Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Firefox redirect when searching or using bookmarks


  • Please log in to reply
9 replies to this topic

#1 DodoGeo

DodoGeo

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:04:23 PM

Posted 25 September 2012 - 02:04 PM

Hello, I've been having this problem for a week now and can't find any solutions for it.
I'm using Firefox 15.0.1 (Win7 x64) and sometimes I get randomly redirected to http://8.26.70.252/see/display.php?q=free%20movies&affid=extratorrent&subid=exityield&p=2&r=0

It happens randomly one time out of ten-twenty times I use my Bookmarks or the Google search in the Toolbar.
Similar to another user here I managed to recreate the redirect by refreshing extratorrent.com site.

By now I tried to remove the malware by using Kaspersky TDSS Killer, FixTDDS by Symantec, HitmanPro, Malwarebytes and SUPERantispyware. All without success.
I appreciate any help you can provide on the issue.

Edited by DodoGeo, 25 September 2012 - 02:05 PM.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:23 PM

Posted 25 September 2012 - 02:05 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 DodoGeo

DodoGeo
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:04:23 PM

Posted 25 September 2012 - 03:44 PM

TDSSkiller log:

21:08:23.0149 1044 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
21:08:23.0279 1044 ============================================================
21:08:23.0279 1044 Current date / time: 2012/09/25 21:08:23.0279
21:08:23.0279 1044 SystemInfo:
21:08:23.0279 1044
21:08:23.0279 1044 OS Version: 6.1.7600 ServicePack: 0.0
21:08:23.0279 1044 Product type: Workstation
21:08:23.0279 1044 ComputerName: LAPPY386
21:08:23.0280 1044 UserName: Dodo
21:08:23.0280 1044 Windows directory: C:\Windows
21:08:23.0280 1044 System windows directory: C:\Windows
21:08:23.0280 1044 Running under WOW64
21:08:23.0280 1044 Processor architecture: Intel x64
21:08:23.0280 1044 Number of processors: 8
21:08:23.0280 1044 Page size: 0x1000
21:08:23.0280 1044 Boot type: Normal boot
21:08:23.0280 1044 ============================================================
21:08:23.0369 1044 BG loaded
21:08:23.0675 1044 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:08:23.0676 1044 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:08:23.0685 1044 ============================================================
21:08:23.0685 1044 \Device\Harddisk0\DR0:
21:08:23.0685 1044 MBR partitions:
21:08:23.0685 1044 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xC8000, BlocksNum 0x1D0AE800
21:08:23.0685 1044 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D176800, BlocksNum 0x1D20F800
21:08:23.0685 1044 \Device\Harddisk1\DR1:
21:08:23.0686 1044 MBR partitions:
21:08:23.0686 1044 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A385000
21:08:23.0686 1044 ============================================================
21:08:23.0708 1044 C: <-> \Device\Harddisk0\DR0\Partition1
21:08:23.0752 1044 D: <-> \Device\Harddisk0\DR0\Partition2
21:08:24.0017 1044 E: <-> \Device\Harddisk1\DR1\Partition1
21:08:24.0017 1044 ============================================================
21:08:24.0017 1044 Initialize success
21:08:24.0017 1044 ============================================================
21:09:20.0121 5096 ============================================================
21:09:20.0121 5096 Scan started
21:09:20.0121 5096 Mode: Manual; TDLFS;
21:09:20.0121 5096 ============================================================
21:09:20.0593 5096 ================ Scan system memory ========================
21:09:20.0593 5096 System memory - ok
21:09:20.0593 5096 ================ Scan services =============================
21:09:20.0731 5096 [ 969C91060CBB5D17CB8440B5F78B4C51 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
21:09:20.0732 5096 1394ohci - ok
21:09:20.0755 5096 [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
21:09:20.0757 5096 ACPI - ok
21:09:20.0781 5096 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
21:09:20.0781 5096 AcpiPmi - ok
21:09:20.0805 5096 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
21:09:20.0807 5096 adp94xx - ok
21:09:20.0829 5096 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
21:09:20.0831 5096 adpahci - ok
21:09:20.0848 5096 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
21:09:20.0849 5096 adpu320 - ok
21:09:20.0872 5096 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
21:09:20.0873 5096 AeLookupSvc - ok
21:09:20.0919 5096 [ 6EF20DDF3172E97D69F596FB90602F29 ] AFD C:\Windows\system32\drivers\afd.sys
21:09:20.0922 5096 AFD - ok
21:09:20.0936 5096 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
21:09:20.0936 5096 agp440 - ok
21:09:20.0955 5096 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
21:09:20.0956 5096 ALG - ok
21:09:20.0968 5096 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
21:09:20.0969 5096 aliide - ok
21:09:20.0979 5096 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\DRIVERS\amdide.sys
21:09:20.0979 5096 amdide - ok
21:09:20.0995 5096 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
21:09:20.0996 5096 AmdK8 - ok
21:09:21.0012 5096 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
21:09:21.0013 5096 AmdPPM - ok
21:09:21.0024 5096 [ 7A4B413614C055935567CF88A9734D38 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys
21:09:21.0025 5096 amdsata - ok
21:09:21.0055 5096 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
21:09:21.0057 5096 amdsbs - ok
21:09:21.0067 5096 [ B4AD0CACBAB298671DD6F6EF7E20679D ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys
21:09:21.0068 5096 amdxata - ok
21:09:21.0171 5096 [ 0A1CC583E8147004E4AD4625D7FBF88C ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
21:09:21.0172 5096 AntiVirSchedulerService - ok
21:09:21.0203 5096 [ C9A36EF935ACED86AEDF93E97E606911 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
21:09:21.0203 5096 AntiVirService - ok
21:09:21.0235 5096 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID C:\Windows\system32\drivers\appid.sys
21:09:21.0236 5096 AppID - ok
21:09:21.0254 5096 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
21:09:21.0254 5096 AppIDSvc - ok
21:09:21.0271 5096 [ D065BE66822847B7F127D1F90158376E ] Appinfo C:\Windows\System32\appinfo.dll
21:09:21.0271 5096 Appinfo - ok
21:09:21.0297 5096 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
21:09:21.0298 5096 arc - ok
21:09:21.0311 5096 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
21:09:21.0312 5096 arcsas - ok
21:09:21.0455 5096 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
21:09:21.0455 5096 aspnet_state - ok
21:09:21.0471 5096 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
21:09:21.0471 5096 AsyncMac - ok
21:09:21.0497 5096 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\DRIVERS\atapi.sys
21:09:21.0497 5096 atapi - ok
21:09:21.0542 5096 [ 59C8CE8081E357A620F3661F6A0AEC97 ] ATSwpWDF C:\Windows\system32\Drivers\ATSwpWDF.sys
21:09:21.0546 5096 ATSwpWDF - ok
21:09:21.0584 5096 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:09:21.0587 5096 AudioEndpointBuilder - ok
21:09:21.0609 5096 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv C:\Windows\System32\Audiosrv.dll
21:09:21.0611 5096 AudioSrv - ok
21:09:21.0664 5096 [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
21:09:21.0665 5096 avgntflt - ok
21:09:21.0701 5096 [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
21:09:21.0702 5096 avipbb - ok
21:09:21.0713 5096 [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
21:09:21.0714 5096 avkmgr - ok
21:09:21.0733 5096 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV C:\Windows\System32\AxInstSV.dll
21:09:21.0734 5096 AxInstSV - ok
21:09:21.0766 5096 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
21:09:21.0768 5096 b06bdrv - ok
21:09:21.0800 5096 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
21:09:21.0801 5096 b57nd60a - ok
21:09:21.0819 5096 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
21:09:21.0820 5096 BDESVC - ok
21:09:21.0844 5096 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
21:09:21.0844 5096 Beep - ok
21:09:21.0886 5096 [ 4992C609A6315671463E30F6512BC022 ] BFE C:\Windows\System32\bfe.dll
21:09:21.0890 5096 BFE - ok
21:09:21.0924 5096 [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS C:\Windows\System32\qmgr.dll
21:09:21.0929 5096 BITS - ok
21:09:21.0949 5096 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
21:09:21.0949 5096 blbdrive - ok
21:09:21.0982 5096 [ 19D20159708E152267E53B66677A4995 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
21:09:21.0983 5096 bowser - ok
21:09:21.0999 5096 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:09:22.0000 5096 BrFiltLo - ok
21:09:22.0009 5096 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:09:22.0009 5096 BrFiltUp - ok
21:09:22.0025 5096 [ 94FBC06F294D58D02361918418F996E3 ] Browser C:\Windows\System32\browser.dll
21:09:22.0026 5096 Browser - ok
21:09:22.0048 5096 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
21:09:22.0049 5096 Brserid - ok
21:09:22.0063 5096 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
21:09:22.0063 5096 BrSerWdm - ok
21:09:22.0073 5096 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
21:09:22.0073 5096 BrUsbMdm - ok
21:09:22.0078 5096 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
21:09:22.0079 5096 BrUsbSer - ok
21:09:22.0094 5096 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
21:09:22.0095 5096 BTHMODEM - ok
21:09:22.0126 5096 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
21:09:22.0126 5096 bthserv - ok
21:09:22.0148 5096 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
21:09:22.0149 5096 cdfs - ok
21:09:22.0174 5096 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
21:09:22.0175 5096 cdrom - ok
21:09:22.0189 5096 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc C:\Windows\System32\certprop.dll
21:09:22.0190 5096 CertPropSvc - ok
21:09:22.0194 5096 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
21:09:22.0195 5096 circlass - ok
21:09:22.0215 5096 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
21:09:22.0217 5096 CLFS - ok
21:09:22.0274 5096 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:09:22.0275 5096 clr_optimization_v2.0.50727_32 - ok
21:09:22.0307 5096 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:09:22.0307 5096 clr_optimization_v2.0.50727_64 - ok
21:09:22.0401 5096 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:09:22.0402 5096 clr_optimization_v4.0.30319_32 - ok
21:09:22.0438 5096 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:09:22.0439 5096 clr_optimization_v4.0.30319_64 - ok
21:09:22.0465 5096 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
21:09:22.0465 5096 CmBatt - ok
21:09:22.0478 5096 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
21:09:22.0478 5096 cmdide - ok
21:09:22.0503 5096 [ F95FD4CB7DA00BA2A63CE9F6B5C053E1 ] CNG C:\Windows\system32\Drivers\cng.sys
21:09:22.0505 5096 CNG - ok
21:09:22.0551 5096 [ A7D943BCFB70F1F053C274B348267B55 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
21:09:22.0555 5096 CnxtHdAudService - ok
21:09:22.0574 5096 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
21:09:22.0575 5096 Compbatt - ok
21:09:22.0599 5096 [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
21:09:22.0599 5096 CompositeBus - ok
21:09:22.0614 5096 COMSysApp - ok
21:09:22.0643 5096 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
21:09:22.0643 5096 crcdisk - ok
21:09:22.0664 5096 [ 8C57411B66282C01533CB776F98AD384 ] CryptSvc C:\Windows\system32\cryptsvc.dll
21:09:22.0665 5096 CryptSvc - ok
21:09:22.0705 5096 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch C:\Windows\system32\rpcss.dll
21:09:22.0708 5096 DcomLaunch - ok
21:09:22.0738 5096 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
21:09:22.0739 5096 defragsvc - ok
21:09:22.0777 5096 [ 9C253CE7311CA60FC11C774692A13208 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
21:09:22.0778 5096 DfsC - ok
21:09:22.0800 5096 [ CE3B9562D997F69B330D181A8875960F ] Dhcp C:\Windows\system32\dhcpcore.dll
21:09:22.0803 5096 Dhcp - ok
21:09:22.0813 5096 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
21:09:22.0814 5096 discache - ok
21:09:22.0838 5096 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
21:09:22.0838 5096 Disk - ok
21:09:22.0872 5096 [ 85CF424C74A1D5EC33533E1DBFF9920A ] Dnscache C:\Windows\System32\dnsrslvr.dll
21:09:22.0873 5096 Dnscache - ok
21:09:22.0887 5096 [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc C:\Windows\System32\dot3svc.dll
21:09:22.0889 5096 dot3svc - ok
21:09:22.0904 5096 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS C:\Windows\system32\dps.dll
21:09:22.0905 5096 DPS - ok
21:09:22.0922 5096 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
21:09:22.0923 5096 drmkaud - ok
21:09:22.0958 5096 [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
21:09:22.0960 5096 dtsoftbus01 - ok
21:09:23.0003 5096 [ 601E731BF8E3F22906CE7D4D724B0439 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
21:09:23.0007 5096 DXGKrnl - ok
21:09:23.0025 5096 EagleX64 - ok
21:09:23.0035 5096 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
21:09:23.0037 5096 EapHost - ok
21:09:23.0110 5096 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
21:09:23.0125 5096 ebdrv - ok
21:09:23.0148 5096 [ 0793F40B9B8A1BDD266296409DBD91EA ] EFS C:\Windows\System32\lsass.exe
21:09:23.0149 5096 EFS - ok
21:09:23.0182 5096 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
21:09:23.0184 5096 elxstor - ok
21:09:23.0196 5096 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
21:09:23.0196 5096 ErrDev - ok
21:09:23.0216 5096 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
21:09:23.0218 5096 EventSystem - ok
21:09:23.0239 5096 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
21:09:23.0240 5096 exfat - ok
21:09:23.0260 5096 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
21:09:23.0261 5096 fastfat - ok
21:09:23.0286 5096 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax C:\Windows\system32\fxssvc.exe
21:09:23.0289 5096 Fax - ok
21:09:23.0302 5096 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
21:09:23.0302 5096 fdc - ok
21:09:23.0318 5096 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
21:09:23.0319 5096 fdPHost - ok
21:09:23.0333 5096 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
21:09:23.0334 5096 FDResPub - ok
21:09:23.0340 5096 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
21:09:23.0341 5096 FileInfo - ok
21:09:23.0350 5096 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
21:09:23.0351 5096 Filetrace - ok
21:09:23.0366 5096 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
21:09:23.0366 5096 flpydisk - ok
21:09:23.0384 5096 [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
21:09:23.0386 5096 FltMgr - ok
21:09:23.0429 5096 [ BC00505CFDA789ED3BE95D2FF38C4875 ] FontCache C:\Windows\system32\FntCache.dll
21:09:23.0434 5096 FontCache - ok
21:09:23.0467 5096 [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:09:23.0468 5096 FontCache3.0.0.0 - ok
21:09:23.0536 5096 [ E061B2B6BC3CD51B99AA2D6829F3B687 ] FPLService C:\Program Files\TrueSuite\TrueSuite.Service.exe
21:09:23.0538 5096 FPLService - ok
21:09:23.0554 5096 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
21:09:23.0554 5096 FsDepends - ok
21:09:23.0565 5096 [ E95EF8547DE20CF0603557C0CF7A9462 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
21:09:23.0565 5096 Fs_Rec - ok
21:09:23.0609 5096 [ AE87BA80D0EC3B57126ED2CDC15B24ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
21:09:23.0610 5096 fvevol - ok
21:09:23.0631 5096 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
21:09:23.0632 5096 gagp30kx - ok
21:09:23.0662 5096 [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc C:\Windows\System32\gpsvc.dll
21:09:23.0665 5096 gpsvc - ok
21:09:23.0681 5096 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
21:09:23.0682 5096 hcw85cir - ok
21:09:23.0733 5096 [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:09:23.0735 5096 HdAudAddService - ok
21:09:23.0772 5096 [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
21:09:23.0773 5096 HDAudBus - ok
21:09:23.0781 5096 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
21:09:23.0782 5096 HidBatt - ok
21:09:23.0792 5096 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
21:09:23.0793 5096 HidBth - ok
21:09:23.0807 5096 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
21:09:23.0807 5096 HidIr - ok
21:09:23.0825 5096 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
21:09:23.0826 5096 hidserv - ok
21:09:23.0840 5096 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
21:09:23.0841 5096 HidUsb - ok
21:09:23.0855 5096 [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc C:\Windows\system32\kmsvc.dll
21:09:23.0856 5096 hkmsvc - ok
21:09:23.0888 5096 [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:09:23.0890 5096 HomeGroupListener - ok
21:09:23.0913 5096 [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:09:23.0915 5096 HomeGroupProvider - ok
21:09:23.0933 5096 [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
21:09:23.0934 5096 HpSAMD - ok
21:09:23.0953 5096 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP C:\Windows\system32\drivers\HTTP.sys
21:09:23.0956 5096 HTTP - ok
21:09:23.0964 5096 [ F17766A19145F111856378DF337A5D79 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
21:09:23.0964 5096 hwpolicy - ok
21:09:23.0981 5096 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
