Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Computer infected?


  • Please log in to reply
26 replies to this topic

#1 jabbb

jabbb

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Local time:10:54 AM

Posted 26 November 2012 - 07:22 AM

Hello there,
I'm writing on behalf of my girlfriend who is having some major problems with her pc lately(Hewlett-Packard/WinXP).
The pc has slowed down a lot in the last month and you cannot even listen to the music because it seems that computer is overheating and the songs start stopping and jumping.
But I checked on Task Manager and the processor wasn't even working at 100% and the pc wasn't hot enough to give this sort of problems.

So my guess is that she's been infected by some malware or virus. When she opens Google Chrome, on Task Manager you can see that there are three chrome.exe in process and the same goes with some other files.

I ask help from you guys, maybe running all those scans could sort it out.


Cheers

Jabbb

BC AdBot (Login to Remove)

 


#2 Sightless

Sightless

  • Members
  • 435 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Up in the Clouds
  • Local time:04:54 AM

Posted 26 November 2012 - 10:53 AM

Multiple instances of Chrome.exe is normal.

Download TDSSkiller
  • Right Click it Run as Admin.
  • Click on Change parameters
  • Select TDLFS file system
  • Click the Scan button
  • Post the LOG In your next reply

    Do not change the default options on scan results

Some types of malware will disable MBAM and other security tools. If MBAM will not install, try renaming it.

  • Before saving any of your security programs, rename them first. For example, before you save Malwarebytes', rename it to something like MBblah.exe and then click on Save and save it to your desktop. Same thing after you install it. Before running it, rename the main executable file first

    Right-click on the mbam-setup.exe file and change the .exe extension to .bat, .com, .pif, or .scr and then double-click on it to run.

    If after installation, MBAM will not run, open the Malwarebytes' Anti-Malware folder in Program Files, right-click on mbam.exe and change the .exe as noted above. Then double-click on it to run..
  • Another work around is by not using the mouse to install it, Just use the arrow keys, tab, and enter keys.



Please download Malwarebytes Anti-Malware and save it to your desktop.
  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
  • MBAM will automatically start and you will be asked to update the program before performing a scan. If an update is found, the program will automatically update itself. Press the OK button to close that box and continue. If you encounter any problems while downloading the updates, manually download them from here or here and just double-click on mbam-rules.exe to install.
  • On the Scanner tab:
    • Make sure the "Perform Quick Scan" option is selected.
    • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
  • Back at the main Scanner screen, click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply and exit MBAM.
Note: If MBAM encounters a file that is difficult to remove, you may be asked to reboot your computer so it can proceed with the disinfection process. Regardless if prompted to restart the computer or not, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware. MBAM may make changes to your registry as part of its disinfection routine. If you're using other security programs that detect registry changes, they may alert you after scanning with MBAM. Please permit the program to allow the changes.
For a complete visual tutorial of MBAM, see http://thespykiller.co.uk/index.php/topic,5946.0.html

