5336 McProxy - ok
18:22:01.0843 5336 [ 000751813ECEF491689176E72B3A8BEE ] McPvDrv C:\Windows\system32\drivers\McPvDrv.sys
18:22:01.0845 5336 McPvDrv - ok
18:22:01.0910 5336 [ 593FA4C378818ECE76BA64A11AD56CF2 ] McShield C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
18:22:01.0912 5336 McShield - ok
18:22:01.0944 5336 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
18:22:01.0947 5336 Mcx2Svc - ok
18:22:01.0993 5336 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys
18:22:01.0995 5336 megasas - ok
18:22:02.0023 5336 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys
18:22:02.0035 5336 MegaSR - ok
18:22:02.0074 5336 [ 43C31BDF404A6D7A7AC1BFD5EAD2A566 ] mfeapfk C:\Windows\system32\drivers\mfeapfk.sys
18:22:02.0077 5336 mfeapfk - ok
18:22:02.0109 5336 [ C1DC5F42D3367F33B6451BE78B38BD46 ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
18:22:02.0113 5336 mfeavfk - ok
18:22:02.0139 5336 mfeavfk01 - ok
18:22:02.0175 5336 [ 0435C43F4C2BE01B84868AD2A906397B ] mfebopk C:\Windows\system32\drivers\mfebopk.sys
18:22:02.0177 5336 mfebopk - ok
18:22:02.0212 5336 [ 7E1F8B1BDC8240F08BD358B3A466C005 ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
18:22:02.0214 5336 mfefire - ok
18:22:02.0244 5336 [ 4EA6FF90015424517843E931448E00F1 ] mfefirek C:\Windows\system32\drivers\mfefirek.sys
18:22:02.0250 5336 mfefirek - ok
18:22:02.0286 5336 [ 37800FBB68D88E3C3E49BB9C97233E87 ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
18:22:02.0295 5336 mfehidk - ok
18:22:02.0330 5336 [ AC04A618AEF3DE0FCE91C766F9E069DA ] mfenlfk C:\Windows\system32\DRIVERS\mfenlfk.sys
18:22:02.0334 5336 mfenlfk - ok
18:22:02.0367 5336 [ 47C91E229B129047F0138011DDF9F92F ] mferkdet C:\Windows\system32\drivers\mferkdet.sys
18:22:02.0370 5336 mferkdet - ok
18:22:02.0402 5336 [ 9F09CAA8DC12FC1626F82A5C212F6F9C ] mfevtp C:\Windows\system32\mfevtps.exe
18:22:02.0406 5336 mfevtp - ok
18:22:02.0435 5336 [ F284337AEDB7483DF8A5FA840647E2B0 ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys
18:22:02.0439 5336 mfewfpk - ok
18:22:02.0518 5336 MFE_RR - ok
18:22:02.0544 5336 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
18:22:02.0547 5336 MMCSS - ok
18:22:02.0583 5336 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
18:22:02.0585 5336 Modem - ok
18:22:02.0643 5336 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:22:02.0644 5336 monitor - ok
18:22:02.0669 5336 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
18:22:02.0671 5336 mouclass - ok
18:22:02.0697 5336 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
18:22:02.0699 5336 mouhid - ok
18:22:02.0714 5336 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
18:22:02.0718 5336 MountMgr - ok
18:22:02.0756 5336 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys
18:22:02.0759 5336 mpio - ok
18:22:02.0781 5336 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:22:02.0785 5336 mpsdrv - ok
18:22:02.0829 5336 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
18:22:02.0837 5336 MpsSvc - ok
18:22:02.0874 5336 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
18:22:02.0876 5336 Mraid35x - ok
18:22:02.0912 5336 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:22:02.0915 5336 MRxDAV - ok
18:22:02.0957 5336 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:22:02.0960 5336 mrxsmb - ok
18:22:03.0002 5336 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:22:03.0006 5336 mrxsmb10 - ok
18:22:03.0023 5336 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:22:03.0025 5336 mrxsmb20 - ok
18:22:03.0061 5336 [ 28023E86F17001F7CD9B15A5BC9AE07D ] msahci C:\Windows\system32\drivers\msahci.sys
18:22:03.0063 5336 msahci - ok
18:22:03.0088 5336 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys
18:22:03.0091 5336 msdsm - ok
18:22:03.0126 5336 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
18:22:03.0130 5336 MSDTC - ok
18:22:03.0170 5336 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:22:03.0172 5336 Msfs - ok
18:22:03.0187 5336 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
18:22:03.0191 5336 msisadrv - ok
18:22:03.0236 5336 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:22:03.0240 5336 MSiSCSI - ok
18:22:03.0254 5336 msiserver - ok
18:22:03.0290 5336 [ 7E6932EEDA54C8EAF7DC6C2225261B85 ] MSK80Service C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
18:22:03.0293 5336 MSK80Service - ok
18:22:03.0314 5336 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:22:03.0315 5336 MSKSSRV - ok
18:22:03.0351 5336 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:22:03.0354 5336 MSPCLOCK - ok
18:22:03.0374 5336 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:22:03.0375 5336 MSPQM - ok
18:22:03.0431 5336 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:22:03.0435 5336 MsRPC - ok
18:22:03.0478 5336 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
18:22:03.0479 5336 mssmbios - ok
18:22:03.0492 5336 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:22:03.0494 5336 MSTEE - ok
18:22:03.0518 5336 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
18:22:03.0524 5336 Mup - ok
18:22:03.0559 5336 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
18:22:03.0565 5336 napagent - ok
18:22:03.0625 5336 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:22:03.0628 5336 NativeWifiP - ok
18:22:03.0689 5336 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
18:22:03.0698 5336 NDIS - ok
18:22:03.0718 5336 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:22:03.0719 5336 NdisTapi - ok
18:22:03.0741 5336 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:22:03.0743 5336 Ndisuio - ok
18:22:03.0777 5336 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:22:03.0779 5336 NdisWan - ok
18:22:03.0804 5336 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:22:03.0808 5336 NDProxy - ok
18:22:03.0827 5336 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:22:03.0828 5336 NetBIOS - ok
18:22:03.0867 5336 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
18:22:03.0871 5336 netbt - ok
18:22:03.0891 5336 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
18:22:03.0893 5336 Netlogon - ok
18:22:03.0933 5336 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
18:22:03.0939 5336 Netman - ok
18:22:03.0968 5336 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
18:22:03.0975 5336 netprofm - ok
18:22:04.0007 5336 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:22:04.0010 5336 NetTcpPortSharing - ok
18:22:04.0042 5336 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
18:22:04.0044 5336 nfrd960 - ok
18:22:04.0071 5336 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
18:22:04.0077 5336 NlaSvc - ok
18:22:04.0109 5336 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:22:04.0110 5336 Npfs - ok
18:22:04.0131 5336 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
18:22:04.0134 5336 nsi - ok
18:22:04.0156 5336 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:22:04.0159 5336 nsiproxy - ok
18:22:04.0213 5336 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:22:04.0233 5336 Ntfs - ok
18:22:04.0256 5336 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
18:22:04.0260 5336 ntrigdigi - ok
18:22:04.0276 5336 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
18:22:04.0283 5336 Null - ok
18:22:04.0337 5336 [ 7FF98E1C7DADF17D1F043352DE743794 ] NVENETFD C:\Windows\system32\DRIVERS\nvmfdx32.sys
18:22:04.0352 5336 NVENETFD - ok
18:22:04.0582 5336 [ 09F5E33F91E186037262355B0BA72913 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:22:04.0720 5336 nvlddmkm - ok
18:22:04.0762 5336 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys
18:22:04.0765 5336 nvraid - ok
18:22:04.0794 5336 [ 5DD1242CABC1EF8DCE4438D72D72A436 ] nvrd32 C:\Windows\system32\drivers\nvrd32.sys
18:22:04.0797 5336 nvrd32 - ok
18:22:04.0824 5336 [ 62754E376185EACBB73D06FEA0FFC54A ] nvsmu C:\Windows\system32\drivers\nvsmu.sys
18:22:04.0826 5336 nvsmu - ok
18:22:04.0847 5336 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys
18:22:04.0849 5336 nvstor - ok
18:22:04.0883 5336 [ BB4DD678706510D9249EED1DA0219900 ] nvstor32 C:\Windows\system32\drivers\nvstor32.sys
18:22:04.0885 5336 nvstor32 - ok
18:22:04.0921 5336 [ F531F9B76E3E2595049F145160D280DE ] nvsvc C:\Windows\system32\nvvsvc.exe
18:22:04.0926 5336 nvsvc - ok
18:22:04.0950 5336 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
18:22:04.0953 5336 nv_agp - ok
18:22:04.0968 5336 NwlnkFlt - ok
18:22:04.0983 5336 NwlnkFwd - ok
18:22:05.0015 5336 [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
18:22:05.0016 5336 ohci1394 - ok
18:22:05.0066 5336 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:22:05.0069 5336 ose - ok
18:22:05.0192 5336 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:22:05.0250 5336 osppsvc - ok
18:22:05.0297 5336 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
18:22:05.0308 5336 p2pimsvc - ok
18:22:05.0326 5336 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
18:22:05.0336 5336 p2psvc - ok
18:22:05.0367 5336 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
18:22:05.0373 5336 Parport - ok
18:22:05.0408 5336 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:22:05.0410 5336 partmgr - ok
18:22:05.0426 5336 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
18:22:05.0428 5336 Parvdm - ok
18:22:05.0459 5336 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
18:22:05.0462 5336 PcaSvc - ok
18:22:05.0491 5336 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
18:22:05.0494 5336 pci - ok
18:22:05.0518 5336 [ FC175F5DDAB666D7F4D17449A547626F ] pciide C:\Windows\system32\drivers\pciide.sys
18:22:05.0522 5336 pciide - ok
18:22:05.0548 5336 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
18:22:05.0552 5336 pcmcia - ok
18:22:05.0595 5336 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:22:05.0608 5336 PEAUTH - ok
18:22:05.0695 5336 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
18:22:05.0718 5336 pla - ok
18:22:05.0758 5336 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:22:05.0765 5336 PlugPlay - ok
18:22:05.0804 5336 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
18:22:05.0812 5336 PNRPAutoReg - ok
18:22:05.0833 5336 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
18:22:05.0842 5336 PNRPsvc - ok
18:22:05.0868 5336 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:22:05.0880 5336 PolicyAgent - ok
18:22:05.0925 5336 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:22:05.0927 5336 PptpMiniport - ok
18:22:05.0947 5336 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys
18:22:05.0951 5336 Processor - ok
18:22:05.0972 5336 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
18:22:05.0977 5336 ProfSvc - ok
18:22:05.0997 5336 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
18:22:06.0002 5336 ProtectedStorage - ok
18:22:06.0035 5336 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
18:22:06.0038 5336 PSched - ok
18:22:06.0092 5336 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
18:22:06.0109 5336 ql2300 - ok
18:22:06.0133 5336 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
18:22:06.0136 5336 ql40xx - ok
18:22:06.0167 5336 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
18:22:06.0174 5336 QWAVE - ok
18:22:06.0194 5336 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:22:06.0196 5336 QWAVEdrv - ok
18:22:06.0217 5336 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:22:06.0219 5336 RasAcd - ok
18:22:06.0246 5336 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
18:22:06.0250 5336 RasAuto - ok
18:22:06.0267 5336 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:22:06.0270 5336 Rasl2tp - ok
18:22:06.0342 5336 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
18:22:06.0349 5336 RasMan - ok
18:22:06.0375 5336 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:22:06.0377 5336 RasPppoe - ok
18:22:06.0414 5336 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:22:06.0425 5336 RasSstp - ok
18:22:06.0461 5336 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:22:06.0475 5336 rdbss - ok
18:22:06.0490 5336 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:22:06.0491 5336 RDPCDD - ok
18:22:06.0524 5336 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
18:22:06.0529 5336 rdpdr - ok
18:22:06.0544 5336 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:22:06.0545 5336 RDPENCDD - ok
18:22:06.0587 5336 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:22:06.0592 5336 RDPWD - ok
18:22:06.0649 5336 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
18:22:06.0652 5336 RemoteAccess - ok
18:22:06.0686 5336 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:22:06.0691 5336 RemoteRegistry - ok
18:22:06.0711 5336 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
18:22:06.0713 5336 RpcLocator - ok
18:22:06.0761 5336 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
18:22:06.0768 5336 RpcSs - ok
18:22:06.0790 5336 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:22:06.0792 5336 rspndr - ok
18:22:06.0807 5336 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
18:22:06.0810 5336 SamSs - ok
18:22:06.0834 5336 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
18:22:06.0839 5336 sbp2port - ok
18:22:06.0872 5336 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:22:06.0876 5336 SCardSvr - ok
18:22:06.0922 5336 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
18:22:06.0932 5336 Schedule - ok