21:09:23.0982 5096 i8042prt - ok
21:09:24.0022 5096 [ 5E60DD5F090AB4A563C7204C289C4650 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
21:09:24.0025 5096 iaStor - ok
21:09:24.0048 5096 [ D83EFB6FD45DF9D55E9A1AFC63640D50 ] iaStorV C:\Windows\system32\DRIVERS\iaStorV.sys
21:09:24.0050 5096 iaStorV - ok
21:09:24.0092 5096 [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:09:24.0095 5096 idsvc - ok
21:09:24.0110 5096 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
21:09:24.0110 5096 iirsp - ok
21:09:24.0140 5096 [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT C:\Windows\System32\ikeext.dll
21:09:24.0144 5096 IKEEXT - ok
21:09:24.0154 5096 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\DRIVERS\intelide.sys
21:09:24.0155 5096 intelide - ok
21:09:24.0180 5096 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
21:09:24.0181 5096 intelppm - ok
21:09:24.0193 5096 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
21:09:24.0194 5096 IPBusEnum - ok
21:09:24.0211 5096 [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:09:24.0212 5096 IpFilterDriver - ok
21:09:24.0236 5096 [ F8E058D17363EC580E4B7232778B6CB5 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
21:09:24.0239 5096 iphlpsvc - ok
21:09:24.0257 5096 [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
21:09:24.0257 5096 IPMIDRV - ok
21:09:24.0274 5096 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
21:09:24.0275 5096 IPNAT - ok
21:09:24.0294 5096 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
21:09:24.0295 5096 IRENUM - ok
21:09:24.0305 5096 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
21:09:24.0306 5096 isapnp - ok
21:09:24.0331 5096 [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
21:09:24.0333 5096 iScsiPrt - ok
21:09:24.0350 5096 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
21:09:24.0350 5096 kbdclass - ok
21:09:24.0370 5096 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
21:09:24.0371 5096 kbdhid - ok
21:09:24.0386 5096 [ 0793F40B9B8A1BDD266296409DBD91EA ] KeyIso C:\Windows\system32\lsass.exe
21:09:24.0387 5096 KeyIso - ok
21:09:24.0399 5096 [ E8B6FCC9C83535C67F835D407620BD27 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
21:09:24.0399 5096 KSecDD - ok
21:09:24.0410 5096 [ A8C63880EF6F4D3FEC7B616B9C060215 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
21:09:24.0411 5096 KSecPkg - ok
21:09:24.0418 5096 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
21:09:24.0419 5096 ksthunk - ok
21:09:24.0454 5096 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
21:09:24.0456 5096 KtmRm - ok
21:09:24.0493 5096 [ FF60E112FC03F6D0EB74B3BFD7D6B7C9 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
21:09:24.0493 5096 L1C - ok
21:09:24.0527 5096 [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer C:\Windows\system32\srvsvc.dll
21:09:24.0530 5096 LanmanServer - ok
21:09:24.0559 5096 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:09:24.0561 5096 LanmanWorkstation - ok
21:09:24.0594 5096 [ FA529FB35694C24BF98A9EF67C1CD9D0 ] LGBusEnum C:\Windows\system32\drivers\LGBusEnum.sys
21:09:24.0594 5096 LGBusEnum - ok
21:09:24.0607 5096 [ 158D22B9EA55C5D7449ADD199015715E ] LGSHidFilt C:\Windows\system32\DRIVERS\LGSHidFilt.Sys
21:09:24.0608 5096 LGSHidFilt - ok
21:09:24.0636 5096 [ 94B29CE153765E768F004FB3440BE2B0 ] LGVirHid C:\Windows\system32\drivers\LGVirHid.sys
21:09:24.0636 5096 LGVirHid - ok
21:09:24.0683 5096 [ 241F2648ADF090E2A10095BD6D6F5DCB ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
21:09:24.0684 5096 LHidFilt - ok
21:09:24.0716 5096 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
21:09:24.0717 5096 lltdio - ok
21:09:24.0745 5096 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
21:09:24.0747 5096 lltdsvc - ok
21:09:24.0761 5096 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
21:09:24.0762 5096 lmhosts - ok
21:09:24.0772 5096 [ 342ED5A4B3326014438F36D22D803737 ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
21:09:24.0773 5096 LMouFilt - ok
21:09:24.0795 5096 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
21:09:24.0796 5096 LSI_FC - ok
21:09:24.0808 5096 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
21:09:24.0808 5096 LSI_SAS - ok
21:09:24.0818 5096 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:09:24.0819 5096 LSI_SAS2 - ok
21:09:24.0834 5096 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:09:24.0834 5096 LSI_SCSI - ok
21:09:24.0849 5096 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
21:09:24.0850 5096 luafv - ok
21:09:24.0888 5096 [ 29C733E1DE824670DC9315CFC9BDBCD3 ] LUsbFilt C:\Windows\system32\Drivers\LUsbFilt.Sys
21:09:24.0888 5096 LUsbFilt - ok
21:09:24.0903 5096 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
21:09:24.0903 5096 megasas - ok
21:09:24.0922 5096 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
21:09:24.0923 5096 MegaSR - ok
21:09:24.0937 5096 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
21:09:24.0938 5096 MMCSS - ok
21:09:24.0942 5096 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
21:09:24.0943 5096 Modem - ok
21:09:24.0967 5096 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
21:09:24.0967 5096 monitor - ok
21:09:24.0984 5096 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
21:09:24.0984 5096 mouclass - ok
21:09:25.0003 5096 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
21:09:25.0004 5096 mouhid - ok
21:09:25.0011 5096 [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
21:09:25.0012 5096 mountmgr - ok
21:09:25.0070 5096 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:09:25.0071 5096 MozillaMaintenance - ok
21:09:25.0088 5096 [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio C:\Windows\system32\DRIVERS\mpio.sys
21:09:25.0089 5096 mpio - ok
21:09:25.0100 5096 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
21:09:25.0101 5096 mpsdrv - ok
21:09:25.0125 5096 [ AECAB449567D1846DAD63ECE49E893E3 ] MpsSvc C:\Windows\system32\mpssvc.dll
21:09:25.0129 5096 MpsSvc - ok
21:09:25.0142 5096 [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
21:09:25.0143 5096 MRxDAV - ok
21:09:25.0172 5096 [ 040D62A9D8AD28922632137ACDD984F2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
21:09:25.0173 5096 mrxsmb - ok
21:09:25.0207 5096 [ F0067552F8F9B33D7C59403AB808A3CB ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:09:25.0209 5096 mrxsmb10 - ok
21:09:25.0224 5096 [ 3C142D31DE9F2F193218A53FE2632051 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:09:25.0225 5096 mrxsmb20 - ok
21:09:25.0252 5096 [ 5C37497276E3B3A5488B23A326A754B7 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
21:09:25.0252 5096 msahci - ok
21:09:25.0269 5096 [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
21:09:25.0270 5096 msdsm - ok
21:09:25.0284 5096 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
21:09:25.0285 5096 MSDTC - ok
21:09:25.0311 5096 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
21:09:25.0311 5096 Msfs - ok
21:09:25.0324 5096 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
21:09:25.0325 5096 mshidkmdf - ok
21:09:25.0333 5096 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
21:09:25.0333 5096 msisadrv - ok
21:09:25.0360 5096 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
21:09:25.0361 5096 MSiSCSI - ok
21:09:25.0364 5096 msiserver - ok
21:09:25.0383 5096 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
21:09:25.0384 5096 MSKSSRV - ok
21:09:25.0394 5096 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
21:09:25.0394 5096 MSPCLOCK - ok
21:09:25.0405 5096 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
21:09:25.0405 5096 MSPQM - ok
21:09:25.0418 5096 [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
21:09:25.0420 5096 MsRPC - ok
21:09:25.0433 5096 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
21:09:25.0433 5096 mssmbios - ok
21:09:25.0445 5096 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
21:09:25.0445 5096 MSTEE - ok
21:09:25.0460 5096 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
21:09:25.0461 5096 MTConfig - ok
21:09:25.0471 5096 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
21:09:25.0471 5096 Mup - ok
21:09:25.0505 5096 [ 4987E079A4530FA737A128BE54B63B12 ] napagent C:\Windows\system32\qagentRT.dll
21:09:25.0508 5096 napagent - ok
21:09:25.0537 5096 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
21:09:25.0539 5096 NativeWifiP - ok
21:09:25.0564 5096 [ CAD515DBD07D082BB317D9928CE8962C ] NDIS C:\Windows\system32\drivers\ndis.sys
21:09:25.0568 5096 NDIS - ok
21:09:25.0580 5096 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
21:09:25.0580 5096 NdisCap - ok
21:09:25.0603 5096 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
21:09:25.0603 5096 NdisTapi - ok
21:09:25.0628 5096 [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
21:09:25.0628 5096 Ndisuio - ok
21:09:25.0641 5096 [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
21:09:25.0642 5096 NdisWan - ok
21:09:25.0646 5096 [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
21:09:25.0647 5096 NDProxy - ok
21:09:25.0713 5096 [ 7D2633295EB6FF2B938185874884059D ] Nero BackItUp Scheduler 4.0 c:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
21:09:25.0717 5096 Nero BackItUp Scheduler 4.0 - ok
21:09:25.0725 5096 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
21:09:25.0726 5096 NetBIOS - ok
21:09:25.0741 5096 [ 9162B273A44AB9DCE5B44362731D062A ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
21:09:25.0743 5096 NetBT - ok
21:09:25.0755 5096 [ 0793F40B9B8A1BDD266296409DBD91EA ] Netlogon C:\Windows\system32\lsass.exe
21:09:25.0756 5096 Netlogon - ok
21:09:25.0787 5096 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
21:09:25.0790 5096 Netman - ok
21:09:25.0831 5096 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:09:25.0832 5096 NetMsmqActivator - ok
21:09:25.0836 5096 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:09:25.0837 5096 NetPipeActivator - ok
21:09:25.0857 5096 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
21:09:25.0860 5096 netprofm - ok
21:09:25.0864 5096 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:09:25.0865 5096 NetTcpActivator - ok
21:09:25.0868 5096 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:09:25.0869 5096 NetTcpPortSharing - ok
21:09:25.0960 5096 [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys
21:09:25.0983 5096 netw5v64 - ok
21:09:26.0016 5096 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
21:09:26.0017 5096 nfrd960 - ok
21:09:26.0044 5096 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc C:\Windows\System32\nlasvc.dll
21:09:26.0046 5096 NlaSvc - ok
21:09:26.0055 5096 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
21:09:26.0056 5096 Npfs - ok
21:09:26.0063 5096 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
21:09:26.0064 5096 nsi - ok
21:09:26.0071 5096 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
21:09:26.0073 5096 nsiproxy - ok
21:09:26.0107 5096 [ 356698A13C4630D5B31C37378D469196 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
21:09:26.0114 5096 Ntfs - ok
21:09:26.0134 5096 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
21:09:26.0135 5096 Null - ok
21:09:26.0176 5096 [ 1F07B814C0BB5AABA703ABFF1F31F2E8 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
21:09:26.0177 5096 NVHDA - ok
21:09:26.0377 5096 [ BF7A24A71E1932200D864BC1CE15E596 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
21:09:26.0432 5096 nvlddmkm - ok
21:09:26.0451 5096 [ 3E38712941E9BB4DDBEE00AFFE3FED3D ] nvraid C:\Windows\system32\DRIVERS\nvraid.sys
21:09:26.0452 5096 nvraid - ok
21:09:26.0464 5096 [ 477DC4D6DEB99BE37084C9AC6D013DA1 ] nvstor C:\Windows\system32\DRIVERS\nvstor.sys
21:09:26.0465 5096 nvstor - ok
21:09:26.0519 5096 [ 43F91595049DE14C4B61D1E76436164F ] nvsvc C:\Windows\system32\nvvsvc.exe
21:09:26.0524 5096 nvsvc - ok
21:09:26.0537 5096 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
21:09:26.0538 5096 nv_agp - ok
21:09:26.0577 5096 [ D955D5DE998DB2476BF0892BE3A96C26 ] O2FLASH C:\Windows\system32\DRIVERS\o2flash.exe
21:09:26.0578 5096 O2FLASH - ok
21:09:26.0585 5096 [ E66FE47F60C2E5B9BBF43552771AD569 ] O2MDGRDR C:\Windows\system32\DRIVERS\o2mdgx64.sys
21:09:26.0586 5096 O2MDGRDR - ok
21:09:26.0603 5096 [ FA1EED3A10992EBA9A39172B50346434 ] O2SDGRDR C:\Windows\system32\DRIVERS\o2sdgx64.sys
21:09:26.0604 5096 O2SDGRDR - ok
21:09:26.0632 5096 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
21:09:26.0632 5096 ohci1394 - ok
21:09:26.0657 5096 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
21:09:26.0660 5096 p2pimsvc - ok
21:09:26.0694 5096 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
21:09:26.0697 5096 p2psvc - ok
21:09:26.0710 5096 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
21:09:26.0711 5096 Parport - ok
21:09:26.0726 5096 [ 7DAA117143316C4A1537E074A5A9EAF0 ] partmgr C:\Windows\system32\drivers\partmgr.sys
21:09:26.0727 5096 partmgr - ok
21:09:26.0739 5096 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
21:09:26.0741 5096 PcaSvc - ok
21:09:26.0753 5096 [ 5AAB2B170536885DE70A6CBA8D7CE52B ] pci C:\Windows\system32\DRIVERS\pci.sys
21:09:26.0754 5096 pci - ok
21:09:26.0763 5096 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\DRIVERS\pciide.sys
21:09:26.0763 5096 pciide - ok
21:09:26.0778 5096 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
21:09:26.0780 5096 pcmcia - ok
21:09:26.0798 5096 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
21:09:26.0799 5096 pcw - ok
21:09:26.0819 5096 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
21:09:26.0823 5096 PEAUTH - ok
21:09:26.0882 5096 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
21:09:26.0883 5096 PerfHost - ok
21:09:26.0916 5096 [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla C:\Windows\system32\pla.dll
21:09:26.0924 5096 pla - ok
21:09:26.0967 5096 [ 98B1721B8718164293B9701B98C52D77 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
21:09:26.0970 5096 PlugPlay - ok
21:09:26.0996 5096 PnkBstrA - ok
21:09:27.0007 5096 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
21:09:27.0009 5096 PNRPAutoReg - ok
21:09:27.0037 5096 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
21:09:27.0039 5096 PNRPsvc - ok
21:09:27.0068 5096 [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
21:09:27.0071 5096 PolicyAgent - ok
21:09:27.0086 5096 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
21:09:27.0089 5096 Power - ok
21:09:27.0114 5096 [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
21:09:27.0115 5096 PptpMiniport - ok
21:09:27.0132 5096 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
21:09:27.0132 5096 Processor - ok
21:09:27.0153 5096 [ F381975E1F4346DE875CB07339CE8D3A ] ProfSvc C:\Windows\system32\profsvc.dll
21:09:27.0155 5096 ProfSvc - ok
21:09:27.0167 5096 [ 0793F40B9B8A1BDD266296409DBD91EA ] ProtectedStorage C:\Windows\system32\lsass.exe
21:09:27.0168 5096 ProtectedStorage - ok
21:09:27.0193 5096 [ EE992183BD8EAEFD9973F352E587A299 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
21:09:27.0194 5096 Psched - ok
21:09:27.0227 5096 [ C8FCB4899F8B70CC34E0D9876A80963C ] QIOMem C:\Windows\system32\DRIVERS\QIOMem.sys
21:09:27.0228 5096 QIOMem - ok
21:09:27.0263 5096 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
21:09:27.0270 5096 ql2300 - ok
21:09:27.0294 5096 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
21:09:27.0295 5096 ql40xx - ok
21:09:27.0310 5096 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
21:09:27.0313 5096 QWAVE - ok
21:09:27.0321 5096 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
21:09:27.0321 5096 QWAVEdrv - ok
21:09:27.0337 5096 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
21:09:27.0337 5096 RasAcd - ok
21:09:27.0365 5096 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
21:09:27.0365 5096 RasAgileVpn - ok
21:09:27.0389 5096 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
21:09:27.0390 5096 RasAuto - ok
21:09:27.0399 5096 [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
21:09:27.0400 5096 Rasl2tp - ok
21:09:27.0432 5096 [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan C:\Windows\System32\rasmans.dll
21:09:27.0434 5096 RasMan - ok
21:09:27.0448 5096 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
21:09:27.0449 5096 RasPppoe - ok
21:09:27.0472 5096 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
21:09:27.0472 5096 RasSstp - ok
21:09:27.0490 5096 [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
21:09:27.0492 5096 rdbss - ok
21:09:27.0506 5096 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
21:09:27.0506 5096 rdpbus - ok
21:09:27.0516 5096 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
21:09:27.0516 5096 RDPCDD - ok
21:09:27.0529 5096 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
21:09:27.0529 5096 RDPENCDD - ok
21:09:27.0542 5096 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
21:09:27.0542 5096 RDPREFMP - ok
21:09:27.0560 5096 [ 8A3E6BEA1C53EA6177FE2B6EBA2C80D7 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
21:09:27.0562 5096 RDPWD - ok
21:09:27.0583 5096 [ E5DC9BA9E439D6DBDD79F8CAACB5BF01 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
21:09:27.0584 5096 rdyboost - ok
21:09:27.0620 5096 [ 4D9AFDDDA0EFE97CDBFD3B5FA48B05F6 ] regi C:\Windows\system32\drivers\regi.sys
21:09:27.0621 5096 regi - ok
21:09:27.0643 5096 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
21:09:27.0645 5096 RemoteAccess - ok
21:09:27.0665 5096 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
21:09:27.0667 5096 RemoteRegistry - ok