Please include the following in your reply:
MBAM log
TDSSKiller Log

#3 jabbb

jabbb
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Local time:10:54 AM

Posted 26 November 2012 - 12:24 PM

TDSKILLER report: 19:03:16.0406 2324 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
19:03:16.0546 2324 ============================================================
19:03:16.0546 2324 Current date / time: 2012/11/26 19:03:16.0546
19:03:16.0546 2324 SystemInfo:
19:03:16.0546 2324
19:03:16.0546 2324 OS Version: 5.1.2600 ServicePack: 3.0
19:03:16.0546 2324 Product type: Workstation
19:03:16.0546 2324 ComputerName: UTENTE-CCDDFEA0
19:03:16.0546 2324 UserName: Administrator
19:03:16.0546 2324 Windows directory: C:\WINDOWS
19:03:16.0546 2324 System windows directory: C:\WINDOWS
19:03:16.0546 2324 Processor architecture: Intel x86
19:03:16.0546 2324 Number of processors: 1
19:03:16.0546 2324 Page size: 0x1000
19:03:16.0546 2324 Boot type: Normal boot
19:03:16.0546 2324 ============================================================
19:03:25.0593 2324 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
19:03:25.0640 2324 ============================================================
19:03:25.0640 2324 \Device\Harddisk0\DR0:
19:03:25.0703 2324 MBR partitions:
19:03:25.0703 2324 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xDF8F8C1
19:03:25.0703 2324 ============================================================
19:03:25.0796 2324 C: <-> \Device\Harddisk0\DR0\Partition1
19:03:25.0796 2324 ============================================================
19:03:25.0796 2324 Initialize success
19:03:25.0796 2324 ============================================================
19:03:41.0640 3748 ============================================================
19:03:41.0640 3748 Scan started
19:03:41.0640 3748 Mode: Manual; TDLFS;
19:03:41.0640 3748 ============================================================
19:03:45.0156 3748 ================ Scan system memory ========================
19:03:45.0156 3748 System memory - ok
19:03:45.0156 3748 ================ Scan services =============================
19:03:47.0671 3748 Abiosdsk - ok
19:03:47.0671 3748 abp480n5 - ok
19:03:47.0843 3748 [ D766E636187B8F240BBFBABCD51EB2C6 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
19:03:47.0875 3748 ACPI - ok
19:03:48.0125 3748 [ 49AC5CD87FBDDA62F3E25190019E7627 ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
19:03:48.0140 3748 ACPIEC - ok
19:03:48.0281 3748 [ 4E12C97CBFE99BE15D7680918F9899EC ] ADIHdAudAddService C:\WINDOWS\system32\drivers\ADIHdAud.sys
19:03:48.0359 3748 ADIHdAudAddService - ok
19:03:48.0375 3748 adpu160m - ok
19:03:49.0078 3748 [ AC7E481DB75F1EDAEE81F68F41786955 ] AdvancedSystemCareService C:\Programmi\IObit\Advanced SystemCare 4\ASCService.exe
19:03:49.0125 3748 AdvancedSystemCareService - ok
19:03:49.0171 3748 [ FFF87A9B1AB36EE4B7BEC98A4CB01B79 ] AEAudio C:\WINDOWS\system32\drivers\AEAudio.sys
19:03:49.0203 3748 AEAudio - ok
19:03:49.0562 3748 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
19:03:49.0593 3748 aec - ok
19:03:50.0078 3748 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
19:03:50.0140 3748 AFD - ok
19:03:50.0265 3748 [ 39E435C90C9C4F780FA0ED05CA3C3A1B ] AgereModemAudio C:\WINDOWS\system32\agrsmsvc.exe
19:03:50.0281 3748 AgereModemAudio - ok
19:03:50.0453 3748 [ 2E3ABAACBF547ABBB5E73A504A56D05A ] AgereSoftModem C:\WINDOWS\system32\DRIVERS\AGRSM.sys
19:03:50.0953 3748 AgereSoftModem - ok
19:03:50.0968 3748 Aha154x - ok
19:03:50.0968 3748 aic78u2 - ok
19:03:50.0984 3748 aic78xx - ok
19:03:51.0109 3748 [ 14A077AD0CF6116D1102631D8E1EDEE8 ] Alerter C:\WINDOWS\system32\alrsvc.dll
19:03:51.0109 3748 Alerter - ok
19:03:51.0296 3748 [ 79FE2E0D7859738225816658F0BB2A0D ] ALG C:\WINDOWS\System32\alg.exe
19:03:51.0296 3748 ALG - ok
19:03:51.0296 3748 AliIde - ok
19:03:51.0312 3748 amsint - ok
19:03:51.0390 3748 [ 9062ED05B7519324FD7F0D6AFB9D1147 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
19:03:51.0453 3748 AppMgmt - ok
19:03:51.0468 3748 asc - ok
19:03:51.0468 3748 asc3350p - ok
19:03:51.0484 3748 asc3550 - ok
19:03:53.0968 3748 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
19:03:54.0125 3748 aspnet_state - ok
19:03:54.0343 3748 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
19:03:54.0390 3748 AsyncMac - ok
19:03:54.0828 3748 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
19:03:54.0828 3748 atapi - ok
19:03:54.0843 3748 Atdisk - ok
19:03:54.0984 3748 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
19:03:55.0031 3748 Atmarpc - ok
19:03:55.0046 3748 [ 1B58D118049304E88464BE614C6D0014 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
19:03:55.0046 3748 AudioSrv - ok
19:03:55.0250 3748 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
19:03:55.0265 3748 audstub - ok
19:03:55.0984 3748 [ E9EA635B8432D68F0005B3F6CEBAB837 ] BCM43XX C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
19:03:56.0359 3748 BCM43XX - ok
19:03:56.0406 3748 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
19:03:56.0437 3748 Beep - ok
19:03:56.0593 3748 [ 48C4763A9C8990FB48B73445BEB15D6A ] BITS C:\WINDOWS\system32\qmgr.dll
19:03:56.0656 3748 BITS - ok
19:03:56.0750 3748 [ 076D11B52F066ED33E3A80F8070A3E2E ] Browser C:\WINDOWS\System32\browser.dll
19:03:56.0781 3748 Browser - ok
19:03:56.0859 3748 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
19:03:56.0875 3748 cbidf2k - ok
19:03:56.0937 3748 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
19:03:57.0000 3748 CCDECODE - ok
19:03:57.0000 3748 cd20xrnt - ok
19:03:57.0031 3748 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
19:03:57.0031 3748 Cdaudio - ok
19:03:57.0125 3748 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
19:03:57.0140 3748 Cdfs - ok
19:03:57.0203 3748 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
19:03:57.0234 3748 Cdrom - ok
19:03:57.0234 3748 Changer - ok
19:03:57.0281 3748 [ D04F2BEB5EA63D0766E12E44AEF7C38D ] CiSvc C:\WINDOWS\system32\cisvc.exe
19:03:57.0296 3748 CiSvc - ok
19:03:57.0703 3748 [ 48CB1DEFA1A6506C3CF09E4950F82EF6 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
19:03:57.0734 3748 ClipSrv - ok
19:03:57.0812 3748 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:03:58.0296 3748 clr_optimization_v2.0.50727_32 - ok
19:03:59.0000 3748 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
19:03:59.0015 3748 CmBatt - ok
19:03:59.0015 3748 CmdIde - ok
19:03:59.0062 3748 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
19:03:59.0078 3748 Compbatt - ok
19:03:59.0093 3748 COMSysApp - ok
19:03:59.0093 3748 Cpqarray - ok
19:03:59.0187 3748 [ B6FCBB157E9C8ABDCA4134C535535A8B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
19:03:59.0203 3748 CryptSvc - ok
19:03:59.0203 3748 dac2w2k - ok
19:03:59.0218 3748 dac960nt - ok
19:03:59.0328 3748 [ BC4E0226341AAEC1222336B3AED86BAB ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
19:03:59.0406 3748 DcomLaunch - ok
19:03:59.0437 3748 [ 699EE7F752A25180AEB92C3A0EAEE440 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
19:03:59.0437 3748 Dhcp - ok
19:03:59.0531 3748 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
19:03:59.0531 3748 Disk - ok
19:03:59.0531 3748 dmadmin - ok
19:04:00.0437 3748 [ 82BC125A8ED33F5F0E75F2AAC1065323 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
19:04:00.0796 3748 dmboot - ok
19:04:00.0984 3748 [ E959DDC0EA7AC11EE5E5602E2A364310 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
19:04:01.0031 3748 dmio - ok
19:04:01.0531 3748 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
19:04:01.0531 3748 dmload - ok
19:04:01.0812 3748 [ A01858C50704B2D2EDEEBBF6BBBCED2A ] dmserver C:\WINDOWS\System32\dmserver.dll
19:04:01.0828 3748 dmserver - ok
19:04:01.0890 3748 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
19:04:01.0906 3748 DMusic - ok
19:04:01.0984 3748 [ B7A1162B1A26DF7B60D5D9500006096C ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
19:04:01.0984 3748 Dnscache - ok
19:04:02.0156 3748 [ D580D77DFF316BD8C9D73B38695DE8DC ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
19:04:02.0187 3748 Dot3svc - ok
19:04:02.0187 3748 dpti2o - ok
19:04:02.0328 3748 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
19:04:02.0343 3748 drmkaud - ok
19:04:02.0515 3748 [ ED91F1042071A36F54E7C430E130E4CD ] e1express C:\WINDOWS\system32\DRIVERS\e1e5132.sys
19:04:02.0593 3748 e1express - ok
19:04:02.0671 3748 [ B5CB3084046146FD2587D8C9B219FEB4 ] eabfiltr C:\WINDOWS\system32\DRIVERS\eabfiltr.sys
19:04:02.0734 3748 eabfiltr - ok
19:04:02.0765 3748 [ 231F4547AE1E4B3E60ECA66C3A96D218 ] eabusb C:\WINDOWS\system32\DRIVERS\eabusb.sys
19:04:02.0812 3748 eabusb - ok
19:04:02.0890 3748 [ 86B1F123BACD444E81960B339BAE3FF2 ] EapHost C:\WINDOWS\System32\eapsvc.dll
19:04:02.0937 3748 EapHost - ok
19:04:03.0343 3748 [ B6599EDA9F3EBEF064504EE35BBECA1C ] ERSvc C:\WINDOWS\System32\ersvc.dll
19:04:03.0375 3748 ERSvc - ok
19:04:03.0453 3748 [ 26845F272435302E0F3322E660A24F7D ] Eventlog C:\WINDOWS\system32\services.exe
19:04:03.0484 3748 Eventlog - ok
19:04:04.0234 3748 [ 8360CB9756E598A5C6214EACFB3677C3 ] EventSystem C:\WINDOWS\system32\es.dll
19:04:04.0281 3748 EventSystem - ok
19:04:04.0343 3748 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
19:04:04.0515 3748 Fastfat - ok
19:04:06.0375 3748 [ DCCC606FC144F6E44E497F9A906F1C30 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
19:04:06.0437 3748 FastUserSwitchingCompatibility - ok
19:04:06.0593 3748 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
19:04:06.0609 3748 Fdc - ok
19:04:06.0656 3748 [ 2CFEA3326981A18C6BAF2BD9BE76225B ] Fips C:\WINDOWS\system32\drivers\Fips.sys
19:04:06.0671 3748 Fips - ok
19:04:06.0968 3748 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
19:04:06.0984 3748 Flpydisk - ok
19:04:07.0078 3748 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
19:04:07.0109 3748 FltMgr - ok
19:04:07.0609 3748 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
19:04:07.0640 3748 FontCache3.0.0.0 - ok
19:04:07.0968 3748 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:04:07.0984 3748 Fs_Rec - ok
19:04:08.0046 3748 [ F3269A6EE547EA87B949A1CEA4816B38 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
19:04:08.0078 3748 Ftdisk - ok
19:04:08.0250 3748 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
19:04:08.0281 3748 Gpc - ok
19:04:09.0453 3748 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Programmi\Google\Update\GoogleUpdate.exe
19:04:09.0640 3748 gupdate - ok
19:04:15.0343 3748 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Programmi\Google\Update\GoogleUpdate.exe
19:04:15.0343 3748 gupdatem - ok
19:04:15.0843 3748 [ 4D4D97671C63C3AF869B3518E6054204 ] HBtnKey C:\WINDOWS\system32\DRIVERS\cpqbttn.sys
19:04:16.0031 3748 HBtnKey - ok
19:04:16.0734 3748 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
19:04:16.0937 3748 HDAudBus - ok
19:04:19.0312 3748 [ 6CE66B51B4EB23D9D073F92698C55C8D ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
19:04:19.0468 3748 helpsvc - ok
19:04:20.0234 3748 [ 43D985A9A51E0295091B6EBE84C96B78 ] HidServ C:\WINDOWS\System32\hidserv.dll
19:04:20.0296 3748 HidServ - ok
19:04:20.0656 3748 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
19:04:20.0687 3748 HidUsb - ok
19:04:21.0062 3748 [ 00CAD842F48947887A972828ACA665F7 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
19:04:21.0109 3748 hkmsvc - ok
19:04:21.0125 3748 hpn - ok
19:04:22.0187 3748 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
