Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

My home page has been changed to "Claro Search"


  • Please log in to reply
14 replies to this topic

#1 jaysnzees

jaysnzees

  • Members
  • 310 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Illinois
  • Local time:06:09 PM

Posted 16 October 2012 - 10:38 PM

When I hit home it goes to this: http://www.claro-search.com/?affID=114506&tt=4112_8&babsrc=HP_clro&mntrId=c43bea1b000000000000001372384e07

Steps I've taken. I updated SAS and ran a quick scan and found nothing. I updates MBAM and ran a full scan and found 70 plus problems.

I deleted the stuff labeled CLaro in the program removal section of Control Panel. But there must be more. Here are the logs from MBAM.

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.06.16.01

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 6.0.2900.5512
Family :: DELL-GB54B81JG8 [administrator]

6/15/2012 9:06:31 PM
mbam-log-2012-06-15 (21-06-31).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 351006
Time elapsed: 3 hour(s), 5 minute(s), 50 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 5
HKCR\CLSID\{22222222-2222-2222-2222-220022462239} (PUP.CrossFire.SA) -> Quarantined and deleted successfully.
HKCR\CLSID\{33333333-3333-3333-3333-330033463339} (PUP.CrossFire.SA) -> Quarantined and deleted successfully.
HKCR\Interface\{66666666-6666-6666-6666-660066466639} (PUP.CrossFire.SA) -> Quarantined and deleted successfully.
HKCR\TypeLib\{44444444-4444-4444-4444-440044464439} (PUP.CrossFire.SA) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SavingsApp (PUP.CrossFire.SA) -> Quarantined and deleted successfully.

Registry Values Detected: 1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SavingsApp|Publisher (PUP.CrossFire.SA) -> Data: 215 Apps -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 1
C:\Program Files\SavingsApp (PUP.CrossFire.SA) -> Quarantined and deleted successfully.

Files Detected: 7
C:\Program Files\SavingsApp\SavingsApp.exe (PUP.CrossFire.SA) -> Quarantined and deleted successfully.
C:\Program Files\SavingsApp\SavingsAppGui.exe (PUP.CrossFire.SA) -> Quarantined and deleted successfully.
C:\Program Files\SavingsApp\Uninstall.exe (PUP.CrossFire.SA) -> Quarantined and deleted successfully.
C:\Program Files\SavingsApp\SavingsAppInstaller.log (PUP.CrossFire.SA) -> Quarantined and deleted successfully.
C:\Program Files\SavingsApp\SavingsApp.ico (PUP.CrossFire.SA) -> Quarantined and deleted successfully.
C:\Program Files\SavingsApp\SavingsApp.ini (PUP.CrossFire.SA) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Application Data\SavingsApp\Chrome\SavingsApp.crx (PUP.CrossFire.SA) -> Quarantined and deleted successfully.

(end)

AND THIS MORNING...

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.06.16.01

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 6.0.2900.5512
Family :: DELL-GB54B81JG8 [administrator]

6/16/2012 9:59:11 AM
mbam-log-2012-06-16 (09-59-11).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 350821
Time elapsed: 1 hour(s), 6 minute(s),

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 2
HKCR\Interface\{77777777-7777-7777-7777-770077467739} (PUP.CrossFire.SA) -> Quarantined and deleted successfully.
HKCR\TypeLib\{44444444-4444-4444-4444-440044464439} (PUP.CrossFire.SA) -> Quarantined and deleted successfully.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
What is thy bidding? My Master?

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:09 PM

Posted 16 October 2012 - 10:55 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 jaysnzees

jaysnzees
  • Topic Starter

  • Members
  • 310 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Illinois
  • Local time:06:09 PM

Posted 17 October 2012 - 10:19 AM

Here are the results...