21:09:27.0676 5096 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
21:09:27.0678 5096 RpcEptMapper - ok
21:09:27.0693 5096 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
21:09:27.0694 5096 RpcLocator - ok
21:09:27.0710 5096 [ 7266972E86890E2B30C0C322E906B027 ] RpcSs C:\Windows\system32\rpcss.dll
21:09:27.0713 5096 RpcSs - ok
21:09:27.0723 5096 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
21:09:27.0724 5096 rspndr - ok
21:09:27.0776 5096 [ A8ED9726734D403217A4861A6788B144 ] rtl8192se C:\Windows\system32\DRIVERS\rtl8192se.sys
21:09:27.0780 5096 rtl8192se - ok
21:09:27.0790 5096 [ 0793F40B9B8A1BDD266296409DBD91EA ] SamSs C:\Windows\system32\lsass.exe
21:09:27.0791 5096 SamSs - ok
21:09:27.0808 5096 [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
21:09:27.0808 5096 sbp2port - ok
21:09:27.0823 5096 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
21:09:27.0825 5096 SCardSvr - ok
21:09:27.0835 5096 [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
21:09:27.0836 5096 scfilter - ok
21:09:27.0881 5096 [ 624D0F5FF99428BB90A5B8A4123E918E ] Schedule C:\Windows\system32\schedsvc.dll
21:09:27.0886 5096 Schedule - ok
21:09:27.0907 5096 [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc C:\Windows\System32\certprop.dll
21:09:27.0908 5096 SCPolicySvc - ok
21:09:27.0932 5096 [ 2C8D162EFAF73ABD36D8BCBB6340CAE7 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
21:09:27.0933 5096 sdbus - ok
21:09:27.0953 5096 [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC C:\Windows\System32\SDRSVC.dll
21:09:27.0955 5096 SDRSVC - ok
21:09:27.0979 5096 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
21:09:27.0980 5096 secdrv - ok
21:09:27.0992 5096 [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon C:\Windows\system32\seclogon.dll
21:09:27.0994 5096 seclogon - ok
21:09:28.0033 5096 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
21:09:28.0034 5096 SENS - ok
21:09:28.0038 5096 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
21:09:28.0039 5096 SensrSvc - ok
21:09:28.0053 5096 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
21:09:28.0053 5096 Serenum - ok
21:09:28.0072 5096 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
21:09:28.0073 5096 Serial - ok
21:09:28.0099 5096 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
21:09:28.0100 5096 sermouse - ok
21:09:28.0115 5096 [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv C:\Windows\system32\sessenv.dll
21:09:28.0117 5096 SessionEnv - ok
21:09:28.0126 5096 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
21:09:28.0127 5096 sffdisk - ok
21:09:28.0140 5096 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
21:09:28.0141 5096 sffp_mmc - ok
21:09:28.0152 5096 [ 178298F767FE638C9FEDCBDEF58BB5E4 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
21:09:28.0153 5096 sffp_sd - ok
21:09:28.0166 5096 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
21:09:28.0166 5096 sfloppy - ok
21:09:28.0180 5096 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
21:09:28.0182 5096 SharedAccess - ok
21:09:28.0198 5096 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:09:28.0201 5096 ShellHWDetection - ok
21:09:28.0224 5096 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:09:28.0225 5096 SiSRaid2 - ok
21:09:28.0233 5096 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
21:09:28.0233 5096 SiSRaid4 - ok
21:09:28.0257 5096 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
21:09:28.0257 5096 Smb - ok
21:09:28.0296 5096 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
21:09:28.0297 5096 SNMPTRAP - ok
21:09:28.0319 5096 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
21:09:28.0319 5096 spldr - ok
21:09:28.0373 5096 [ F8E1FA03CB70D54A9892AC88B91D1E7B ] Spooler C:\Windows\System32\spoolsv.exe
21:09:28.0377 5096 Spooler - ok
21:09:28.0432 5096 [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc C:\Windows\system32\sppsvc.exe
21:09:28.0448 5096 sppsvc - ok
21:09:28.0462 5096 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
21:09:28.0464 5096 sppuinotify - ok
21:09:28.0493 5096 [ 2408C0366D96BCDF63E8F1C78E4A29C5 ] srv C:\Windows\system32\DRIVERS\srv.sys
21:09:28.0496 5096 srv - ok
21:09:28.0525 5096 [ 76548F7B818881B47D8D1AE1BE9C11F8 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
21:09:28.0527 5096 srv2 - ok
21:09:28.0554 5096 [ 0AF6E19D39C70844C5CAA8FB0183C36E ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
21:09:28.0555 5096 srvnet - ok
21:09:28.0573 5096 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
21:09:28.0575 5096 SSDPSRV - ok
21:09:28.0587 5096 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
21:09:28.0589 5096 SstpSvc - ok
21:09:28.0622 5096 Steam Client Service - ok
21:09:28.0645 5096 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
21:09:28.0646 5096 stexstor - ok
21:09:28.0673 5096 [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc C:\Windows\System32\wiaservc.dll
21:09:28.0677 5096 stisvc - ok
21:09:28.0691 5096 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
21:09:28.0692 5096 swenum - ok
21:09:28.0707 5096 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
21:09:28.0710 5096 swprv - ok
21:09:28.0755 5096 [ 12A35E44D8647985FCDB8D298A590134 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
21:09:28.0756 5096 SynTP - ok
21:09:28.0792 5096 [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain C:\Windows\system32\sysmain.dll
21:09:28.0801 5096 SysMain - ok
21:09:28.0832 5096 [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:09:28.0834 5096 TabletInputService - ok
21:09:28.0849 5096 [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv C:\Windows\System32\tapisrv.dll
21:09:28.0852 5096 TapiSrv - ok
21:09:28.0860 5096 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
21:09:28.0862 5096 TBS - ok
21:09:28.0910 5096 [ B9D87C7707F058AC652A398CD28DE14B ] Tcpip C:\Windows\system32\drivers\tcpip.sys
21:09:28.0917 5096 Tcpip - ok
21:09:28.0959 5096 [ B9D87C7707F058AC652A398CD28DE14B ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
21:09:28.0967 5096 TCPIP6 - ok
21:09:28.0987 5096 [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
21:09:28.0988 5096 tcpipreg - ok
21:09:29.0001 5096 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
21:09:29.0001 5096 TDPIPE - ok
21:09:29.0010 5096 [ E4245BDA3190A582D55ED09E137401A9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
21:09:29.0010 5096 TDTCP - ok
21:09:29.0026 5096 [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx C:\Windows\system32\DRIVERS\tdx.sys
21:09:29.0027 5096 tdx - ok
21:09:29.0040 5096 [ C448651339196C0E869A355171875522 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
21:09:29.0041 5096 TermDD - ok
21:09:29.0062 5096 [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService C:\Windows\System32\termsrv.dll
21:09:29.0066 5096 TermService - ok
21:09:29.0080 5096 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
21:09:29.0082 5096 Themes - ok
21:09:29.0121 5096 [ B4E609047434ED948AF7BDEF2FA66E38 ] Thpevm C:\Windows\system32\DRIVERS\Thpevm.SYS
21:09:29.0121 5096 Thpevm - ok
21:09:29.0133 5096 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
21:09:29.0134 5096 THREADORDER - ok
21:09:29.0183 5096 [ 8F099BE5DB17D025E19652851399B9F1 ] TOSHIBA Bluetooth Service C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
21:09:29.0185 5096 TOSHIBA Bluetooth Service - ok
21:09:29.0198 5096 Tosrfcom - ok
21:09:29.0229 5096 [ F5E3AC4CBCD154EE80849B21887FD0B0 ] tosrfec C:\Windows\system32\DRIVERS\tosrfec.sys
21:09:29.0229 5096 tosrfec - ok
21:09:29.0260 5096 [ 09FF7B0B1B5C3D225495CB6F5A9B39F8 ] tos_sps64 C:\Windows\system32\DRIVERS\tos_sps64.sys
21:09:29.0262 5096 tos_sps64 - ok
21:09:29.0281 5096 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
21:09:29.0283 5096 TrkWks - ok
21:09:29.0325 5096 [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:09:29.0326 5096 TrustedInstaller - ok
21:09:29.0338 5096 [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
21:09:29.0338 5096 tssecsrv - ok
21:09:29.0357 5096 [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
21:09:29.0358 5096 tunnel - ok
21:09:29.0400 5096 [ 550B567F9364D8F7684C3FB3EA665A72 ] TVALZ C:\Windows\system32\DRIVERS\TVALZ_O.SYS
21:09:29.0401 5096 TVALZ - ok
21:09:29.0421 5096 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
21:09:29.0422 5096 uagp35 - ok
21:09:29.0437 5096 [ D47BAEAD86C65D4F4069D7CE0A4EDCEB ] udfs C:\Windows\system32\DRIVERS\udfs.sys
21:09:29.0439 5096 udfs - ok
21:09:29.0457 5096 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
21:09:29.0458 5096 UI0Detect - ok
21:09:29.0470 5096 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
21:09:29.0471 5096 uliagpkx - ok
21:09:29.0497 5096 [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
21:09:29.0498 5096 umbus - ok
21:09:29.0522 5096 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
21:09:29.0522 5096 UmPass - ok
21:09:29.0540 5096 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
21:09:29.0543 5096 upnphost - ok
21:09:29.0556 5096 [ B26AFB54A534D634523C4FB66765B026 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
21:09:29.0557 5096 usbccgp - ok
21:09:29.0575 5096 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
21:09:29.0576 5096 usbcir - ok
21:09:29.0588 5096 [ CB490987A7F6928A04BB838E3BD8A936 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
21:09:29.0589 5096 usbehci - ok
21:09:29.0605 5096 [ 18124EF0A881A00EE222D02A3EE30270 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
21:09:29.0607 5096 usbhub - ok
21:09:29.0618 5096 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
21:09:29.0619 5096 usbohci - ok
21:09:29.0655 5096 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
21:09:29.0656 5096 usbprint - ok
21:09:29.0670 5096 [ 080D3820DA6C046BE82FC8B45A893E83 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:09:29.0671 5096 USBSTOR - ok
21:09:29.0683 5096 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
21:09:29.0684 5096 usbuhci - ok
21:09:29.0714 5096 [ 7CB8C573C6E4A2714402CC0A36EAB4FE ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
21:09:29.0715 5096 usbvideo - ok
21:09:29.0742 5096 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
21:09:29.0743 5096 UxSms - ok
21:09:29.0753 5096 [ 0793F40B9B8A1BDD266296409DBD91EA ] VaultSvc C:\Windows\system32\lsass.exe
21:09:29.0754 5096 VaultSvc - ok
21:09:29.0766 5096 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
21:09:29.0766 5096 vdrvroot - ok
21:09:29.0797 5096 [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds C:\Windows\System32\vds.exe
21:09:29.0802 5096 vds - ok
21:09:29.0811 5096 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
21:09:29.0811 5096 vga - ok
21:09:29.0822 5096 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
21:09:29.0823 5096 VgaSave - ok
21:09:29.0836 5096 [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
21:09:29.0837 5096 vhdmp - ok
21:09:29.0846 5096 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
21:09:29.0847 5096 viaide - ok
21:09:29.0859 5096 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
21:09:29.0860 5096 volmgr - ok
21:09:29.0875 5096 [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
21:09:29.0877 5096 volmgrx - ok
21:09:29.0894 5096 [ 58F82EED8CA24B461441F9C3E4F0BF5C ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
21:09:29.0896 5096 volsnap - ok
21:09:29.0918 5096 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
21:09:29.0918 5096 vsmraid - ok
21:09:29.0953 5096 [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS C:\Windows\system32\vssvc.exe
21:09:29.0961 5096 VSS - ok
21:09:29.0976 5096 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
21:09:29.0976 5096 vwifibus - ok
21:09:30.0003 5096 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
21:09:30.0003 5096 vwififlt - ok
21:09:30.0017 5096 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
21:09:30.0020 5096 W32Time - ok
21:09:30.0036 5096 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
21:09:30.0037 5096 WacomPen - ok
21:09:30.0059 5096 [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
21:09:30.0060 5096 WANARP - ok
21:09:30.0073 5096 [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
21:09:30.0074 5096 Wanarpv6 - ok
21:09:30.0138 5096 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
21:09:30.0144 5096 WatAdminSvc - ok
21:09:30.0192 5096 [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine C:\Windows\system32\wbengine.exe
21:09:30.0200 5096 wbengine - ok
21:09:30.0225 5096 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
21:09:30.0227 5096 WbioSrvc - ok
21:09:30.0259 5096 [ DD1BAE8EBFC653824D29CCF8C9054D68 ] wcncsvc C:\Windows\System32\wcncsvc.dll
21:09:30.0262 5096 wcncsvc - ok
21:09:30.0277 5096 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:09:30.0279 5096 WcsPlugInService - ok
21:09:30.0296 5096 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
21:09:30.0296 5096 Wd - ok
21:09:30.0314 5096 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
21:09:30.0316 5096 Wdf01000 - ok
21:09:30.0329 5096 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
21:09:30.0331 5096 WdiServiceHost - ok
21:09:30.0335 5096 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
21:09:30.0337 5096 WdiSystemHost - ok
21:09:30.0366 5096 [ 733006127F235BE7C35354EBEE7B9A7B ] WebClient C:\Windows\System32\webclnt.dll
21:09:30.0369 5096 WebClient - ok
21:09:30.0385 5096 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
21:09:30.0387 5096 Wecsvc - ok
21:09:30.0395 5096 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
21:09:30.0397 5096 wercplsupport - ok
21:09:30.0413 5096 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
21:09:30.0415 5096 WerSvc - ok
21:09:30.0440 5096 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
21:09:30.0441 5096 WfpLwf - ok
21:09:30.0456 5096 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
21:09:30.0456 5096 WIMMount - ok
21:09:30.0466 5096 WinDefend - ok
21:09:30.0470 5096 WinHttpAutoProxySvc - ok
21:09:30.0514 5096 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
21:09:30.0516 5096 Winmgmt - ok
21:09:30.0559 5096 [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM C:\Windows\system32\WsmSvc.dll
21:09:30.0568 5096 WinRM - ok
21:09:30.0616 5096 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
21:09:30.0622 5096 Wlansvc - ok
21:09:30.0735 5096 [ 98F138897EF4246381D197CB81846D62 ] wlidsvc c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:09:30.0744 5096 wlidsvc - ok
21:09:30.0761 5096 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
21:09:30.0761 5096 WmiAcpi - ok
21:09:30.0781 5096 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
21:09:30.0782 5096 wmiApSrv - ok
21:09:30.0818 5096 WMPNetworkSvc - ok
21:09:30.0826 5096 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
21:09:30.0827 5096 WPCSvc - ok
21:09:30.0838 5096 [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
21:09:30.0840 5096 WPDBusEnum - ok
21:09:30.0861 5096 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
21:09:30.0861 5096 ws2ifsl - ok
21:09:30.0891 5096 [ 8F9F3969933C02DA96EB0F84576DB43E ] wscsvc C:\Windows\System32\wscsvc.dll
21:09:30.0893 5096 wscsvc - ok
21:09:30.0896 5096 WSearch - ok
21:09:30.0945 5096 [ 38340204A2D0228F1E87740FC5E554A7 ] wuauserv C:\Windows\system32\wuaueng.dll
21:09:30.0956 5096 wuauserv - ok
21:09:30.0975 5096 [ 7CADC74271DD6461C452C271B30BD378 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
21:09:30.0976 5096 WudfPf - ok
21:09:31.0004 5096 [ 3B197AF0FFF08AA66B6B2241CA538D64 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
21:09:31.0005 5096 WUDFRd - ok
21:09:31.0016 5096 [ B551D6637AA0E132C18AC6E504F7B79B ] wudfsvc C:\Windows\System32\WUDFSvc.dll
21:09:31.0018 5096 wudfsvc - ok
21:09:31.0027 5096 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
21:09:31.0029 5096 WwanSvc - ok
21:09:31.0040 5096 ================ Scan global ===============================
21:09:31.0056 5096 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
21:09:31.0089 5096 [ 0CB6EBF4B461A6043353C570BD72A1E1 ] C:\Windows\system32\winsrv.dll
21:09:31.0096 5096 [ 0CB6EBF4B461A6043353C570BD72A1E1 ] C:\Windows\system32\winsrv.dll
21:09:31.0108 5096 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
21:09:31.0135 5096 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
21:09:31.0137 5096 [Global] - ok
21:09:31.0138 5096 ================ Scan MBR ==================================
21:09:31.0147 5096 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:09:31.0533 5096 \Device\Harddisk0\DR0 - ok
21:09:31.0536 5096 [ F05261C246CE4B3C544521FFFF7AEF5D ] \Device\Harddisk1\DR1
21:09:33.0989 5096 \Device\Harddisk1\DR1 - ok
21:09:33.0989 5096 ================ Scan VBR ==================================
21:09:34.0017 5096 [ 20CAFED8D59825FD9E3F727E4CCCA9A7 ] \Device\Harddisk0\DR0\Partition1
21:09:34.0020 5096 \Device\Harddisk0\DR0\Partition1 - ok
21:09:34.0043 5096 [ 1695AF7BD6ECE684E24D5872693FBF52 ] \Device\Harddisk0\DR0\Partition2
21:09:34.0046 5096 \Device\Harddisk0\DR0\Partition2 - ok
21:09:34.0049 5096 [ A39CEF306B351693F2BB019976027D24 ] \Device\Harddisk1\DR1\Partition1
21:09:34.0051 5096 \Device\Harddisk1\DR1\Partition1 - ok
21:09:34.0051 5096 ============================================================
21:09:34.0051 5096 Scan finished
21:09:34.0051 5096 ============================================================
21:09:34.0058 1800 Detected object count: 0
21:09:34.0058 1800 Actual detected object count: 0
21:09:40.0322 2680 Deinitialize success