19:04:22.0406 3748 HTTP - ok
19:04:22.0968 3748 [ 450091AEBFCD08E5858533EAB5B9A436 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
19:04:22.0984 3748 HTTPFilter - ok
19:04:23.0000 3748 hwdatacard - ok
19:04:23.0015 3748 hwusbfake - ok
19:04:23.0015 3748 i2omgmt - ok
19:04:23.0031 3748 i2omp - ok
19:04:23.0156 3748 [ 610726E28AF55B95043C5C35A727E320 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
19:04:23.0218 3748 i8042prt - ok
19:04:27.0656 3748 [ 42CAA789A21014AA809A8FF59B3CCFD9 ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
19:04:28.0203 3748 ialm - ok
19:04:28.0312 3748 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:04:29.0203 3748 idsvc - ok
19:04:32.0500 3748 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
19:04:32.0593 3748 Imapi - ok
19:04:32.0703 3748 [ DB491237445F172FDDDF00541DE1A51D ] ImapiService C:\WINDOWS\system32\imapi.exe
19:04:32.0843 3748 ImapiService - ok
19:04:32.0843 3748 ini910u - ok
19:04:32.0859 3748 IntelIde - ok
19:04:32.0984 3748 [ EBD830A0970C438047006A49C23E287F ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
19:04:33.0031 3748 intelppm - ok
19:04:33.0093 3748 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
19:04:33.0125 3748 Ip6Fw - ok
19:04:33.0359 3748 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:04:33.0390 3748 IpFilterDriver - ok
19:04:34.0234 3748 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
19:04:34.0343 3748 IpInIp - ok
19:04:34.0531 3748 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
19:04:34.0656 3748 IpNat - ok
19:04:34.0984 3748 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
19:04:35.0125 3748 IPSec - ok
19:04:35.0390 3748 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
19:04:35.0437 3748 IRENUM - ok
19:04:35.0578 3748 [ 0953594BEB81CC72FCC62D37921B25A6 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
19:04:35.0609 3748 isapnp - ok
19:04:36.0312 3748 [ 691B9B7C0CC1653732717D292D6B305D ] JavaQuickStarterService C:\Programmi\Java\jre6\bin\jqs.exe
19:04:36.0421 3748 JavaQuickStarterService - ok
19:04:36.0625 3748 [ 28B6EACE513CA7EABA3B809AD4BC274D ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
19:04:36.0671 3748 Kbdclass - ok
19:04:36.0796 3748 [ 4C61C226BDDA2EF1672B2C5F4E56625E ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
19:04:36.0812 3748 kbdhid - ok
19:04:36.0890 3748 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
19:04:36.0968 3748 kmixer - ok
19:04:37.0078 3748 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
19:04:37.0203 3748 KSecDD - ok
19:04:37.0296 3748 [ 0F726D49C0B19E5A506A1CDFCE0EE42F ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
19:04:37.0343 3748 LanmanServer - ok
19:04:37.0437 3748 [ E13B0181DDA60B93E3253EFF52A79CBE ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
19:04:37.0500 3748 lanmanworkstation - ok
19:04:37.0515 3748 lbrtfdc - ok
19:04:37.0609 3748 [ E01255727D0B158538D7C2B469B533A8 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
19:04:37.0640 3748 LmHosts - ok
19:04:37.0640 3748 ManyCam - ok
19:04:37.0921 3748 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
19:04:38.0000 3748 MDM - ok
19:04:38.0046 3748 [ 3B32F662C8607E891F325E41F7EE225C ] Messenger C:\WINDOWS\System32\msgsvc.dll
19:04:38.0062 3748 Messenger - ok
19:04:38.0140 3748 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
19:04:38.0171 3748 mnmdd - ok
19:04:38.0265 3748 [ 514A299EC926BAADA3C718B171476AA4 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
19:04:38.0296 3748 mnmsrvc - ok
19:04:38.0406 3748 [ 8CB6636806D76B85FAFAEE94D75F5129 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
19:04:38.0421 3748 Modem - ok
19:04:38.0468 3748 [ E904EBED608055A2BFB824C07F59766C ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
19:04:38.0468 3748 Mouclass - ok
19:04:38.0578 3748 [ D7662F0CF5B77BBBE3202716F5BD5318 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
19:04:38.0593 3748 mouhid - ok
19:04:38.0640 3748 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
19:04:38.0656 3748 MountMgr - ok
19:04:38.0750 3748 [ EE728AF83850DDAD9A3FCAC0AAB3AD97 ] MpFilter C:\WINDOWS\system32\DRIVERS\MpFilter.sys
19:04:38.0890 3748 MpFilter - ok
19:04:39.0406 3748 [ A69630D039C38018689190234F866D77 ] MpKsl0ac12330 c:\Documents and Settings\All Users\Dati applicazioni\Microsoft\Microsoft Antimalware\Definition Updates\{438E5742-648F-4B66-B52D-DDA18D6F1894}\MpKsl0ac12330.sys
19:04:39.0406 3748 MpKsl0ac12330 - ok
19:04:39.0406 3748 mraid35x - ok
19:04:39.0984 3748 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
19:04:40.0250 3748 MRxDAV - ok
19:04:40.0500 3748 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:04:40.0906 3748 MRxSmb - ok
19:04:40.0968 3748 [ 01F77E9E473235C31796ADE46107B0AD ] MSDTC C:\WINDOWS\system32\msdtc.exe
19:04:40.0984 3748 MSDTC - ok
19:04:41.0062 3748 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
19:04:41.0078 3748 Msfs - ok
19:04:41.0093 3748 MSIServer - ok
19:04:41.0140 3748 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
19:04:41.0156 3748 MSKSSRV - ok
19:04:41.0296 3748 [ E077FCA2A7E79FB9BF67D3E30B5CE593 ] MsMpSvc c:\Programmi\Microsoft Security Client\MsMpEng.exe
19:04:41.0359 3748 MsMpSvc - ok
19:04:41.0453 3748 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
19:04:41.0484 3748 MSPCLOCK - ok
19:04:41.0531 3748 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
19:04:41.0578 3748 MSPQM - ok
19:04:41.0656 3748 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
19:04:41.0687 3748 mssmbios - ok
19:04:41.0765 3748 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
19:04:41.0859 3748 MSTEE - ok
19:04:42.0609 3748 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
19:04:42.0656 3748 Mup - ok
19:04:42.0703 3748 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
19:04:42.0781 3748 NABTSFEC - ok
19:04:42.0984 3748 [ 911587FD303C9690A428BB4B04732B61 ] napagent C:\WINDOWS\System32\qagentrt.dll
19:04:43.0078 3748 napagent - ok
19:04:43.0359 3748 [ 89844C3D3A7AAE8999E229C88E452633 ] NBService C:\Programmi\Nero\Nero 7\Nero BackItUp\NBService.exe
19:04:43.0406 3748 NBService - ok
19:04:43.0515 3748 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
19:04:43.0531 3748 NDIS - ok
19:04:43.0609 3748 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
19:04:43.0609 3748 NdisIP - ok
19:04:43.0671 3748 [ EF6574A4A8359379CAF7092850FE4C81 ] Ndisrd C:\WINDOWS\system32\DRIVERS\ndisrd.sys
19:04:43.0671 3748 Ndisrd - ok
19:04:43.0671 3748 [ EF6574A4A8359379CAF7092850FE4C81 ] NdisrdMP C:\WINDOWS\system32\DRIVERS\ndisrd.sys
19:04:43.0687 3748 NdisrdMP - ok
19:04:43.0765 3748 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:04:43.0765 3748 NdisTapi - ok
19:04:43.0812 3748 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
19:04:43.0812 3748 Ndisuio - ok
19:04:43.0843 3748 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:04:43.0843 3748 NdisWan - ok
19:04:43.0921 3748 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
19:04:43.0921 3748 NDProxy - ok
19:04:43.0953 3748 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
19:04:43.0953 3748 NetBIOS - ok
19:04:43.0968 3748 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
19:04:44.0031 3748 NetBT - ok
19:04:44.0093 3748 [ 1B09227E41F414A93DBC0BAF80C4D527 ] NetDDE C:\WINDOWS\system32\netdde.exe
19:04:44.0093 3748 NetDDE - ok
19:04:44.0109 3748 [ 1B09227E41F414A93DBC0BAF80C4D527 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
19:04:44.0109 3748 NetDDEdsdm - ok
19:04:44.0187 3748 [ 0FBA335727905DE8E4CB5A2CF438ABF5 ] Netlogon C:\WINDOWS\system32\lsass.exe
19:04:44.0187 3748 Netlogon - ok
19:04:44.0296 3748 [ 02815B70FC4CA8611A926176F1C39FC2 ] Netman C:\WINDOWS\System32\netman.dll
19:04:44.0296 3748 Netman - ok
19:04:44.0375 3748 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:04:44.0390 3748 NetTcpPortSharing - ok
19:04:44.0453 3748 [ C6B69A18D39744725FB73AC85E46032B ] Nla C:\WINDOWS\System32\mswsock.dll
19:04:44.0468 3748 Nla - ok
19:04:44.0609 3748 [ 8DD0CDB0C700992D10169D8769EF5F43 ] NMIndexingService C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe
19:04:52.0843 3748 NMIndexingService - ok
19:04:52.0921 3748 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
19:04:52.0921 3748 Npfs - ok
19:04:52.0984 3748 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
19:04:53.0000 3748 Ntfs - ok
19:04:53.0015 3748 [ 0FBA335727905DE8E4CB5A2CF438ABF5 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
19:04:53.0031 3748 NtLmSsp - ok
19:04:53.0093 3748 [ 89DB90B5F35D2795D9FC56D933CC72B8 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
19:04:53.0093 3748 NtmsSvc - ok
19:04:53.0140 3748 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
19:04:53.0140 3748 Null - ok
19:04:53.0171 3748 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
19:04:53.0171 3748 NwlnkFlt - ok
19:04:53.0171 3748 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
19:04:53.0171 3748 NwlnkFwd - ok
19:04:53.0234 3748 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Programmi\File comuni\Microsoft Shared\Source Engine\OSE.EXE
19:04:53.0234 3748 ose - ok
19:04:53.0312 3748 [ 4E9408A178B2D955871C2CDD278DE3C3 ] Parport C:\WINDOWS\system32\drivers\Parport.sys
19:04:53.0312 3748 Parport - ok
19:04:53.0359 3748 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
19:04:53.0359 3748 PartMgr - ok
19:04:53.0406 3748 [ 0DABEF655A444CB1E193626FB1D24B9F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
19:04:53.0406 3748 ParVdm - ok
19:04:53.0453 3748 [ F40A46892AFEBB0314536B849D57C11E ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
19:04:53.0453 3748 PCI - ok
19:04:53.0453 3748 PCIDump - ok
19:04:53.0500 3748 [ B2DF00D650FD6C4EE781740ED3C8E67F ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
19:04:53.0515 3748 PCIIde - ok
19:04:53.0531 3748 [ 815C50F2B1D1562800BDCE8BE895000E ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
19:04:53.0546 3748 Pcmcia - ok
19:04:53.0546 3748 PDCOMP - ok
19:04:53.0562 3748 PDFRAME - ok
19:04:53.0562 3748 PDRELI - ok
19:04:53.0578 3748 PDRFRAME - ok
19:04:53.0578 3748 perc2 - ok
19:04:53.0578 3748 perc2hib - ok
19:04:53.0640 3748 [ 26845F272435302E0F3322E660A24F7D ] PlugPlay C:\WINDOWS\system32\services.exe
19:04:53.0640 3748 PlugPlay - ok
19:04:53.0703 3748 [ 0FBA335727905DE8E4CB5A2CF438ABF5 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
19:04:53.0703 3748 PolicyAgent - ok
19:04:53.0750 3748 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
19:04:53.0750 3748 PptpMiniport - ok
19:04:53.0765 3748 [ 0FBA335727905DE8E4CB5A2CF438ABF5 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
19:04:53.0765 3748 ProtectedStorage - ok
19:04:53.0812 3748 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
19:04:53.0812 3748 PSched - ok
19:04:53.0843 3748 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
19:04:53.0843 3748 Ptilink - ok
19:04:53.0890 3748 [ E42E3433DBB4CFFE8FDD91EAB29AEA8E ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
19:04:53.0890 3748 PxHelp20 - ok
19:04:53.0906 3748 ql1080 - ok
19:04:53.0906 3748 Ql10wnt - ok
19:04:53.0921 3748 ql12160 - ok
19:04:53.0921 3748 ql1240 - ok
19:04:53.0937 3748 ql1280 - ok
19:04:53.0953 3748 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:04:53.0953 3748 RasAcd - ok
19:04:53.0968 3748 [ 9839B418343D6E6E52659BDF3FF1FE67 ] RasAuto C:\WINDOWS\System32\rasauto.dll
19:04:53.0984 3748 RasAuto - ok
19:04:54.0015 3748 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