18:22:06.0951 5336 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
18:22:06.0953 5336 SCPolicySvc - ok
18:22:06.0990 5336 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:22:06.0995 5336 SDRSVC - ok
18:22:07.0013 5336 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:22:07.0015 5336 secdrv - ok
18:22:07.0039 5336 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
18:22:07.0042 5336 seclogon - ok
18:22:07.0064 5336 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll
18:22:07.0068 5336 SENS - ok
18:22:07.0094 5336 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
18:22:07.0096 5336 Serenum - ok
18:22:07.0119 5336 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
18:22:07.0124 5336 Serial - ok
18:22:07.0151 5336 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
18:22:07.0153 5336 sermouse - ok
18:22:07.0198 5336 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
18:22:07.0203 5336 SessionEnv - ok
18:22:07.0223 5336 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
18:22:07.0225 5336 sffdisk - ok
18:22:07.0243 5336 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
18:22:07.0245 5336 sffp_mmc - ok
18:22:07.0267 5336 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
18:22:07.0268 5336 sffp_sd - ok
18:22:07.0291 5336 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
18:22:07.0293 5336 sfloppy - ok
18:22:07.0335 5336 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
18:22:07.0346 5336 SharedAccess - ok
18:22:07.0386 5336 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:22:07.0392 5336 ShellHWDetection - ok
18:22:07.0423 5336 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys
18:22:07.0425 5336 sisagp - ok
18:22:07.0448 5336 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
18:22:07.0450 5336 SiSRaid2 - ok
18:22:07.0474 5336 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
18:22:07.0477 5336 SiSRaid4 - ok
18:22:07.0607 5336 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
18:22:07.0678 5336 slsvc - ok
18:22:07.0735 5336 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
18:22:07.0738 5336 SLUINotify - ok
18:22:07.0770 5336 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:22:07.0772 5336 Smb - ok
18:22:07.0815 5336 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:22:07.0818 5336 SNMPTRAP - ok
18:22:07.0864 5336 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
18:22:07.0866 5336 spldr - ok
18:22:07.0906 5336 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
18:22:07.0909 5336 Spooler - ok
18:22:07.0944 5336 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
18:22:07.0950 5336 srv - ok
18:22:08.0016 5336 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:22:08.0020 5336 srv2 - ok
18:22:08.0053 5336 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:22:08.0056 5336 srvnet - ok
18:22:08.0084 5336 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:22:08.0089 5336 SSDPSRV - ok
18:22:08.0106 5336 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:22:08.0117 5336 SstpSvc - ok
18:22:08.0173 5336 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
18:22:08.0188 5336 stisvc - ok
18:22:08.0224 5336 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
18:22:08.0229 5336 swenum - ok
18:22:08.0263 5336 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
18:22:08.0270 5336 swprv - ok
18:22:08.0289 5336 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
18:22:08.0291 5336 Symc8xx - ok
18:22:08.0312 5336 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
18:22:08.0313 5336 Sym_hi - ok
18:22:08.0336 5336 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
18:22:08.0338 5336 Sym_u3 - ok
18:22:08.0382 5336 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
18:22:08.0393 5336 SysMain - ok
18:22:08.0428 5336 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:22:08.0435 5336 TabletInputService - ok
18:22:08.0486 5336 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
18:22:08.0492 5336 TapiSrv - ok
18:22:08.0532 5336 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
18:22:08.0535 5336 TBS - ok
18:22:08.0589 5336 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:22:08.0601 5336 Tcpip - ok
18:22:08.0625 5336 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
18:22:08.0634 5336 Tcpip6 - ok
18:22:08.0665 5336 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:22:08.0666 5336 tcpipreg - ok
18:22:08.0705 5336 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
18:22:08.0706 5336 TDPIPE - ok
18:22:08.0736 5336 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
18:22:08.0737 5336 TDTCP - ok
18:22:08.0763 5336 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:22:08.0771 5336 tdx - ok
18:22:08.0809 5336 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
18:22:08.0811 5336 TermDD - ok
18:22:08.0861 5336 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
18:22:08.0869 5336 TermService - ok
18:22:08.0903 5336 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
18:22:08.0908 5336 Themes - ok
18:22:08.0938 5336 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
18:22:08.0941 5336 THREADORDER - ok
18:22:08.0974 5336 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
18:22:08.0980 5336 TrkWks - ok
18:22:09.0034 5336 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:22:09.0036 5336 TrustedInstaller - ok
18:22:09.0072 5336 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
18:22:09.0074 5336 tssecsrv - ok
18:22:09.0094 5336 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
18:22:09.0097 5336 tunmp - ok
18:22:09.0130 5336 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:22:09.0132 5336 tunnel - ok
18:22:09.0157 5336 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys
18:22:09.0159 5336 uagp35 - ok
18:22:09.0197 5336 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:22:09.0202 5336 udfs - ok
18:22:09.0247 5336 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:22:09.0252 5336 UI0Detect - ok
18:22:09.0277 5336 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
18:22:09.0279 5336 uliagpkx - ok
18:22:09.0307 5336 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys
18:22:09.0312 5336 uliahci - ok
18:22:09.0329 5336 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
18:22:09.0333 5336 UlSata - ok
18:22:09.0354 5336 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
18:22:09.0357 5336 ulsata2 - ok
18:22:09.0378 5336 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
18:22:09.0382 5336 umbus - ok
18:22:09.0404 5336 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
18:22:09.0411 5336 upnphost - ok
18:22:09.0450 5336 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
18:22:09.0452 5336 usbccgp - ok
18:22:09.0474 5336 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
18:22:09.0480 5336 usbcir - ok
18:22:09.0528 5336 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
18:22:09.0530 5336 usbehci - ok
18:22:09.0567 5336 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
18:22:09.0574 5336 usbhub - ok
18:22:09.0596 5336 [ CE697FEE0D479290D89BEC80DFE793B7 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
18:22:09.0599 5336 usbohci - ok
18:22:09.0627 5336 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
18:22:09.0628 5336 usbprint - ok
18:22:09.0697 5336 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
18:22:09.0699 5336 usbscan - ok
18:22:09.0714 5336 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:22:09.0722 5336 USBSTOR - ok
18:22:09.0746 5336 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
18:22:09.0749 5336 usbuhci - ok
18:22:09.0782 5336 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
18:22:09.0788 5336 UxSms - ok
18:22:09.0827 5336 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
18:22:09.0844 5336 vds - ok
18:22:09.0877 5336 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
18:22:09.0878 5336 vga - ok
18:22:09.0900 5336 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
18:22:09.0903 5336 VgaSave - ok
18:22:09.0926 5336 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys
18:22:09.0928 5336 viaagp - ok
18:22:09.0953 5336 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys
18:22:09.0959 5336 ViaC7 - ok
18:22:09.0981 5336 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys
18:22:09.0984 5336 viaide - ok
18:22:10.0013 5336 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
18:22:10.0023 5336 volmgr - ok
18:22:10.0064 5336 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:22:10.0073 5336 volmgrx - ok
18:22:10.0116 5336 [ 147281C01FCB1DF9252DE2A10D5E7093 ] volsnap C:\Windows\system32\drivers\volsnap.sys
18:22:10.0121 5336 volsnap - ok
18:22:10.0145 5336 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
18:22:10.0149 5336 vsmraid - ok
18:22:10.0185 5336 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
18:22:10.0203 5336 VSS - ok
18:22:10.0234 5336 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
18:22:10.0242 5336 W32Time - ok
18:22:10.0282 5336 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
18:22:10.0283 5336 WacomPen - ok
18:22:10.0306 5336 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
18:22:10.0308 5336 Wanarp - ok
18:22:10.0322 5336 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
18:22:10.0324 5336 Wanarpv6 - ok
18:22:10.0362 5336 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:22:10.0378 5336 wcncsvc - ok
18:22:10.0409 5336 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:22:10.0413 5336 WcsPlugInService - ok
18:22:10.0447 5336 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys
18:22:10.0451 5336 Wd - ok
18:22:10.0479 5336 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
18:22:10.0489 5336 Wdf01000 - ok
18:22:10.0515 5336 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:22:10.0519 5336 WdiServiceHost - ok
18:22:10.0537 5336 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
18:22:10.0541 5336 WdiSystemHost - ok
18:22:10.0577 5336 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
18:22:10.0585 5336 WebClient - ok
18:22:10.0617 5336 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
18:22:10.0623 5336 Wecsvc - ok
18:22:10.0655 5336 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
18:22:10.0666 5336 wercplsupport - ok
18:22:10.0707 5336 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
18:22:10.0712 5336 WerSvc - ok
18:22:10.0765 5336 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
18:22:10.0771 5336 WinDefend - ok
18:22:10.0794 5336 WinHttpAutoProxySvc - ok
18:22:10.0842 5336 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
18:22:10.0846 5336 Winmgmt - ok
18:22:10.0898 5336 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
18:22:10.0918 5336 WinRM - ok
18:22:10.0979 5336 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
18:22:10.0991 5336 Wlansvc - ok
18:22:11.0027 5336 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
18:22:11.0029 5336 WmiAcpi - ok
18:22:11.0081 5336 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
18:22:11.0090 5336 wmiApSrv - ok
18:22:11.0159 5336 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
18:22:11.0173 5336 WMPNetworkSvc - ok
18:22:11.0195 5336 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
18:22:11.0201 5336 WPCSvc - ok
18:22:11.0238 5336 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
18:22:11.0243 5336 WPDBusEnum - ok
18:22:11.0330 5336 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
18:22:11.0342 5336 WPFFontCache_v0400 - ok
18:22:11.0374 5336 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
18:22:11.0375 5336 ws2ifsl - ok
18:22:11.0410 5336 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\System32\wscsvc.dll
18:22:11.0414 5336 wscsvc - ok
18:22:11.0431 5336 WSearch - ok
18:22:11.0515 5336 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
18:22:11.0546 5336 wuauserv - ok
18:22:11.0569 5336 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
18:22:11.0572 5336 WUDFRd - ok
18:22:11.0612 5336 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll
18:22:11.0617 5336 wudfsvc - ok
18:22:11.0636 5336 ================ Scan global ===============================
18:22:11.0670 5336 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
18:22:11.0712 5336 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
18:22:11.0734 5336 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
18:22:11.0766 5336 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
18:22:11.0771 5336 [Global] - ok
18:22:11.0776 5336 ================ Scan MBR ==================================
18:22:11.0793 5336 [ 03BA8F890B47C0BE359A4D5A636D214D ] \Device\Harddisk0\DR0
18:22:12.0251 5336 \Device\Harddisk0\DR0 - ok
18:22:12.0255 5336 ================ Scan VBR ==================================
18:22:12.0259 5336 [ 852A8E6F0BCEF261CF0D8EC3A1872919 ] \Device\Harddisk0\DR0\Partition1
18:22:12.0262 5336 \Device\Harddisk0\DR0\Partition1 - ok
18:22:12.0270 5336 [ CA69A6F2B55044237BCCB73EA326A8A0 ] \Device\Harddisk0\DR0\Partition2
18:22:12.0272 5336 \Device\Harddisk0\DR0\Partition2 - ok
18:22:12.0280 5336 ============================================================
18:22:12.0280 5336 Scan finished
18:22:12.0280 5336 ============================================================
18:22:12.0291 2448 Detected object count: 0
18:22:12.0291 2448 Actual detected object count: 0
18:23:28.0790 3400 Deinitialize success