awsMBR log:
aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-09-25 21:10:57
-----------------------------
21:10:57.700 OS Version: Windows x64 6.1.7600
21:10:57.700 Number of processors: 8 586 0x1E05
21:10:57.700 ComputerName: LAPPY386 UserName: Dodo
21:10:58.329 Initialize success
21:14:32.178 AVAST engine defs: 12092500
21:15:07.742 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
21:15:07.744 Disk 0 Vendor: ST950042 0001 Size: 476940MB BusType: 3
21:15:07.745 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IAAStorageDevice-2
21:15:07.747 Disk 1 Vendor: ST950042 0001 Size: 476940MB BusType: 3
21:15:07.756 Disk 0 MBR read successfully
21:15:07.758 Disk 0 MBR scan
21:15:07.762 Disk 0 Windows 7 default MBR code
21:15:07.765 Disk 0 Partition 1 80 (A) 27 Hidden NTFS WinRE NTFS 399 MB offset 2048
21:15:07.775 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 237917 MB offset 819200
21:15:07.801 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 238623 MB offset 488073216
21:15:07.832 Disk 0 scanning C:\Windows\system32\drivers
21:15:18.207 Service scanning
21:15:34.322 Modules scanning
21:15:34.328 Disk 0 trace - called modules:
21:15:34.373 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
21:15:34.379 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007eac060]
21:15:34.384 3 CLASSPNP.SYS[fffff88001a5143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8007b6f050]
21:15:36.701 AVAST engine scan C:\Windows
21:15:39.494 AVAST engine scan C:\Windows\system32
21:18:45.262 AVAST engine scan C:\Windows\system32\drivers
21:18:57.094 AVAST engine scan C:\Users\Dodo
21:21:29.229 AVAST engine scan C:\ProgramData
21:24:14.775 Scan finished successfully
21:25:04.544 Disk 0 MBR has been saved successfully to "C:\Users\Dodo\Desktop\MBR.dat"
21:25:04.548 The log file has been saved successfully to "C:\Users\Dodo\Desktop\aswMBR.txt"