19:04:54.0015 3748 Rasl2tp - ok
19:04:54.0078 3748 [ 62AD41548E720DB4763B86F95E44F3FA ] RasMan C:\WINDOWS\System32\rasmans.dll
19:04:54.0078 3748 RasMan - ok
19:04:54.0093 3748 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
19:04:54.0093 3748 RasPppoe - ok
19:04:54.0109 3748 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
19:04:54.0109 3748 Raspti - ok
19:04:54.0140 3748 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:04:54.0140 3748 Rdbss - ok
19:04:54.0156 3748 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
19:04:54.0171 3748 RDPCDD - ok
19:04:54.0218 3748 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
19:04:54.0218 3748 rdpdr - ok
19:04:54.0265 3748 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
19:04:54.0265 3748 RDPWD - ok
19:04:54.0312 3748 [ CC72E6AE90245F0AE48BF1236A7E1F9C ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
19:04:54.0312 3748 RDSessMgr - ok
19:04:54.0359 3748 [ 393FC252593323B624B230ECA6B85E63 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
19:04:54.0359 3748 redbook - ok
19:04:54.0390 3748 [ 7EBBF16FBD3E0E34F084FA635C1844E3 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
19:04:54.0390 3748 RemoteAccess - ok
19:04:54.0437 3748 [ F667A41BCED959988E53FEECC8BF5DA0 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
19:04:54.0437 3748 RemoteRegistry - ok
19:04:54.0515 3748 [ BD517C7FB119997EFFBE39D5E4B37B05 ] RichVideo C:\Programmi\CyberLink\Shared files\RichVideo.exe
19:04:54.0515 3748 RichVideo - ok
19:04:54.0578 3748 [ DC97F6C8A94691834439872B9E8FF2B3 ] RpcLocator C:\WINDOWS\system32\locator.exe
19:04:54.0578 3748 RpcLocator - ok
19:04:54.0609 3748 [ BC4E0226341AAEC1222336B3AED86BAB ] RpcSs C:\WINDOWS\system32\rpcss.dll
19:04:54.0609 3748 RpcSs - ok
19:04:54.0671 3748 [ DCE0D20F8FB66DF41D53734BFF9D66F0 ] RSVP C:\WINDOWS\system32\rsvp.exe
19:04:54.0671 3748 RSVP - ok
19:04:54.0718 3748 [ 0FBA335727905DE8E4CB5A2CF438ABF5 ] SamSs C:\WINDOWS\system32\lsass.exe
19:04:54.0718 3748 SamSs - ok
19:04:54.0765 3748 [ 1D456F1CD76A80793C07BA52CF3A7455 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
19:04:54.0765 3748 SCardSvr - ok
19:04:54.0812 3748 [ 511886E5BD060046CCE8373E92E62EDF ] Schedule C:\WINDOWS\system32\schedsvc.dll
19:04:54.0812 3748 Schedule - ok
19:04:54.0828 3748 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
19:04:54.0828 3748 Secdrv - ok
19:04:54.0843 3748 [ 17C6354CA08E7C7972E12C67478AE134 ] seclogon C:\WINDOWS\System32\seclogon.dll
19:04:54.0843 3748 seclogon - ok
19:04:54.0875 3748 [ A0ECA1CE0FCCB29C5E4E1F416E95E73E ] SENS C:\WINDOWS\system32\sens.dll
19:04:54.0875 3748 SENS - ok
19:04:54.0890 3748 [ FDBD9D64E2E03270021D424F0DCCF79D ] Serial C:\WINDOWS\system32\drivers\Serial.sys
19:04:54.0890 3748 Serial - ok
19:04:54.0937 3748 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
19:04:54.0937 3748 Sfloppy - ok
19:04:54.0968 3748 [ 152C0555925DFE028E3148FD215146BB ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
19:04:54.0984 3748 SharedAccess - ok
19:04:55.0000 3748 [ DCCC606FC144F6E44E497F9A906F1C30 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
19:04:55.0000 3748 ShellHWDetection - ok
19:04:55.0015 3748 Simbad - ok
19:04:55.0078 3748 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Programmi\Skype\Updater\Updater.exe
19:04:55.0078 3748 SkypeUpdate - ok
19:04:55.0125 3748 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
19:04:55.0125 3748 SLIP - ok
19:04:55.0484 3748 [ A12BE6B3F784BD66110EFC649F31038B ] SNP325 C:\WINDOWS\system32\DRIVERS\snp325.sys
19:04:56.0359 3748 SNP325 - ok
19:04:56.0375 3748 Sparrow - ok
19:04:56.0453 3748 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
19:04:56.0453 3748 splitter - ok
19:04:56.0500 3748 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
19:04:56.0515 3748 Spooler - ok
19:04:56.0593 3748 [ 618718CAE288BF7CBD8FCBAB2577D932 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
19:04:56.0609 3748 sr - ok
19:04:56.0625 3748 [ B3E3DA70A7A76E69B872DE3D06D32C19 ] srservice C:\WINDOWS\system32\srsvc.dll
19:04:56.0625 3748 srservice - ok
19:04:56.0703 3748 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
19:04:56.0718 3748 Srv - ok
19:04:56.0781 3748 [ 5215569DD3A8FBC65A85E85F3C12258B ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
19:04:56.0781 3748 SSDPSRV - ok
19:04:56.0843 3748 [ 3B9263E137896E4D303494F116E00608 ] stisvc C:\WINDOWS\system32\wiaservc.dll
19:04:56.0843 3748 stisvc - ok
19:04:56.0875 3748 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
19:04:56.0875 3748 streamip - ok
19:04:56.0921 3748 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
19:04:56.0921 3748 swenum - ok
19:04:56.0937 3748 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
19:04:56.0937 3748 swmidi - ok
19:04:56.0937 3748 SwPrv - ok
19:04:56.0953 3748 symc810 - ok
19:04:56.0953 3748 symc8xx - ok
19:04:56.0968 3748 sym_hi - ok
19:04:56.0984 3748 sym_u3 - ok
19:04:57.0031 3748 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
19:04:57.0031 3748 sysaudio - ok
19:04:57.0046 3748 [ A34A9A872EEC4C026FD542AC7156FE0B ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
19:04:57.0062 3748 SysmonLog - ok
19:04:57.0156 3748 [ 6B85F1A9DCE45D45BFFAD3222C21F297 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
19:04:57.0156 3748 TapiSrv - ok
19:04:57.0218 3748 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
19:04:57.0218 3748 Tcpip - ok
19:04:57.0265 3748 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
19:04:57.0265 3748 TDPIPE - ok
19:04:57.0296 3748 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
19:04:57.0296 3748 TDTCP - ok
19:04:57.0328 3748 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
19:04:57.0328 3748 TermDD - ok
19:04:57.0359 3748 [ FE5A5329CCFC33D645C33077FF04F052 ] TermService C:\WINDOWS\System32\termsrv.dll
19:04:57.0359 3748 TermService - ok
19:04:57.0390 3748 [ DCCC606FC144F6E44E497F9A906F1C30 ] Themes C:\WINDOWS\System32\shsvcs.dll
19:04:57.0390 3748 Themes - ok
19:04:57.0421 3748 [ 2FFF150EA4396956F10B66211687F335 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
19:04:57.0437 3748 TlntSvr - ok
19:04:57.0437 3748 TosIde - ok
19:04:57.0468 3748 [ 690294999DF1248FAF85D95B31955D0C ] TrkWks C:\WINDOWS\system32\trkwks.dll
19:04:57.0484 3748 TrkWks - ok
19:04:57.0500 3748 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
19:04:57.0500 3748 Udfs - ok
19:04:57.0515 3748 UIUSys - ok
19:04:57.0515 3748 ultra - ok
19:04:57.0609 3748 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
19:04:57.0625 3748 Update - ok
19:04:57.0687 3748 [ 8057B0744D9842A090E51D2845861D5F ] upnphost C:\WINDOWS\System32\upnphost.dll
19:04:57.0687 3748 upnphost - ok
19:04:57.0718 3748 [ F5E8B846EC10E1DF8DCA64119E2EB709 ] UPS C:\WINDOWS\System32\ups.exe
19:04:57.0718 3748 UPS - ok
19:04:57.0765 3748 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
19:04:57.0765 3748 usbccgp - ok
19:04:57.0796 3748 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
19:04:57.0796 3748 usbehci - ok
19:04:57.0828 3748 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
19:04:57.0828 3748 usbhub - ok
19:04:57.0875 3748 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
19:04:57.0875 3748 usbprint - ok
19:04:57.0921 3748 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
19:04:57.0921 3748 USBSTOR - ok
19:04:57.0937 3748 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
19:04:57.0937 3748 usbuhci - ok
19:04:57.0984 3748 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
19:04:57.0984 3748 VgaSave - ok
19:04:58.0000 3748 ViaIde - ok
19:04:58.0031 3748 [ E46C1B5A56DA7DA603D09DFCC79EC59E ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
19:04:58.0031 3748 VolSnap - ok
19:04:58.0078 3748 [ C2FE17125256102F5B44194D5DB0A799 ] VSS C:\WINDOWS\System32\vssvc.exe
19:04:58.0093 3748 VSS - ok
19:04:58.0125 3748 [ 2969DD84B584A6BB541A5273103957A3 ] W32Time C:\WINDOWS\system32\w32time.dll
19:04:58.0125 3748 W32Time - ok
19:04:58.0140 3748 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:04:58.0140 3748 Wanarp - ok
19:04:58.0140 3748 WDICA - ok
19:04:58.0156 3748 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
19:04:58.0156 3748 wdmaud - ok
19:04:58.0218 3748 [ 2EC50EE79B65F60C8E8B4A03BBB3A42F ] WebClient C:\WINDOWS\System32\webclnt.dll
19:04:58.0218 3748 WebClient - ok
19:04:58.0312 3748 [ 40911E98D0F1CBB1015F2101982F1DDF ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
19:04:58.0328 3748 winmgmt - ok
19:04:58.0390 3748 [ 74D92D14580FE46FC5A57957C8CC038F ] WinRM C:\WINDOWS\system32\WsmSvc.dll
19:04:58.0421 3748 WinRM - ok
19:04:58.0468 3748 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll
19:04:58.0484 3748 WmdmPmSN - ok
19:04:58.0546 3748 [ F63CB6DBE268EA0620C67A90CF43885E ] Wmi C:\WINDOWS\System32\advapi32.dll
19:04:58.0546 3748 Wmi - ok
19:04:58.0562 3748 [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
19:04:58.0562 3748 WmiAcpi - ok
19:04:58.0625 3748 [ 81FD02839FDB10ACF0EC40B809B9F8CC ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
19:04:58.0625 3748 WmiApSrv - ok
19:04:58.0687 3748 [ F30DC8F80CF65A323E8B6A2DB81561E3 ] WMPNetworkSvc C:\Programmi\Windows Media Player\WMPNetwk.exe
19:04:58.0703 3748 WMPNetworkSvc - ok
19:04:58.0750 3748 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
19:04:58.0750 3748 WpdUsb - ok
19:04:58.0765 3748 [ 926D921C93CFF1E19EF4DE3E4C8368CA ] wscsvc C:\WINDOWS\system32\wscsvc.dll
19:04:58.0781 3748 wscsvc - ok
19:04:58.0812 3748 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
19:04:58.0812 3748 WSTCODEC - ok
19:04:58.0859 3748 [ CC48415E6C7CBAA441A3D6A6DCCBCFA6 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
19:04:58.0859 3748 wuauserv - ok
19:04:58.0875 3748 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
19:04:58.0875 3748 WudfPf - ok
19:04:58.0890 3748 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
19:04:58.0890 3748 WudfRd - ok
19:04:58.0921 3748 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
19:04:58.0921 3748 WudfSvc - ok
19:04:58.0937 3748 [ 053E0307A08CAC60793E27E921B46B3E ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
19:04:58.0953 3748 WZCSVC - ok
19:04:58.0984 3748 [ 5526482DCBA6047641B13BF9C75A74E0 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
19:04:58.0984 3748 xmlprov - ok
19:04:59.0000 3748 ================ Scan global ===============================
19:04:59.0062 3748 [ 17DDFE6A0B5404C5EF4C03AD996D0562 ] C:\WINDOWS\system32\basesrv.dll
19:04:59.0109 3748 [ 7B39F8912DF2C266411F7248EC250AE6 ] C:\WINDOWS\system32\winsrv.dll
19:04:59.0125 3748 [ 7B39F8912DF2C266411F7248EC250AE6 ] C:\WINDOWS\system32\winsrv.dll
19:04:59.0140 3748 [ 26845F272435302E0F3322E660A24F7D ] C:\WINDOWS\system32\services.exe
19:04:59.0140 3748 [Global] - ok
19:04:59.0140 3748 ================ Scan MBR ==================================
19:04:59.0171 3748 [ 828E02D5C4A4FBE53441EE9DBEE51F43 ] \Device\Harddisk0\DR0
19:05:00.0265 3748 \Device\Harddisk0\DR0 - ok
19:05:00.0265 3748 ================ Scan VBR ==================================
19:05:00.0265 3748 [ 4E62AD9183B9DE47733D9CAC184C33DE ] \Device\Harddisk0\DR0\Partition1
19:05:00.0265 3748 \Device\Harddisk0\DR0\Partition1 - ok
19:05:00.0265 3748 ============================================================
19:05:00.0265 3748 Scan finished
19:05:00.0265 3748 ============================================================
19:05:00.0281 2772 Detected object count: 0
19:05:00.0281 2772 Actual detected object count: 0


