Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Startup.Incredibar


  • Please log in to reply
9 replies to this topic

#1 knigtbird

knigtbird

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:57 AM

Posted 01 December 2012 - 09:52 AM

I've been infected with the 'Startup.Incredibar' virus/trojan/malware. Despite repeated attempts to get rid of it the Incredibar still persists. I can't seem to access my own system start up, instead I get; 'Application failed to initialize:0x800106ba. A problem caused this programs service to stop.' and it has erased my search engine on Chrome. Although Chrome now seems clear Incredibar has now taken up residence on Firefox; with its usual redirects and add pop ups; the best redirect being to a site that offers to remove Incredibar for a mere 49 dollars, real slick , lol :hysterical:

*Moderator Edit: Moved topic from Vista to the more appropriate forum. ~ Queen-Evie*

Edited by Queen-Evie, 01 December 2012 - 10:37 AM.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:57 AM

Posted 01 December 2012 - 12:25 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 knigtbird

knigtbird
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:57 AM

Posted 05 December 2012 - 03:02 PM

TTDSkiller log:

13:07:41.0815 3864 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
13:07:43.0818 3864 ============================================================
13:07:43.0818 3864 Current date / time: 2012/12/02 13:07:43.0818
13:07:43.0818 3864 SystemInfo:
13:07:43.0819 3864
13:07:43.0819 3864 OS Version: 6.0.6000 ServicePack: 0.0
13:07:43.0819 3864 Product type: Workstation
13:07:43.0819 3864 ComputerName: YOURNAME-PC
13:07:43.0819 3864 UserName: Your Name
13:07:43.0819 3864 Windows directory: C:\Windows
13:07:43.0819 3864 System windows directory: C:\Windows
13:07:43.0819 3864 Processor architecture: Intel x86
13:07:43.0819 3864 Number of processors: 2
13:07:43.0819 3864 Page size: 0x1000
13:07:43.0819 3864 Boot type: Normal boot
13:07:43.0819 3864 ============================================================
13:07:47.0690 3864 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
13:07:47.0817 3864 ============================================================
13:07:47.0817 3864 \Device\Harddisk0\DR0:
13:07:47.0817 3864 MBR partitions:
13:07:47.0817 3864 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1388000
13:07:47.0817 3864 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x139C000, BlocksNum 0x1BE29170
13:07:47.0817 3864 ============================================================
13:07:48.0157 3864 C: <-> \Device\Harddisk0\DR0\Partition2
13:07:48.0221 3864 D: <-> \Device\Harddisk0\DR0\Partition1
13:07:48.0273 3864 ============================================================
13:07:48.0273 3864 Initialize success
13:07:48.0273 3864 ============================================================
13:09:15.0297 3396 ============================================================
13:09:15.0298 3396 Scan started
13:09:15.0298 3396 Mode: Manual; TDLFS;
13:09:15.0298 3396 ============================================================
13:09:16.0429 3396 ================ Scan system memory ========================
13:09:16.0429 3396 System memory - ok
13:09:16.0430 3396 ================ Scan services =============================