ESET Online scanner:
D:\downloads\Nero 7.10.1.0\Nero-7.10.1.0_eng_full.exe Win32/Toolbar.AskSBar application cleaned by deleting - quarantined


Now just in the case of the other user you are consulting the redirect page shows "Parse error: syntax error, unexpected T_ENDIF in /var/www/see/public_html/layout_standard.php on line 43 " instead links to internetcorkboard.com, the adress bar shows http://8.26.70.252/see/display.php?q=online%20movie%20downloads&affid=extratorrent&subid=exityield&p=2&r=0 although I was trying to access maddox.xmission.com via my Bookmarks, beside using bookmarks the redirect occurs while using the search function in Firefox.

I'm off to bed now, but I'm back tomorrow as soon as I'm able after work.

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:23 PM

Posted 25 September 2012 - 04:08 PM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

Launch it and scan should start running.After scan gets completed,post the generated log here.

#5 DodoGeo

DodoGeo
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:04:23 PM

Posted 26 September 2012 - 11:49 AM

Here are all the logs:


Malwarebytes Anti-Malware (Trial) 1.65.0.1400
www.malwarebytes.org

Database version: v2012.09.26.09

Windows 7 x64 NTFS
Internet Explorer 8.0.7600.16385
Dodo :: LAPPY386 [administrator]

Protection: Disabled

26.9.2012. 17:21:05
mbam-log-2012-09-26 (18-09-11).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 418394
Time elapsed: 47 minute(s), 36 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 3
D:\downloads\ea key-gen.exe (RiskWare.Tool.CK) -> No action taken.
D:\downloads\zonealarm-keygen.exe (Riskware.Tool.CK) -> No action taken.
D:\Svega pomalo\Old School\Krush_Kill_'N_Destroy_Xtreme_[Beam_Software][1997]\Kknd.exe (Malware.Packer) -> No action taken.

(end)


MiniToolBox by Farbar Version: 23-07-2012
Ran by Dodo (administrator) on 26-09-2012 at 18:16:02
Microsoft Windows 7 Home Premium (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Realtek RTL8191SE Wireless LAN 802.11n PCI-E NIC = Wireless Network Connection (Connected)
Atheros AR8131 PCI-E Gigabit Ethernet Controller = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
add route prefix=0.0.0.0/0 interface="Wireless Network Connection" nexthop=192.168.1.1 publish=Yes
add address name="Wireless Network Connection" address=192.168.1.8


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Lappy386
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek RTL8191SE Wireless LAN 802.11n PCI-E NIC
Physical Address. . . . . . . . . : 1C-65-9D-65-25-AA
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::f02a:64f5:509:668f%13(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.8(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 421291421
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-62-8A-C9-60-EB-69-82-BA-EF
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros AR8131 PCI-E Gigabit Ethernet Controller
Physical Address. . . . . . . . . : 60-EB-69-82-BA-EF
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{C00B1F27-0CEC-432B-822F-7CF42F3B9155}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fd:10e8:3f67:da32:9ee2(Preferred)
Link-local IPv6 Address . . . . . : fe80::10e8:3f67:da32:9ee2%15(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: 192.168.1.1
Address: 192.168.1.1

Name: google.com
Addresses: 2a00:1450:4001:c01::8b
209.85.148.113
209.85.148.138
209.85.148.139
209.85.148.100
209.85.148.101
209.85.148.102


Pinging google.com [209.85.148.113] with 32 bytes of data:
Reply from 209.85.148.113: bytes=32 time=56ms TTL=53
Reply from 209.85.148.113: bytes=32 time=56ms TTL=53

Ping statistics for 209.85.148.113:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 56ms, Maximum = 56ms, Average = 56ms
Server: 192.168.1.1
Address: 192.168.1.1

Name: yahoo.com
Addresses: 98.138.253.109
98.139.183.24
72.30.38.140


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=267ms TTL=38
Reply from 98.138.253.109: bytes=32 time=283ms TTL=40

Ping statistics for 98.138.253.109:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 267ms, Maximum = 283ms, Average = 275ms
Server: 192.168.1.1
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=3ms TTL=128
Reply from 127.0.0.1: bytes=32 time=1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 1ms, Maximum = 3ms, Average = 2ms
===========================================================================
Interface List
13...1c 65 9d 65 25 aa ......Realtek RTL8191SE Wireless LAN 802.11n PCI-E NIC
11...60 eb 69 82 ba ef ......Atheros AR8131 PCI-E Gigabit Ethernet Controller
1...........................Software Loopback Interface 1
16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
12...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
15...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.8 281
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.8 281
192.168.1.8 255.255.255.255 On-link 192.168.1.8 281
192.168.1.255 255.255.255.255 On-link 192.168.1.8 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.8 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.8 281
===========================================================================
Persistent Routes:
Network Address Netmask Gateway Address Metric
0.0.0.0 0.0.0.0 192.168.1.1 Default
===========================================================================

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
15 58 ::/0 On-link
1 306 ::1/128 On-link
15 58 2001::/32 On-link
15 306 2001:0:5ef5:79fd:10e8:3f67:da32:9ee2/128
On-link
13 281 fe80::/64 On-link
15 306 fe80::/64 On-link
15 306 fe80::10e8:3f67:da32:9ee2/128
On-link
13 281 fe80::f02a:64f5:509:668f/128
On-link
1 306 ff00::/8 On-link
15 306 ff00::/8 On-link
13 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [51712] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 07 c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 08 c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70144] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 07 c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog5 08 c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/25/2012 10:29:39 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (09/25/2012 09:13:33 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (09/23/2012 11:18:27 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (09/23/2012 11:18:25 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (09/23/2012 11:18:22 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (09/23/2012 11:12:57 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (09/22/2012 11:01:34 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (09/22/2012 10:37:35 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (09/22/2012 10:05:08 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: The shadow copy could not be committed - operation timed out.
Error context: DeviceIoControl(\\?\Volume{b0fe13a7-e6f7-11df-9e68-806e6f6e6963} - 0000000000000144,0x0053c010,00000000000FDD50,0,00000000000FED60,4096,[0]).