08:12:39.0234 11300 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
08:12:39.0562 11300 ============================================================
08:12:39.0562 11300 Current date / time: 2012/10/17 08:12:39.0562
08:12:39.0562 11300 SystemInfo:
08:12:39.0562 11300
08:12:39.0562 11300 OS Version: 5.1.2600 ServicePack: 3.0
08:12:39.0562 11300 Product type: Workstation
08:12:39.0562 11300 ComputerName: DELL-GB54B81JG8
08:12:39.0562 11300 UserName: Family
08:12:39.0562 11300 Windows directory: C:\WINDOWS
08:12:39.0562 11300 System windows directory: C:\WINDOWS
08:12:39.0562 11300 Processor architecture: Intel x86
08:12:39.0562 11300 Number of processors: 2
08:12:39.0562 11300 Page size: 0x1000
08:12:39.0562 11300 Boot type: Normal boot
08:12:39.0562 11300 ============================================================
08:12:40.0765 11300 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000058
08:12:40.0765 11300 ============================================================
08:12:40.0765 11300 \Device\Harddisk0\DR0:
08:12:40.0781 11300 MBR partitions:
08:12:40.0781 11300 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D1C0681
08:12:40.0781 11300 ============================================================
08:12:40.0828 11300 C: <-> \Device\Harddisk0\DR0\Partition1
08:12:40.0828 11300 ============================================================
08:12:40.0828 11300 Initialize success
08:12:40.0828 11300 ============================================================
08:13:10.0312 20660 ============================================================
08:13:10.0312 20660 Scan started
08:13:10.0312 20660 Mode: Manual; TDLFS;
08:13:10.0312 20660 ============================================================
08:13:10.0546 20660 ================ Scan system memory ========================
08:13:10.0546 20660 System memory - ok
08:13:10.0546 20660 ================ Scan services =============================
08:13:10.0656 20660 [ 01E81C84AD1D0ACC61CF3CFD06632210 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
08:13:10.0656 20660 !SASCORE - ok
08:13:10.0765 20660 [ A15069EEC83EBC54150564B2585CFDBA ] 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269 C:\Program Files\Roxio\BackOnTrack\App\SaibSVC.exe
08:13:10.0781 20660 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269 - ok
08:13:10.0843 20660 Abiosdsk - ok
08:13:10.0859 20660 abp480n5 - ok
08:13:10.0890 20660 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
08:13:10.0890 20660 ACPI - ok
08:13:10.0937 20660 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
08:13:10.0937 20660 ACPIEC - ok
08:13:11.0015 20660 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
08:13:11.0015 20660 AdobeFlashPlayerUpdateSvc - ok
08:13:11.0015 20660 adpu160m - ok
08:13:11.0031 20660 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
08:13:11.0031 20660 aec - ok
08:13:11.0078 20660 [ 2C5C22990156A1063E19AD162191DC1D ] AegisP C:\WINDOWS\system32\DRIVERS\AegisP.sys
08:13:11.0078 20660 AegisP - ok
08:13:11.0125 20660 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
08:13:11.0125 20660 AFD - ok
08:13:11.0125 20660 Aha154x - ok
08:13:11.0140 20660 aic78u2 - ok
08:13:11.0140 20660 aic78xx - ok
08:13:11.0187 20660 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
08:13:11.0187 20660 Alerter - ok
08:13:11.0203 20660 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
08:13:11.0203 20660 ALG - ok
08:13:11.0218 20660 AliIde - ok
08:13:11.0218 20660 amsint - ok
08:13:11.0296 20660 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
08:13:11.0296 20660 Apple Mobile Device - ok
08:13:11.0312 20660 AppMgmt - ok
08:13:11.0312 20660 AR5523 - ok
08:13:11.0312 20660 asc - ok
08:13:11.0328 20660 asc3350p - ok
08:13:11.0328 20660 asc3550 - ok
08:13:11.0437 20660 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
08:13:11.0437 20660 aspnet_state - ok
08:13:11.0468 20660 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
08:13:11.0468 20660 AsyncMac - ok
08:13:11.0500 20660 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
08:13:11.0500 20660 atapi - ok
08:13:11.0515 20660 Atdisk - ok
08:13:11.0531 20660 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
08:13:11.0531 20660 Atmarpc - ok
08:13:11.0562 20660 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
08:13:11.0562 20660 AudioSrv - ok
08:13:11.0609 20660 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
08:13:11.0609 20660 audstub - ok
08:13:11.0906 20660 [ B41F0E54105801538D56623271A0AE49 ] AVGIDSAgent C:\Program Files\AVG\AVG2013\avgidsagent.exe
08:13:12.0062 20660 AVGIDSAgent - ok
08:13:12.0109 20660 [ 2F47851015D8837976E481F6DAA46A67 ] AVGIDSDriver C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys
08:13:12.0125 20660 AVGIDSDriver - ok
08:13:12.0140 20660 [ 303BDE0DCDC04CE597C6C1CD06C6F186 ] AVGIDSHX C:\WINDOWS\system32\DRIVERS\avgidshx.sys
08:13:12.0140 20660 AVGIDSHX - ok
08:13:12.0171 20660 [ A8DE230CC8536790CA07D37FBCD87A74 ] AVGIDSShim C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys
08:13:12.0171 20660 AVGIDSShim - ok
08:13:12.0218 20660 [ D53D35031365A0ECCB1DC1BC1B15B18E ] Avgldx86 C:\WINDOWS\system32\DRIVERS\avgldx86.sys
08:13:12.0218 20660 Avgldx86 - ok
08:13:12.0265 20660 [ 95889A9D23F3133250FA8AD13C982D58 ] Avglogx C:\WINDOWS\system32\DRIVERS\avglogx.sys
08:13:12.0265 20660 Avglogx - ok
08:13:12.0281 20660 [ 6DF7236D3A16C8417FF72F2EB2ADD244 ] Avgmfx86 C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
08:13:12.0281 20660 Avgmfx86 - ok
08:13:12.0296 20660 [ F3D57358DE0B8B3491013C615754A7C7 ] Avgrkx86 C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
08:13:12.0296 20660 Avgrkx86 - ok
08:13:12.0312 20660 [ BA73B38E9033FC6018DB736B635706AE ] Avgtdix C:\WINDOWS\system32\DRIVERS\avgtdix.sys
08:13:12.0312 20660 Avgtdix - ok
08:13:12.0359 20660 [ 3001E24F340D400BFF85935E5777FC5B ] avgtp C:\WINDOWS\system32\drivers\avgtpx86.sys
08:13:12.0359 20660 avgtp - ok
08:13:12.0406 20660 [ 0D2EB149AFF89A307E5D82D0A2B78439 ] avgwd C:\Program Files\AVG\AVG2013\avgwdsvc.exe
08:13:12.0406 20660 avgwd - ok
08:13:12.0453 20660 [ CD4646067CC7DCBA1907FA0ACF7E3966 ] bcm4sbxp C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
08:13:12.0453 20660 bcm4sbxp - ok
08:13:12.0484 20660 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
08:13:12.0484 20660 Beep - ok
08:13:12.0546 20660 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
08:13:12.0562 20660 BITS - ok
08:13:12.0593 20660 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
08:13:12.0609 20660 Bonjour Service - ok
08:13:12.0656 20660 [ F4BA084CBDE9B67C57BC7891C0225EA8 ] BOT4Service C:\Program Files\Roxio\BackOnTrack\App\BService.exe
08:13:12.0656 20660 BOT4Service - ok
08:13:12.0687 20660 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
08:13:12.0687 20660 Browser - ok
08:13:12.0718 20660 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
08:13:12.0718 20660 cbidf2k - ok
08:13:12.0750 20660 [ ED5411A69C5BAC78D245C893AF64352A ] cbVSCService C:\Program Files\Cobian Backup 10\cbVSCService.exe
08:13:12.0750 20660 cbVSCService - ok
08:13:12.0750 20660 cd20xrnt - ok
08:13:12.0812 20660 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
08:13:12.0812 20660 Cdaudio - ok
08:13:12.0828 20660 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
08:13:12.0828 20660 Cdfs - ok
08:13:12.0859 20660 [ 4B0A100EAF5C49EF3CCA8C641431EACC ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
08:13:12.0859 20660 Cdrom - ok
08:13:12.0875 20660 Changer - ok
08:13:12.0890 20660 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
08:13:12.0906 20660 CiSvc - ok
08:13:12.0906 20660 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
08:13:12.0906 20660 ClipSrv - ok
08:13:12.0937 20660 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:13:12.0953 20660 clr_optimization_v2.0.50727_32 - ok
08:13:12.0953 20660 CmdIde - ok
08:13:12.0953 20660 COMSysApp - ok
08:13:12.0968 20660 Cpqarray - ok
08:13:13.0000 20660 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
08:13:13.0000 20660 CryptSvc - ok
08:13:13.0000 20660 dac2w2k - ok
08:13:13.0015 20660 dac960nt - ok
08:13:13.0062 20660 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
08:13:13.0078 20660 DcomLaunch - ok
08:13:13.0125 20660 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
08:13:13.0125 20660 Dhcp - ok
08:13:13.0156 20660 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
08:13:13.0156 20660 Disk - ok
08:13:13.0156 20660 dmadmin - ok
08:13:13.0187 20660 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
08:13:13.0218 20660 dmboot - ok
08:13:13.0250 20660 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
08:13:13.0250 20660 dmio - ok
08:13:13.0281 20660 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
08:13:13.0281 20660 dmload - ok
08:13:13.0296 20660 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
08:13:13.0296 20660 dmserver - ok
08:13:13.0328 20660 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
08:13:13.0328 20660 DMusic - ok
08:13:13.0359 20660 [ D2EE54CDBCED01D48F2B18642BE79A98 ] DNINDIS5 C:\WINDOWS\system32\DNINDIS5.SYS
08:13:13.0359 20660 DNINDIS5 - ok
08:13:13.0390 20660 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
08:13:13.0390 20660 Dnscache - ok
08:13:13.0437 20660 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
08:13:13.0437 20660 Dot3svc - ok
08:13:13.0453 20660 dpti2o - ok
08:13:13.0453 20660 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
08:13:13.0453 20660 drmkaud - ok
08:13:13.0500 20660 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
08:13:13.0500 20660 EapHost - ok
08:13:13.0500 20660 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
08:13:13.0515 20660 ERSvc - ok
08:13:13.0546 20660 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
08:13:13.0562 20660 Eventlog - ok
08:13:13.0593 20660 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
08:13:13.0609 20660 EventSystem - ok
08:13:13.0609 20660 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
08:13:13.0609 20660 Fastfat - ok
08:13:13.0656 20660 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
08:13:13.0656 20660 FastUserSwitchingCompatibility - ok
08:13:13.0671 20660 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
08:13:13.0671 20660 Fdc - ok
08:13:13.0671 20660 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
08:13:13.0671 20660 Fips - ok
08:13:13.0687 20660 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
08:13:13.0687 20660 Flpydisk - ok
08:13:13.0687 20660 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
08:13:13.0703 20660 FltMgr - ok
08:13:13.0765 20660 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
08:13:13.0765 20660 FontCache3.0.0.0 - ok
08:13:13.0781 20660 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
08:13:13.0781 20660 Fs_Rec - ok
08:13:13.0796 20660 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
08:13:13.0796 20660 Ftdisk - ok
08:13:13.0843 20660 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
08:13:13.0843 20660 GEARAspiWDM - ok
08:13:13.0859 20660 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
08:13:13.0859 20660 Gpc - ok
08:13:13.0937 20660 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
08:13:13.0937 20660 gupdate - ok
08:13:13.0937 20660 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
08:13:13.0937 20660 gupdatem - ok
08:13:13.0953 20660 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
08:13:13.0953 20660 HDAudBus - ok
08:13:14.0031 20660 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
08:13:14.0031 20660 helpsvc - ok
08:13:14.0046 20660 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
08:13:14.0046 20660 HidServ - ok
08:13:14.0062 20660 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
08:13:14.0062 20660 hidusb - ok
08:13:14.0093 20660 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
08:13:14.0093 20660 hkmsvc - ok
08:13:14.0093 20660 hpn - ok
08:13:14.0156 20660 [ 77E4FF0B73BC0AEAAF39BF0C8104231F ] HSFHWBS2 C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
08:13:14.0156 20660 HSFHWBS2 - ok
08:13:14.0187 20660 [ 60E1604729A15EF4A3B05F298427B3B1 ] HSF_DP C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
08:13:14.0234 20660 HSF_DP - ok
08:13:14.0281 20660 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
08:13:14.0281 20660 HTTP - ok
08:13:14.0328 20660 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
08:13:14.0328 20660 HTTPFilter - ok
08:13:14.0328 20660 i2omgmt - ok
08:13:14.0328 20660 i2omp - ok
08:13:14.0359 20660 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\drivers\i8042prt.sys
08:13:14.0359 20660 i8042prt - ok
08:13:14.0406 20660 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
08:13:14.0406 20660 IDriverT - ok
08:13:14.0484 20660 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
08:13:14.0500 20660 idsvc - ok
08:13:14.0531 20660 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
08:13:14.0531 20660 Imapi - ok
08:13:14.0578 20660 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
08:13:14.0578 20660 ImapiService - ok
08:13:14.0593 20660 ini910u - ok
08:13:14.0609 20660 IntelIde - ok
08:13:14.0625 20660 [ 3BB22519A194418D5FEC05D800A19AD0 ] ip6fw C:\WINDOWS\system32\drivers\ip6fw.sys
08:13:14.0625 20660 ip6fw - ok
08:13:14.0640 20660 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
08:13:14.0656 20660 IpFilterDriver - ok
08:13:14.0656 20660 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
08:13:14.0656 20660 IpInIp - ok
08:13:14.0687 20660 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
08:13:14.0687 20660 IpNat - ok
08:13:14.0765 20660 [ BC0EA61246F8D940FBC5F652D337D6BD ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
08:13:14.0781 20660 iPod Service - ok
08:13:14.0796 20660 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
08:13:14.0796 20660 IPSec - ok
08:13:14.0812 20660 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
08:13:14.0812 20660 IRENUM - ok
08:13:14.0812 20660 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
08:13:14.0812 20660 isapnp - ok
08:13:14.0875 20660 [ A12175F063302CD68F8FC6D572D7E5FD ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
08:13:14.0875 20660 JavaQuickStarterService - ok
08:13:14.0890 20660 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
08:13:14.0890 20660 Kbdclass - ok
08:13:14.0890 20660 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
08:13:14.0890 20660 kbdhid - ok
08:13:14.0937 20660 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
08:13:14.0937 20660 kmixer - ok
08:13:14.0968 20660 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
08:13:14.0968 20660 KSecDD - ok
08:13:15.0000 20660 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
08:13:15.0000 20660 lanmanserver - ok
08:13:15.0015 20660 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
08:13:15.0015 20660 lanmanworkstation - ok
08:13:15.0031 20660 lbrtfdc - ok
08:13:15.0046 20660 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
08:13:15.0046 20660 LmHosts - ok
08:13:15.0109 20660 [ E6CB119EF2E148EAA1A247343550756E ] McciCMService C:\Program Files\Common Files\Motive\McciCMService.exe
08:13:15.0125 20660 McciCMService - ok
08:13:15.0187 20660 [ F453D1E6D881E8F8717E20CCD4199E85 ] McComponentHostService C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
08:13:15.0203 20660 McComponentHostService - ok
08:13:15.0218 20660 [ EEAEA6514BA7C9D273B5E87C4E1AAB30 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
08:13:15.0218 20660 mdmxsdk - ok
08:13:15.0250 20660 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
08:13:15.0250 20660 Messenger - ok
08:13:15.0312 20660 Microsoft SharePoint Workspace Audit Service - ok
08:13:15.0328 20660 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
08:13:15.0328 20660 mnmdd - ok
08:13:15.0343 20660 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\System32\mnmsrvc.exe
08:13:15.0343 20660 mnmsrvc - ok
08:13:15.0375 20660 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
08:13:15.0375 20660 Modem - ok
08:13:15.0390 20660 [ 1992E0D143B09653AB0F9C5E04B0FD65 ] MODEMCSA C:\WINDOWS\system32\drivers\MODEMCSA.sys
08:13:15.0406 20660 MODEMCSA - ok
08:13:15.0421 20660 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
08:13:15.0421 20660 Mouclass - ok
08:13:15.0468 20660 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
08:13:15.0468 20660 mouhid - ok
08:13:15.0468 20660 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
08:13:15.0468 20660 MountMgr - ok
08:13:15.0531 20660 [ 15D5398EED42C2504BB3D4FC875C15D1 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
08:13:15.0531 20660 MozillaMaintenance - ok
08:13:15.0531 20660 mraid35x - ok
08:13:15.0562 20660 [ 9BD4DCB5412921864A7AACDEDFBD1923 ] MREMP50 C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
08:13:15.0562 20660 MREMP50 - ok
08:13:15.0593 20660 [ 07C02C892E8E1A72D6BF35004F0E9C5E ] MRESP50 C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
08:13:15.0593 20660 MRESP50 - ok
08:13:15.0593 20660 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
08:13:15.0609 20660 MRxDAV - ok
08:13:15.0640 20660 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
08:13:15.0656 20660 MRxSmb - ok
08:13:15.0687 20660 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\System32\msdtc.exe
08:13:15.0687 20660 MSDTC - ok
08:13:15.0703 20660 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
08:13:15.0703 20660 Msfs - ok
08:13:15.0703 20660 MSIServer - ok
08:13:15.0734 20660 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
08:13:15.0734 20660 MSKSSRV - ok
08:13:15.0781 20660 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
08:13:15.0781 20660 MSPCLOCK - ok
08:13:15.0796 20660 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
08:13:15.0796 20660 MSPQM - ok
08:13:15.0828 20660 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
08:13:15.0828 20660 mssmbios - ok
08:13:15.0859 20660 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
08:13:15.0859 20660 Mup - ok
08:13:15.0937 20660 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
08:13:15.0953 20660 napagent - ok
08:13:16.0000 20660 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
08:13:16.0000 20660 NDIS - ok
08:13:16.0046 20660 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
08:13:16.0046 20660 NdisTapi - ok
08:13:16.0062 20660 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
08:13:16.0062 20660 Ndisuio - ok
08:13:16.0062 20660 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
08:13:16.0062 20660 NdisWan - ok
08:13:16.0109 20660 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
08:13:16.0109 20660 NDProxy - ok
08:13:16.0125 20660 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
08:13:16.0125 20660 NetBIOS - ok
08:13:16.0156 20660 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
08:13:16.0156 20660 NetBT - ok
08:13:16.0203 20660 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
08:13:16.0203 20660 NetDDE - ok
08:13:16.0218 20660 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
08:13:16.0218 20660 NetDDEdsdm - ok
08:13:16.0234 20660 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
08:13:16.0250 20660 Netlogon - ok
08:13:16.0265 20660 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
08:13:16.0265 20660 Netman - ok
08:13:16.0312 20660 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
08:13:16.0312 20660 NetTcpPortSharing - ok
08:13:16.0328 20660 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
08:13:16.0343 20660 Nla - ok
08:13:16.0343 20660 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
08:13:16.0343 20660 Npfs - ok
08:13:16.0359 20660 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
08:13:16.0375 20660 Ntfs - ok
08:13:16.0375 20660 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\System32\lsass.exe
08:13:16.0375 20660 NtLmSsp - ok
08:13:16.0406 20660 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
08:13:16.0421 20660 NtmsSvc - ok
08:13:16.0453 20660 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
08:13:16.0453 20660 Null - ok
08:13:16.0609 20660 [ 15A6306A0B958BF60F09688D0EE70479 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
08:13:16.0718 20660 nv - ok
08:13:16.0734 20660 [ 52DCE3B30C9D61C8E20FE3C6DA4BDFB7 ] nvgts C:\WINDOWS\system32\DRIVERS\nvgts.sys
08:13:16.0734 20660 nvgts - ok
08:13:16.0781 20660 [ 986D6666E076AFD2B60ACAFD5B01A00F ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
08:13:16.0781 20660 NVSvc - ok
08:13:16.0828 20660 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
08:13:16.0828 20660 NwlnkFlt - ok
08:13:16.0828 20660 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
08:13:16.0828 20660 NwlnkFwd - ok
08:13:16.0890 20660 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
08:13:16.0890 20660 ose - ok
08:13:17.0109 20660 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
08:13:17.0234 20660 osppsvc - ok
08:13:17.0296 20660 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\drivers\Parport.sys
08:13:17.0296 20660 Parport - ok
08:13:17.0296 20660 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
08:13:17.0296 20660 PartMgr - ok
08:13:17.0328 20660 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
08:13:17.0328 20660 ParVdm - ok
08:13:17.0515 20660 [ 703E0D9D640C5B2E8177EC0ECD0A736A ] PC Performer Manager C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.3.759.138\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\pcpmngr.exe
08:13:17.0593 20660 PC Performer Manager - ok
08:13:17.0625 20660 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
08:13:17.0625 20660 PCI - ok
08:13:17.0625 20660 PCIDump - ok
08:13:17.0671 20660 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
08:13:17.0671 20660 PCIIde - ok
08:13:17.0703 20660 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
08:13:17.0703 20660 Pcmcia - ok
08:13:17.0703 20660 PDCOMP - ok
08:13:17.0703 20660 PDFRAME - ok
08:13:17.0718 20660 PDRELI - ok
08:13:17.0718 20660 PDRFRAME - ok
08:13:17.0718 20660 perc2 - ok
08:13:17.0734 20660 perc2hib - ok
08:13:17.0765 20660 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
08:13:17.0765 20660 PlugPlay - ok
08:13:17.0765 20660 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
08:13:17.0781 20660 PolicyAgent - ok
08:13:17.0796 20660 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
08:13:17.0796 20660 PptpMiniport - ok
08:13:17.0828 20660 [ A32BEBAF723557681BFC6BD93E98BD26 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
08:13:17.0828 20660 Processor - ok
08:13:17.0828 20660 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
08:13:17.0828 20660 ProtectedStorage - ok
08:13:17.0843 20660 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
08:13:17.0843 20660 PSched - ok
08:13:17.0859 20660 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
08:13:17.0859 20660 Ptilink - ok
08:13:17.0875 20660 [ E42E3433DBB4CFFE8FDD91EAB29AEA8E ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
08:13:17.0875 20660 PxHelp20 - ok
08:13:17.0875 20660 ql1080 - ok
08:13:17.0890 20660 Ql10wnt - ok
08:13:17.0890 20660 ql12160 - ok
08:13:17.0890 20660 ql1240 - ok
08:13:17.0906 20660 ql1280 - ok
08:13:17.0906 20660 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
08:13:17.0906 20660 RasAcd - ok
08:13:17.0921 20660 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
08:13:17.0937 20660 RasAuto - ok
08:13:17.0953 20660 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
08:13:17.0953 20660 Rasl2tp - ok
08:13:17.0984 20660 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
08:13:18.0000 20660 RasMan - ok
08:13:18.0000 20660 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
08:13:18.0000 20660 RasPppoe - ok
08:13:18.0015 20660 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
08:13:18.0015 20660 Raspti - ok
08:13:18.0046 20660 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
08:13:18.0062 20660 Rdbss - ok
08:13:18.0062 20660 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
08:13:18.0062 20660 RDPCDD - ok
08:13:18.0125 20660 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
08:13:18.0125 20660 RDPWD - ok
08:13:18.0140 20660 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
08:13:18.0156 20660 RDSessMgr - ok
08:13:18.0156 20660 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
08:13:18.0156 20660 redbook - ok
08:13:18.0187 20660 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
08:13:18.0187 20660 RemoteAccess - ok
08:13:18.0281 20660 [ 053A0D66B1982D93A20062E4DA40B29B ] RoxMediaDB13 C:\Program Files\Common Files\Roxio Shared\13.0\SharedCOM\RoxMediaDB13.exe
08:13:18.0328 20660 RoxMediaDB13 - ok
08:13:18.0375 20660 [ 495C85B15470374A9499451893742EE6 ] RoxWatch12 C:\Program Files\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatch13.exe
08:13:18.0390 20660 RoxWatch12 - ok
08:13:18.0406 20660 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\System32\locator.exe
08:13:18.0421 20660 RpcLocator - ok
08:13:18.0453 20660 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\System32\rpcss.dll
08:13:18.0453 20660 RpcSs - ok
08:13:18.0500 20660 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\System32\rsvp.exe
08:13:18.0500 20660 RSVP - ok
08:13:18.0531 20660 [ 0B2D5D2341437D7D7E1A6C7BBCE3786A ] SahdIa32 C:\WINDOWS\system32\Drivers\SahdIa32.sys
08:13:18.0531 20660 SahdIa32 - ok
08:13:18.0546 20660 [ 7A5F65B16249AF2BC9D18D815F5D7172 ] SaibIa32 C:\WINDOWS\system32\Drivers\SaibIa32.sys
08:13:18.0546 20660 SaibIa32 - ok
08:13:18.0562 20660 [ E333C9515822DE586A3FF759A0C9B7BF ] SaibVd32 C:\WINDOWS\system32\Drivers\SaibVd32.sys
08:13:18.0562 20660 SaibVd32 - ok
08:13:18.0578 20660 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
08:13:18.0578 20660 SamSs - ok
08:13:18.0656 20660 [ 39763504067962108505BFF25F024345 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
08:13:18.0656 20660 SASDIFSV - ok
08:13:18.0671 20660 [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
08:13:18.0687 20660 SASKUTIL - ok
08:13:18.0718 20660 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
08:13:18.0718 20660 SCardSvr - ok
08:13:18.0750 20660 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
08:13:18.0750 20660 Schedule - ok
08:13:18.0796 20660 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
08:13:18.0796 20660 Secdrv - ok
08:13:18.0812 20660 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
08:13:18.0828 20660 seclogon - ok
08:13:18.0828 20660 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
08:13:18.0828 20660 SENS - ok
08:13:18.0859 20660 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\drivers\Serial.sys
08:13:18.0859 20660 Serial - ok
08:13:18.0890 20660 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
08:13:18.0890 20660 Sfloppy - ok
08:13:18.0953 20660 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
08:13:18.0953 20660 SharedAccess - ok
08:13:18.0968 20660 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
08:13:18.0968 20660 ShellHWDetection - ok
08:13:18.0968 20660 Simbad - ok
08:13:18.0984 20660 Sparrow - ok
08:13:19.0031 20660 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
08:13:19.0031 20660 splitter - ok
08:13:19.0078 20660 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
08:13:19.0078 20660 Spooler - ok
08:13:19.0093 20660 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
08:13:19.0093 20660 sr - ok
08:13:19.0093 20660 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
08:13:19.0093 20660 srservice - ok
08:13:19.0125 20660 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
08:13:19.0140 20660 Srv - ok
08:13:19.0156 20660 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
08:13:19.0156 20660 SSDPSRV - ok
08:13:19.0234 20660 [ 8990440E4B2A7CA5A56A1833B03741FD ] STHDA C:\WINDOWS\system32\drivers\sthda.sys
08:13:19.0265 20660 STHDA - ok
08:13:19.0296 20660 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
08:13:19.0296 20660 stisvc - ok
08:13:19.0312 20660 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
08:13:19.0312 20660 swenum - ok
08:13:19.0312 20660 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
08:13:19.0312 20660 swmidi - ok
08:13:19.0312 20660 SwPrv - ok
08:13:19.0328 20660 symc810 - ok
08:13:19.0328 20660 symc8xx - ok
08:13:19.0343 20660 sym_hi - ok
08:13:19.0343 20660 sym_u3 - ok
08:13:19.0375 20660 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
08:13:19.0375 20660 sysaudio - ok
08:13:19.0406 20660 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
08:13:19.0406 20660 SysmonLog - ok
08:13:19.0421 20660 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
08:13:19.0437 20660 TapiSrv - ok
08:13:19.0468 20660 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
08:13:19.0484 20660 Tcpip - ok
08:13:19.0515 20660 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
08:13:19.0515 20660 TDPIPE - ok
08:13:19.0531 20660 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
08:13:19.0531 20660 TDTCP - ok
08:13:19.0562 20660 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
08:13:19.0562 20660 TermDD - ok
08:13:19.0609 20660 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
08:13:19.0609 20660 TermService - ok
08:13:19.0609 20660 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
08:13:19.0609 20660 Themes - ok
08:13:19.0625 20660 TosIde - ok
08:13:19.0656 20660 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
08:13:19.0656 20660 TrkWks - ok
08:13:19.0703 20660 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
08:13:19.0703 20660 Udfs - ok
08:13:19.0703 20660 ultra - ok
08:13:19.0765 20660 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
08:13:19.0765 20660 Update - ok
08:13:19.0812 20660 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
08:13:19.0812 20660 upnphost - ok
08:13:19.0843 20660 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
08:13:19.0843 20660 UPS - ok
08:13:19.0890 20660 [ 73B41F4EAD65F355962168D766AF0F2E ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
08:13:19.0890 20660 USBAAPL - ok
08:13:19.0906 20660 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
08:13:19.0906 20660 usbccgp - ok
08:13:19.0921 20660 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
08:13:19.0921 20660 usbehci - ok
08:13:19.0937 20660 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
08:13:19.0937 20660 usbhub - ok
08:13:19.0953 20660 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
08:13:19.0953 20660 usbohci - ok
08:13:19.0968 20660 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
08:13:19.0968 20660 usbprint - ok
08:13:20.0000 20660 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
08:13:20.0000 20660 usbscan - ok
08:13:20.0046 20660 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
08:13:20.0046 20660 USBSTOR - ok
08:13:20.0062 20660 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
08:13:20.0062 20660 VgaSave - ok
08:13:20.0062 20660 ViaIde - ok
08:13:20.0078 20660 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
08:13:20.0078 20660 VolSnap - ok
08:13:20.0109 20660 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
08:13:20.0125 20660 VSS - ok
08:13:20.0218 20660 [ 40DBA03782BCC10685A8C200C5EBDCD0 ] vToolbarUpdater12.2.6 C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe
08:13:20.0250 20660 vToolbarUpdater12.2.6 - ok
08:13:20.0265 20660 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
08:13:20.0265 20660 W32Time - ok
08:13:20.0281 20660 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
08:13:20.0281 20660 Wanarp - ok
08:13:20.0328 20660 [ D918617B46457B9AC28027722E30F647 ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
08:13:20.0359 20660 Wdf01000 - ok
08:13:20.0359 20660 WDICA - ok
08:13:20.0375 20660 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
08:13:20.0375 20660 wdmaud - ok
08:13:20.0375 20660 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
08:13:20.0375 20660 WebClient - ok
08:13:20.0406 20660 [ F59ED5A43B988A18EF582BB07B2327A7 ] winachsf C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
08:13:20.0437 20660 winachsf - ok
08:13:20.0531 20660 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
08:13:20.0531 20660 winmgmt - ok
08:13:20.0593 20660 [ FD600B032E741EB6AAB509FC630F7C42 ] WinUSB C:\WINDOWS\system32\DRIVERS\WinUSB.sys
08:13:20.0593 20660 WinUSB - ok
08:13:20.0625 20660 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
08:13:20.0625 20660 WmdmPmSN - ok
08:13:20.0656 20660 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\System32\wbem\wmiapsrv.exe
08:13:20.0656 20660 WmiApSrv - ok
08:13:20.0687 20660 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
08:13:20.0687 20660 WpdUsb - ok
08:13:20.0718 20660 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
08:13:20.0718 20660 WS2IFSL - ok
08:13:20.0765 20660 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
08:13:20.0765 20660 wscsvc - ok
08:13:20.0812 20660 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
08:13:20.0812 20660 wuauserv - ok
08:13:20.0859 20660 [ EAA6324F51214D2F6718977EC9CE0DEF ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
08:13:20.0859 20660 WudfPf - ok
08:13:20.0875 20660 [ F91FF1E51FCA30B3C3981DB7D5924252 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
08:13:20.0875 20660 WudfRd - ok
08:13:20.0906 20660 [ DDEE3682FE97037C45F4D7AB467CB8B6 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
08:13:20.0906 20660 WudfSvc - ok
08:13:20.0968 20660 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
08:13:20.0984 20660 WZCSVC - ok
08:13:21.0031 20660 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
08:13:21.0031 20660 xmlprov - ok
08:13:21.0031 20660 zumbus - ok
08:13:21.0046 20660 ================ Scan global ===============================
08:13:21.0062 20660 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
08:13:21.0109 20660 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
08:13:21.0125 20660 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
08:13:21.0140 20660 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
08:13:21.0140 20660 [Global] - ok
08:13:21.0140 20660 ================ Scan MBR ==================================
08:13:21.0156 20660 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
08:13:21.0375 20660 \Device\Harddisk0\DR0 - ok
08:13:21.0375 20660 ================ Scan VBR ==================================
08:13:21.0375 20660 [ DE4C8E9BC844B66C6E9F9267F6A62739 ] \Device\Harddisk0\DR0\Partition1
08:13:21.0375 20660 \Device\Harddisk0\DR0\Partition1 - ok
08:13:21.0375 20660 ============================================================
08:13:21.0375 20660 Scan finished
08:13:21.0375 20660 ============================================================
08:13:21.0390 20152 Detected object count: 0
08:13:21.0390 20152 Actual detected object count: 0
08:13:37.0312 13472 Deinitialize success