aswMBR log:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-09-23 18:53:53
-----------------------------
18:53:53.954 OS Version: Windows 6.0.6002 Service Pack 2
18:53:53.954 Number of processors: 1 586 0x7F02
18:53:53.956 ComputerName: SANDERSON-PC UserName: Sanderson
18:54:59.593 Initialize success
18:58:43.911 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000053
18:58:43.923 Disk 0 Vendor: SAMSUNG_ 1AC0 Size: 305245MB BusType: 3
18:58:43.954 Disk 0 MBR read successfully
18:58:43.969 Disk 0 MBR scan
18:58:43.972 Disk 0 unknown MBR code
18:58:43.988 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 292868 MB offset 63
18:58:44.048 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 12373 MB offset 599795280
18:58:44.097 Disk 0 scanning sectors +625136400
18:58:44.216 Disk 0 scanning C:\Windows\system32\drivers
18:58:51.778 Service scanning
18:59:02.134 Modules scanning
18:59:07.554 Disk 0 trace - called modules:
18:59:07.569 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll storport.sys nvstor32.sys
18:59:07.574 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85dbcac8]
18:59:07.579 3 CLASSPNP.SYS[807268b3] -> nt!IofCallDriver -> [0x850d2700]
18:59:07.588 5 acpi.sys[806176bc] -> nt!IofCallDriver -> \Device\00000053[0x84383890]
18:59:07.594 Scan finished successfully
18:59:38.954 Disk 0 MBR has been saved successfully to "C:\Users\Sanderson\Desktop\MBR.dat"
18:59:38.969 The log file has been saved successfully to "C:\Users\Sanderson\Desktop\aswMBR.txt"