Operation:
Committing shadow copies

Context:
Execution Context: System Provider

Error: (09/21/2012 06:50:09 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.


System errors:
=============
Error: (09/24/2012 10:34:21 PM) (Source: Microsoft-Windows-HAL) (User: )
Description: The platform firmware has corrupted memory across the previous system power transition. Please check for updated firmware for your system.

Error: (09/24/2012 10:12:10 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:
%%1068

Error: (09/24/2012 10:12:10 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (09/24/2012 10:12:10 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (09/24/2012 10:12:10 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (09/24/2012 10:12:10 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (09/24/2012 10:12:10 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (09/24/2012 10:12:10 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (09/24/2012 10:12:10 PM) (Source: DCOM) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (09/24/2012 10:12:10 PM) (Source: DCOM) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}


Microsoft Office Sessions:
=========================
Error: (09/25/2012 10:29:39 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestD:\2 copy\esetsmartinstaller_enu.exe

Error: (09/25/2012 09:13:33 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestD:\2 copy\esetsmartinstaller_enu.exe

Error: (09/23/2012 11:18:27 AM) (Source: SideBySide)(User: )
Description: assemblyIdentitylanguage*c:\program files (x86)\spybot - search & destroy\DelZip179.dllc:\program files (x86)\spybot - search & destroy\DelZip179.dll8

Error: (09/23/2012 11:18:25 AM) (Source: SideBySide)(User: )
Description: assemblyIdentitylanguage*c:\program files (x86)\spybot - search & destroy\DelZip179.dllc:\program files (x86)\spybot - search & destroy\DelZip179.dll8

Error: (09/23/2012 11:18:22 AM) (Source: SideBySide)(User: )
Description: assemblyIdentitylanguage*c:\program files (x86)\spybot - search & destroy\DelZip179.dllc:\program files (x86)\spybot - search & destroy\DelZip179.dll8

Error: (09/23/2012 11:12:57 AM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (09/22/2012 11:01:34 AM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (09/22/2012 10:37:35 AM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (09/22/2012 10:05:08 AM) (Source: VSS)(User: )
Description: DeviceIoControl(\\?\Volume{b0fe13a7-e6f7-11df-9e68-806e6f6e6963} - 0000000000000144,0x0053c010,00000000000FDD50,0,00000000000FED60,4096,[0])

Operation:
Committing shadow copies

Context:
Execution Context: System Provider

Error: (09/21/2012 06:50:09 PM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3


=========================== Installed Programs ============================

Adobe AIR (Version: 1.5.3.9130)
Adobe Flash Player 11 Plugin (Version: 11.4.402.265)
Adobe Reader 9.4.6 (Version: 9.4.6)
Advertising Center (Version: 0.0.0.2)
Age of Wonders 2
Age of Wonders: Shadow Magic
Alan Wake
Alan Wake's American Nightmare
Alien Breed 2: Assault
Alien Breed 3: Descent
Alien Breed: Impact
Alien Shooter 2 Conscription
Alien Shooter 2: Reloaded
Alien Shooter: Revisited
Amnesia: The Dark Descent
Anomaly Warzone Earth
Arx Fatalis
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (Version: 1.0.0.22)
Atom Zombie Smasher
µTorrent (Version: 1.6)
AuthenTec TrueSuite (Version: 4.0.0.258)
Avadon: The Black Fortress
Avencast
Avernum 4
Avernum 5
Avernum 6
Avernum: Escape From the Pit
Avira Free Antivirus (Version: 12.0.0.1199)
Back to the Future: Ep 1 - It's About Time
Back to the Future: Ep 2 - Get Tannen!
Back to the Future: Ep 3 - Citizen Brown
Back to the Future: Ep 4 - Double Visions
Back to the Future: Ep 5 - OUTATIME
Batman: Arkham Asylum GOTY Edition
Batman: Arkham City™
Battle.net
Ben There, Dan That!
BioShock 2
BIT.TRIP RUNNER
Blocks That Matter
Blood Bowl: Legendary Edition
Bluetooth Stack for Windows by Toshiba (Version: v7.10.16(T))
Braid
Breath of Death VII
BS.Player PRO (Version: 2.52.1030)
Burnout Paradise: The Ultimate Box
Call of Cthulhu: Dark Corners of the Earth
Call of Pripyat Complete v1.0.2
Cave Story+
CCleaner (Version: 3.09)
CDisplay 1.8
Cogs
Command & Conquer The First Decade (Version: 1.00.0000)
Command and Conquer 3: Kane's Wrath
Command and Conquer 3: Tiberium Wars
Command and Conquer: Red Alert 3 - Uprising
Company of Heroes: Opposing Fronts
Company of Heroes: Tales of Valor
Conexant HD Audio (Version: 4.126.0.62)
Costume Quest
Counter-Strike: Source
Crayon Physics Deluxe
Crusader No Regret
Crusader No Remorse
Cthulhu Saves the World
DAEMON Tools Lite (Version: 4.45.4.0315)
Daggerfall
Dark Messiah Might and Magic Single Player
Darksiders
DarksidersInstaller (Version: 1.00.1000)
Dead Space
Death Rally
DeathSpank
DeathSpank: Thongs Of Virtue
Defense Grid: The Awakening
Delve Deeper
Depths of Peril
Deus Ex: Human Revolution - The Missing Link
Deus Ex: Invisible War
Diablo
Diablo II
Din's Curse
Disciples 2 Gold: Dark Prophecy & Rise of the Elves
Disciples Gold
Disciples: Sacred Lands Gold Edition
Divinity II - The Dragon Knight Saga
Dolby Control Center (Version: 2.2.1)
DOOM II: Hell on Earth
Dragon Age: Origins - Ultimate Edition
Dual-Core Optimizer (Version: 1.1.4.0169)
Dungeon Keeper 2
Dungeons of Dredmor
EDGE
Elven Legacy
Elven Legacy: Magic
Elven Legacy: Ranger
Elven Legacy: Siege
eReg (Version: 1.20.138.34)
Eschalon: Book 1
Eschalon: Book 2
ESET Online Scanner v3
F.E.A.R. 2: Project Origin
F.E.A.R. 3
Faerie Solitaire
Fallout (Version: 1.0)
Fallout 2
Fallout Tactics
Fallout: New Vegas
Fantasy Wars
Final DOOM
FlatOut: Ultimate Carnage
Flight Control HD
Fortix
Fortix 2
Freedom Force
Freedom Force vs. the 3rd Reich
Frozen Synapse
FTL: Faster Than Light
Geneforge 1
Geneforge 2
Geneforge 3
Geneforge 4
Geneforge 5
Ghostbusters: The Video Game
Gish
GOG.com Downloader version 3.0.52 (Version: 3.0.52)
GOG.com Warlords Battlecry
Gratuitous Space Battles
Greed Corp
Half-Life 2
Half-Life 2: Episode One
Half-Life 2: Episode Two
Half-Life 2: Lost Coast
Half-Life: Blue Shift
Half-Life: Opposing Force
Hamilton's Great Adventure
Hammerfight
Hard Reset
HDMI Control Manager (Version: 2.0)
Heretic: Shadow of the Serpent Riders
Heroes Chronicles
Heroes Of Might And Magic
Heroes of Might and Magic 2 GOLD
Heroes of Might and Magic 3 Complete
Heroes of Might and Magic 4 Complete
Heroes of Might and Magic V: Hammers of Fate
Heroes of Might and Magic V: Tribes of the East
HeXen II
HeXen: Beyond Heretic
HeXen: Deathkings of the Dark Citadel
Hi-Rez Studios Authenticate and Update Service (Version: 3.0.0.0)
HOARD
ImagXpress (Version: 7.0.74.0)
Inquisitor
Intel® Rapid Storage Technology (Version: 9.6.1.1001)
Jamestown
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 35 (Version: 6.0.350)
K-Lite Codec Pack 8.3.2 (Standard) (Version: 8.3.2)
King's Bounty: Armored Princess
King's Bounty: Crossworlds
King's Bounty: The Legend
King Arthur - The Role-playing Wargame
King Arthur II - The Role-playing Wargame
Kohan II: Kings of War
Kohan: Ahriman's Gift
Kohan: Immortal Sovereigns
Krush, Kill 'n' Destroy Xtreme
Krush, Kill and Destroy Xtreme
Lara Croft and the Guardian of Light
Legend of Grimrock
LIMBO
Logitech Gaming Software 8.01 (Version: 8.01.120)
Machinarium
Magicka
Majesty 2 Collection
Majesty Gold HD
Malwarebytes Anti-Malware version 1.65.0.1400 (Version: 1.65.0.1400)
Master Levels for DOOM II
Master Of Magic
Master of Orion 1 and 2
Max Payne
Max Payne 2: The Fall of Max Payne
Metro 2033
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (Version: 3.5.0.0)
Microsoft DirectX SDK (March 2008) (Version: 9.22.1284)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (Version: 3.5.50.0)
Microsoft Silverlight (Version: 5.0.61118.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (Version: 9.0.30411)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Windows Media Video 9 VCM
Microsoft XNA Framework Redistributable 3.1 (Version: 3.1.10527.0)
Microsoft XNA Framework Redistributable 4.0 (Version: 4.0.20823.0)
Might & Magic Heroes VI (Version: 1.7)
Might & Magic VI Limited Edition
Might and Magic VII: For Blood and Honor
Might and Magic VIII: Day of the Destroyer
Monkey Island 2: Special Edition
Morrowind
Mortal Kombat Kollection
Mozilla Firefox 15.0.1 (x86 en-US) (Version: 15.0.1)
Mozilla Maintenance Service (Version: 15.0.1)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Myth II: Soulblighter version 1.7.1 (Version: 1.7.1)
Myth III: The Wolf Age version 1.3.1 (Version: 1.3.1)
Myth: The Fallen Lords version 1.5 (Version: 1.5)
NecroVisioN (Version: 1.00.0000)
NecroVisioN Patch 1.1
NecroVisioN Patch 1.2
Need for Speed: Hot Pursuit
Nero 9 Essentials
Nero BackItUp (Version: 5.2.21001)
Nero BackItUp and Burn (Version: 1.2.0030)
Nero BurnRights (Version: 3.4.13.100)
Nero BurnRights (Version: 3.6.26001)
Nero BurnRights Help (Version: 3.4.4.100)
Nero ControlCenter (Version: 9.0.0.1)
Nero DiscSpeed (Version: 5.4.13.100)
Nero DiscSpeed Help (Version: 5.4.4.100)
Nero DriveSpeed (Version: 4.4.12.100)
Nero DriveSpeed Help (Version: 4.4.4.100)
Nero Express (Version: 9.6.16000)
Nero Express Help (Version: 9.4.34.100)
Nero InfoTool (Version: 6.4.12.100)
Nero InfoTool Help (Version: 6.4.4.100)
Nero Installer (Version: 4.4.9.0)
Nero Online Upgrade (Version: 1.3.0.0)
Nero RescueAgent (Version: 2.6.25002)
Nero StartSmart (Version: 9.4.37.100)
Nero StartSmart Help (Version: 9.4.37.100)
NeroExpress (Version: 9.4.34.100)
neroxml (Version: 1.0.0)
Neverwinter Nights 2 Adventure Pack: Mysteries of Westgate
Neverwinter Nights 2: Platinum
NightSky
NOX
NVIDIA Control Panel 306.23 (Version: 306.23)
NVIDIA Graphics Driver 306.23 (Version: 306.23)
NVIDIA HD Audio Driver 1.3.18.0 (Version: 1.3.18.0)
NVIDIA Install Application (Version: 2.1002.85.551)
NVIDIA PhysX (Version: 9.12.0604)
NVIDIA PhysX System Software 9.12.0604 (Version: 9.12.0604)
O2Micro Flash Memory Card Windows Driver (Version: 2.0.46)
One Unit Whole Blood
OpenAL
Orcs Must Die!
Orcs Must Die! 2
Osmos
Penumbra: Black Plague
Penumbra: Overture
Penumbra: Requiem
Plants vs. Zombies: Game of the Year
Portal
Portal 2
Psychonauts
PunkBuster Services (Version: 0.992)
Quake 4
Quake II: Ground Zero
Quake Live Mozilla Plugin (Version: 1.0.520)
Quake Mission Pack 1: Scourge of Armagon
Quake Mission Pack 2: Dissolution of Eternity
RAGE
Realtek WLAN Driver (Version: 2.00.0006)
Renegade Ops
Revenge of the Titans
RoboBlitz
Rochard
Rock of Ages
S.T.A.L.K.E.R.: Call of Pripyat
S.T.A.L.K.E.R.: Shadow of Chernobyl
Sacred Gold
Saints Row: The Third
SEGA Genesis & Mega Drive Classics
Serious Sam HD: The First Encounter
Serious Sam HD: The Second Encounter
Shadowgrounds Editor
Shadowgrounds: Survivor
Shank
Sid Meier's Civilization IV: Beyond the Sword
Sid Meier's Civilization IV: Colonization
Sid Meier's Civilization IV: Warlords
Sierra Utilities
Simon the Sorcerer 2
SiN Episodes: Emergence
Sins of a Solar Empire: Trinity
Skype™ 4.2 (Version: 4.2.152)
Soulbringer
Soulcaster (Version: 1.0.0)
Source SDK Base 2007
Space Pirates and Zombies
Space Quest Collection
Spybot - Search & Destroy (Version: 1.6.2)
Stacking
Stalker Complete 2009
StarCraft
StarCraft II (Version: 1.5.2.22875)
Steam (Version: 1.0.0.0)
Strong Bad Episode 1: Homestar Ruiner
Strong Bad Episode 2: Strong Badia the Free
Strong Bad Episode 3: Baddest of the Bands
Strong Bad Episode 4: Dangeresque 3
Strong Bad Episode 5: 8-Bit Is Enough
Super Meat Boy
Supreme Commander 2
Supreme Commander: Forged Alliance
Sword of the Stars Complete Collection (Version: 1.8.0)
Synaptics Pointing Device Driver (Version: 13.2.7.3)
Team Fortress 2
TES Construction Set
The Baconing
The Bard's Tale
The Binding Of Isaac
The Misadventures of P.B. Winterbottom
The Ultimate DOOM
The Witcher 2 - Assassins of Kings Enhanced Edition
Thief - Deadly Shadows
Thief 2: The Metal Age
Thief Gold
Time Gentlemen, Please!
Titan Attacks
Torchlight II
TOSHIBA Hardware Setup (Version: 4.02.01.00)
TOSHIBA USB Sleep and Charge Utility (Version: 1.3.4.0)
Total Annihilation - Commander Pack
Trine
Trine 2
TRORMCLauncher (Version: )
TRORMCLauncher (Version: 1.0.0.10)
Ubisoft Game Launcher (Version: 1.0.0.0)
UE3Redist (Version: 1.00.0000)
Unity Web Player (Version: )
Unreal II: The Awakening
Unreal Tournament 2004
Unreal Tournament 3: Black Edition
Unreal Tournament: Game of the Year Edition
Unstoppable Gorg
Vampire: The Masquerade - Bloodlines
Vessel
VVVVVV
Warcraft II BNE
Warcraft III: All Products
Warhammer® 40,000®: Dawn of War® II – Retribution™
Warlock - Master of the Arcane
Warlords Battlecry 3
Warlords Battlecry II
Winamp (remove only)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
WinRAR 4.01 (64-bit) (Version: 4.01.0)
WinX HD Video Converter Deluxe 3.10.2
World of Goo
Worms Armageddon
Worms Reloaded
X-Com UFO Defence
Zeno Clash
Zombie Shooter
Zombie Shooter 2