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-10-17 08:13:50
-----------------------------
08:13:50.218 OS Version: Windows 5.1.2600 Service Pack 3
08:13:50.218 Number of processors: 2 586 0x4B02
08:13:50.218 ComputerName: DELL-GB54B81JG8 UserName: Family
08:13:51.406 Initialize success
08:17:57.562 AVAST engine defs: 12101700
08:19:28.859 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Scsi\nvgts1Port0Path0Target0Lun0
08:19:28.859 Disk 0 Vendor: WDC_WD25 02.0 Size: 238475MB BusType: 3
08:19:28.875 Disk 0 MBR read successfully
08:19:28.875 Disk 0 MBR scan
08:19:28.906 Disk 0 Windows XP default MBR code
08:19:28.906 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 238464 MB offset 63
08:19:28.906 Disk 0 scanning sectors +488376000
08:19:28.984 Disk 0 scanning C:\WINDOWS\system32\drivers
08:19:38.921 Service scanning
08:19:57.937 Modules scanning
08:20:02.140 Disk 0 trace - called modules:
08:20:02.156 ntkrnlpa.exe CLASSPNP.SYS disk.sys SahdIa32.sys ACPI.sys hal.dll SCSIPORT.SYS nvgts.sys
08:20:02.156 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8aee2ab8]
08:20:02.156 3 CLASSPNP.SYS[ba0f8fd7] -> nt!IofCallDriver -> [0x8aee2020]
08:20:02.156 5 SahdIa32.sys[ba119939] -> nt!IofCallDriver -> \Device\00000069[0x8af9f2d8]
08:20:02.156 7 ACPI.sys[b9f7f620] -> nt!IofCallDriver -> \Device\Scsi\nvgts1Port0Path0Target0Lun0[0x8af74a38]
08:20:02.906 AVAST engine scan C:\WINDOWS
08:20:06.312 AVAST engine scan C:\WINDOWS\system32
08:22:54.671 AVAST engine scan C:\WINDOWS\system32\drivers
08:23:12.796 AVAST engine scan C:\Documents and Settings\Family
08:29:14.468 AVAST engine scan C:\Documents and Settings\All Users
08:30:57.062 Scan finished successfully
08:36:07.031 Disk 0 MBR has been saved successfully to "C:\MBR.dat"
08:36:07.031 The log file has been saved successfully to "C:\aswMBR.txt"