13:09:16.0723 3396 [ 84FC6DF81212D16BE5C4F441682FECCC ] ACPI C:\Windows\system32\drivers\acpi.sys
13:09:16.0728 3396 ACPI - ok
13:09:16.0814 3396 [ 0CB0AA071C7B86A64F361DCFDF357329 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
13:09:16.0819 3396 AdobeFlashPlayerUpdateSvc - ok
13:09:16.0881 3396 [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
13:09:16.0892 3396 adp94xx - ok
13:09:16.0920 3396 [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci C:\Windows\system32\drivers\adpahci.sys
13:09:16.0927 3396 adpahci - ok
13:09:16.0951 3396 [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
13:09:16.0957 3396 adpu160m - ok
13:09:16.0985 3396 [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320 C:\Windows\system32\drivers\adpu320.sys
13:09:16.0989 3396 adpu320 - ok
13:09:17.0047 3396 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
13:09:17.0048 3396 AeLookupSvc - ok
13:09:17.0130 3396 [ 5D24CAF8EFD924A875698FF28384DB8B ] AFD C:\Windows\system32\drivers\afd.sys
13:09:17.0133 3396 AFD - ok
13:09:17.0173 3396 [ EF23439CDD587F64C2C1B8825CEAD7D8 ] agp440 C:\Windows\system32\drivers\agp440.sys
13:09:17.0175 3396 agp440 - ok
13:09:17.0212 3396 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
13:09:17.0215 3396 aic78xx - ok
13:09:17.0240 3396 [ E69FB0E3112C40FDC0EF7D21A52DC951 ] ALG C:\Windows\System32\alg.exe
13:09:17.0242 3396 ALG - ok
13:09:17.0259 3396 [ 90395B64600EBB4552E26E178C94B2E4 ] aliide C:\Windows\system32\drivers\aliide.sys
13:09:17.0260 3396 aliide - ok
13:09:17.0276 3396 [ 2B13E304C9DFDFA5EB582F6A149FA2C7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
13:09:17.0278 3396 amdagp - ok
13:09:17.0305 3396 [ 0577DF1D323FE75A739C787893D300EA ] amdide C:\Windows\system32\drivers\amdide.sys
13:09:17.0307 3396 amdide - ok
13:09:17.0353 3396 [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
13:09:17.0355 3396 AmdK7 - ok
13:09:17.0373 3396 [ 0CA0071DA4315B00FC1328CA86B425DA ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
13:09:17.0374 3396 AmdK8 - ok
13:09:17.0418 3396 [ CFA455816879F06F1C4E5BBF9E8AEF7D ] Appinfo C:\Windows\System32\appinfo.dll
13:09:17.0420 3396 Appinfo - ok
13:09:17.0500 3396 [ 5F673180268BB1FDB69C99B6619FE379 ] arc C:\Windows\system32\drivers\arc.sys
13:09:17.0502 3396 arc - ok
13:09:17.0539 3396 [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas C:\Windows\system32\drivers\arcsas.sys
13:09:17.0542 3396 arcsas - ok
13:09:17.0578 3396 [ E86CF7CE67D5DE898F27EF884DC357D8 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
13:09:17.0579 3396 AsyncMac - ok
13:09:17.0631 3396 [ B35CFCEF838382AB6490B321C87EDF17 ] atapi C:\Windows\system32\drivers\atapi.sys
13:09:17.0632 3396 atapi - ok
13:09:17.0651 3396 [ E760FC1BD68F7F6F1B17EB4E8D9480B0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:09:17.0658 3396 AudioEndpointBuilder - ok
13:09:17.0673 3396 [ E760FC1BD68F7F6F1B17EB4E8D9480B0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
13:09:17.0676 3396 Audiosrv - ok
13:09:17.0979 3396 [ F6A528DE535396C2FB1A4E3C6F00CEC4 ] AVGIDSAgent C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
13:09:18.0114 3396 AVGIDSAgent - ok
13:09:18.0179 3396 [ 1074F787080068C71303B61FAE7E7CA4 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdriverx.sys
13:09:18.0183 3396 AVGIDSDriver - ok
13:09:18.0227 3396 [ 61A7E0B02F82CFF3DB2445BBE50B3589 ] AVGIDSFilter C:\Windows\system32\DRIVERS\avgidsfilterx.sys