ESET Threat List:

C:\Program Files\HP Games\Farm Mania\Farm-WT.exe a variant of Win32/Kryptik.SH trojan cleaned by deleting - quarantined
C:\ProgramData\WildTangent\528821fe-58e4-439c-81de-49f36a16aa12-extr.exe a variant of Win32/Kryptik.SH trojan cleaned by deleting - quarantined

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:31 PM

Posted 23 September 2012 - 09:36 PM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.



Download

adware cleaner

Launch it click on Delete

post the generated log

#5 FakeMoustache

FakeMoustache
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:03:31 PM

Posted 24 September 2012 - 11:39 AM

The result from Mini Toolbox:

MiniToolBox by Farbar Version: 23-07-2012
Ran by Sanderson (administrator) on 24-09-2012 at 12:20:02
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

::1 localhost

127.0.0.1 localhost

========================= IP Configuration: ================================

NVIDIA nForce 10/100 Mbps Ethernet = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Sanderson-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : domain.invalid

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : domain.invalid
Description . . . . . . . . . . . : NVIDIA nForce 10/100 Mbps Ethernet
Physical Address. . . . . . . . . : 00-26-18-4A-9E-9C
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::7ce2:ee1e:2d44:e3aa%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.254.1(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Monday, September 24, 2012 12:14:10 PM
Lease Expires . . . . . . . . . . : Thursday, October 31, 2148 6:48:25 PM
Default Gateway . . . . . . . . . : 192.168.254.254
DHCP Server . . . . . . . . . . . : 192.168.254.254
DHCPv6 IAID . . . . . . . . . . . : 251667992
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-11-E1-D8-38-00-26-18-4A-9E-9C
DNS Servers . . . . . . . . . . . : 192.168.254.254
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 7:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:c79:1f49:3f57:1fe(Preferred)
Link-local IPv6 Address . . . . . : fe80::c79:1f49:3f57:1fe%11(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Local Area Connection* 6:

Connection-specific DNS Suffix . : domain.invalid
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::5efe:192.168.254.1%12(Preferred)
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 192.168.254.254
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: UnKnown
Address: 192.168.254.254

Name: google.com
Addresses: 2607:f8b0:4002:c03::64
74.125.137.102
74.125.137.113
74.125.137.138
74.125.137.139
74.125.137.100
74.125.137.101



Pinging google.com [74.125.45.138] with 32 bytes of data:

Reply from 74.125.45.138: bytes=32 time=507ms TTL=53

Reply from 74.125.45.138: bytes=32 time=49ms TTL=53



Ping statistics for 74.125.45.138:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 49ms, Maximum = 507ms, Average = 278ms

Server: UnKnown
Address: 192.168.254.254

Name: yahoo.com
Addresses: 72.30.38.140
98.138.253.109
98.139.183.24



Pinging yahoo.com [72.30.38.140] with 32 bytes of data:

Reply from 72.30.38.140: bytes=32 time=269ms TTL=47

Reply from 72.30.38.140: bytes=32 time=407ms TTL=47



Ping statistics for 72.30.38.140:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 269ms, Maximum = 407ms, Average = 338ms

Server: UnKnown
Address: 192.168.254.254

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:

Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
10 ...00 26 18 4a 9e 9c ...... NVIDIA nForce 10/100 Mbps Ethernet
1 ........................... Software Loopback Interface 1
11 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
12 ...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.254.254 192.168.254.1 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.254.0 255.255.255.0 On-link 192.168.254.1 276
192.168.254.1 255.255.255.255 On-link 192.168.254.1 276
192.168.254.255 255.255.255.255 On-link 192.168.254.1 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.254.1 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.254.1 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
11 18 ::/0 On-link
1 306 ::1/128 On-link
11 18 2001::/32 On-link
11 266 2001:0:4137:9e76:c79:1f49:3f57:1fe/128
On-link
10 276 fe80::/64 On-link
11 266 fe80::/64 On-link
12 281 fe80::5efe:192.168.254.1/128
On-link
11 266 fe80::c79:1f49:3f57:1fe/128
On-link
10 276 fe80::7ce2:ee1e:2d44:e3aa/128
On-link
1 306 ff00::/8 On-link
11 266 ff00::/8 On-link
10 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\System32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\System32\winrnr.dll [19968] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/24/2012 00:12:50 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/24/2012 09:29:11 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/23/2012 06:53:49 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/23/2012 06:09:36 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/23/2012 09:27:32 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/22/2012 08:27:22 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/22/2012 04:32:07 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/22/2012 10:32:07 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/22/2012 09:44:23 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/21/2012 06:03:51 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (09/24/2012 00:12:51 PM) (Source: Service Control Manager) (User: )
Description: i8042prt

Error: (09/24/2012 00:12:51 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (09/24/2012 00:11:07 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 12:09:25 PM on 9/24/2012 was unexpected.

Error: (09/24/2012 09:29:11 AM) (Source: Service Control Manager) (User: )
Description: i8042prt

Error: (09/24/2012 09:29:11 AM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (09/23/2012 06:53:49 PM) (Source: Service Control Manager) (User: )
Description: i8042prt

Error: (09/23/2012 06:53:49 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (09/23/2012 06:47:34 PM) (Source: DCOM) (User: )
Description: {3EEF301F-B596-4C0B-BD92-013BEAFCE793}

Error: (09/23/2012 06:09:36 PM) (Source: Service Control Manager) (User: )
Description: i8042prt

Error: (09/23/2012 06:09:36 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058


Microsoft Office Sessions:
=========================
Error: (09/24/2012 00:12:50 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/24/2012 09:29:11 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/23/2012 06:53:49 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/23/2012 06:09:36 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/23/2012 09:27:32 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/22/2012 08:27:22 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/22/2012 04:32:07 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/22/2012 10:32:07 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/22/2012 09:44:23 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/21/2012 06:03:51 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


=========================== Installed Programs ============================

ActiveCheck component for HP Active Support Library (Version: 3.0.0.2)
Adobe Flash Player 11 ActiveX (Version: 11.0.1.152)
Adobe Reader 9.4.5 (Version: 9.4.5)
Agere Systems PCI-SV92EX Soft Modem
Ask Toolbar (Version: 1.14.1.0)
Ask Toolbar Updater (Version: 1.2.0.20007)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Coupon Printer for Windows (Version: 5.0.0.0)
CyberLink DVD Suite Deluxe (Version: 6.0.2602)
Default Manager (Version: 1.0.105.0)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DirectX for Managed Code Update (Summer 2004) (Version: 9.02.2904)
Hardware Diagnostic Tools (Version: 5.1.5144.16)
HP Active Support Library (Version: 3.1.10.1)
HP Advisor (Version: 3.1.1000.1002)
HP Customer Experience Enhancements (Version: 5.7.0.2945)
HP Deskjet 2050 J510 series Basic Device Software (Version: 20.0.771.0)
HP Deskjet 2050 J510 series Help (Version: 140.0.55.55)
HP Deskjet 2050 J510 series Product Improvement Study (Version: 20.0.771.0)
HP Games (Version: 1.0.0.66)
HP MediaSmart Demo (Version: 1.0.0.0)
HP MediaSmart DVD (Version: 2.2.2719)
HP MediaSmart Music/Photo/Video (Version: 2.2.2809)
HP MediaSmart SmartMenu (Version: 2.1.12)
HP Odometer (Version: 2.10.0000)
HP Picasso Media Center Add-In (Version: 1.0.0)
HP Recovery Manager RSS (Version: 92.0.0.11)
HP Remote Software (Version: 1.0.5.0)
HP Support Information (Version: 10.1.0001)
HP Total Care Setup (Version: 1.2.2854.2975)
HP Update (Version: 5.002.003.003)
HPAsset component for HP Active Support Library (Version: 3.0.0.7)
Hulu Desktop (Version: 0.9.14)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 31 (Version: 6.0.310)
LabelPrint (Version: 2.5.1402)
LightScribe System Software (Version: 1.18.3.2)
Malwarebytes Anti-Malware version 1.65.0.1400 (Version: 1.65.0.1400)
McAfee Total Protection (Version: 11.0.678)
McAfee Virtual Technician (Version: 6.5.0.2101)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Live Search Toolbar (Version: 3.0.552.0)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Home and Student 2010 (Version: 14.0.6029.1000)
Microsoft Office Home and Student 60 day trial
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Works (Version: 9.7.0621)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Norton Internet Security (Version: 16.0.0.125)
NVIDIA Drivers (Version: 1.3)
Power2Go (Version: 6.0.2602)
PowerDirector (Version: 7.0.2611)
Python 2.6 pywin32-212 (Version: 2.12)
Python 2.6.1 (Version: 2.6.1150)
Realtek High Definition Audio Driver (Version: 6.0.1.5789)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598289) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Yahoo! Toolbar

========================= Memory info: ===================================

Percentage of memory in use: 43%
Total physical RAM: 1917.77 MB
Available physical RAM: 1091.5 MB
Total Pagefile: 4082.02 MB
Available Pagefile: 2794.04 MB
Total Virtual: 2047.88 MB
Available Virtual: 1942.43 MB

========================= Partitions: =====================================

1 Drive c: (HP) (Fixed) (Total:286 GB) (Free:241.2 GB) NTFS
2 Drive d: (FACTORY_IMAGE) (Fixed) (Total:12.08 GB) (Free:1.24 GB) NTFS

========================= Users: ========================================

User accounts for \\SANDERSON-PC

Administrator Guest Sanderson


**** End of log ****

The result from FSS:

Farbar Service Scanner Version: 19-09-2012
Ran by Sanderson (administrator) on 24-09-2012 at 12:23:20
Running from "C:\Users\Sanderson\Desktop"
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll
[2008-01-20 22:24] - [2008-01-20 22:24] - 0288256 ____A (Microsoft Corporation) E1499BD0FF76B1B2FBBF1AF339D91165

C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****

The result from adware cleaner:

# AdwCleaner v2.003 - Logfile created 09/24/2012 at 12:26:06
# Updated 23/09/2012 by Xplode
# Operating system : Windows Vista ™ Home Premium Service Pack 2 (32 bits)
# User : Sanderson - SANDERSON-PC
# Boot Mode : Normal
# Running from : C:\Users\Sanderson\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
Folder Deleted : C:\Program Files\Ask.com
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\Users\Sanderson\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

***** [Registry] *****

Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKLM\Software\APN
Key Deleted : HKLM\Software\AskToolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Restored : [HKCU\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]

*************************

AdwCleaner[S1].txt - [3936 octets] - [24/09/2012 12:26:06]

########## EOF - C:\AdwCleaner[S1].txt - [3996 octets] ##########

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:31 PM

Posted 24 September 2012 - 08:15 PM

Malwarebytes log?