These are the three logs from ESET...

C:\Documents and Settings\Family\Desktop\pcp_claro.exe a variant of Win32/InstallBrain.H application cleaned by deleting - quarantined
C:\Documents and Settings\Family\My Documents\Downloads\fagotto\New Folder\SoftonicDownloader_for_windows-live-messenger.exe a variant of Win32/SoftonicDownloader.E application cleaned by deleting - quarantined
C:\System Volume Information\_restore{554313B8-FBA9-46E5-9B34-7EF33481D27D}\RP230\A0094805.exe a variant of Win32/InstallBrain.H application cleaned by deleting - quarantined

C:\Documents and Settings\Family\Desktop\pcp_claro.exe a variant of Win32/InstallBrain.H application cleaned by deleting - quarantined
C:\Documents and Settings\Family\My Documents\Downloads\fagotto\New Folder\SoftonicDownloader_for_windows-live-messenger.exe a variant of Win32/SoftonicDownloader.E application cleaned by deleting - quarantined
C:\System Volume Information\_restore{554313B8-FBA9-46E5-9B34-7EF33481D27D}\RP230\A0094805.exe a variant of Win32/InstallBrain.H application cleaned by deleting - quarantined

C:\Documents and Settings\Family\Desktop\pcp_claro.exe a variant of Win32/InstallBrain.H application cleaned by deleting - quarantined
C:\Documents and Settings\Family\My Documents\Downloads\fagotto\New Folder\SoftonicDownloader_for_windows-live-messenger.exe a variant of Win32/SoftonicDownloader.E application cleaned by deleting - quarantined
C:\System Volume Information\_restore{554313B8-FBA9-46E5-9B34-7EF33481D27D}\RP230\A0094805.exe a variant of Win32/InstallBrain.H application cleaned by deleting - quarantined
What is thy bidding? My Master?

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:09 PM

Posted 17 October 2012 - 10:21 AM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

#5 jaysnzees

jaysnzees
  • Topic Starter

  • Members
  • 310 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Illinois
  • Local time:06:09 PM

Posted 18 October 2012 - 12:00 PM

I'm attempting to run the adware cleaner. After the scan it needed to reboot and upon start up a prompt asked what program I use to open a .bat file. deleteonreboot.bat or something.

BTW-I had to disable my AVG software in order to run that, it was treated as a virus.

thoughts?
What is thy bidding? My Master?

#6 jaysnzees

jaysnzees
  • Topic Starter

  • Members
  • 310 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Illinois
  • Local time:06:09 PM

Posted 18 October 2012 - 12:02 PM

btw- i can run the junk removal tool either, seems that it can't run the "get.bat" program either. So we have a file association problem of some kind? how should I proceed?
What is thy bidding? My Master?

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:09 PM

Posted 18 October 2012 - 04:38 PM

Press Windows+R key and type

cmd and click ok and run this command

assoc.bat=batfile

If you still have issues running tools run this registry fix

http://www.dougknox.com/xp/fileassoc/batch_file_assoc.zip

Let me know if that helps

#8 jaysnzees

jaysnzees
  • Topic Starter

  • Members
  • 310 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Illinois
  • Local time:06:09 PM

Posted 18 October 2012 - 09:26 PM

Success! At least with the BAT files...

Junkware Removal Tool (JRT) by Thisisu
Version: 1.7.5 (10.18.2012)
OS: Microsoft Windows XP x86
Ran by Family on Thu 10/18/2012 at 21:10:37.79
Blog: http://thisisudax.blogspot.com
**************************************************************




*** Services: 0 Detections



*** Registry Values:

Successfully deleted: [VALUE] hkey_local_machine\software\microsoft\internet explorer\toolbar\\{9e131a93-eed7-4beb-b015-a0adb30b5646}



*** Registry Keys:

Successfully deleted: [KEY] hkey_current_user\software\microsoft\windows\currentversion\ext\stats\{000f18f2-09eb-4a59-82b2-5ae4184c39c3}
Successfully deleted: [KEY] hkey_classes_root\clsid\{3c471948-f874-49f5-b338-4f214a2ee0b1}
Successfully deleted: [KEY] hkey_current_user\software\microsoft\windows\currentversion\ext\stats\{9e131a93-eed7-4beb-b015-a0adb30b5646}



*** Files:

Successfully deleted: [FILE] C:\Program Files\coupons\Coupons.ico
Successfully deleted: [FILE] C:\Program Files\coupons\CouponsCom.url
Successfully deleted: [FILE] C:\Program Files\coupons\uninstall.exe
Successfully deleted: [FILE] C:\WINDOWS\tasks\PC Optimizer Pro startups.job



*** Folders:

Successfully deleted: [FOLDER] "C:\Program Files\coupons"



*** FireFox detected and repaired

Successfully deleted: [npCouponPrinter.dll] from [FF plugins]
Successfully deleted: [npMozCouponPrinter.dll] from [FF plugins]
Removed the following from [PREFS.JS] :

user_pref("browser.search.defaultenginename", "Claro Search");
user_pref("browser.search.order.1", "Claro Search");
user_pref("browser.search.selectedEngine", "Claro Search");


*** Event Viewer Logs - NOT cleared





**************************************************************
Scan was completed on Thu 10/18/2012 at 21:21:37.12
End of Report


# AdwCleaner v2.005 - Logfile created 10/18/2012 at 21:01:40
# Updated 14/10/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Family - DELL-GB54B81JG8
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Family\My Documents\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Deleted on reboot : C:\Documents and Settings\All Users\Application Data\pc performer manager
Deleted on reboot : C:\Program Files\Common Files\AVG Secure Search

***** [Registry] *****

Data Deleted : HKLM\..\Windows [AppInit_DLLs] = c:\docume~1\alluse~1\applic~1\pcperf~1\23759~1.138\{61d8b~1\pcpmngr.dll
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

-\\ Mozilla Firefox v13.0.1 (en-US)

Profile name : default
File : C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\24m3uttd.default\prefs.js

[OK] File is clean.

Profile name : default
File : C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\hitjag7g.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v [Unable to get version]

File : C:\Documents and Settings\Family\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [1689 octets] - [18/10/2012 21:01:40]

########## EOF - C:\AdwCleaner[S1].txt - [1749 octets] ##########

MiniToolBox by Farbar Version: 23-07-2012
Ran by Family (administrator) on 18-10-2012 at 11:27:26
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Broadcom 440x 10/100 Integrated Controller = Local Area Connection (Connected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip

Error obtaining configuration for interface Local Area Connection.



popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : dell-gb54b81jg8

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Unknown

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No

DNS Suffix Search List. . . . . . : gateway.pace.com



Ethernet adapter Local Area Connection:



Connection-specific DNS Suffix . : gateway.pace.com

Description . . . . . . . . . . . : Broadcom 440x 10/100 Integrated Controller

Physical Address. . . . . . . . . : 00-13-72-38-4E-07

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.1.64

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.1.254

DHCP Server . . . . . . . . . . . : 192.168.1.254

DNS Servers . . . . . . . . . . . : 192.168.1.254

Lease Obtained. . . . . . . . . . : Thursday, October 18, 2012 6:12:03 AM

Lease Expires . . . . . . . . . . : Friday, October 19, 2012 6:12:03 AM

Server: homeportal
Address: 192.168.1.254

Name: google.com
Addresses: 74.125.225.34, 74.125.225.35, 74.125.225.36, 74.125.225.37
74.125.225.38, 74.125.225.39, 74.125.225.40, 74.125.225.41, 74.125.225.46
74.125.225.32, 74.125.225.33



Pinging google.com [74.125.225.64] with 32 bytes of data:



Reply from 74.125.225.64: bytes=32 time=18ms TTL=55

Reply from 74.125.225.64: bytes=32 time=16ms TTL=55



Ping statistics for 74.125.225.64:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 16ms, Maximum = 18ms, Average = 17ms

Server: homeportal
Address: 192.168.1.254

Name: yahoo.com
Addresses: 98.138.253.109, 98.139.183.24, 72.30.38.140



Pinging yahoo.com [72.30.38.140] with 32 bytes of data:



Reply from 72.30.38.140: bytes=32 time=791ms TTL=52

Reply from 72.30.38.140: bytes=32 time=560ms TTL=52



Ping statistics for 72.30.38.140:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 560ms, Maximum = 791ms, Average = 675ms

Server: homeportal
Address: 192.168.1.254

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:



Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time=82ms TTL=128

Reply from 127.0.0.1: bytes=32 time=-82ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 82ms, Maximum = -82ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 13 72 38 4e 07 ...... Broadcom 440x 10/100 Integrated Controller - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.64 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
169.254.0.0 255.255.0.0 192.168.1.64 192.168.1.64 20
192.168.1.0 255.255.255.0 192.168.1.64 192.168.1.64 20
192.168.1.64 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.1.255 255.255.255.255 192.168.1.64 192.168.1.64 20
224.0.0.0 240.0.0.0 192.168.1.64 192.168.1.64 20
255.255.255.255 255.255.255.255 192.168.1.64 192.168.1.64 1
Default Gateway: 192.168.1.254
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/17/2012 07:38:45 PM) (Source: Bonjour Service) (User: )
Description: Client application bug: DNSServiceResolve(60:c5:47:d0:ab:72@fe80::62c5:47ff:fed0:ab72._apple-mobdev._tcp.local.) active for over two minutes. This places considerable burden on the network.

Error: (10/17/2012 07:35:00 PM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 24

Error: (10/17/2012 07:35:00 PM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 23

Error: (10/17/2012 07:35:00 PM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 22

Error: (10/17/2012 07:35:00 PM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 21

Error: (10/17/2012 07:35:00 PM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 20

Error: (10/17/2012 07:35:00 PM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 19

Error: (10/17/2012 07:35:00 PM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 18

Error: (10/17/2012 07:35:00 PM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 17

Error: (10/17/2012 07:35:00 PM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 16


System errors:
=============
Error: (10/17/2012 06:12:56 PM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for the Roxio Hard Drive Watcher 12 service to connect.

Error: (10/17/2012 06:12:56 PM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5

Error: (10/17/2012 06:12:56 PM) (Source: Service Control Manager) (User: )
Description: The Zune Bus Enumerator Driver service failed to start due to the following error:
%%2

Error: (10/17/2012 11:29:57 AM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for the Roxio Hard Drive Watcher 12 service to connect.

Error: (10/17/2012 11:29:57 AM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5

Error: (10/17/2012 11:29:57 AM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5

Error: (10/17/2012 11:29:57 AM) (Source: Service Control Manager) (User: )
Description: The Zune Bus Enumerator Driver service failed to start due to the following error:
%%2

Error: (10/17/2012 10:22:37 AM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for the Roxio Hard Drive Watcher 12 service to connect.