13:09:18.0228 3396 AVGIDSFilter - ok
13:09:18.0256 3396 [ D63D83659EEDF60B3A3E620281A888E5 ] AVGIDSHX C:\Windows\system32\DRIVERS\avgidshx.sys
13:09:18.0258 3396 AVGIDSHX - ok
13:09:18.0268 3396 [ BAF975B72062F53D327788E99D64197E ] AVGIDSShim C:\Windows\system32\DRIVERS\avgidsshimx.sys
13:09:18.0270 3396 AVGIDSShim - ok
13:09:18.0324 3396 [ DCB09125C8B4766A88C86914B65487C1 ] Avgldx86 C:\Windows\system32\DRIVERS\avgldx86.sys
13:09:18.0330 3396 Avgldx86 - ok
13:09:18.0357 3396 [ CCDD61545AAEA265977E4B1EFDC74E8C ] Avgmfx86 C:\Windows\system32\DRIVERS\avgmfx86.sys
13:09:18.0359 3396 Avgmfx86 - ok
13:09:18.0414 3396 [ 1FD90B28D2C3100BF4500199C8AD6358 ] Avgrkx86 C:\Windows\system32\DRIVERS\avgrkx86.sys
13:09:18.0415 3396 Avgrkx86 - ok
13:09:18.0446 3396 [ C0BC3B2E3FD625E7F55E1FF863E94592 ] Avgtdix C:\Windows\system32\DRIVERS\avgtdix.sys
13:09:18.0453 3396 Avgtdix - ok
13:09:18.0482 3396 [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd C:\Program Files\AVG\AVG2012\avgwdsvc.exe
13:09:18.0487 3396 avgwd - ok
13:09:18.0569 3396 [ 423C7B87E886AC93D22936EA82665F83 ] BCM42RLY C:\Windows\system32\drivers\BCM42RLY.sys
13:09:18.0571 3396 BCM42RLY - ok
13:09:18.0663 3396 [ B56999BE8F22BA3071E4CEAFA9E82E26 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl6.sys
13:09:18.0706 3396 BCM43XX - ok
13:09:18.0946 3396 [ 68BF3520FE759C91FD9182F36E585374 ] BecHelperService C:\Program Files\3 Mobile Broadband\3Connect\BecHelperService.exe
13:09:19.0114 3396 BecHelperService - ok
13:09:19.0176 3396 [ AC3DD1708B22761EBD7CBE14DCC3B5D7 ] Beep C:\Windows\system32\drivers\Beep.sys
13:09:19.0177 3396 Beep - ok
13:09:19.0245 3396 [ 98EBDFFB824A7C265337D68DD480E45C ] BFE C:\Windows\System32\bfe.dll
13:09:19.0251 3396 BFE - ok
13:09:19.0326 3396 [ DA551697E34D2B9943C8B1C8EAFFE89A ] BITS C:\Windows\system32\qmgr.dll
13:09:19.0353 3396 BITS - ok
13:09:19.0359 3396 blbdrive - ok
13:09:19.0378 3396 [ 913CD06FBE9105CE6077E90FD4418561 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
13:09:19.0382 3396 bowser - ok
13:09:19.0451 3396 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
13:09:19.0453 3396 BrFiltLo - ok
13:09:19.0473 3396 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
13:09:19.0475 3396 BrFiltUp - ok
13:09:19.0503 3396 [ BEB6470532B7461D7BB426E3FACB424F ] Browser C:\Windows\System32\browser.dll
13:09:19.0506 3396 Browser - ok
13:09:19.0544 3396 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
13:09:19.0546 3396 Brserid - ok
13:09:19.0564 3396 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
13:09:19.0566 3396 BrSerWdm - ok
13:09:19.0582 3396 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
13:09:19.0584 3396 BrUsbMdm - ok
13:09:19.0603 3396 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
13:09:19.0605 3396 BrUsbSer - ok
13:09:19.0644 3396 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
13:09:19.0646 3396 BTHMODEM - ok
13:09:19.0809 3396 catchme - ok
13:09:19.0844 3396 [ 6C3A437FC873C6F6A4FC620B6888CB86 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
13:09:19.0845 3396 cdfs - ok
13:09:19.0900 3396 [ 8D1866E61AF096AE8B582454F5E4D303 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
13:09:19.0902 3396 cdrom - ok
13:09:19.0978 3396 [ 0600E04315FE543802A379D5D23C8BE0 ] CertPropSvc C:\Windows\System32\certprop.dll