Download

Junkware removal tool

Launch it and scan should start running.After scan gets completed,post the generated log here.


Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#7 FakeMoustache

FakeMoustache
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:03:31 PM

Posted 25 September 2012 - 08:11 AM

Oops! I'm sorry. Here's the log from the Malwarebytes scan I ran yesterday:

Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Database version: v2012.09.24.05

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Sanderson :: SANDERSON-PC [administrator]

9/24/2012 9:43:53 AM
mbam-log-2012-09-24 (09-43-53).txt

Scan type: Full scan (C:\|D:\|E:\|F:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 379044
Time elapsed: 2 hour(s), 18 minute(s), 36 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

And here's the log from Junkware Removal:

Junkware Removal Tool (JRT) by Thisisu
Version: 1.0.7 (09.24.2012)
OS: Windows Vista ™ Home Premium x86
Ran by Sanderson on Tue 09/25/2012 at 8:46:31.03
Blog: http://thisisudax.blogspot.com
**************************************************************




*** Registry Values: 0 Detections



*** Registry Keys: 0 Detections



*** Files: 0 Detections



*** Folders: 0 Detections



*** Ask Toolbar: - Remnants removed







*** Event Viewer Logs - Cleared





**************************************************************
Scan was completed on Tue 09/25/2012 at 8:46:59.70
End of Report

From RKILL:

Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 09/25/2012 08:51:08 AM in x86 mode.
Windows Version: Windows Vista ™ Home Premium Service Pack 2

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
* HKLM\Software\Classes\exefile\shell\runas\command\\IsolatedCommand was changed. It was reset to "%1" %*!


Performing miscellaneous checks:

* Windows Firewall Disabled

[HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = dword:00000000

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost
::1 localhost

Program finished at: 09/25/2012 08:51:36 AM
Execution time: 0 hours(s), 0 minute(s), and 27 seconds(s)

And from Autoruns:

"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files\common files\adobe\arm\1.0\adobearm.exe"
+ "Adobe Reader Speed Launcher" "Adobe Acrobat SpeedLauncher" "Adobe Systems Incorporated" "c:\program files\adobe\reader 9.0\reader\reader_sl.exe"
+ "CLMLServer for HP TouchSmart" "CyberLink MediaLibray Service" "CyberLink" "c:\program files\hewlett-packard\touchsmart\media\kernel\clml\clmlsvc.exe"
+ "DVDAgent" "HP DVDSmart Resident Program" "CyberLink Corp." "c:\program files\hewlett-packard\media\dvd\dvdagent.exe"
+ "HP Health Check Scheduler" "HP Health Check Scheduler" "Hewlett-Packard" "c:\program files\hewlett-packard\hp health check\hphc_scheduler.exe"
+ "HP Remote Software" "Core functionality module for HP Remote software" "" "c:\program files\hewlett-packard\hp remote\hp remote v1.0.5.exe"
+ "hpsysdrv" "hpsysdrv" "Hewlett-Packard" "c:\program files\hewlett-packard\hp odometer\hpsysdrv.exe"
+ "McPvTray_exe" "McAfee AntiTheft Tray" "McAfee, Inc." "c:\program files\mcafee\mat\mcpvtray.exe"
+ "mcui_exe" "McAfee Security Center" "McAfee, Inc." "c:\program files\mcafee.com\agent\mcagent.exe"
+ "Microsoft Default Manager" "Microsoft Default Manager" "Microsoft Corp." "c:\program files\microsoft\search enhancement pack\default manager\defmgr.exe"
+ "NvCplDaemon" "NVIDIA Display Properties Extension" "NVIDIA Corporation" "c:\windows\system32\nvcpl.dll"
+ "NvMediaCenter" "NVIDIA Media Center Library" "NVIDIA Corporation" "c:\windows\system32\nvmctray.dll"
+ "SmartMenu" "HP MediaSmart SmartMenu" "Hewlett-Packard" "c:\program files\hewlett-packard\hp mediasmart\smartmenu.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files\common files\java\java update\jusched.exe"
+ "TSMAgent" "CyberLink PowerCinema Resident Program" "CyberLink Corp." "c:\program files\hewlett-packard\touchsmart\media\tsmagent.exe"
+ "UpdateLBPShortCut" "MUI StartMenu Application" "CyberLink Corp." "c:\program files\cyberlink\labelprint\muitransfer\muistartmenu.exe"
+ "UpdateP2GoShortCut" "MUI StartMenu Application" "CyberLink Corp." "c:\program files\cyberlink\power2go\muitransfer\muistartmenu.exe"
+ "UpdatePDIRShortCut" "MUI StartMenu Application" "CyberLink Corp." "c:\program files\cyberlink\powerdirector\muitransfer\muistartmenu.exe"
+ "UpdatePSTShortCut" "MUI StartMenu Application" "CyberLink Corp." "c:\program files\cyberlink\cyberlink dvd suite deluxe\muitransfer\muistartmenu.exe"
+ "Windows Defender" "Windows Defender User Interface" "Microsoft Corporation" "c:\program files\windows defender\msascui.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows Mail 7" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "DelayShred" "" "" "c:\program files\mcafee\mqs\shrcl.exe"
+ "hetdfif" "" "" "File not found: C:\Users\Sanderson\AppData\Roaming\Microsoft\Rbmdgfx\rbmdgfx.exe"
+ "HPADVISOR" "HP Advisor" "Hewlett-Packard" "c:\program files\hewlett-packard\hp advisor\hpadvisor.exe"
+ "Sidebar" "Windows Sidebar" "Microsoft Corporation" "c:\program files\windows sidebar\sidebar.exe"
+ "WMPNSCFG" "" "" "File not found: C:\Users\Sanderson\AppData\Roaming\Microsoft\Rbmdgfx\rbmdgfx.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "application/x-mfe-ipt" "McAfee MSC IE plugin DLL" "McAfee, Inc." "c:\program files\mcafee\msc\mcsniepl.dll"
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office14\msoxmlmf.dll"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "dssrequest" "SiteAdvisor" "McAfee, Inc." "c:\program files\mcafee\siteadvisor\mcieplg.dll"
+ "ms-help" "Microsoft® Help Data Services Module" "Microsoft Corporation" "c:\program files\common files\microsoft shared\help\hxds.dll"
+ "ms-itss" "Microsoft® InfoTech Storage System Library" "Microsoft Corporation" "c:\program files\common files\microsoft shared\information retrieval\msitss.dll"
+ "sacore" "SiteAdvisor" "McAfee, Inc." "c:\program files\mcafee\siteadvisor\mcieplg.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "McCtxMenuFrmWrk" "McAfee ContextMenu Framework" "McAfee, Inc." "c:\program files\mcafee\msc\mcctxmenufrmwrk.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "NvCplDesktopContext" "NVIDIA Display Properties Extension" "NVIDIA Corporation" "c:\windows\system32\nvcpl.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
+ "McCtxMenuFrmWrk" "McAfee ContextMenu Framework" "McAfee, Inc." "c:\program files\mcafee\msc\mcctxmenufrmwrk.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "&Yahoo! Toolbar Helper" "Yahoo! Toolbar" "Yahoo! Inc." "c:\program files\yahoo!\companion\installs\cpn\yt.dll"
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\ssv.dll"
+ "McAfee Phishing Filter" "" "" "File not found: c:\progra~1\mcafee\msk\mskapbho.dll"
+ "McAfee SiteAdvisor BHO" "SiteAdvisor" "McAfee, Inc." "c:\program files\mcafee\siteadvisor\mcieplg.dll"
+ "Microsoft Live Search Toolbar Helper" "MSN® Shell Extender" "Microsoft Corp." "c:\program files\msn\toolbar\3.0.0552.0\msneshellx.dll"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files\microsoft office\office14\urlredir.dll"
+ "scriptproxy" "VSCore Script Scanner" "McAfee, Inc." "c:\program files\common files\mcafee\systemcore\scriptsn.20120712180346.dll"
+ "SingleInstance Class" "Yahoo! Single Instance for Mail" "Yahoo! Inc" "c:\program files\yahoo!\companion\installs\cpn\ytsingleinstance.dll"
"HKCU\Software\Microsoft\Internet Explorer\UrlSearchHooks" "" "" ""
+ "McAfee SiteAdvisor Toolbar" "SiteAdvisor" "McAfee, Inc." "c:\program files\mcafee\siteadvisor\mcieplg.dll"
+ "Yahoo! Toolbar" "Yahoo! Toolbar" "Yahoo! Inc." "c:\program files\yahoo!\companion\installs\cpn\yt.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "McAfee SiteAdvisor" "SiteAdvisor" "McAfee, Inc." "c:\program files\mcafee\siteadvisor\mcieplg.dll"
+ "Microsoft Live Search Toolbar" "MSN® Shell Extender" "Microsoft Corp." "c:\program files\msn\toolbar\3.0.0552.0\msneshellx.dll"
+ "Yahoo! Toolbar" "Yahoo! Toolbar" "Yahoo! Inc." "c:\program files\yahoo!\companion\installs\cpn\yt.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "OneNote Lin&ked Notes" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnielinkednotes.dll"
+ "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnie.dll"
"Task Scheduler" "" "" ""
+ "\HP Health Check" "HP Health Check Scheduler" "Hewlett-Packard" "c:\program files\hewlett-packard\hp health check\hphc_scheduler.exe"
+ "\HPCustParticipation HP Deskjet 2050 J510 series" "HP Customer Participation." "Hewlett-Packard Co." "c:\program files\hp\hp deskjet 2050 j510 series\bin\hpcustpartic.exe"
+ "\Microsoft\Windows Defender\MP Scheduled Scan" "Windows Defender Command Line Utility" "Microsoft Corporation" "c:\program files\windows defender\mpcmdrun.exe"
+ "\Microsoft\Windows\Wired\GatherWiredInfo" "" "" "c:\windows\system32\gatherwiredinfo.vbs"
+ "\Microsoft\Windows\Wireless\GatherWirelessInfo" "" "" "c:\windows\system32\gatherwirelessinfo.vbs"
+ "\RecoveryCD" "ESAdvRemIntegrator" "" "c:\program files\hewlett-packard\hp tcs\remengine.exe"
+ "\Scheduled Update for Ask Toolbar" "" "" "File not found: C:\Program Files\Ask.com\UpdateTask.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AgereModemAudio" "Agere Soft Modem Call Progress Service" "Agere Systems" "c:\program files\lsi softmodem\agrsmsvc.exe"
+ "GameConsoleService" "GameConsole management services" "WildTangent, Inc." "c:\program files\hp games\hp game console\gameconsoleservice.exe"
+ "HP Health Check Service" "HP Health Check Service" "Hewlett-Packard" "c:\program files\hewlett-packard\hp health check\hphc_service.exe"
+ "LightScribeService" "Used by the LightScribe software components to support 3rd party disc labeling applications using the LightScribe COM Application Programming Interface (LSCAPI). This service needs to run for LightScribe direct disc labeling to work." "Hewlett-Packard Company" "c:\program files\common files\lightscribe\lssrvc.exe"
+ "McAfee SiteAdvisor Service" "McAfee SiteAdvisor Service" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McAWFwk" "McAfee Activation Service" "McAfee, Inc." "c:\program files\mcafee\msc\mcawfwk.exe"
+ "McMPFSvc" "Helps protect your computer from intrusion and let's you manage your computer's trusted programs." "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "mcmscsvc" "McAfee Services" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McNaiAnn" "McAfee VirusScan Announcer" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McNASvc" "Allows McAfee applications to communicate securely on the local network." "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McODS" "McAfee Scanner" "McAfee, Inc." "c:\program files\mcafee\virusscan\mcods.exe"
+ "McProxy" "McAfee Proxy Service" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McShield" "McAfee OnAccess Scanner" "McAfee, Inc." "c:\program files\common files\mcafee\systemcore\mcshield.exe"
+ "mfefire" "Provides firewall services to McAfee products" "McAfee, Inc." "c:\program files\common files\mcafee\systemcore\mfefire.exe"
+ "mfevtp" "Provides validation trust protection services" "McAfee, Inc." "c:\windows\system32\mfevtps.exe"
+ "MSK80Service" "This service filters e-mail messages on your computer" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "nvsvc" "Provides system and desktop level support to the NVIDIA display driver" "NVIDIA Corporation" "c:\windows\system32\nvvsvc.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files\common files\microsoft shared\source engine\ose.exe"
+ "osppsvc" "Office Software Protection Platform Service (unlocalized description)" "Microsoft Corporation" "c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe"
+ "WinDefend" "Scan your computer for unwanted software, schedule scans, and get the latest unwanted software definitions." "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AgereSoftModem" "SoftModem Device Driver" "LSI Corporation" "c:\windows\system32\drivers\agrsm.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "cfwids" "McAfee Personal Firewall IDS Plugin" "McAfee, Inc." "c:\windows\system32\drivers\cfwids.sys"
+ "E1G60" "Intel® PRO/1000 Adapter NDIS 6 deserialized driver" "Intel Corporation" "c:\windows\system32\drivers\e1g60i32.sys"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkvhda.sys"
+ "IpInIp" "IP in IP Tunnel Driver" "" "File not found: system32\DRIVERS\ipinip.sys"
+ "McPvDrv" "McAfee AntiTheft Driver" "McAfee, Inc." "c:\windows\system32\drivers\mcpvdrv.sys"
+ "MFE_RR" "" "" "File not found: C:\Users\SANDER~1\AppData\Local\Temp\mfe_rr.sys"
+ "mfeapfk" "Access Protection Filter Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfeapfk.sys"
+ "mfeavfk" "Anti-Virus File System Filter Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfeavfk.sys"
+ "mfeavfk01" "" "" "File not found: C:\Windows\System32\Drivers\mfeavfk01.sys"
+ "mfebopk" "Buffer Overflow Protection Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfebopk.sys"
+ "mfefirek" "McAfee Core Firewall Engine Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfefirek.sys"
+ "mfehidk" "McAfee Link Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfehidk.sys"
+ "mfenlfk" "McAfee NDIS Light Filter" "McAfee, Inc." "c:\windows\system32\drivers\mfenlfk.sys"
+ "mferkdet" "McAfee Code Analysis Driver" "McAfee, Inc." "c:\windows\system32\drivers\mferkdet.sys"
+ "mfewfpk" "Anti-Virus Mini-Firewall Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfewfpk.sys"
+ "NVENETFD" "NVIDIA MCP Networking Function Driver." "NVIDIA Corporation" "c:\windows\system32\drivers\nvmfdx32.sys"
+ "nvlddmkm" "NVIDIA Compatible Windows Vista Kernel Mode Driver, Version 182.14 " "NVIDIA Corporation" "c:\windows\system32\drivers\nvlddmkm.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor32" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor32.sys"
+ "NwlnkFlt" "IPX Traffic Filter Driver" "" "File not found: system32\DRIVERS\nwlnkflt.sys"
+ "NwlnkFwd" "IPX Traffic Forwarder Driver" "" "File not found: system32\DRIVERS\nwlnkfwd.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
+ "msacm.l3codecp" "MPEG Audio Layer-3 Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codecp.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\system32\iccvid.dll"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "9x8Resize" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Allocator Fix" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Bitmap" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Bouncing Ball" "Bouncing Ball Filter (Sample)" "Microsoft Corporation" "c:\program files\hewlett-packard\touchsmart\media\kernel\dmp\copptestfilter.ax"
+ "Capture ASF Writer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "CL Dvb Subtitle Decoder" "CLDvbSub" "CyberLink_DE" "c:\program files\hewlett-packard\touchsmart\media\kernel\tv\pcmrdvbsub.ax"
+ "CL_EVRWindow" "CLEvr" "CyberLink Corp." "c:\program files\hewlett-packard\touchsmart\media\kernel\tv\pcmrevr.dll"
+ "CL_EVRWindow" "CLEvr" "CyberLink Corp." "c:\program files\hewlett-packard\touchsmart\media\kernel\dmp\clevr.dll"
+ "CyberLink Audio Decoder" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files\hewlett-packard\touchsmart\media\kernel\dmp\claud61.ax"
+ "CyberLink Audio Decoder (HP)" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files\hewlett-packard\media\dvd\kernel\movie\claud.ax"
+ "CyberLink Audio Decoder (HP)" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files\hewlett-packard\touchsmart\media\kernel\video\claud.ax"
+ "CyberLink Audio Effect" "CyberLink Audio Effect Filter" "CyberLink Corporation" "c:\program files\hewlett-packard\touchsmart\media\kernel\tv\pcmraudfx.ax"