Error: (10/17/2012 10:22:37 AM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5

Error: (10/17/2012 10:22:37 AM) (Source: Service Control Manager) (User: )
Description: The Zune Bus Enumerator Driver service failed to start due to the following error:
%%2


Microsoft Office Sessions:
=========================
Error: (10/17/2012 07:38:45 PM) (Source: Bonjour Service)(User: )
Description: Client application bug: DNSServiceResolve(60:c5:47:d0:ab:72@fe80::62c5:47ff:fed0:ab72._apple-mobdev._tcp.local.) active for over two minutes. This places considerable burden on the network.

Error: (10/17/2012 07:35:00 PM) (Source: Bonjour Service)(User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 24

Error: (10/17/2012 07:35:00 PM) (Source: Bonjour Service)(User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 23

Error: (10/17/2012 07:35:00 PM) (Source: Bonjour Service)(User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 22

Error: (10/17/2012 07:35:00 PM) (Source: Bonjour Service)(User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 21

Error: (10/17/2012 07:35:00 PM) (Source: Bonjour Service)(User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 20

Error: (10/17/2012 07:35:00 PM) (Source: Bonjour Service)(User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 19

Error: (10/17/2012 07:35:00 PM) (Source: Bonjour Service)(User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 18

Error: (10/17/2012 07:35:00 PM) (Source: Bonjour Service)(User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 17

Error: (10/17/2012 07:35:00 PM) (Source: Bonjour Service)(User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 16


=========================== Installed Programs ============================

7-Zip 9.20
Adobe AIR (Version: 3.4.0.2540)
Adobe Flash Player 11 ActiveX (Version: 11.4.402.287)
Adobe Flash Player 11 Plugin (Version: 11.4.402.287)
Adobe Reader X (10.1.4) (Version: 10.1.4)
Adobe Shockwave Player 11.6 (Version: 11.6.4.634)
AMR to MP3 Converter 1.4
Any Audio Converter 3.3.8
Any Video Converter 3.3.4
Apple Application Support (Version: 2.2.2)
Apple Mobile Device Support (Version: 6.0.0.59)
Apple Software Update (Version: 2.1.3.127)
AVG 2013 (Version: 13.0.2614)
AVG 2013 (Version: 13.0.2741)
AVG 2013 (Version: 2013.0.2741)
AVIcodec (remove only)
Bonjour (Version: 3.0.0.10)
Broadcom 440x 10/100 Integrated Controller (Version: 10.04.01)
CCleaner (Version: 3.14)
Cobian Backup 10
Conexant D850 56K V.9x DFVc Modem
Coupon Printer for Windows (Version: 5.0.0.0)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
ESET Online Scanner v3
eSupport UndeletePlus 3.0.3.521
Google Earth (Version: 6.2.2.6613)
Google Update Helper (Version: 1.3.21.123)
High Definition Audio Driver Package - KB835221 (Version: 20040219.000000)
HP Deskjet 1050 J410 series Basic Device Software (Version: 22.50.231.0)
HP Deskjet 1050 J410 series Help (Version: 140.0.66.66)
HP Deskjet 1050 J410 series Product Improvement Study (Version: 22.50.231.0)
HP Deskjet 2050 J510 series Basic Device Software (Version: 22.50.231.0)
HP Deskjet 2050 J510 series Help (Version: 140.0.61.61)
HP Deskjet 2050 J510 series Product Improvement Study (Version: 22.50.231.0)
HP Photo Creations (Version: 1.0.0.3781)
HP Update (Version: 5.002.006.003)
InstaCodecs (Version: 1.0)
InstallIQ Updater (Version: 1.4.3.0)
iTunes (Version: 10.7.0.21)
Java 7 Update 7 (Version: 7.0.70)
Java Auto Updater (Version: 2.1.9.0)
JavaFX 2.1.1 (Version: 2.1.1)
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
McAfee Security Scan Plus (Version: 2.0.181.2)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Flight Simulator X (Version: 10.0.60905)
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft Office 2000 SR-1 Disc 2 (Version: 9.00.3821)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft Software Update for Web Folders (English) 14 (Version: 14.0.6029.1000)
Microsoft User-Mode Driver Framework Feature Pack 1.9
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft WinUsb 1.0
MiniLyrics
Mozilla Firefox 13.0.1 (x86 en-US) (Version: 13.0.1)
Mozilla Maintenance Service (Version: 13.0.1)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
NoteWorthy Composer 2 (Version: Demo Version 2.1)
NoteWorthy Composer 2 Viewer (Version: Version 2.5.4)
NVIDIA Drivers (Version: 1.10.57.35)
Pando Media Booster (Version: 2.6.0.7)
Recuva (Version: 1.43)
Roxio BackOnTrack (Version: 4.0)
Roxio BackOnTrackPE (Version: 4.0)
Roxio Burn - Secure (Version: 1.6)
Roxio CinePlayer (Version: 5.6)
Roxio CinePlayer Decoder Pack (Version: 4.3.0)
Roxio Creator 2011 Pro (Version: 1.3.166)
Roxio Creator 2011 Pro (Version: 13.0)
Roxio Creator 2011 Pro (Version: 6.0.0)
Roxio PhotoShow (Version: 6.0)
Roxio Video Capture USB (Version: 1.22.0000)
SavetheChildren Reminder by We-Care.com v4.1.18.4 (Version: 4.1.18.4)
SigmaTel Audio (Version: 5.10.4820.0)
SmartSound Common Data (Version: 1.1.0)
Snapple Calendar (Version: 1.0.0)
Star Trek Online
SUPERAntiSpyware (Version: 5.0.1146)
SuperMegaSpoof 2.0
swMSM (Version: 12.0.0.1)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598289) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Windows Internet Explorer 8 (KB2598845) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2661254-v2) (Version: 2)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB2736233) (Version: 1)
Update for Windows XP (KB2749655) (Version: 1)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
VLC media player 1.1.11 (Version: 1.1.11)
WebFldrs XP (Version: 9.50.6513)
Winamp (Version: 5.63 )
Winamp Detector Plug-in (Version: 1.0.0.1)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Media Format 11 runtime
Windows XP Service Pack 3 (Version: 20080414.031525)
WinZip 16.5 (Version: 16.5.10095)

========================= Memory info: ===================================

Percentage of memory in use: 22%
Total physical RAM: 3518.42 MB
Available physical RAM: 2721.01 MB
Total Pagefile: 5400.89 MB
Available Pagefile: 4787.41 MB
Total Virtual: 2047.88 MB
Available Virtual: 1967.57 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:232.88 GB) (Free:156.08 GB) NTFS

========================= Users: ========================================

User accounts for \\DELL-GB54B81JG8

Administrator Family Guest
HelpAssistant Owner SUPPORT_388945a0
test

========================= Restore Points ==================================

21-07-2012 12:08:44 System Checkpoint
22-07-2012 12:25:32 System Checkpoint
23-07-2012 15:47:53 System Checkpoint
24-07-2012 14:36:27 Installed Asoftech Data Recovery
24-07-2012 15:55:12 Removed Asoftech Data Recovery
25-07-2012 22:44:41 System Checkpoint
27-07-2012 02:23:52 System Checkpoint
27-07-2012 04:20:08 Removed BabylonObjectInstaller
28-07-2012 04:51:00 System Checkpoint
29-07-2012 05:28:02 System Checkpoint
30-07-2012 05:51:02 System Checkpoint
31-07-2012 06:06:57 System Checkpoint
01-08-2012 06:25:39 System Checkpoint
02-08-2012 06:31:30 System Checkpoint
03-08-2012 09:20:38 System Checkpoint
04-08-2012 09:51:04 System Checkpoint
05-08-2012 10:50:05 System Checkpoint
06-08-2012 11:14:04 System Checkpoint
07-08-2012 11:51:09 System Checkpoint
08-08-2012 12:20:15 System Checkpoint
09-08-2012 12:30:31 System Checkpoint
10-08-2012 12:57:26 System Checkpoint
11-08-2012 13:42:14 System Checkpoint
12-08-2012 14:47:51 System Checkpoint
13-08-2012 22:06:02 System Checkpoint
15-08-2012 03:20:00 System Checkpoint
15-08-2012 09:00:37 Software Distribution Service 3.0
16-08-2012 09:30:38 System Checkpoint
17-08-2012 10:31:11 System Checkpoint
18-08-2012 11:30:37 System Checkpoint
19-08-2012 12:31:43 System Checkpoint
20-08-2012 13:29:59 System Checkpoint
21-08-2012 13:31:04 System Checkpoint
22-08-2012 14:29:59 System Checkpoint
23-08-2012 16:12:44 System Checkpoint
24-08-2012 16:30:00 System Checkpoint
25-08-2012 16:33:11 System Checkpoint
26-08-2012 18:58:33 System Checkpoint
27-08-2012 23:09:03 System Checkpoint
28-08-2012 23:42:12 System Checkpoint
30-08-2012 02:29:04 System Checkpoint
31-08-2012 02:48:13 System Checkpoint
01-09-2012 03:11:51 System Checkpoint
02-09-2012 06:23:03 System Checkpoint
03-09-2012 06:52:01 System Checkpoint
04-09-2012 09:28:08 System Checkpoint
05-09-2012 10:03:38 System Checkpoint
06-09-2012 10:51:38 System Checkpoint
07-09-2012 11:52:46 System Checkpoint
08-09-2012 12:16:06 System Checkpoint
09-09-2012 12:28:06 System Checkpoint
09-09-2012 12:55:57 Removed Java™ 7 Update 5
09-09-2012 12:56:25 Installed Java 7 Update 7
10-09-2012 13:39:25 System Checkpoint
11-09-2012 16:27:51 System Checkpoint
12-09-2012 09:00:32 Software Distribution Service 3.0
13-09-2012 09:27:38 System Checkpoint
14-09-2012 10:24:29 System Checkpoint
15-09-2012 10:52:44 System Checkpoint
16-09-2012 11:40:44 System Checkpoint
17-09-2012 11:45:03 System Checkpoint
18-09-2012 12:52:01 System Checkpoint
20-09-2012 01:46:13 System Checkpoint
21-09-2012 02:56:07 System Checkpoint
22-09-2012 04:17:07 System Checkpoint
22-09-2012 09:00:23 Software Distribution Service 3.0
23-09-2012 15:58:44 System Checkpoint
24-09-2012 23:07:32 System Checkpoint
25-09-2012 23:07:53 System Checkpoint
27-09-2012 00:06:49 System Checkpoint
28-09-2012 00:18:16 System Checkpoint
29-09-2012 13:14:54 System Checkpoint
29-09-2012 13:51:40 Removed Windows Live Upload Tool
29-09-2012 13:52:22 Removed Windows Live Sign-in Assistant
30-09-2012 14:14:05 System Checkpoint
01-10-2012 15:06:16 System Checkpoint
02-10-2012 16:06:16 System Checkpoint
05-10-2012 00:43:42 System Checkpoint
06-10-2012 04:03:58 System Checkpoint
07-10-2012 04:28:41 System Checkpoint
08-10-2012 05:14:04 System Checkpoint
09-10-2012 06:07:27 System Checkpoint
10-10-2012 06:22:20 System Checkpoint
10-10-2012 09:00:27 Software Distribution Service 3.0
10-10-2012 15:01:03 Removed AVG Free 8.5
10-10-2012 15:02:13 Installed AVG Free 8.5
10-10-2012 15:51:58 Installed AVG 2013
10-10-2012 15:52:24 Installed AVG 2013
12-10-2012 01:12:34 System Checkpoint
13-10-2012 01:16:07 System Checkpoint
14-10-2012 03:30:11 System Checkpoint
15-10-2012 04:24:05 System Checkpoint
16-10-2012 04:30:16 System Checkpoint
17-10-2012 06:14:00 System Checkpoint
18-10-2012 06:16:26 System Checkpoint

**** End of log ****

Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2012.10.18.05

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Family :: DELL-GB54B81JG8 [administrator]

10/18/2012 9:25:37 AM
mbam-log-2012-10-18 (09-25-37).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 389485
Time elapsed: 1 hour(s), 27 minute(s), 27 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

Farbar Service Scanner Version: 07-10-2012
Ran by Family (administrator) on 18-10-2012 at 11:33:12
Running from "C:\Documents and Settings\Family\My Documents\Downloads"
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
AegisP(8) Avgtdix(9) Gpc(3) IPSec(5) NetBT(6) PSched(7) Tcpip(4)
0x09000000050000000100000002000000030000000400000009000000060000000700000008000000
IpSec Tag value is correct.