13:09:19.0980 3396 CertPropSvc - ok
13:09:19.0999 3396 [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass C:\Windows\system32\drivers\circlass.sys
13:09:20.0001 3396 circlass - ok
13:09:20.0056 3396 [ 1B84FD0937D3B99AF9BA38DDFF3DAF54 ] CLFS C:\Windows\system32\CLFS.sys
13:09:20.0062 3396 CLFS - ok
13:09:20.0261 3396 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:09:20.0264 3396 clr_optimization_v2.0.50727_32 - ok
13:09:20.0329 3396 [ ED97AD3DF1B9005989EAF149BF06C821 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
13:09:20.0330 3396 CmBatt - ok
13:09:20.0357 3396 [ 45201046C776FFDAF3FC8A0029C581C8 ] cmdide C:\Windows\system32\drivers\cmdide.sys
13:09:20.0359 3396 cmdide - ok
13:09:20.0380 3396 [ 722936AFB75A7F509662B69B5632F48A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
13:09:20.0382 3396 Compbatt - ok
13:09:20.0388 3396 COMSysApp - ok
13:09:20.0410 3396 [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
13:09:20.0411 3396 crcdisk - ok
13:09:20.0429 3396 [ 22A7F883508176489F559EE745B5BF5D ] Crusoe C:\Windows\system32\drivers\crusoe.sys
13:09:20.0430 3396 Crusoe - ok
13:09:20.0493 3396 [ 1C26FB097170A2A91066D1E3A24366E3 ] CryptSvc C:\Windows\system32\cryptsvc.dll
13:09:20.0496 3396 CryptSvc - ok
13:09:20.0564 3396 [ 7B981222A257D076885BFFB66F19B7CE ] DcomLaunch C:\Windows\system32\rpcss.dll
13:09:20.0585 3396 DcomLaunch - ok
13:09:20.0602 3396 [ A7179DE59AE269AB70345527894CCD7C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
13:09:20.0604 3396 DfsC - ok
13:09:20.0736 3396 [ E0D584AA76C7D845BA9F3A788260528F ] DFSR C:\Windows\system32\DFSR.exe
13:09:20.0850 3396 DFSR - ok
13:09:20.0926 3396 [ DC45739BC22D528D2B3E50D3F6761750 ] Dhcp C:\Windows\System32\dhcpcsvc.dll
13:09:20.0931 3396 Dhcp - ok
13:09:21.0017 3396 [ 841AF4C4D41D3E3B2F244E976B0F7963 ] disk C:\Windows\system32\drivers\disk.sys
13:09:21.0019 3396 disk - ok
13:09:21.0060 3396 [ EECBA1DD142BF8693C476BE8F32FE253 ] Dnscache C:\Windows\System32\dnsrslvr.dll
13:09:21.0063 3396 Dnscache - ok
13:09:21.0129 3396 [ 1F795D214820E496BF1124434A6DB546 ] dot3svc C:\Windows\System32\dot3svc.dll
13:09:21.0133 3396 dot3svc - ok
13:09:21.0221 3396 [ 032C90AD677BF7B7A8013D6087C7A921 ] DPS C:\Windows\system32\dps.dll
13:09:21.0225 3396 DPS - ok
13:09:21.0298 3396 [ EE472CD2C01F6F8E8AA1FA06FFEF61B6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
13:09:21.0299 3396 drmkaud - ok
13:09:21.0330 3396 [ 334988883DE69ADB27E2CF9F9715BBDB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
13:09:21.0361 3396 DXGKrnl - ok
13:09:21.0563 3396 [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
13:09:21.0566 3396 E1G60 - ok
13:09:21.0646 3396 [ 90A0A875642E18618010645311B4E89E ] EapHost C:\Windows\System32\eapsvc.dll
13:09:21.0648 3396 EapHost - ok
13:09:21.0727 3396 [ 0EFC7531B936EE57FDB4E837664C509F ] Ecache C:\Windows\system32\drivers\ecache.sys
13:09:21.0730 3396 Ecache - ok
13:09:21.0827 3396 [ B4580122B0A7B263B6EE9ACBA69C8013 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
13:09:21.0834 3396 ehRecvr - ok
13:09:21.0840 3396 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
13:09:21.0844 3396 ehSched - ok
13:09:21.0932 3396 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
13:09:21.0933 3396 ehstart - ok
13:09:22.0007 3396 [ E8F3F21A71720C84BCF423B80028359F ] elxstor C:\Windows\system32\drivers\elxstor.sys