+ "CyberLink Audio Effect (HP)" "CyberLink Audio Effect Filter" "CyberLink Corporation" "c:\program files\hewlett-packard\media\dvd\kernel\movie\claudfx.ax"
+ "CyberLink Audio Effect (HP)" "CyberLink Audio Effect Filter" "CyberLink Corporation" "c:\program files\hewlett-packard\touchsmart\media\kernel\video\claudfx.ax"
+ "CyberLink Audio Noise Reduction" "CLAuNR" "CyberLink Corp." "c:\program files\hewlett-packard\touchsmart\media\kernel\tv\pcmraunrwrapper.ax"
+ "CyberLink Audio Noise Reduction" "CLAuNR" "CyberLink Corp." "c:\program files\cyberlink\power2go\p2gaunrwrapper.ax"
+ "CyberLink Audio Resampler" "CLAuRsmpl.ax" "CyberLink Corp." "c:\program files\cyberlink\power2go\p2gaursmpl.ax"
+ "CyberLink Audio Spectrum Analyzer (HomeNetwork)" "CLAudSpa.ax" "CyberLink Corp." "c:\program files\hewlett-packard\touchsmart\media\kernel\dmp\claudspa.ax"
+ "CyberLink Audio Spectrum Analyzer (HP)" "CLAudSpa.ax" "CyberLink Corp." "c:\program files\hewlett-packard\touchsmart\media\kernel\video\claudspa.ax"
+ "CyberLink Audio VolumeBooster" "CyberLink Audio Volume Booster Filter" "CyberLink Corp." "c:\program files\cyberlink\power2go\p2gvb.ax"
+ "CyberLink AudioCD Filter" "CyberLink AudioCD Filter" "CyberLink Corp." "c:\program files\cyberlink\power2go\p2gaudiocd.ax"
+ "CyberLink AudioCD Filter (HP)" "CyberLink AudioCD Filter" "CyberLink Corp." "c:\program files\hewlett-packard\touchsmart\media\kernel\video\claudiocd.ax"
+ "CyberLink Demultiplexer" "MPEG-2 Dempltiplexer" "CyberLink Corp." "c:\program files\hewlett-packard\touchsmart\media\kernel\tv\pcmrdemuxer.ax"
+ "CyberLink Demultiplexer (HP)" "MPEG-2 Dempltiplexer" "CyberLink Corp." "c:\program files\hewlett-packard\touchsmart\media\kernel\video\cldemuxer.ax"
+ "CyberLink Demultiplexer(Scramble)" "MPEG-2 Dempltiplexer" "CyberLink Corp." "c:\program files\hewlett-packard\touchsmart\media\kernel\dmp\cldemuxer.ax"
+ "Cyberlink Dump Dispatch Filter" "Cyberlink File Dump Dispatch Filter" "CyberLink Corp." "c:\program files\cyberlink\power2go\p2gdumpdispatch.ax"
+ "Cyberlink Dump Filter" "Cyberlink File Dump Filter" "CyberLink Corp." "c:\program files\cyberlink\power2go\p2gdump.ax"
+ "CyberLink DVD Navigator (HP)" "CyberLink DVD Navigation Filter" "CyberLink Corp." "c:\program files\hewlett-packard\touchsmart\media\kernel\video\clnavx.ax"
+ "CyberLink DVD Navigator (HP)" "CyberLink DVD Navigation Filter" "CyberLink Corp." "c:\program files\hewlett-packard\media\dvd\kernel\movie\clnavx.ax"
+ "CyberLink Editing Service 3.0 (Source)" "CES Kernel" "CyberLink Corp." "c:\program files\cyberlink\power2go\p2gedtkrn.dll"
+ "CyberLink EPG Decoder" "EPGDec" "CyberLink Corp." "c:\program files\hewlett-packard\touchsmart\media\kernel\tv\pcmrepgdec.ax"
+ "CyberLink File Map Sink" "CyberLink File Map Sink" "Cyberlink Corporation." "c:\program files\hewlett-packard\touchsmart\media\kernel\tv\pcmrfmsnk.ax"
+ "CyberLink File Map Source" "CyberLink File Map Source" "CyberLink File Map Source" "c:\program files\hewlett-packard\touchsmart\media\kernel\tv\pcmrfmsrc.ax"
+ "Cyberlink File Reader (Async.)" "Cyberlink MPEG File Reader" "CyberLink Corp." "c:\program files\cyberlink\power2go\p2greader.ax"
+ "CyberLink Line21 Decoder Filter (HP)" "CyberLink Line21 Decoder Filter" "CyberLink Corp." "c:\program files\hewlett-packard\media\dvd\kernel\movie\clline21.ax"
+ "CyberLink Line21 Decoder Filter (HP)" "CyberLink Line21 Decoder Filter" "CyberLink Corp." "c:\program files\hewlett-packard\touchsmart\media\kernel\video\clline21.ax"
+ "CyberLink Load Image Filter" "CLImage" "CyberLink" "c:\program files\cyberlink\shared files\climage.ax"
+ "CyberLink M2V Writer" "CLM2VWriter" "CyberLink" "c:\program files\cyberlink\power2go\p2gm2vwriter.ax"
+ "CyberLink MP3 Wrapper-PCM" "CyberLink MP3 Wrapper" "CyberLink Corp." "c:\program files\hewlett-packard\touchsmart\media\kernel\tv\pcmrmp3wrap.ax"
+ "CyberLink MP3/WAV Wrapper" "CyberLink MP3 Wrapper" "CyberLink Corp." "c:\program files\cyberlink\power2go\p2gmp3wrap.ax"
+ "CyberLink MPEG Decoder" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files\cyberlink\power2go\p2gmvd.ax"
+ "CyberLink MPEG Muxer" "MpgMux" "CyberLink" "c:\program files\cyberlink\power2go\p2gmpgmux.ax"
+ "CyberLink MPEG Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files\hewlett-packard\touchsmart\media\kernel\video\clsplter.ax"
+ "CyberLink MPEG Splitter(Scramble)" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files\hewlett-packard\touchsmart\media\kernel\dmp\clsplter.ax"
+ "CyberLink MPEG Video Encoder" "CyberLink MPEG Video Encoder " "CyberLink Corp. " "c:\program files\cyberlink\power2go\p2gvidenc.ax"
+ "CyberLink MPEG Video Encoder" "CyberLink MPEG Video Encoder " "CyberLink Corp. " "c:\program files\hewlett-packard\touchsmart\media\kernel\tv\pcmrmpgvenc.ax"
+ "CyberLink MPEG-1 Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files\cyberlink\power2go\p2gm1spliter.ax"
+ "CyberLink MPEG-2 Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files\cyberlink\power2go\p2gm2spliter.ax"
+ "CyberLink MPEG-4 Splitter" "CyberLink MPEG-4 Splitter" "CyberLink Corp." "c:\program files\hewlett-packard\touchsmart\media\kernel\dmp\clm4splt.ax"
+ "CyberLink MPEGV Analyzer" "CLMPEGAnalysis" "CyberLink" "c:\program files\hewlett-packard\touchsmart\media\kernel\tv\pcmrmpegvanalyzer.ax"
+ "CyberLink PCM Wrapper" "CyberLink PCM Wrapper" "CyberLink Corp." "c:\program files\cyberlink\power2go\p2gpcmenc.ax"
+ "CyberLink Pipe Switch" "CyberLink Pipe Switch" "CyberLink Corp." "c:\program files\hewlett-packard\touchsmart\media\kernel\tv\pcmrpipswch.ax"
+ "CyberLink PTS Regulator" "CyberLink PTS Regulator " "CyberLink Corp." "c:\program files\hewlett-packard\touchsmart\media\kernel\tv\pcmptsreg.ax"
+ "CyberLink Push-Mode CLStream" "CLStream" "CyberLink" "c:\program files\hewlett-packard\touchsmart\media\kernel\dmp\clstream(pushmode).ax"
+ "CyberLink Push-Mode CLStream (cURL)" "CLStream" "CyberLink" "c:\program files\hewlett-packard\touchsmart\media\kernel\dmp\clstream(multilib).ax"
+ "CyberLink SAC Video Decoder" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files\hewlett-packard\touchsmart\media\kernel\dmp\clvsd.ax"
+ "CyberLink SBE Filter" "CLSBE" "CyberLink" "c:\program files\hewlett-packard\touchsmart\media\kernel\tv\pcmrsbe.ax"
+ "CyberLink SBE Source Filter" "CLSBESrc" "CyberLink" "c:\program files\hewlett-packard\touchsmart\media\kernel\tv\pcmrsbesrc.ax"
+ "Cyberlink Streamming Filter" "Cyberlink Streaming Source Filter(Scramble)" "CyberLink Corp." "c:\program files\hewlett-packard\touchsmart\media\kernel\dmp\clstream.ax"
+ "Cyberlink SubTitle Importor (HP)" "CLSubTitle.ax" "CyberLink Corp." "c:\program files\hewlett-packard\touchsmart\media\kernel\video\clsubtitle.ax"
+ "Cyberlink SubTitle(HP)" "CLSubTitle.ax" "CyberLink Corp." "c:\program files\hewlett-packard\media\dvd\kernel\movie\clsubtitle.ax"
+ "CyberLink Teletext Decoder Filter" "Teletext Renderer Filter" "CyberLink Corp." "c:\program files\hewlett-packard\touchsmart\media\kernel\tv\pcmrttxdec.ax"
+ "CyberLink TimeStretch Filter" "CLAuTS.ax" "CyberLink Corp." "c:\program files\hewlett-packard\touchsmart\media\kernel\tv\pcmrauts.ax"
+ "CyberLink TimeStretch Filter (CES)" "CLAuTS.ax" "CyberLink Corp." "c:\program files\cyberlink\power2go\p2gauts.ax"
+ "CyberLink TimeStretch Filter (HP)" "CLAuTS.ax" "CyberLink Corp." "c:\program files\hewlett-packard\touchsmart\media\kernel\video\clauts.ax"
+ "CyberLink TimeStretch Filter (HP)" "CLAuTS.ax" "CyberLink Corp." "c:\program files\hewlett-packard\media\dvd\kernel\movie\clauts.ax"
+ "CyberLink TimeStretch Filter(HomeNetwork)" "CLAuTS.ax" "CyberLink Corp." "c:\program files\hewlett-packard\touchsmart\media\kernel\dmp\clauts.ax"
+ "CyberLink TL MPEG Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files\cyberlink\power2go\p2gtlmsplter.ax"
+ "Cyberlink TS Filter Filter" "TSFF" "Cyberlink" "c:\program files\hewlett-packard\touchsmart\media\kernel\tv\pcmrtsff.ax"
+ "Cyberlink TS Information" "CLTSInfo" "Cyberlink" "c:\program files\hewlett-packard\touchsmart\media\kernel\tv\pcmrtsinfo.ax"
+ "CyberLink Tzan Filter" "Cyberlink Tzan Filter" "CyberLink Corp." "c:\program files\hewlett-packard\media\dvd\kernel\movie\cltzan.ax"
+ "CyberLink Video Effect" "CLVidFx" "CyberLink" "c:\program files\cyberlink\power2go\p2gvidfx.ax"
+ "CyberLink Video Effect (HP)" "CLVidFx" "CyberLink" "c:\program files\hewlett-packard\touchsmart\media\kernel\video\clvidfx.ax"
+ "CyberLink Video Effect (HP)" "CLVidFx" "CyberLink" "c:\program files\hewlett-packard\media\dvd\kernel\movie\clvidfx.ax"
+ "CyberLink Video Regulator" "CLRGL" "Cyberlink" "c:\program files\cyberlink\power2go\p2grgl.ax"
+ "CyberLink Video Stabilizer" "CLVideoDeShaking" "CyberLink" "c:\program files\cyberlink\power2go\p2gvideostabilizer.ax"
+ "CyberLink Video/SP Decoder (HP)" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files\hewlett-packard\touchsmart\media\kernel\video\clvsd.ax"
+ "CyberLink Video/SP Decoder (HP)" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files\hewlett-packard\media\dvd\kernel\movie\clvsd.ax"
+ "CyberLink Volume Meter" "CLVolumeMeter" "CyberLink Corp." "c:\program files\hewlett-packard\touchsmart\media\kernel\tv\hpvolumemeter.ax"
+ "CyberLink WMV Dumper(HP)" "CLWMVDum Dynamic Link Library" "" "c:\program files\hewlett-packard\touchsmart\media\kernel\tv\pcmwmvdump.ax"
+ "CyberLink WMV/WMA Demultiplexer" "WMV/WMA Demux" "CyberLink" "c:\program files\hewlett-packard\touchsmart\media\kernel\dmp\clwmfdemux.ax"
+ "CyberLink XDS Codec" "CLXDSCodec" "Cyberlink" "c:\program files\hewlett-packard\touchsmart\media\kernel\tv\pcmrxdscodec.ax"
+ "Frame Eater" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "MSDVD Audio Wizard (HP)" "CyberLink Audio Wizard Filter" "CyberLink Corp." "c:\program files\hewlett-packard\media\dvd\kernel\movie\claudwizard.ax"
+ "Multiple File Output" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "P2G Audio Decoder" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files\cyberlink\power2go\p2gaud.ax"
+ "P2G Audio Encoder" "CyberLink Audio Encoder Filter" "Cyberlink Corp." "c:\program files\cyberlink\power2go\p2gaudenc.ax"
+ "P2G Video Decoder" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files\cyberlink\power2go\p2gvsd.ax"
+ "P2G Video Regulator" "CyberLink Video Regulator" "CyberLink" "c:\program files\cyberlink\power2go\p2gresample.ax"
+ "PCM Audio Decoder" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files\hewlett-packard\touchsmart\media\kernel\tv\pcmraud.ax"
+ "PCM Audio Encoder" "CyberLink Audio Encoder Filter" "Cyberlink Corp." "c:\program files\hewlett-packard\touchsmart\media\kernel\tv\pcmraudenc.ax"
+ "PCM Audio Resampler" "CLAuRsmpl.ax" "CyberLink Corp." "c:\program files\hewlett-packard\touchsmart\media\kernel\tv\pcmraursmpl.ax"
+ "PCM Dump Filter" "Cyberlink File Dump Filter" "CyberLink Corp." "c:\program files\hewlett-packard\touchsmart\media\kernel\tv\pcmrdump.ax"
+ "PCM MPEG Muxer" "MpgMux" "CyberLink" "c:\program files\hewlett-packard\touchsmart\media\kernel\tv\pcmrmpgmux.ax"
+ "PCM MPEG Video Encoder" "CyberLink MPEG Video Encoder " "CyberLink Corp. " "c:\program files\hewlett-packard\touchsmart\media\kernel\tv\pcmrmpgvenc2.ax"
+ "PCM MPEG-2 Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files\hewlett-packard\touchsmart\media\kernel\tv\pcmrm2splter.ax"
+ "PCM RTP Source Filter" "RTP Source Filter" "CyberLink Corp." "c:\program files\hewlett-packard\touchsmart\media\kernel\tv\pcmrrtpsrc.ax"
+ "PCM SnapShotTIP Filter" "CLSShot" "CyberLink" "c:\program files\hewlett-packard\touchsmart\media\kernel\tv\pcmrsshot.ax"
+ "PCM Video Effect" "CLVidFx" "CyberLink" "c:\program files\hewlett-packard\touchsmart\media\kernel\tv\pcmrvidfx.ax"
+ "PCM Video Regulator" "CyberLink Video Regulator" "CyberLink" "c:\program files\hewlett-packard\touchsmart\media\kernel\tv\pcmrresample.ax"
+ "PCM Video/SP Decoder" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files\hewlett-packard\touchsmart\media\kernel\tv\pcmrvsd.ax"
+ "Proxy Sink" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Proxy Source" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Record Queue" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Sample File Source (Async.)" "Async sample Filter (Sample)" "Microsoft Corporation" "c:\program files\hewlett-packard\touchsmart\media\kernel\dmp\clasyreader.ax"
+ "ShotDetect" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Stetch" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Time Regulator" "TimeRegulator" "cyberlink" "c:\program files\hewlett-packard\touchsmart\media\kernel\tv\pcmravi_audtr.ax"
+ "WM VIH2 Fix" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Audio Analyzer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Black Frame Generator" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DV Extract Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT FormatConversion" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Import Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Interlacer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Log Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT MuxDeMux Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Sample Info Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Switch Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Renderer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Source" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Volume" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "HP 8711 Status Monitor" "Print Status Language Monitor" "Hewlett-Packard Co." "c:\windows\system32\hpinksts8711lm.dll"
+ "LIDIL hpzlllhn" "LanguageMonitor" "Hewlett-Packard Company" "c:\windows\system32\hpzlllhn.dll"