**** End of log ****
What is thy bidding? My Master?

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:09 PM

Posted 18 October 2012 - 09:33 PM

Do you still have claro search? which browser?

Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#10 jaysnzees

jaysnzees
  • Topic Starter

  • Members
  • 310 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Illinois
  • Local time:06:09 PM

Posted 18 October 2012 - 10:24 PM

Yes, Still have Claro as my homepage. nothing has been changed as far as I can see.


"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files\common files\adobe\arm\1.0\adobearm.exe"
+ "APSDaemon" "Apple Push" "Apple Inc." "c:\program files\common files\apple\apple application support\apsdaemon.exe"
+ "AVG_UI" "AVG User Interface" "AVG Technologies CZ, s.r.o." "c:\program files\avg\avg2013\avgui.exe"
+ "CPMonitor" "CPMonitor Application" "" "c:\program files\roxio 2011\5.0\cpmonitor.exe"
+ "Desktop Disc Tool" "Roxio Burn Launcher" "" "c:\program files\roxio 2011\roxio burn\roxioburnlauncher.exe"
+ "iTunesHelper" "iTunesHelper" "Apple Inc." "c:\program files\itunes\ituneshelper.exe"
+ "NvCplDaemon" "NVIDIA Display Properties Extension" "NVIDIA Corporation" "c:\windows\system32\nvcpl.dll"
+ "NvMediaCenter" "NVIDIA Media Center Library" "NVIDIA Corporation" "c:\windows\system32\nvmctray.dll"
+ "ROC_ROC_NT" "" "" "File not found: C:\Program Files\AVG Secure Search\ROC_ROC_NT.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files\common files\java\java update\jusched.exe"
+ "vProt" "" "" "File not found: C:\Program Files\AVG Secure Search\vprot.exe"
+ "WinampAgent" "Winamp Agent" "Nullsoft, Inc." "c:\program files\winamp\winampa.exe"
"C:\Documents and Settings\All Users\Start Menu\Programs\Startup" "" "" ""
+ "McAfee Security Scan Plus.lnk" "McAfee Security Scanner Scheduler" "McAfee, Inc." "c:\program files\mcafee security scan\2.0.181\ssscheduler.exe"
"C:\Documents and Settings\Family\Start Menu\Programs\Startup" "" "" ""
+ "SnappleCalendar.lnk" "" "" "c:\program files\snapplecalendar\snapplecalendar.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Address Book 6" "Outlook Express Setup Library" "Microsoft Corporation" "c:\program files\outlook express\setup50.exe"
+ "Microsoft Outlook Express 6" "Outlook Express Setup Library" "Microsoft Corporation" "c:\program files\outlook express\setup50.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "msnmsgr" "" "" "File not found: C:\Program Files\Windows Live\Messenger\msnmsgr.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office14\msoxmlmf.dll"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "ms-help" "Microsoft® Help Data Services Module" "Microsoft Corporation" "c:\program files\common files\microsoft shared\help\hxds.dll"
"HKCU\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components" "" "" ""
+ "0" "" "" "File not found: About:Home"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" "" "" ""
+ "Groove GFS Stub Execution Hook" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "SABShellExecuteHook Class" "ShellExecuteHook" "SuperAdBlocker.com" "c:\program files\superantispyware\sasseh.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "AVG Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:\program files\avg\avg2013\avgse.dll"
+ "SASContextMenu Class" "SUPERAntiSpyware Context Menu Extension" "SUPERAntiSpyware.com" "c:\program files\superantispyware\sasctxmn.dll"
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files\winzip\wzshlstb.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files\7-zip\7-zip.dll"
+ "SASContextMenu Class" "SUPERAntiSpyware Context Menu Extension" "SUPERAntiSpyware.com" "c:\program files\superantispyware\sasctxmn.dll"
+ "UltraISO" "ISOShell" "EZB Systems, Inc." "c:\program files\ultraiso\isoshell.dll"
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files\winzip\wzshlstb.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files\7-zip\7-zip.dll"
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files\winzip\wzshlstb.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "00nView" "NVIDIA Desktop Explorer, Version 110.49 " "NVIDIA Corporation" "c:\windows\system32\nvshell.dll"
+ "NvCplDesktopContext" "NVIDIA Display Properties Extension" "NVIDIA Corporation" "c:\windows\system32\nvcpl.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "AVG Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:\program files\avg\avg2013\avgse.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
+ "RXDCExtSvr13" "Roxio Creator Shell Extension" "Sonic Solutions" "c:\program files\roxio 2011\virtual drive\dc_shellext.dll"
+ "UltraISO" "ISOShell" "EZB Systems, Inc." "c:\program files\ultraiso\isoshell.dll"
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files\winzip\wzshlstb.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files\winzip\wzshlstb.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2 (GFS Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 3 (GFS Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Groove GFS Browser Helper" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files\java\jre7\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files\java\jre7\bin\ssv.dll"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files\microsoft office\office14\urlredir.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "OneNote Lin&ked Notes" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnielinkednotes.dll"
+ "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnie.dll"
+ "Windows Messenger" "Windows Messenger" "Microsoft Corporation" "c:\program files\messenger\msmsgs.exe"
"Task Scheduler" "" "" ""
+ "Adobe Flash Player Updater.job" "Adobe® Flash® Player Update Service 11.4 r402" "Adobe Systems Incorporated" "c:\windows\system32\macromed\flash\flashplayerupdateservice.exe"
+ "AppleSoftwareUpdate.job" "Apple Software Update" "Apple Inc." "c:\program files\apple software update\softwareupdate.exe"
+ "GoogleUpdateTaskMachineCore.job" "Google Installer" "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "GoogleUpdateTaskMachineUA.job" "Google Installer" "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "PC Optimizer Pro startups.job" "" "" "File not found: C:\Program Files\PC Optimizer Pro\StartApps.exe -sm"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "!SASCORE" "SUPERAntiSpyware Core Service" "SUPERAntiSpyware.com" "c:\program files\superantispyware\sascore.exe"
+ "9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269" "SaibSVC Application" "" "c:\program files\roxio\backontrack\app\saibsvc.exe"
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\system32\macromed\flash\flashplayerupdateservice.exe"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "AppMgmt" "Provides software installation services such as Assign, Publish, and Remove." "" "File not found: C:\WINDOWS\System32\appmgmts.dll"
+ "AVGIDSAgent" "Provides Identity Protection Against Cyber Crime." "AVG Technologies CZ, s.r.o." "c:\program files\avg\avg2013\avgidsagent.exe"
+ "avgwd" "AVG Watchdog Service" "AVG Technologies CZ, s.r.o." "c:\program files\avg\avg2013\avgwdsvc.exe"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"
+ "BOT4Service" "" "" "c:\program files\roxio\backontrack\app\bservice.exe"
+ "cbVSCService" "Cobian Backup Boletus VSC service" "CobianSoft, Luis Cobian" "c:\program files\cobian backup 10\cbvscservice.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "IDriverT" "Provides support for the Running Object Table for InstallShield Drivers" "Macrovision Corporation" "c:\program files\common files\installshield\driver\11\intel 32\idrivert.exe"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "JavaQuickStarterService" "Prefetches JRE files for faster startup of Java applets and applications" "Oracle Corporation" "c:\program files\java\jre7\bin\jqs.exe"
+ "McciCMService" "mcci+McciCMService" "Alcatel-Lucent" "c:\program files\common files\motive\mccicmservice.exe"
+ "McComponentHostService" "McAfee Security Scan Component Host Service" "McAfee, Inc." "c:\program files\mcafee security scan\2.0.181\mcchsvc.exe"
+ "Microsoft SharePoint Workspace Audit Service" "Microsoft SharePoint Workspace" "Microsoft Corporation" "c:\program files\microsoft office\office14\groove.exe"
+ "MozillaMaintenance" "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled." "Mozilla Foundation" "c:\program files\mozilla maintenance service\maintenanceservice.exe"
+ "NVSvc" "Provides system and desktop level support to the NVIDIA display driver" "NVIDIA Corporation" "c:\windows\system32\nvsvc32.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files\common files\microsoft shared\source engine\ose.exe"
+ "osppsvc" "Office Software Protection Platform Service (unlocalized description)" "Microsoft Corporation" "c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe"
+ "RoxMediaDB13" "Roxio RoxMediaDB13 Service" "Sonic Solutions" "c:\program files\common files\roxio shared\13.0\sharedcom\roxmediadb13.exe"
+ "RoxWatch12" "RoxWatch12 Module" "Sonic Solutions" "c:\program files\common files\roxio shared\13.0\sharedcom\roxwatch13.exe"
+ "vToolbarUpdater12.2.6" "ToolbarU Application" "" "c:\program files\common files\avg secure search\vtoolbarupdater\12.2.6\toolbarupdater.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AegisP" "AEGIS Protocol (IEEE 802.1x) v3.2.0.3" "Meetinghouse Data Communications" "c:\windows\system32\drivers\aegisp.sys"
+ "AR5523" "" "" "File not found: system32\DRIVERS\WG11TND5.sys"
+ "AVGIDSDriver" "AVG Technologies IDS Application Activity Monitor Driver" "AVG Technologies CZ, s.r.o. " "c:\windows\system32\drivers\avgidsdriverx.sys"
+ "AVGIDSHX" "AVG Technologies IDS Application Activity Monitor Helper Driver" "AVG Technologies CZ, s.r.o. " "c:\windows\system32\drivers\avgidshx.sys"
+ "AVGIDSShim" "AVG Technologies IDS Application Activity Monitor Shim Loader Driver" "AVG Technologies CZ, s.r.o. " "c:\windows\system32\drivers\avgidsshimx.sys"
+ "Avgldx86" "AVG AVI Loader Driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgldx86.sys"
+ "Avglogx" "AVG Logging Driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avglogx.sys"
+ "Avgmfx86" "AVG Resident Shield Minifilter Driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgmfx86.sys"
+ "Avgrkx86" "AVG Anti-Rootkit Driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgrkx86.sys"
+ "Avgtdix" "AVG Network connection watcher" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgtdix.sys"
+ "avgtp" "" "AVG Technologies" "c:\windows\system32\drivers\avgtpx86.sys"
+ "bcm4sbxp" "Broadcom Corporation NDIS 5.1 ethernet driver" "Broadcom Corporation" "c:\windows\system32\drivers\bcm4sbxp.sys"
+ "Changer" "" "" "File not found: C:\WINDOWS\System32\Drivers\Changer.sys"
+ "DNINDIS5" "PCAUSA NDIS 5.0 Protocol Driver" "Printing Communications Assoc., Inc. (PCAUSA)" "c:\windows\system32\dnindis5.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "HDAudBus" "High Definition Audio Bus Driver v1.0a" "Windows ® Server 2003 DDK provider" "c:\windows\system32\drivers\hdaudbus.sys"
+ "HSF_DP" "HSF_DP driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\hsf_dp.sys"
+ "HSFHWBS2" "HSF_HWB2 WDM driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\hsfhwbs2.sys"
+ "i2omgmt" "" "" "File not found: C:\WINDOWS\System32\Drivers\i2omgmt.sys"
+ "lbrtfdc" "" "" "File not found: C:\WINDOWS\System32\Drivers\lbrtfdc.sys"
+ "mdmxsdk" "Diagnostic Interface DRIVER" "Conexant" "c:\windows\system32\drivers\mdmxsdk.sys"
+ "MREMP50" "PCAUSA NDIS 5.0 MPR Protocol Driver" "Printing Communications Assoc., Inc. (PCAUSA)" "c:\program files\common files\motive\mremp50.sys"
+ "MRESP50" "PCAUSA NDIS 5.0 SPR Protocol Driver" "Printing Communications Assoc., Inc. (PCAUSA)" "c:\program files\common files\motive\mresp50.sys"
+ "nv" "NVIDIA Compatible Windows 2000 Miniport Driver, Version 91.48 " "NVIDIA Corporation" "c:\windows\system32\drivers\nv4_mini.sys"
+ "nvgts" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvgts.sys"
+ "PCIDump" "" "" "File not found: C:\WINDOWS\System32\Drivers\PCIDump.sys"
+ "PDCOMP" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDCOMP.sys"
+ "PDFRAME" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDFRAME.sys"
+ "PDRELI" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDRELI.sys"
+ "PDRFRAME" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDRFRAME.sys"
+ "Ptilink" "Direct Parallel Link Driver" "Parallel Technologies, Inc." "c:\windows\system32\drivers\ptilink.sys"
+ "PxHelp20" "Px Engine Device Driver for Windows 2000/XP" "Sonic Solutions" "c:\windows\system32\drivers\pxhelp20.sys"
+ "SahdIa32" "Disk Filter Driver" "Sonic Solutions" "c:\windows\system32\drivers\sahdia32.sys"
+ "SaibIa32" "Disk Filter Driver" "Sonic Solutions" "c:\windows\system32\drivers\saibia32.sys"
+ "SaibVd32" "FileDisk Virtual Disk Driver" "Sonic Solutions" "c:\windows\system32\drivers\saibvd32.sys"
+ "SASDIFSV" "SASDIFSV.SYS" "SUPERAdBlocker.com and SUPERAntiSpyware.com" "c:\program files\superantispyware\sasdifsv.sys"
+ "SASKUTIL" "SASKUTIL.SYS" "SUPERAdBlocker.com and SUPERAntiSpyware.com" "c:\program files\superantispyware\saskutil.sys"
+ "Secdrv" "SafeDisc driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "STHDA" "NDRC" "SigmaTel, Inc." "c:\windows\system32\drivers\sthda.sys"
+ "USBAAPL" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl.sys"
+ "WDICA" "" "" "File not found: C:\WINDOWS\System32\Drivers\WDICA.sys"
+ "winachsf" "HSF_CNXT driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\hsf_cnxt.sys"
+ "zumbus" "" "" "File not found: system32\DRIVERS\zumbus.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
+ "msacm.sl_anet" "Audio codec for MS ACM" "Sipro Lab Telecom Inc." "c:\windows\system32\sl_anet.acm"
+ "msacm.trspch" "DSP Group TrueSpeech™ Audio Codec for MSACM V3.50" "DSP GROUP, INC." "c:\windows\system32\tssoft32.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\system32\iccvid.dll"
+ "VIDC.FFDS" "" "" "c:\windows\system32\ff_vfw.dll"
+ "vidc.iv31" "" "" "c:\windows\system32\ir32_32.dll"
+ "vidc.iv32" "" "" "c:\windows\system32\ir32_32.dll"
"HKLM\Software\Classes\Filter" "" "" ""
+ "LAME Audio Encoder" "LAME Audio Encoder" "" "c:\program files\instacodecs\lame.ax"
+ "LAME Audio Encoder" "LAME Audio Encoder" "" "c:\program files\instacodecs\lame.ax"
+ "Sonic MP4 Demultiplexer" "MP4 Demultiplexer Direct Show Filter" "Sonic Solutions Inc." "c:\program files\common files\sonic shared\sonicmc02\roxio86_demux_mp4_ds.ax"
+ "Sonic MP4 Demultiplexer" "MP4 Demultiplexer Direct Show Filter" "Sonic Solutions Inc." "c:\program files\common files\sonic shared\sonicmc02\roxio86_demux_mp4_ds.ax"
+ "Sonic MPEG Demultiplexer" "MPEG-1/2 Demultiplexer" "Sonic Solutions Inc." "c:\program files\common files\sonic shared\sonicmc02\roxio86_demux_mp2_ds.ax"
+ "Sonic MPEG Demultiplexer" "MPEG-1/2 Demultiplexer" "Sonic Solutions Inc." "c:\program files\common files\sonic shared\sonicmc02\roxio86_demux_mp2_ds.ax"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "9x8Resize" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "ACELP.net Audio Decoder" "ACELP.net Audio Decoder" "Sipro Lab Telecom Inc." "c:\windows\system32\acelpdec.ax"
+ "Allocator Fix" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "AMR Writer" "Roxio AMR Writer Filter" "Sonic Solutions" "c:\program files\roxio 2011\audiocodec\rxdsamrwriter.dll"
+ "Audio Destination" "WAVDest Filter (Sample)" "Microsoft Corporation" "c:\program files\google\google earth\client\wavdest.ax"
+ "Bitmap" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "ffdshow Audio Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\instacodecs\ffdshow.ax"
+ "ffdshow Audio Processor" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\instacodecs\ffdshow.ax"
+ "ffdshow raw video filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\instacodecs\ffdshow.ax"
+ "ffdshow subtitles filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\instacodecs\ffdshow.ax"
+ "ffdshow Video Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\instacodecs\ffdshow.ax"
+ "Frame Eater" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Half Size to Stereo" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio 2011\videocore\roxvideo.ax"
+ "JX_2Dto3D_Filter" "Sonic3DConverter Dynamic Link Library" "" "c:\program files\roxio 2011\videocore\jx2dto3dfilter\jx_2dto3d_filter.ax"
+ "LAME Audio Encoder" "LAME Audio Encoder" "" "c:\program files\instacodecs\lame.ax"
+ "LVMWriter" "LVMWriter" "Sonic Solutions" "c:\program files\roxio 2011\videocore\lvmwriter.ax"
+ "MainConcept (Sonic) DV Video Decoder" "DirectShow DV Video Encoder and Decoder" "MainConcept AG (Sonic)" "c:\program files\roxio 2011\videocore\sonicmcdsdv.ax"
+ "MainConcept (Sonic) DV Video Encoder" "DirectShow DV Video Encoder and Decoder" "MainConcept AG (Sonic)" "c:\program files\roxio 2011\videocore\sonicmcdsdv.ax"