13:09:22.0014 3396 elxstor - ok
13:09:22.0136 3396 [ 3226FDA08988526E819E364E8CCE4CEE ] EMDMgmt C:\Windows\system32\emdmgmt.dll
13:09:22.0141 3396 EMDMgmt - ok
13:09:22.0301 3396 [ 7B4971C3D43525175A4EA0D143E0412E ] EventSystem C:\Windows\system32\es.dll
13:09:22.0308 3396 EventSystem - ok
13:09:22.0376 3396 [ FB54F67974D13D73BE3E2F1DF042D295 ] ewusbnet C:\Windows\system32\DRIVERS\ewusbnet.sys
13:09:22.0381 3396 ewusbnet - ok
13:09:22.0443 3396 [ 57C171EA22F0A7F068FCB0CAEDD1E8E7 ] ew_hwusbdev C:\Windows\system32\DRIVERS\ew_hwusbdev.sys
13:09:22.0446 3396 ew_hwusbdev - ok
13:09:22.0469 3396 [ 61A973F60E94A551BA7B15F3460444FB ] ew_usbenumfilter C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys
13:09:22.0471 3396 ew_usbenumfilter - ok
13:09:22.0491 3396 [ 84A317CB0B3954D3768CDCD018DBF670 ] fastfat C:\Windows\system32\drivers\fastfat.sys
13:09:22.0494 3396 fastfat - ok
13:09:22.0548 3396 [ 63BDADA84951B9C03E641800E176898A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
13:09:22.0549 3396 fdc - ok
13:09:22.0594 3396 [ E43BCE1A77D6FD4ED5F8E0482B9E7DF1 ] fdPHost C:\Windows\system32\fdPHost.dll
13:09:22.0596 3396 fdPHost - ok
13:09:22.0604 3396 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
13:09:22.0606 3396 FDResPub - ok
13:09:22.0646 3396 [ 65773D6115C037FFD7EF8280AE85EB9D ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
13:09:22.0648 3396 FileInfo - ok
13:09:22.0665 3396 [ C226DD0DE060745F3E042F58DCF78402 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
13:09:22.0671 3396 Filetrace - ok
13:09:22.0683 3396 [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
13:09:22.0688 3396 flpydisk - ok
13:09:22.0730 3396 [ A6A8DA7AE4D53394AB22AC3AB6D3F5D3 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
13:09:22.0734 3396 FltMgr - ok
13:09:22.0829 3396 [ C9BE08664611DDAF98E2331E9288B00B ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
13:09:22.0831 3396 FontCache3.0.0.0 - ok
13:09:22.0876 3396 [ 66A078591208BAA210C7634B11EB392C ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
13:09:22.0877 3396 Fs_Rec - ok
13:09:22.0902 3396 [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
13:09:22.0905 3396 gagp30kx - ok
13:09:23.0018 3396 [ 9F5F2F0FB0A7F5AA9F16B9A7B6DAD89F ] GoogleDesktopManager-051210-111108 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
13:09:23.0019 3396 GoogleDesktopManager-051210-111108 - ok
13:09:23.0070 3396 [ BCF6589C42D8F6A20F33EF133FFE0524 ] gpsvc C:\Windows\System32\gpsvc.dll
13:09:23.0078 3396 gpsvc - ok
13:09:23.0111 3396 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
13:09:23.0114 3396 gupdate - ok
13:09:23.0183 3396 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
13:09:23.0185 3396 gupdatem - ok
13:09:23.0230 3396 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
13:09:23.0234 3396 gusvc - ok
13:09:23.0296 3396 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:09:23.0302 3396 HdAudAddService - ok
13:09:23.0357 3396 [ 0DB613A7E427B5663563677796FD5258 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
13:09:23.0360 3396 HDAudBus - ok
13:09:23.0414 3396 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
13:09:23.0416 3396 HidBth - ok
13:09:23.0454 3396 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
13:09:23.0456 3396 HidIr - ok