MBAB:
Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Versione database: v2012.11.26.07

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 7.0.5730.13
Administrator :: UTENTE-CCDDFEA0 [amministratore]

26/11/2012 19.12.38
mbam-log-2012-11-26 (19-12-38).txt

Tipo di scansione: Scansione veloce
Opzioni di scansione attive: Memoria | Esecuzione automatica | Registro | File di sistema | Euristica/Extra | Euristica/Shuriken | PUP | PUM
Opzioni di scansione disattivate: P2P
Elementi esaminati: 204510
Tempo impiegato: 10 minuti, 51 secondi

Processi rilevati in memoria: 0
(non sono stati rilevati elementi nocivi)

Moduli di memoria rilevati: 0
(non sono stati rilevati elementi nocivi)

Chiavi di registro rilevate: 0
(non sono stati rilevati elementi nocivi)

Valori di registro rilevati: 0
(non sono stati rilevati elementi nocivi)

Voci rilevate nei dati di registro: 0
(non sono stati rilevati elementi nocivi)

Cartelle rilevate: 0
(non sono stati rilevati elementi nocivi)

File rilevati: 0
(non sono stati rilevati elementi nocivi)

(fine)

#4 Sightless

Sightless

  • Members
  • 435 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Up in the Clouds
  • Local time:04:54 AM

Posted 26 November 2012 - 12:33 PM

Let's try an ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Check Posted Image
  • Check Remove found threats and Scan potentially unwanted applications (If given the option, choose "Quarantine" instead of delete.)
  • Push the Start button.
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image

Please include the following in your reply
ESET log
Any questions/comments you may have

#5 jabbb

jabbb
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Local time:10:54 AM

Posted 28 November 2012 - 07:43 PM

ESET found one something:
C:\WINDOWS\FixCamera.exe a variant of Win32/KillProc.A application cleaned by deleting - quarantined

#6 Sightless

Sightless

  • Members
  • 435 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Up in the Clouds
  • Local time:04:54 AM

Posted 28 November 2012 - 07:46 PM

Is it running any better?