Thank you again!

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:31 PM

Posted 25 September 2012 - 08:14 AM

Any current issues?

#9 FakeMoustache

FakeMoustache
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:03:31 PM

Posted 25 September 2012 - 12:05 PM

Most of the problems are gone. Before the computer was cleaned, when I tried to run any anti-virus stuff, the computer made a high-pitched whining sound; that's stopped, and it's quiet now. I was able to turn on both my Windows Firewall and Windows Defender, and did.

The only thing that's still confusing me: when I try to delete browsing history with ctrl+shift+del, I get a folder in my temporary Internet Files. For instance, the one there now is IHZ2HOV, and this is inside:

C:\Users\Sanderson\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IHZ2VHOV\syncmessage[1].htm

...but as I said, I don't know much about computers. It might be it's always done this, and I just didn't notice it until it got sick and I started poking around places I don't normally go.

Thank you so much for all of your help!

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:31 PM

Posted 25 September 2012 - 01:09 PM

Thats normal and you can ignore it

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP-http://support.microsoft.com/kb/310405

Vista & windows 7-http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)

#11 FakeMoustache

FakeMoustache
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:03:31 PM

Posted 26 September 2012 - 07:19 PM

Thank you so much! I've done the updates and scans, flushed the old system restore files and created new, and am starting to read the FAQ. Thank you for all your help.

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:31 PM

Posted 26 September 2012 - 07:21 PM

You're welcome :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users