13:09:23.0506 3396 [ 8FA640195279ACE21BEA91396A0054FC ] hidserv C:\Windows\System32\hidserv.dll
13:09:23.0508 3396 hidserv - ok
13:09:23.0551 3396 [ 3C64042B95E583B366BA4E5D2450235E ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
13:09:23.0552 3396 HidUsb - ok
13:09:23.0605 3396 [ D40AA05E29BF6ED29B139F044B461E9B ] hkmsvc C:\Windows\system32\kmsvc.dll
13:09:23.0607 3396 hkmsvc - ok
13:09:23.0627 3396 [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
13:09:23.0629 3396 HpCISSs - ok
13:09:23.0729 3396 [ EA24FE637D974A8A31BC650F478E3533 ] HTTP C:\Windows\system32\drivers\HTTP.sys
13:09:23.0737 3396 HTTP - ok
13:09:23.0791 3396 [ F44461E66F1B7DD267957FE9BAA63ED0 ] huawei_enumerator C:\Windows\system32\DRIVERS\ew_jubusenum.sys
13:09:23.0794 3396 huawei_enumerator - ok
13:09:23.0875 3396 [ F547F862B8907F1BCBD9B72A72A6449E ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys
13:09:23.0879 3396 hwdatacard - ok
13:09:23.0913 3396 hwusbdev - ok
13:09:23.0960 3396 [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp C:\Windows\system32\drivers\i2omp.sys
13:09:23.0961 3396 i2omp - ok
13:09:24.0036 3396 [ 1C9EE072BAA3ABB460B91D7EE9152660 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
13:09:24.0037 3396 i8042prt - ok
13:09:24.0095 3396 [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
13:09:24.0101 3396 iaStorV - ok
13:09:24.0197 3396 [ 7B630ACAED64FEF0C3E1CF255CB56686 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
13:09:24.0229 3396 idsvc - ok
13:09:24.0573 3396 [ DCE0B53570703CCE580D066F89EF58CD ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
13:09:24.0817 3396 igfx - ok
13:09:24.0842 3396 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
13:09:24.0844 3396 iirsp - ok
13:09:24.0910 3396 [ 35662FE4D8622F667AA5A5568F7F1B40 ] IKEEXT C:\Windows\System32\ikeext.dll
13:09:24.0914 3396 IKEEXT - ok
13:09:24.0935 3396 [ 97469037714070E45194ED318D636401 ] intelide C:\Windows\system32\drivers\intelide.sys
13:09:24.0937 3396 intelide - ok
13:09:24.0994 3396 [ CE44CC04262F28216DD4341E9E36A16F ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
13:09:24.0995 3396 intelppm - ok
13:09:25.0014 3396 [ 88CF5281ED9880D74DC9011CF8B5262D ] IPBusEnum C:\Windows\system32\ipbusenum.dll
13:09:25.0018 3396 IPBusEnum - ok
13:09:25.0043 3396 [ 880C6F86CC3F551B8FEA2C11141268C0 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:09:25.0044 3396 IpFilterDriver - ok
13:09:25.0088 3396 [ ECC9AD72CFC4AB41CF6A9BCC11F9FEF6 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
13:09:25.0093 3396 iphlpsvc - ok
13:09:25.0104 3396 IpInIp - ok
13:09:25.0135 3396 [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
13:09:25.0137 3396 IPMIDRV - ok
13:09:25.0166 3396 [ 10077C35845101548037DF04FD1A420B ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
13:09:25.0168 3396 IPNAT - ok
13:09:25.0190 3396 [ A82F328F4792304184642D6D397BB1E3 ] IRENUM C:\Windows\system32\drivers\irenum.sys
13:09:25.0192 3396 IRENUM - ok
13:09:25.0207 3396 [ 350FCA7E73CF65BCEF43FAE1E4E91293 ] isapnp C:\Windows\system32\drivers\isapnp.sys
13:09:25.0209 3396 isapnp - ok
13:09:25.0264 3396 [ 4DCA456D4D5723F8FA9C6760D240B0DF ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
13:09:25.0270 3396 iScsiPrt - ok
13:09:25.0298 3396 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
13:09:25.0300 3396 iteatapi - ok