========================= Memory info: ===================================

Percentage of memory in use: 26%
Total physical RAM: 8180.48 MB
Available physical RAM: 5989.29 MB
Total Pagefile: 16359.11 MB
Available Pagefile: 13926.49 MB
Total Virtual: 4095.88 MB
Available Virtual: 3962.21 MB

========================= Partitions: =====================================

1 Drive c: (Dodo) (Fixed) (Total:232.34 GB) (Free:93.95 GB) NTFS
2 Drive d: (Dodo mk II) (Fixed) (Total:233.03 GB) (Free:8.6 GB) NTFS
3 Drive e: (Dodo mk III) (Fixed) (Total:465.76 GB) (Free:11.78 GB) NTFS

========================= Users: ========================================

User accounts for \\LAPPY386

Administrator Dodo Guest

========================= Restore Points ==================================

08-09-2012 14:05:46 Installed DirectX
12-09-2012 13:31:56 Installed Quake Live Mozilla Plugin
20-09-2012 18:38:00 Installed DirectX
21-09-2012 14:41:35 Installed Might & Magic Heroes VI

**** End of log ****

Farbar Service Scanner Version: 19-09-2012
Ran by Dodo (administrator) on 26-09-2012 at 18:17:30
Running from "D:\2 copy"
Microsoft Windows 7 Home Premium (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2011-08-20 00:07] - [2011-06-21 08:27] - 1896832 ____A (Microsoft Corporation) B9D87C7707F058AC652A398CD28DE14B

C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll
[2009-07-14 02:09] - [2009-07-14 03:41] - 0824832 ____A (Microsoft Corporation) AECAB449567D1846DAD63ECE49E893E3

C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll
[2009-07-14 01:36] - [2009-07-14 03:41] - 0170496 ____A (Microsoft Corporation) 765A27C3279CE11D14CB9E4F5869FCA5

C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll
[2009-07-14 02:36] - [2009-07-14 03:41] - 2418176 ____A (Microsoft Corporation) 38340204A2D0228F1E87740FC5E554A7

C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****



Junkware Removal Tool (JRT) by Thisisu
Version: 1.0.9 (09.26.2012)
OS: Windows 7 Home Premium x64
Ran by Dodo on sri 26.09.2012. at 18:31:33,86
Blog: http://thisisudax.blogspot.com
**************************************************************




*** Registry Values: 0 Detections



*** Registry Keys:

Successfully deleted: [KEY] "hkey_current_user\software\conduit"



*** Files: 0 Detections



*** Folders: 0 Detections



*** FireFox detected and repaired:

The below lines were deleted from [FF prefs.js]

=============================

=============================



*** Event Viewer Logs - Cleared





**************************************************************
Scan was completed on sri 26.09.2012. at 18:31:34,66
End of Report



# AdwCleaner v2.003 - Logfile created 09/26/2012 at 18:18:34
# Updated 23/09/2012 by Xplode
# Operating system : Windows 7 Home Premium (64 bits)
# User : Dodo - LAPPY386
# Boot Mode : Normal
# Running from : D:\2 copy\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****

Key Found : HKCU\Software\Conduit
Key Found : HKLM\Software\Conduit

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7600.16385

[OK] Registry is clean.

-\\ Mozilla Firefox v15.0.1 (en-US)

Profile name : default
File : C:\Users\Dodo\AppData\Roaming\Mozilla\Firefox\Profiles\xwrm5i9n.default\prefs.js

[OK] File is clean.

-\\ Chromium v [Unable to get version]

File : C:\Users\Dodo\AppData\Local\Chromium\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [877 octets] - [26/09/2012 18:18:34]

########## EOF - C:\AdwCleaner[R1].txt - [936 octets] ##########

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:23 PM

Posted 26 September 2012 - 12:33 PM

Do you still have redirects?


Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#7 DodoGeo

DodoGeo
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:04:23 PM

Posted 26 September 2012 - 01:42 PM

At the moment it looks like it stopped, I have tried to recreate the redirect, but it does not happen. I avoided extratorrent.com site as it looks like it originated from there.
One thing I don't get is how it could affect both the bookmarks and the search toolbar without any obvious infection.


Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 09/26/2012 08:30:48 PM in x64 mode.
Windows Version: Windows 7 Home Premium

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* Explorer Policy Removed: NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
C:\Users\Dodo\Desktop\rkill\rkill-09-26-2012-08-30-53.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* Cannot edit the HOSTS file.
* Permissions could not be fixed. Use Hosts-perm.bat to fix permissions: http://www.bleepingcomputer.com/download/hosts-permbat/

Program finished at: 09/26/2012 08:31:00 PM
Execution time: 0 hours(s), 0 minute(s), and 12 seconds(s)