Edited by Sightless, 28 November 2012 - 07:47 PM.


#7 jabbb

jabbb
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Local time:10:54 AM

Posted 29 November 2012 - 04:31 AM

I will let you know after I've made few tries, was I suppose to delete the ESET program after the scan?

#8 Sightless

Sightless

  • Members
  • 435 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Up in the Clouds
  • Local time:04:54 AM

Posted 29 November 2012 - 10:45 AM

You can, but it's not necessary

#9 jabbb

jabbb
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Local time:10:54 AM

Posted 30 November 2012 - 06:40 AM

Unfortunately the PC performance hasn't got any better.
On IE you can watch videos and listen to the music but for normal browsing it is painfully slow, where as Google chrome is faster but if you wanna listen to a music or watch videos the audio starts crackling.
I checked on task manager and the CPU usage wasn't even close to 100%.
I cannot figure out what could be the cause for this problem.

#10 Sightless

Sightless

  • Members
  • 435 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Up in the Clouds
  • Local time:04:54 AM

Posted 30 November 2012 - 11:40 AM

Please download AdwCleaner by Xplode to your desktop.
  • Make sure all programs are closed
  • Doubleclick adwcleaner.exe
  • Click Delete
  • Press OK when prompted
  • Restart your computer when asked
  • Copy and paste the contents of the text files that opens after your computer restarts to a reply to this thread. (The log is also saved to C:\AdwCleaner[S1].txt)

Download and run mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries

Click Go and post the result.

#11 jabbb

jabbb
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Local time:10:54 AM

Posted 01 December 2012 - 09:25 AM

adwcleaner:

# AdwCleaner v2.010 - Logfile creato il 01/12/2012 alle 16:24:16
# Aggiornamento 29/11/2012 by Xplode
# Sistema Operativo : Microsoft Windows XP Service Pack 3 (32 bits)
# Utente : Administrator - UTENTE-CCDDFEA0
# Modalità Avvio : Modalità Normale
# Eseguito da : C:\Documents and Settings\Administrator\Desktop\AdwCleaner.exe
# Opzioni [Cerca]


***** [Servizi] *****


***** [File / Cartelle] *****

Cartella Trovato : C:\DOCUME~1\ADMINI~1\IMPOST~1\Temp\AskSearch
Cartella Trovato : C:\Documents and Settings\Administrator\Dati applicazioni\SogouExplorer
File Trovato : C:\Programmi\Mozilla Firefox\.autoreg

***** [Registro] *****

Chiave Trovata : HKCU\Software\Conduit
Chiave Trovata : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Chiave Trovata : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Chiave Trovata : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Chiave Trovata : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4DC8-84D1-F5D7BAF2DB0C}
Chiave Trovata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Chiave Trovata : HKCU\Software\Softonic
Chiave Trovata : HKCU\Software\TENCENT
Chiave Trovata : HKLM\SOFTWARE\Classes\Toolbar.CT2567691
Chiave Trovata : HKLM\Software\TENCENT
Chiave Trovata : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Chiave Trovata : HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Chiave Trovata : HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Chiave Trovata : HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Chiave Trovata : HKU\S-1-5-21-1085031214-1935655697-1417001333-500\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Chiave Trovata : HKU\S-1-5-21-1085031214-1935655697-1417001333-500\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Chiave Trovata : HKU\S-1-5-21-1085031214-1935655697-1417001333-500\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Chiave Trovata : HKU\S-1-5-21-1085031214-1935655697-1417001333-500\Software\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4DC8-84D1-F5D7BAF2DB0C}
Valore Trovata : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Valore Trovata : HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel [Homepage]

***** [Browser Internet] *****

-\\ Internet Explorer v7.0.5730.13

[OK] Registro Pulito.

*************************

AdwCleaner[R1].txt - [3016 octets] - [01/12/2012 16:22:31]
AdwCleaner[R2].txt - [2947 octets] - [01/12/2012 16:24:16]

########## EOF - C:\AdwCleaner[R2].txt - [3007 octets] ##########

#12 jabbb

jabbb
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Local time:10:54 AM

Posted 01 December 2012 - 09:34 AM

ok so after the restart I got a new report, not sure if the content is the same:

# AdwCleaner v2.010 - Logfile creato il 01/12/2012 alle 16:24:38
# Aggiornamento 29/11/2012 by Xplode
# Sistema Operativo : Microsoft Windows XP Service Pack 3 (32 bits)
# Utente : Administrator - UTENTE-CCDDFEA0
# Modalità Avvio : Modalità Normale
# Eseguito da : C:\Documents and Settings\Administrator\Desktop\AdwCleaner.exe
# Opzioni [Elimina]


***** [Servizi] *****


***** [File / Cartelle] *****

Cartella Eliminato : C:\DOCUME~1\ADMINI~1\IMPOST~1\Temp\AskSearch
Cartella Eliminato : C:\Documents and Settings\Administrator\Dati applicazioni\SogouExplorer
File Eliminato : C:\Programmi\Mozilla Firefox\.autoreg

***** [Registro] *****

Chiave Eliminata : HKCU\Software\Conduit
Chiave Eliminata : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Chiave Eliminata : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Chiave Eliminata : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Chiave Eliminata : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4DC8-84D1-F5D7BAF2DB0C}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Chiave Eliminata : HKCU\Software\Softonic
Chiave Eliminata : HKCU\Software\TENCENT
Chiave Eliminata : HKLM\SOFTWARE\Classes\Toolbar.CT2567691
Chiave Eliminata : HKLM\Software\TENCENT
Chiave Eliminata : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Chiave Eliminata : HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Chiave Eliminata : HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Valore Eliminata : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Valore Eliminata : HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel [Homepage]

***** [Browser Internet] *****

-\\ Internet Explorer v7.0.5730.13

[OK] Registro Pulito.

*************************

AdwCleaner[R1].txt - [3016 octets] - [01/12/2012 16:22:31]
AdwCleaner[R2].txt - [3076 octets] - [01/12/2012 16:24:16]
AdwCleaner[S1].txt - [2297 octets] - [01/12/2012 16:24:38]

########## EOF - C:\AdwCleaner[S1].txt - [2357 octets] ##########

#13 jabbb

jabbb
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Local time:10:54 AM

Posted 01 December 2012 - 09:36 AM

minitoolbox:

MiniToolBox by Farbar Version: 25-11-2012
Ran by Administrator (administrator) on 01-12-2012 at 16:35:13
Running from "C:\Documents and Settings\Administrator\Desktop"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Configurazione IP di Windows



Svuotata la cache del resolver DNS.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


127.0.0.1 localhost

========================= IP Configuration: ================================

WLAN Broadcom 802.11b/g = Connessione rete senza fili (Connected)
Intel® 82562GT 10/100 Network Connection = Connessione alla rete locale (LAN) (Media disconnected)


# ----------------------------------
# Configurazione IP interfaccia
# ----------------------------------
pushd interface ip


# Configurazione IP interfaccia per "Connessione rete senza fili"

set address name="Connessione rete senza fili" source=dhcp
set dns name="Connessione rete senza fili" source=dhcp register=PRIMARY
set wins name="Connessione rete senza fili" source=dhcp

# Configurazione IP interfaccia per "Connessione alla rete locale (LAN)"

set address name="Connessione alla rete locale (LAN)" source=dhcp
set dns name="Connessione alla rete locale (LAN)" source=dhcp register=PRIMARY
set wins name="Connessione alla rete locale (LAN)" source=dhcp


popd
# Termine della configurazione IP interfaccia




Configurazione IP di Windows



Nome host . . . . . . . . . . . . . . : utente-ccddfea0

Suffisso DNS primario . . . . . . . :