+ "Media Analyser" "analyse Filter (Sample)" "Sonic Solutions" "c:\program files\roxio 2011\videocore\mediaanalyser.ax"
+ "Menu Source Bitmap Filter" "Roxio Menu DShow Filter" "Sonic Solutions" "c:\program files\roxio 2011\video convert\menudshowsource13.ax"
+ "MPEG Layer-3 Decoder" "MPEG Layer-3 Audio Decoder" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codecx.ax"
+ "PSI Parser" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio 2011\videocore\roxvideo.ax"
+ "Record Queue" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "ROXIO AC3 (5.1) Encoder" "AC3Encoder Filter" "Sonic Solutions, Inc." "c:\program files\common files\sonic shared\plugincodecs\roxioac3encemc13.dll"
+ "Roxio AMR Splitter" "Roxio AMR Splitter Filter" "Sonic Solutions" "c:\program files\roxio 2011\audiocodec\rxdsamrsplitter.ax"
+ "Roxio Anaglyph to Stereo" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio 2011\videocore\roxvideo.ax"
+ "ROXIO Audio Source 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files\roxio 2011\videocore\roxaudio.ax"
+ "Roxio Audio Source Filter" "Roxio Audio Source Filter" "Sonic Solutions" "c:\program files\roxio 2011\audiocodec\rxdsaudiosource.ax"
+ "Roxio Audio Stream Reader Filter" "Roxio Audio Stream Reader Filter" "Sonic Solutions" "c:\program files\roxio 2011\audiocodec\rxdsaudiostreamreader.ax"
+ "Roxio Audio Stream Writer Filter" "Roxio Audio Stream Writer Filter" "Sonic Solutions" "c:\program files\roxio 2011\audiocodec\rxdsaudiostreamwriter.ax"
+ "ROXIO Audio VCFChunker 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files\roxio 2011\videocore\roxaudio.ax"
+ "ROXIO Audio VCFLooper 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files\roxio 2011\videocore\roxaudio.ax"
+ "ROXIO AudioConvert 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files\roxio 2011\videocore\roxaudio.ax"
+ "ROXIO AudioGrabber 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio 2011\videocore\roxvideo.ax"
+ "ROXIO BDAV Smart Render 1.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio 2011\videocore\roxvideo.ax"
+ "ROXIO ColorSpace Converter 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio 2011\videocore\roxvideo.ax"
+ "ROXIO CPU Regulator" "CPURegulator.ax" "Sonic Solutions" "c:\program files\roxio 2011\videocore\cpuregulator.ax"
+ "ROXIO CrossGraphEx Renderer 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio 2011\videocore\roxvideo.ax"
+ "ROXIO CrossGraphEx Source 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio 2011\videocore\roxvideo.ax"
+ "roxio DCFilters Audio Sync Filter 2 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\13.0\dllshared\dcfilters13.dll"
+ "roxio DCFilters Dragons Lair 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\13.0\dllshared\dcfilters13.dll"
+ "roxio DCFilters DVD Muxer 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\13.0\dllshared\dcfilters13.dll"
+ "roxio DCFilters DVDStream Reader 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\13.0\dllshared\dcfilters13.dll"
+ "roxio DCFilters DVDStream Splitter 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\13.0\dllshared\dcfilters13.dll"
+ "roxio DCFilters Mpeg I/II Decoder 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\13.0\dllshared\dcfilters13.dll"
+ "roxio DCFilters MPEG Transcoder" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\13.0\dllshared\dcfilters13.dll"
+ "roxio DCFilters Smart Resizer 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\13.0\dllshared\dcfilters13.dll"
+ "roxio DCFilters Subpicture Mixer 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\13.0\dllshared\dcfilters13.dll"
+ "ROXIO Deinterlace 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio 2011\videocore\roxvideo.ax"
+ "ROXIO DV Scene Detector Tee 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio 2011\videocore\roxvideo.ax"
+ "ROXIO DVDCrossGraphEx Renderer 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio 2011\videocore\roxvideo.ax"
+ "ROXIO DVDCrossGraphEx Source 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio 2011\videocore\roxvideo.ax"
+ "ROXIO Field Combiner 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio 2011\videocore\roxvideo.ax"
+ "ROXIO Field Splitter 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio 2011\videocore\roxvideo.ax"
+ "Roxio File Writer Wrapper" "Roxio File Writer Wrapper" "Sonic Solutions" "c:\program files\roxio 2011\videocore\roxfilewriterwrapper.ax"
+ "ROXIO FLV Splitter" "FLV Splitter" "Sonic Solutions" "c:\program files\roxio 2011\videocore\roxflvsplitter.ax"
+ "Roxio FLV Video Decoder" "Roxio FLV Decoder" "Sonic Solutions" "c:\program files\roxio 2011\videocore\roxflvdecoder.ax"
+ "ROXIO Image/Colour Source 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio 2011\videocore\roxvideo.ax"
+ "ROXIO ListImage Source 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio 2011\videocore\roxvideo.ax"
+ "ROXIO LPCMSyncFilter" "LPCMSync Filter" "Sonic Solutions" "c:\program files\common files\roxio shared\13.0\mpeg\lpcmsyncfilter.dll"
+ "Roxio LVM File Source (Async.)" "LVMAsync" "Sonic Solutions" "c:\program files\roxio 2011\videocore\lvmasync.ax"
+ "ROXIO MKV Source" "MKV Splitter" "Sonic Solutions" "c:\program files\roxio 2011\videocore\roxmkvsplitter.ax"
+ "ROXIO MKV Splitter" "MKV Splitter" "Sonic Solutions" "c:\program files\roxio 2011\videocore\roxmkvsplitter.ax"
+ "Roxio Mp3 Encoder (SC)" "Roxio Audio Codec DLL" "Sonic Solutions" "c:\program files\roxio 2011\audiocodec\rxdsmp3encoder.ax"
+ "Roxio MPEG Analyzer Filter" "MPEG File Analyzer Dynamic Link Library" "Sonic Solutions" "c:\program files\common files\roxio shared\13.0\mpeg\roxiompegprop.dll"
+ "Roxio MPEG Stream Analyzer" "Roxio MPEG Stream Splitter" "Sonic Solutions" "c:\program files\common files\roxio shared\13.0\mpeg\mpegstreamanalyzer.dll"
+ "Roxio MPEG1 Audio Encoder" "ROXIO MPEG Audio Encoder" "Sonic Solutions" "c:\program files\common files\roxio shared\13.0\mpeg\roxioaudioenc.dll"
+ "Roxio MPEG1 Encoder" "ROXIO MPEG1 Codec" "Sonic Solutions" "c:\program files\common files\roxio shared\13.0\mpeg\mpeg1vidcodec.dll"
+ "Roxio MPEG1 Muxer" "ROXIO MPEG MUXER" "Sonic Solutions" "c:\program files\common files\roxio shared\13.0\mpeg\mpeg1muxer.dll"
+ "Roxio MPEG2 Demuxer" "ROXIO MPEG Demuxer" "Sonic Solutions" "c:\program files\common files\roxio shared\13.0\mpeg\roxiompegdemuxer.dll"
+ "Roxio MPEG2 Encoder" "ROXIO MPEG2 Codec" "Sonic Solutions" "c:\program files\common files\roxio shared\13.0\mpeg\mpeg2vidcodec.dll"
+ "Roxio MPEG2 Muxer" "ROXIO MPEG MUXER" "Sonic Solutions" "c:\program files\common files\roxio shared\13.0\mpeg\mpeg2muxer.dll"
+ "Roxio MPEG2 Video Decoder" "ROXIO MPEG2 Codec" "Sonic Solutions" "c:\program files\common files\roxio shared\13.0\mpeg\mpeg2vidcodec.dll"
+ "ROXIO Pan Zoom 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio 2011\videocore\roxvideo.ax"
+ "ROXIO Pin Tee" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio 2011\videocore\roxvideo.ax"
+ "Roxio Plasma CrossGraph Renderer" "MGICGFilter.ax" "Sonic Solutions" "c:\program files\roxio 2011\videocore\plasmacgfilter.ax"
+ "Roxio Plasma CrossGraph Source" "MGICGFilter.ax" "Sonic Solutions" "c:\program files\roxio 2011\videocore\plasmacgfilter.ax"
+ "ROXIO QT Source" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio 2011\videocore\roxvideo.ax"
+ "ROXIO QuickGrabber 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio 2011\videocore\roxvideo.ax"
+ "ROXIO Raw Writer" "ROXIO Raw Writer" "Sonic Solutions" "c:\program files\common files\roxio shared\13.0\mpeg\mgirawwriter.dll"
+ "Roxio RealD to Stereo" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio 2011\videocore\roxvideo.ax"
+ "Roxio Repack Filter" "Repack Filter" "Sonic Solutions" "c:\program files\common files\roxio shared\13.0\mpeg\repackfilter.dll"
+ "ROXIO Scene Detector 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio 2011\videocore\roxvideo.ax"
+ "ROXIO SceneRecorder 1.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio 2011\videocore\roxvideo.ax"
+ "Roxio Smart AVC Encode" "AVC/H.264 Video Encoder DirectShow Filter" "Sonic Solutions Inc." "c:\program files\common files\roxio shared\13.0\mpeg\roxiosmartavcenc.ax"
+ "Roxio Smart AVC Video Decode" "AVC/H.264 Video Decoder" "Sonic Solutions Inc." "c:\program files\common files\roxio shared\13.0\mpeg\roxiosmartavcdec.ax"
+ "Roxio Smart Decoder" "ROXIO MPEG2 Codec" "Sonic Solutions" "c:\program files\common files\roxio shared\13.0\mpeg\mpeg2vidcodec.dll"
+ "Roxio Smart Encoder" "ROXIO MPEG2 Codec" "Sonic Solutions" "c:\program files\common files\roxio shared\13.0\mpeg\mpeg2vidcodec.dll"
+ "ROXIO SpyPos 3.0" "Null-In-Place (Sample)" "Sonic Solutions" "c:\program files\roxio 2011\videocore\mginullip.ax"
+ "Roxio StereoSource Cropper" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio 2011\videocore\roxvideo.ax"
+ "ROXIO ThumbnailGrabber 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio 2011\videocore\roxvideo.ax"
+ "Roxio Transport Stream Source" "ListFrameSource" "Sonic Solutions" "c:\program files\common files\roxio shared\13.0\mpeg\tsmpegsource.dll"
+ "ROXIO VCFAlphaSplitter 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio 2011\videocore\roxvideo.ax"
+ "ROXIO VCFAudioMixer 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files\roxio 2011\videocore\roxaudio.ax"
+ "ROXIO VCFDvrSupport 3.0" "DVR support filter" "Sonic Solutions" "c:\program files\roxio 2011\videocore\dvrsupportfilt.ax"
+ "ROXIO VCFDVSceneDetect 1.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio 2011\videocore\roxvideo.ax"
+ "ROXIO VCFHDVSceneDetect 1.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio 2011\videocore\roxvideo.ax"
+ "ROXIO VCFLatency 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files\roxio 2011\videocore\roxaudio.ax"
+ "ROXIO VCFpeakmeter 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files\roxio 2011\videocore\roxaudio.ax"
+ "ROXIO VCFStationLogo 1.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio 2011\videocore\roxvideo.ax"
+ "ROXIO VCFVideoCutList 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio 2011\videocore\roxvideo.ax"
+ "ROXIO VCFWaveform 1.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files\roxio 2011\videocore\roxaudio.ax"
+ "ROXIO Video Effect 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio 2011\videocore\roxvideo.ax"
+ "ROXIO Video Integrate" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio 2011\videocore\roxvideo.ax"
+ "ROXIO Video Resampler 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio 2011\videocore\roxvideo.ax"
+ "Roxio Video Rotater," "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio 2011\videocore\roxvideo.ax"
+ "ROXIO Video VCFLooper 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio 2011\videocore\roxvideo.ax"
+ "ROXIO VideoCombine 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio 2011\videocore\roxvideo.ax"
+ "Roxio VOB Formatter" "VOBFormatter" "Sonic Solutions" "c:\program files\roxio 2011\videocore\vobformatter.ax"
+ "Roxio Vob Loader" "VOBLoader" "Sonic Solutions" "c:\program files\roxio 2011\videocore\vobloader.ax"
+ "ROXIO WAV Dest 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files\roxio 2011\videocore\roxaudio.ax"
+ "Sewer" "MVWcDSutil" "Sonic Solutions" "c:\program files\roxio 2011\videocore\mvwcdsutil.dll"
+ "ShotBoundaryDet" "Windows Movie Maker" "Microsoft Corporation" "c:\program files\movie maker\wmmfilt.dll"
+ "ShotDetect" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Sonic AAC Decoder" "AAC audio decoder filter" "Sonic Solutions Inc." "c:\program files\common files\sonic shared\sonicmc02\roxio86_dec_aac_ds.ax"
+ "Sonic AAC Encoder" "AAC Encoder DirectShow Filter" "Sonic Solutions Inc." "c:\program files\roxio 2011\videocore\filters\roxio86_enc_aac_ds.ax"
+ "Sonic AMR Decoder" "AMR Decoder DirectShow Filter" "Sonic Solutions Inc." "c:\program files\common files\sonic shared\sonicmc02\roxio86_dec_amr_ds.ax"
+ "Sonic AMR Encoder" "AMR Encoder DirectShow Filter" "Sonic Solutions Inc." "c:\program files\roxio 2011\videocore\filters\roxio86_enc_amr_ds.ax"
+ "Sonic AVC/H.264 Video Decoder" "AVC/H.264 Decoder DirectShow Filter" "Sonic Solutions Inc." "c:\program files\common files\sonic shared\sonicmc02\roxio86_dec_avc_ds.ax"
+ "Sonic AVC/H.264 Video Encoder" "AVC/H.264 Encoder DirectShow Filter" "Sonic Solutions Inc." "c:\program files\roxio 2011\videocore\filters\roxio86_enc_avc_ds.ax"
+ "Sonic Cinemaster® Audio Decoder 4.3" "SonicHDAudio" "Sonic Solutions" "c:\program files\roxio 2011\common\cinemasteraudio.dll"
+ "Sonic Cinemaster® VideoDecoder 4.3 (EMC13)" "CinemasterVideo" "Sonic Solutions" "c:\program files\roxio 2011\common\cinemastervideo.dll"
+ "Sonic HD Demuxer" "Sonic HD Demuxer" "" "c:\program files\roxio 2011\5.0\filters\sonichddemuxer.dll"
+ "Sonic HD Demuxer" "Sonic HD Demuxer" "" "c:\program files\roxio 2011\common\sonichddemuxer.dll"
+ "Sonic MP4 Demultiplexer" "MP4 Demultiplexer Direct Show Filter" "Sonic Solutions Inc." "c:\program files\common files\sonic shared\sonicmc02\roxio86_demux_mp4_ds.ax"
+ "Sonic MP4 Multiplexer" "MP4 Multiplexer Direct Show Filter" "Sonic Solutions Inc." "c:\program files\roxio 2011\videocore\filters\roxio86_mux_mp4_ds.ax"
+ "Sonic MPEG Demultiplexer" "MPEG-1/2 Demultiplexer" "Sonic Solutions Inc." "c:\program files\common files\sonic shared\sonicmc02\roxio86_demux_mp2_ds.ax"
+ "Sonic MPEG-2 Video Decoder" "MPEG-2 Video Decoder" "Sonic Solutions Inc." "c:\program files\common files\sonic shared\sonicmc02\roxio86_dec_mp2v_ds.ax"
+ "Sonic MPEG-4 Video Decoder" "MPEG-4 Video Decoder Direct Show Filter" "Sonic Solutions Inc." "c:\program files\common files\sonic shared\sonicmc02\roxio86_dec_mp4v_ds.ax"
+ "Sonic Stream Parser" "MPEG-1/2 Demultiplexer" "Sonic Solutions Inc." "c:\program files\common files\sonic shared\sonicmc02\roxio86_demux_mp2_ds.ax"
+ "Stetch" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "SubPicture Encoder" "ROXIO SubPicture Encoder" "Sonic Solutions" "c:\program files\common files\roxio shared\13.0\mpeg\subpictenc.dll"
+ "VCG Null Renderer 3.0" "VideoCompositing Module" "Sonic Solutions" "c:\program files\roxio 2011\videocore\videocompositing.ax"
+ "VCG Video Mixer 3.0" "VideoCompositing Module" "Sonic Solutions" "c:\program files\roxio 2011\videocore\videocompositing.ax"
+ "VCGImageSource" "VideoCompositing Module" "Sonic Solutions" "c:\program files\roxio 2011\videocore\videocompositing.ax"
+ "VMR9 Wrapper 3.0" "VideoCompositing Module" "Sonic Solutions" "c:\program files\roxio 2011\videocore\videocompositing.ax"
+ "Vorbis Decode Filter" "ogg DShow filters" "" "c:\program files\common files\roxio shared\ogg_flac codecs\dsfvorbisdecoder.dll"
+ "VW Input Selector" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio 2011\videocore\roxvideo.ax"
+ "VW Input Selector 2" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio 2011\videocore\roxvideo.ax"
+ "VW Video Transition" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio 2011\videocore\roxvideo.ax"
+ "VW Video Transition" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio 2011\videocore\roxvideo.ax"
+ "WIA Stream Snapshot Filter" "WIA Stream Snapshot Filter" "MyCompanyName" "c:\windows\system32\wiasf.ax"
+ "Windows Media Pad VU Data Grabber" "Windows Movie Maker" "Microsoft Corporation" "c:\program files\movie maker\wmmfilt.dll"
+ "WM VIH2 Fix" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Audio Analyzer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Black Frame Generator" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DirectX Transform Wrapper" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DV Extract Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT FormatConversion" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Import Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Interlacer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Log Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT MuxDeMux Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Sample Info Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Screen capture Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Switch Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Renderer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Source" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Volume" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
"HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute" "" "" ""
+ "C:\PROGRA~1\AVG\AVG2013\avgrsx.exe /sync /restart" "AVG Resident Shield Service" "AVG Technologies CZ, s.r.o." "c:\program files\avg\avg2013\avgrsx.exe"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "HP 8711 Status Monitor" "Print Status Language Monitor" "Hewlett-Packard Co." "c:\windows\system32\hpinksts8711lm.dll"
+ "HP 8911 Status Monitor" "Print Status Language Monitor" "Hewlett-Packard Co." "c:\windows\system32\hpinksts8911lm.dll"

Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 10/18/2012 10:18:22 PM in x86 mode.
Windows Version: Microsoft Windows XP Service Pack 3

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* RpcSs => %SystemRoot%\system32\svchost.exe -k rpcss [Incorrect ImagePath]

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost

Program finished at: 10/18/2012 10:19:01 PM
Execution time: 0 hours(s), 0 minute(s), and 39 seconds(s)
What is thy bidding? My Master?

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:09 PM

Posted 18 October 2012 - 10:26 PM

which browser?

#12 jaysnzees

jaysnzees
  • Topic Starter

  • Members
  • 310 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Illinois
  • Local time:06:09 PM

Posted 19 October 2012 - 11:07 AM

Firefox yahoo Edition 1.13
What is thy bidding? My Master?

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:09 PM

Posted 19 October 2012 - 12:47 PM

Try this

Export your bookmarks from firefox

http://support.mozilla.org/en-US/kb/export-firefox-bookmarks-to-backup-or-transfer

After exporting it

Uninstall firefox

Makesure to checkmark Remove my personal data option

Reinstall firefox and import your bookmarks

Let me know how it goes

#14 jaysnzees

jaysnzees
  • Topic Starter

  • Members
  • 310 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Illinois
  • Local time:06:09 PM

Posted 22 October 2012 - 10:37 AM

I have reinstalled like you suggest and find no evidence of the Claro search
What is thy bidding? My Master?

#15 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:09 PM

Posted 22 October 2012 - 10:42 AM

That looks good

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users