13:09:25.0322 3396 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
13:09:25.0324 3396 iteraid - ok
13:09:25.0402 3396 [ B076B2AB806B3F696DAB21375389101C ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
13:09:25.0404 3396 kbdclass - ok
13:09:25.0415 3396 [ D2600CB17B7408B4A83F231DC9A11AC3 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
13:09:25.0418 3396 kbdhid - ok
13:09:25.0488 3396 [ C731B1FE449D4E9CEA358C9D55B69BE9 ] KeyIso C:\Windows\system32\lsass.exe
13:09:25.0490 3396 KeyIso - ok
13:09:25.0548 3396 [ 0A829977B078DEA11641FC2AF87CEADE ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
13:09:25.0557 3396 KSecDD - ok
13:09:25.0655 3396 [ 45C537FE5DDE9A0146AEFF76E615737D ] KtmRm C:\Windows\system32\msdtckrm.dll
13:09:25.0659 3396 KtmRm - ok
13:09:25.0701 3396 [ 53D1482FC1AA36AC015A85E6CF2146BD ] LanmanServer C:\Windows\System32\srvsvc.dll
13:09:25.0705 3396 LanmanServer - ok
13:09:25.0765 3396 [ 435F0F6DC87A4B5DA78F1FA309884189 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:09:25.0769 3396 LanmanWorkstation - ok
13:09:25.0812 3396 [ FD015B4F95DAA2B712F0E372A116FBAD ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
13:09:25.0814 3396 lltdio - ok
13:09:25.0854 3396 [ 7450DBCF754391DD6363FFFD5EF0E789 ] lltdsvc C:\Windows\System32\lltdsvc.dll
13:09:25.0861 3396 lltdsvc - ok
13:09:25.0882 3396 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
13:09:25.0885 3396 lmhosts - ok
13:09:25.0928 3396 [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
13:09:25.0929 3396 LSI_FC - ok
13:09:25.0966 3396 [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
13:09:25.0968 3396 LSI_SAS - ok
13:09:26.0006 3396 [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
13:09:26.0008 3396 LSI_SCSI - ok
13:09:26.0032 3396 [ 42885BB44B6E065B8575A8DD6C430C52 ] luafv C:\Windows\system32\drivers\luafv.sys
13:09:26.0035 3396 luafv - ok
13:09:26.0107 3396 [ 500D089CE760D83DA2B6CBA681AA9949 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
13:09:26.0110 3396 MBAMProtector - ok
13:09:26.0208 3396 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
13:09:26.0217 3396 MBAMScheduler - ok
13:09:26.0310 3396 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
13:09:26.0329 3396 MBAMService - ok
13:09:26.0377 3396 [ E93C1AD58E88A0846EAEE10671C2A8F3 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
13:09:26.0381 3396 Mcx2Svc - ok
13:09:26.0403 3396 [ D153B14FC6598EAE8422A2037553ADCE ] megasas C:\Windows\system32\drivers\megasas.sys
13:09:26.0405 3396 megasas - ok
13:09:26.0441 3396 [ 9DFA3A459AF0954AA85B4F7622AD87BB ] MMCSS C:\Windows\system32\mmcss.dll
13:09:26.0443 3396 MMCSS - ok
13:09:26.0458 3396 [ 21755967298A46FB6ADFEC9DB6012211 ] Modem C:\Windows\system32\drivers\modem.sys
13:09:26.0460 3396 Modem - ok
13:09:26.0505 3396 [ 7446E104A5FE5987CA9E4983FBAC4F97 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
13:09:26.0506 3396 monitor - ok
13:09:26.0532 3396 [ 5FBA13C1A1841B0885D316ED3589489D ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
13:09:26.0554 3396 mouclass - ok
13:09:26.0661 3396 [ B569B5C5D3BDE545DF3A6AF512CCCDBA ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
13:09:26.0698 3396 mouhid - ok
13:09:26.0736 3396 [ 01F1E5A3E4877C931CBB31613FEC16A6 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
13:09:26.0737 3396 MountMgr - ok