Tipo nodo . . . . . . . . . : Sconosciuto

Routing IP abilitato. . . . . . . . . : No

Proxy WINS abilitato . . . . . . . . : No



Scheda Ethernet Connessione rete senza fili:



Suffisso DNS specifico per connessione:

Descrizione . . . . . . . . . . . . . : WLAN Broadcom 802.11b/g

Indirizzo fisico. . . . . . . . . . . : 00-21-00-19-25-ED

DHCP abilitato. . . . . . . . . . . . : Ś

Configurazione automatica abilitata : Ś

Indirizzo IP. . . . . . . . . . . . . : 192.168.0.10

Subnet mask . . . . . . . . . . . . . : 255.255.255.0

Gateway predefinito . . . . . . . . . : 192.168.0.1

Server DHCP . . . . . . . . . . . . . : 192.168.0.1

Server DNS . . . . . . . . . . . . . : 62.241.198.245

62.241.198.246

Lease ottenuto. . . . . . . . . . . . : sabato 1 dicembre 2012 16.27.09

Scadenza lease . . . . . . . . . . . : sabato 8 dicembre 2012 16.27.09



Scheda Ethernet Connessione alla rete locale (LAN):



Stato supporto . . . . . . . . . . . : Supporto disconnesso

Descrizione . . . . . . . . . . . . . : Intel® 82562GT 10/100 Network Connection

Indirizzo fisico. . . . . . . . . . . : 00-1F-29-89-BB-04

Server: resolver1.dnaip.fi
Address: 62.241.198.245

Nome: google.com
Addresses: 173.194.32.34, 173.194.32.35, 173.194.32.36, 173.194.32.37
173.194.32.38, 173.194.32.39, 173.194.32.40, 173.194.32.41, 173.194.32.46
173.194.32.32, 173.194.32.33



Esecuzione di Ping google.com [173.194.32.32] con 32 byte di dati:



Risposta da 173.194.32.32: byte=32 durata=14ms TTL=57

Risposta da 173.194.32.32: byte=32 durata=16ms TTL=57



Statistiche Ping per 173.194.32.32:

Pacchetti: Trasmessi = 2, Ricevuti = 2, Persi = 0 (0% persi),

Tempo approssimativo percorsi andata/ritorno in millisecondi:

Minimo = 14ms, Massimo = 16ms, Medio = 15ms

Server: resolver1.dnaip.fi
Address: 62.241.198.245

Nome: yahoo.com
Addresses: 72.30.38.140, 98.138.253.109, 98.139.183.24



Esecuzione di Ping yahoo.com [98.139.183.24] con 32 byte di dati:



Richiesta scaduta.

Risposta da 98.139.183.24: byte=32 durata=247ms TTL=47



Statistiche Ping per 98.139.183.24:

Pacchetti: Trasmessi = 2, Ricevuti = 1, Persi = 1 (50% persi),

Tempo approssimativo percorsi andata/ritorno in millisecondi:

Minimo = 247ms, Massimo = 247ms, Medio = 247ms



Esecuzione di Ping 127.0.0.1 con 32 byte di dati:



Risposta da 127.0.0.1: byte=32 durata<1ms TTL=64

Risposta da 127.0.0.1: byte=32 durata<1ms TTL=64



Statistiche Ping per 127.0.0.1:

Pacchetti: Trasmessi = 2, Ricevuti = 2, Persi = 0 (0% persi),

Tempo approssimativo percorsi andata/ritorno in millisecondi:

Minimo = 0ms, Massimo = 0ms, Medio = 0ms

===========================================================================
Elenco interfacce
0x1 ........................... MS TCP Loopback interface
0x2 ...00 21 00 19 25 ed ...... WLAN Broadcom 802.11b/g - Miniport dell'Utilità di pianificazione pacchetti
0x3 ...00 1f 29 89 bb 04 ...... Intel® 82562GT 10/100 Network Connection - Miniport dell'Utilità di pianificazione pacchetti
===========================================================================
===========================================================================
Route attive:
Indirizzo rete Mask Gateway Interfac. Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.10 25
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.0.0 255.255.255.0 192.168.0.10 192.168.0.10 25
192.168.0.10 255.255.255.255 127.0.0.1 127.0.0.1 25
192.168.0.255 255.255.255.255 192.168.0.10 192.168.0.10 25
224.0.0.0 240.0.0.0 192.168.0.10 192.168.0.10 25
255.255.255.255 255.255.255.255 192.168.0.10 3 1
255.255.255.255 255.255.255.255 192.168.0.10 192.168.0.10 1
Gateway predefinito: 192.168.0.1
===========================================================================
Route permanenti:
Nessuno
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [247296] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)

**** End of log ****

#14 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,026 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:54 AM

Posted 01 December 2012 - 09:46 PM

Hello I will take this now as sightless has moved into our Malware training program.

Please run JRT...
Posted Image Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.


Also rerun MiniToolBox with only these checked.

  • Flush DNS
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



Now..Please download TFC (Temp File Cleaner) by Old Timer and save it to your desktop.
alternate download link
  • Save any unsaved work. TFC will close ALL open programs including your browser!
  • Double-click on TFC.exe to run it. If you are using Vista, right-click on the file and choose Run As Administrator.
  • Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
  • TFC will clear out all temp folders for all user accounts (temp, IE temp, Java, FF, Opera, Chrome, Safari), including Administrator, All Users, LocalService, NetworkService, and any other accounts in the user folder.
  • Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway to ensure a complete clean.
Note: It is normal for the computer to be slow to boot after running TFC cleaner the first time.


Lastly aswMBR..if asked to click FIX or FixMBR,do so.
Please download aswMBR ( 4.5MB ) to your desktop.
  • Double click the aswMBR.exe icon, and click Run.
  • When asked if you'd like to "download the latest Avast! virus definitions", click Yes.
  • Click the Scan button to start the scan.
  • On completion of the scan, click the save log button, save it to your desktop, then copy and paste it in your next reply.

How is it runing now?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#15 jabbb