"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "ClientAppLogon" "TrueSuite Application Log On" "AuthenTec, Inc." "c:\program files\truesuite\truesuite.clientapplogonexe.exe"
+ "ClientAppLogon32" "TrueSuite Application Log On" "AuthenTec, Inc." "c:\program files\truesuite\x86\truesuite.clientapplogonexe.exe"
+ "HDMICtrlMan" "HDMICtrlMan.exe" "TOSHIBA Corporation." "c:\program files\toshiba\hdmictrlman\hdmictrlman.exe"
+ "Launch LCore" "Logitech Gaming Framework" "Logitech Inc." "c:\program files\logitech gaming software\lcore.exe"
+ "SmartAudio" "SAIICpl MFC Application" "" "c:\program files\conexant\saii\saiicpl.exe"
+ "SynTPEnh" "Synaptics TouchPad Enhancements" "Synaptics Incorporated" "c:\program files\synaptics\syntp\syntpenh.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"
+ "Adobe Reader Speed Launcher" "Adobe Acrobat SpeedLauncher" "Adobe Systems Incorporated" "c:\program files (x86)\adobe\reader 9.0\reader\reader_sl.exe"
+ "amd_dc_opt" "AMD Dual-Core Optimizer" "AMD" "c:\program files (x86)\amd\dual-core optimizer\amd_dc_opt.exe"
+ "avgnt" "Avira System Tray Tool" "Avira Operations GmbH & Co. KG" "c:\program files (x86)\avira\antivir desktop\avgnt.exe"
+ "NBAgent" "Nero BackItUp" "Nero AG" "c:\program files (x86)\nero\nero backitup & burn\nero backitup\nbagent.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files (x86)\common files\java\java update\jusched.exe"
+ "TUSBSleepChargeSrv" "TOSHIBA USB Sleep and Charge Service" "TOSHIBA" "c:\program files (x86)\toshiba\toshiba usb sleep and charge utility\tusbsleepchargesrv.exe"
+ "WinampAgent" "" "" "c:\program files (x86)\winamp\winampa.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "DAEMON Tools Lite" "DAEMON Tools Lite" "DT Soft Ltd" "c:\program files (x86)\daemon tools lite\dtlite.exe"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "Shell Extension for Malware scanning" "Avira Shell Extension Library 64-bit" "Avira Operations GmbH & Co. KG" "c:\program files (x86)\avira\antivir desktop\shlext64.dll"
+ "tosBtShllExt" "TosBtShell" "TOSHIBA" "c:\program files (x86)\toshiba\bluetooth toshiba stack\sys\x64\tosbtshell.dll"
+ "TrueSuiteCMenu" "TrueSuite Context Menu" "AuthenTec, Inc." "c:\program files\truesuite\truesuite.cmshelext.dll"
+ "WinRAR" "" "" "c:\program files (x86)\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "NBShellHook Class" "Nero BackItUp" "Nero AG" "c:\program files (x86)\nero\nero backitup & burn\nero backitup\nbshell.dll"
+ "WinRAR32" "" "" "c:\program files (x86)\winrar\rarext32.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "Convert" "Microsoft DirectX Shell Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft directx sdk (march 2008)\utilities\bin\x64\txview.dll"
+ "tosBtShllExt" "TosBtShell" "TOSHIBA" "c:\program files (x86)\toshiba\bluetooth toshiba stack\sys\x64\tosbtshell.dll"
+ "WinRAR" "" "" "c:\program files (x86)\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files (x86)\winrar\rarext32.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files (x86)\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files (x86)\winrar\rarext32.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "NvCplDesktopContext" "" "NVIDIA Corporation" "c:\windows\system32\nvshext.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "Shell Extension for Malware scanning" "Avira Shell Extension Library 64-bit" "Avira Operations GmbH & Co. KG" "c:\program files (x86)\avira\antivir desktop\shlext64.dll"
+ "TrueSuiteCMenu" "TrueSuite Context Menu" "AuthenTec, Inc." "c:\program files\truesuite\truesuite.cmshelext.dll"
+ "WinRAR" "" "" "c:\program files (x86)\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "NBShellHook Class" "Nero BackItUp" "Nero AG" "c:\program files (x86)\nero\nero backitup & burn\nero backitup\nbshell.dll"
+ "WinRAR32" "" "" "c:\program files (x86)\winrar\rarext32.dll"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files (x86)\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "NBShellHook" "Nero BackItUp" "Nero AG" "c:\program files (x86)\nero\nero backitup & burn\nero backitup\nbshell.dll"
+ "WinRAR32" "" "" "c:\program files (x86)\winrar\rarext32.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "TSFPLOlayIcon" "TrueSuite Fingerpring Logon Olay Icon" "AuthenTec, Inc." "c:\program files\truesuite\truesuite.fplolayicon.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "TrueSuite Website Log On" "TrueSuite Website Log On" "AuthenTec Inc." "c:\program files\truesuite\truesuite.iebho.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corporation" "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files (x86)\java\jre6\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files (x86)\java\jre6\bin\ssv.dll"
+ "TrueSuite Website Log On" "TrueSuite Website Log On" "AuthenTec Inc." "c:\program files\truesuite\x86\truesuite.iebho.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
"Task Scheduler" "" "" ""
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AntiVirSchedulerService" "Service to schedule Avira Free Antivirus jobs and updates." "Avira Operations GmbH & Co. KG" "c:\program files (x86)\avira\antivir desktop\sched.exe"
+ "AntiVirService" "Offers permanent protection against viruses and malware with the Avira search engine." "Avira Operations GmbH & Co. KG" "c:\program files (x86)\avira\antivir desktop\avguard.exe"
+ "FPLService" "Provides convenient and secure fingerprint authentication and identity management." "AuthenTec, Inc" "c:\program files\truesuite\truesuite.service.exe"
+ "MozillaMaintenance" "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled." "Mozilla Foundation" "c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe"
+ "Nero BackItUp Scheduler 4.0" "Nero BackItUp Scheduler 4.0 is responsible to control all jobs created using Nero BackItUp. These jobs can create backups of selected files/folders/partitions or complete hard disk to hard disk, network drive, disc or FTP." "Nero AG" "c:\program files (x86)\common files\nero\nero backitup 4\nbservice.exe"
+ "nvsvc" "Provides system and desktop level support to the NVIDIA display driver" "NVIDIA Corporation" "c:\windows\system32\nvvsvc.exe"
+ "O2FLASH" "O2 Flash Memory Service" "O2Micro International" "c:\windows\system32\drivers\o2flash.exe"
+ "PnkBstrA" "PunkBuster Service Component [v1035] http://www.evenbalance.com" "" "c:\windows\syswow64\pnkbstra.exe"
+ "Steam Client Service" "Steam Client Service monitors and updates Steam content" "Valve Corporation" "c:\program files (x86)\common files\steam\steamservice.exe"
+ "TOSHIBA Bluetooth Service" "TOSHIBA Bluetooth Service" "TOSHIBA CORPORATION" "c:\program files (x86)\toshiba\bluetooth toshiba stack\tosbtsrv.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corporation" "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "ATSwpWDF" "AuthenTec Fingerprint Sensor WBF Driver" "AuthenTec, Inc." "c:\windows\system32\drivers\atswpwdf.sys"
+ "avgntflt" "Avira mini-filter driver" "Avira GmbH" "c:\windows\system32\drivers\avgntflt.sys"
+ "avipbb" "Avira Security Enhancement Driver" "Avira GmbH" "c:\windows\system32\drivers\avipbb.sys"
+ "avkmgr" "Avira Manager Driver" "Avira GmbH" "c:\windows\system32\drivers\avkmgr.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "CnxtHdAudService" "64-bit High Definition Audio Function Driver" "Conexant Systems Inc." "c:\windows\system32\drivers\chdrt64.sys"
+ "dtsoftbus01" "DAEMON Tools Virtual Bus Driver" "DT Soft Ltd" "c:\windows\system32\drivers\dtsoftbus01.sys"
+ "EagleX64" "" "" "File not found: C:\Windows\system32\drivers\EagleX64.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStor" "Intel Rapid Storage Technology driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastor.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "L1C" "Atheros L1c PCI-E Gigabit Ethernet Controller" "Atheros Communications, Inc." "c:\windows\system32\drivers\l1c62x64.sys"
+ "LGBusEnum" "Logitech WingMan Virtual Bus Enumerator Driver" "Logitech Inc." "c:\windows\system32\drivers\lgbusenum.sys"
+ "LGSHidFilt" "Logitech Gaming HID Filter Driver." "Logitech Inc." "c:\windows\system32\drivers\lgshidfilt.sys"
+ "LGVirHid" "Logitech GamePanel Virtual Hid Device Driver" "Logitech Inc." "c:\windows\system32\drivers\lgvirhid.sys"
+ "LHidFilt" "Logitech HID Filter Driver." "Logitech, Inc." "c:\windows\system32\drivers\lhidfilt.sys"
+ "LMouFilt" "Logitech Mouse Filter Driver." "Logitech, Inc." "c:\windows\system32\drivers\lmoufilt.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "LUsbFilt" "Logitech USB Filter Driver." "Logitech, Inc." "c:\windows\system32\drivers\lusbfilt.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "netw5v64" "Intel® Wireless WiFi Link Driver" "Intel Corporation" "c:\windows\system32\drivers\netw5v64.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "NVHDA" "NVIDIA HDMI Audio Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvhda64v.sys"
+ "nvlddmkm" "NVIDIA Windows Kernel Mode Driver, Version 306.23 " "NVIDIA Corporation" "c:\windows\system32\drivers\nvlddmkm.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "O2MDGRDR" "" "O2Micro " "c:\windows\system32\drivers\o2mdgx64.sys"
+ "O2SDGRDR" "O2Micro SD Reader Driver (AMD64)" "O2Micro " "c:\windows\system32\drivers\o2sdgx64.sys"
+ "QIOMem" "Generic IO & Memory Access" "TOSHIBA" "c:\windows\system32\drivers\qiomem.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "regi" "regi driver" "InterVideo" "c:\windows\system32\drivers\regi.sys"
+ "rtl8192se" "Realtek RTL81892SE NDIS Driverr" "Realtek Semiconductor Corporation " "c:\windows\system32\drivers\rtl8192se.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "SynTP" "Synaptics Touchpad Driver" "Synaptics Incorporated" "c:\windows\system32\drivers\syntp.sys"
+ "Thpevm" "TOSHIBA HDD Protection - Shock Sensor Driver" "TOSHIBA Corporation" "c:\windows\system32\drivers\thpevm.sys"
+ "tos_sps64" "tos_sps64" "TOSHIBA Corporation" "c:\windows\system32\drivers\tos_sps64.sys"
+ "Tosrfcom" "" "" "File not found: C:\Windows\System32\Drivers\Tosrfcom.sys"
+ "tosrfec" "TOSHIBA Bluetooth EC Driver" "TOSHIBA Corporation" "c:\windows\system32\drivers\tosrfec.sys"
+ "TVALZ" "TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver" "TOSHIBA Corporation" "c:\windows\system32\drivers\tvalz_o.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
+ "vidc.iv50" "Intel Indeo® video 5.10" "Intel Corporation" "c:\windows\syswow64\ir50_32.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "DirectVobSub" "VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth" "MPC-HC Team" "c:\program files (x86)\k-lite codec pack\filters\vsfilter.dll"
+ "DirectVobSub (auto-loading version)" "VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth" "MPC-HC Team" "c:\program files (x86)\k-lite codec pack\filters\vsfilter.dll"
+ "DivX for Blizzard Decoder Filter" "DivX ™ Decoder Filter" "DivXNetworks, Inc." "c:\program files (x86)\warcraft iii\blizzard.ax"
+ "ffdshow Audio Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\k-lite codec pack\ffdshow\ffdshow.ax"
+ "ffdshow Audio Processor" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\k-lite codec pack\ffdshow\ffdshow.ax"
+ "ffdshow DXVA Video Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\k-lite codec pack\ffdshow\ffdshow.ax"
+ "ffdshow raw video filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\k-lite codec pack\ffdshow\ffdshow.ax"
+ "ffdshow subtitles filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\k-lite codec pack\ffdshow\ffdshow.ax"
+ "ffdshow Video Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\k-lite codec pack\ffdshow\ffdshow.ax"
+ "Haali Matroska Muxer" "Haali Media Splitter" "" "c:\program files (x86)\k-lite codec pack\filters\haali\splitter.ax"
+ "Haali Media Splitter" "Haali Media Splitter" "" "c:\program files (x86)\k-lite codec pack\filters\haali\splitter.ax"
+ "Haali Media Splitter (AR)" "Haali Media Splitter" "" "c:\program files (x86)\k-lite codec pack\filters\haali\splitter.ax"
+ "Haali Simple Media Splitter" "Haali Media Splitter" "" "c:\program files (x86)\k-lite codec pack\filters\haali\splitter.ax"
+ "Haali Video Renderer" "" "" "c:\program files (x86)\k-lite codec pack\filters\haali\dxr.dll"
+ "Haali Video Sink" "Haali Media Splitter" "" "c:\program files (x86)\k-lite codec pack\filters\haali\splitter.ax"
+ "Indeo® video 5.10 Compression Filter" "Intel Indeo® video 5.10" "Intel Corporation" "c:\windows\syswow64\ir50_32.dll"
+ "Indeo® video 5.10 Decompression Filter" "Intel Indeo® video 5.10" "Intel Corporation" "c:\windows\syswow64\ir50_32.dll"
+ "LAV Audio Decoder" "LAV Audio Decoder - DirectShow Audio Decoder" "1f0.de - Hendrik Leppkes" "c:\program files (x86)\k-lite codec pack\filters\lav\lavaudio.ax"
+ "LAV Splitter" "LAV Splitter - DirectShow Media Splitter" "1f0.de - Hendrik Leppkes" "c:\program files (x86)\k-lite codec pack\filters\lav\lavsplitter.ax"
+ "LAV Splitter Source" "LAV Splitter - DirectShow Media Splitter" "1f0.de - Hendrik Leppkes" "c:\program files (x86)\k-lite codec pack\filters\lav\lavsplitter.ax"
+ "LAV Video Decoder" "LAV Video Decoder - DirectShow Video Decoder" "1f0.de - Hendrik Leppkes" "c:\program files (x86)\k-lite codec pack\filters\lav\lavvideo.ax"
+ "madFlac Decoder" "DirectShow FLAC Decoder" "www.madshi.net" "c:\program files (x86)\k-lite codec pack\filters\madflac.ax"
+ "madFlac Source" "DirectShow FLAC Decoder" "www.madshi.net" "c:\program files (x86)\k-lite codec pack\filters\madflac.ax"
+ "WavPack Audio Decoder" "WavPack Audio DirectShow Decoder" "-" "c:\program files (x86)\k-lite codec pack\filters\wavpackdsdecoder.ax"
+ "WavPack Audio Splitter" "WavPack Audio DirectShow Splitter" "-" "c:\program files (x86)\k-lite codec pack\filters\wavpackdssplitter.ax"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" ""
+ "WLIDCredentialProvider" "Microsoft® Windows Live ID Credential Provider" "Microsoft Corporation" "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corporation" "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corporation" "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "Toshiba Bluetooth Monitor" "" "TOSHIBA CORPORATION." "c:\windows\system32\tbtmon.dll"

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:23 PM

Posted 26 September 2012 - 02:20 PM

I avoided extratorrent.com site as it looks like it originated from there.
One thing I don't get is how it could affect both the bookmarks and the search toolbar without any obvious infection.


I guess it is specific to extratorrent.I have seen a lot of people having redirects from extratorrent site.

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP-http://support.microsoft.com/kb/310405

Vista & windows 7-http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)

#9 DodoGeo

DodoGeo
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:04:23 PM

Posted 27 September 2012 - 08:22 AM

I guess that's it with extratorrent.com, will avoid it in the future.

Thank you very much for your support.

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:23 PM

Posted 27 September 2012 - 08:38 AM

You're welcome :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users