jabbb
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Local time:10:54 AM

Posted 10 December 2012 - 12:37 PM

Alright we're back
JRT report:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 3.8.5 (12.05.2012:1)
OS: Microsoft Windows XP x86
Ran by Administrator on 10/12/2012 at 19.26.55,90
Blog: http://thisisudax.blogspot.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Documents and Settings\Administrator\Dati applicazioni\tencent"
Successfully deleted: [Folder] "C:\Programmi\tencent"



~~~ FireFox

Successfully deleted: [File] C:\Documents and Settings\Administrator\Dati applicazioni\mozilla\firefox\profiles\cbol67vh.default\user.js
Successfully deleted: [File] C:\Documents and Settings\Administrator\Dati applicazioni\mozilla\firefox\profiles\cbol67vh.default\searchplugins\conduit.xml
Successfully deleted the following from C:\Documents and Settings\Administrator\Dati applicazioni\mozilla\firefox\profiles\cbol67vh.default\prefs.js

user_pref("CT2653012.AboutPrivacyUrl", "http://www.conduit.com/privacy/Default.aspx");
user_pref("CT2653012.CTID", "CT2653012");
user_pref("CT2653012.CurrentServerDate", "28-10-2010");
user_pref("CT2653012.DialogsAlignMode", "LTR");
user_pref("CT2653012.DownloadReferralCookieData", "");
user_pref("CT2653012.FirstServerDate", "25-9-2010");
user_pref("CT2653012.FirstTime", true);
user_pref("CT2653012.FirstTimeFF3", true);
user_pref("CT2653012.FirstTimeSettingsDone", true);
user_pref("CT2653012.FixPageNotFoundErrors", true);
user_pref("CT2653012.GroupingServerCheckInterval", 1440);
user_pref("CT2653012.GroupingServiceUrl", "http://grouping.services.conduit.com/");
user_pref("CT2653012.Initialize", true);
user_pref("CT2653012.InitializeCommonPrefs", true);
user_pref("CT2653012.InstallationAndCookieDataSentCount", 3);
user_pref("CT2653012.InstalledDate", "Sat Sep 25 2010 01:24:20 GMT+0200 (ora legale Europa occidentale)");
user_pref("CT2653012.IsGrouping", false);
user_pref("CT2653012.IsMulticommunity", false);
user_pref("CT2653012.IsOpenThankYouPage", true);
user_pref("CT2653012.IsOpenUninstallPage", true);
user_pref("CT2653012.LanguagePackLastCheckTime", "Thu Oct 28 2010 16:19:50 GMT+0200 (ora legale Europa occidentale)");
user_pref("CT2653012.LanguagePackReloadIntervalMM", 1440);
user_pref("CT2653012.LanguagePackServiceUrl", "http://translation.users.conduit.com/Translation.ashx");
user_pref("CT2653012.LastLogin_2.7.1.3", "Thu Oct 28 2010 16:19:49 GMT+0200 (ora legale Europa occidentale)");
user_pref("CT2653012.LatestVersion", "2.7.2.0");
user_pref("CT2653012.Locale", "en");
user_pref("CT2653012.LoginCache", 4);
user_pref("CT2653012.MCDetectTooltipHeight", "83");
user_pref("CT2653012.MCDetectTooltipUrl", "http://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
user_pref("CT2653012.MCDetectTooltipWidth", "295");
user_pref("CT2653012.SHRINK_TOOLBAR", 1);
user_pref("CT2653012.SearchEngine", "Search||http://search.conduit.com/Results.aspx?q=UCM_SEARCH_TERM&ctid=CT2653012&octid=EB_ORIGINAL_CTID&SearchSource=1");
user_pref("CT2653012.SearchFromAddressBarIsInit", true);
user_pref("CT2653012.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2653012&q=");
user_pref("CT2653012.SearchInNewTabEnabled", true);
user_pref("CT2653012.SearchInNewTabIntervalMM", 1440);
user_pref("CT2653012.SearchInNewTabLastCheckTime", "Thu Oct 28 2010 16:19:48 GMT+0200 (ora legale Europa occidentale)");
user_pref("CT2653012.SearchInNewTabServiceUrl", "http://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID");
user_pref("CT2653012.SearchInNewTabUsageUrl", "http://Usage.Hosting.conduit-services.com/UsageService.asmx/UsersRequests?ctid=EB_TOOLBAR_ID");
user_pref("CT2653012.SettingsCheckIntervalMin", 120);
user_pref("CT2653012.SettingsLastCheckTime", "Thu Oct 28 2010 16:19:47 GMT+0200 (ora legale Europa occidentale)");
user_pref("CT2653012.SettingsLastUpdate", "1285580322");
user_pref("CT2653012.ThirdPartyComponentsInterval", 504);
user_pref("CT2653012.ThirdPartyComponentsLastCheck", "Mon Oct 18 2010 11:35:25 GMT+0200 (ora legale Europa occidentale)");
user_pref("CT2653012.ThirdPartyComponentsLastUpdate", "1246790578");
user_pref("CT2653012.TrusteLinkUrl", "http://www.truste.org/pvr.php?page=validate&softwareProgramId=101&sealid=112");
user_pref("CT2653012.UserID", "UN45605821489907594");
user_pref("CT2653012.ValidationData_Toolbar", 2);
user_pref("CT2653012.WeatherNetwork", "");
user_pref("CT2653012.WeatherPollDate", "Thu Oct 28 2010 16:19:50 GMT+0200 (ora legale Europa occidentale)");
user_pref("CT2653012.WeatherUnit", "C");
user_pref("CT2653012.alertChannelId", "1045667");
user_pref("CT2653012.clientLogIsEnabled", true);
user_pref("CT2653012.clientLogServiceUrl", "http://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
user_pref("CT2653012.components.1000234", true);
user_pref("CT2653012.myStuffEnabled", true);
user_pref("CT2653012.myStuffPublihserMinWidth", 400);
user_pref("CT2653012.myStuffSearchUrl", "http://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
user_pref("CT2653012.myStuffServiceIntervalMM", 1440);
user_pref("CT2653012.myStuffServiceUrl", "http://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
user_pref("CT2653012.uninstallLogServiceUrl", "http://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
user_pref("CommunityToolbar.MiniIPageGadgetPosition.http://www.veoh.com/qlipso", "-231x6");
user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.properties");
user_pref("CommunityToolbar.ToolbarsList", "CT2653012");
user_pref("CommunityToolbar.ToolbarsList2", "CT2653012");
user_pref("CommunityToolbar.alert.alertInfoInterval", 720);
user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Thu Oct 28 2010 16:19:47 GMT+0200 (ora legale Europa occidentale)");
user_pref("CommunityToolbar.alert.clientsServerUrl", "http://alert.client.conduit.com");
user_pref("CommunityToolbar.alert.locale", "en");
user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
user_pref("CommunityToolbar.alert.loginLastCheckTime", "Thu Oct 28 2010 16:19:47 GMT+0200 (ora legale Europa occidentale)");
user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1283688156");
user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
user_pref("CommunityToolbar.alert.servicesServerUrl", "http://alert.services.conduit.com");
user_pref("CommunityToolbar.alert.showTrayIcon", false);
user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
user_pref("CommunityToolbar.alert.userId", "{ff30bdd9-8172-4c85-bb5c-87b6ef777f10}");
user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2653012");
user_pref("browser.search.defaultthis.engineName", "Veoh Web Player Customized Web Search");
user_pref("browser.search.defaulturl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2653012&SearchSource=3&q={searchTerms}");
user_pref("browser.search.selectedEngine", "Veoh Web Player Customized Web Search");
user_pref("keyword.URL", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2653012&q=");
user_pref("weboftrust.search.ask.display", "Ask.com Web Search");
user_pref("weboftrust.search.baidu.display", "Baidu");
user_pref("weboftrust.search.baidu.ign", "^http(s)?\\:\\/\\/([\\w\\-]+\\.)*baidu\\.com\\/");
user_pref("weboftrust.search.baidu.prestyle", "[ATTR] { position: absolute; visibility: hidden; }");
user_pref("weboftrust.search.baidu.style", ".f a ~ [ATTR=\"NAME\"] { background: url(IMAGE) right no-repeat; margin-left: 2px; position: relative; visibility: visible; }");
user_pref("weboftrust.search.baidu.url", "^http(s)?\\:\\/\\/([\\w\\-]+\\.)*baidu\\.com\\/s\\\\?.+");
user_pref("weboftrust.search.dogpile.display", "Dogpile");
user_pref("weboftrust.search.dogpile.ign", "^http(s)?\\:\\/\\/([\\w\\-]+\\.)*dogpile\\.com\\/|^http\\:\\/\\/(.+\\.)?r\\.msn\\.com\\/");
user_pref("weboftrust.search.dogpile.pre0.match", 3);
user_pref("weboftrust.search.dogpile.pre0.re", "^http(s)?\\:\\/\\/cs\\.(dogpile|infospace)\\.com\\/ClickHandler.+ru=(http[^&]+)");
user_pref("weboftrust.search.dogpile.prestyle", ".paidSearchResult [ATTR] { display: none ! important; } .searchResultsPane { max-width: 44.08em; } [ATTR] { position: absolute; visibility: hidden; }")
user_pref("weboftrust.search.dogpile.style", "a.resultTitle ~ [ATTR=\"NAME\"] { background: url(IMAGE) right no-repeat; margin-left: 2px; padding-bottom: 1px; position: relative; visibility: visible;
user_pref("weboftrust.search.dogpile.url", "^http(s)?\\:\\/\\/([\\w\\-]+\\.)*dogpile\\.com\\/(info\\.[^\\/]+/)?(search\\/)?web.+");
user_pref("weboftrust.search.ixquick.display", "Ixquick");
user_pref("weboftrust.search.ixquick.ign", "^http(s)?\\:\\/\\/([\\w\\-]+\\.)*(ixquick|startpage|startingpage)\\.com\\/?");
user_pref("weboftrust.search.ixquick.pre0.match", 6);
user_pref("weboftrust.search.ixquick.pre0.re", "^http(s)?\\:\\/\\/([\\w\\-]+\\.)?google\\.(com?\\.[a-z]{2}|[a-z]{2,})\\/(url|pagead|interstitial|aclk).*\\\\?.*(q|adurl|url)=(.+)(&.*)?");
user_pref("weboftrust.search.ixquick.pre1.match", 4);
user_pref("weboftrust.search.ixquick.pre1.re", "^http(s)?\\:\\/\\/([\\w\\-]+\\.)*(ixquick|startpage|startingpage)\\.com\\/do\\/highlight.*&u=(http[^&]*)");
user_pref("weboftrust.search.ixquick.prestyle", "[ATTR] { position: absolute; visibility: hidden; }");
user_pref("weboftrust.search.ixquick.style", "a.title ~ [ATTR=\"NAME\"], a.title2 ~ [ATTR=\"NAME\"], .result h3 > a ~ [ATTR=\"NAME\"] { background: url(IMAGE) right no-repeat; margin-left: 2px; positi
user_pref("weboftrust.search.ixquick.url", "^http(s)?\\:\\/\\/([\\w\\-]+\\.)*(ixquick|startpage|startingpage)\\.com\\/do\\/(meta)?search");





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 10/12/2012 at 19.31.35,65
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users