13:09:26.0882 3396 [ 15D5398EED42C2504BB3D4FC875C15D1 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
13:09:26.0885 3396 MozillaMaintenance - ok
13:09:26.0912 3396 [ 583A41F26278D9E0EA548163D6139397 ] mpio C:\Windows\system32\drivers\mpio.sys
13:09:26.0914 3396 mpio - ok
13:09:26.0966 3396 [ 6E7A7F0C1193EE5648443FE2D4B789EC ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
13:09:26.0968 3396 mpsdrv - ok
13:09:27.0004 3396 [ 563ED845885C6A7C09A7715D8BD0585C ] MpsSvc C:\Windows\system32\mpssvc.dll
13:09:27.0010 3396 MpsSvc - ok
13:09:27.0038 3396 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
13:09:27.0040 3396 Mraid35x - ok
13:09:27.0088 3396 [ 1D8828B98EE309D65E006F0829E280E5 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
13:09:27.0090 3396 MRxDAV - ok
13:09:27.0164 3396 [ 8AF705CE1BB907932157FAB821170F27 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
13:09:27.0167 3396 mrxsmb - ok
13:09:27.0192 3396 [ 47E13AB23371BE3279EEF22BBFA2C1BE ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:09:27.0197 3396 mrxsmb10 - ok
13:09:27.0204 3396 [ 90B3FC7BD6B3D7EE7635DEBBA2187F66 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:09:27.0209 3396 mrxsmb20 - ok
13:09:27.0265 3396 [ B2EFB263600314BABCF9DADB1CBBA994 ] msahci C:\Windows\system32\drivers\msahci.sys
13:09:27.0267 3396 msahci - ok
13:09:27.0292 3396 [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm C:\Windows\system32\drivers\msdsm.sys
13:09:27.0295 3396 msdsm - ok
13:09:27.0317 3396 [ BC64A92D821EFEA8BAB8E8CAF1B668BC ] MSDTC C:\Windows\System32\msdtc.exe
13:09:27.0322 3396 MSDTC - ok
13:09:27.0331 3396 [ 729EAFEFD4E7417165F353A18DBE947D ] Msfs C:\Windows\system32\drivers\Msfs.sys
13:09:27.0334 3396 Msfs - ok
13:09:27.0392 3396 [ 5F454A16A5146CD91A176D70F0CFA3EC ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
13:09:27.0394 3396 msisadrv - ok
13:09:27.0449 3396 [ 8ACF956D9154E893E789881430C12632 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
13:09:27.0453 3396 MSiSCSI - ok
13:09:27.0458 3396 msiserver - ok
13:09:27.0482 3396 [ 892CEDEFA7E0FFE7BE8DA651B651D047 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
13:09:27.0487 3396 MSKSSRV - ok
13:09:27.0533 3396 [ AE2CB1DA69B2676B4CEE2A501AF5871C ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
13:09:27.0535 3396 MSPCLOCK - ok
13:09:27.0554 3396 [ F910DA84FA90C44A3ADDB7CD874463FD ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
13:09:27.0555 3396 MSPQM - ok
13:09:27.0645 3396 [ 84571C0AE07647BA38D493F5F0015DF7 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
13:09:27.0649 3396 MsRPC - ok
13:09:27.0669 3396 [ 4385C80EDE885E25492D408CAD91BD6F ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
13:09:27.0671 3396 mssmbios - ok
13:09:27.0691 3396 [ C826DD1373F38AFD9CA46EC3C436A14E ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
13:09:27.0693 3396 MSTEE - ok
13:09:27.0703 3396 [ FA7AA70050CF5E2D15DE00941E5665E5 ] Mup C:\Windows\system32\Drivers\mup.sys
13:09:27.0705 3396 Mup - ok
13:09:27.0753 3396 [ 1CDBB5D002FE2BC5300AA20550D8A52E ] napagent C:\Windows\system32\qagentRT.dll
13:09:27.0757 3396 napagent - ok
13:09:27.0822 3396 [ 6DA4A0FC7C0E83DF0CB3CFD0A514C3BC ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
13:09:27.0825 3396 NativeWifiP - ok
13:09:27.0875 3396 [ 227C11E1E7CF6EF8AFB2A238D209760C ] NDIS C:\Windows\system32\drivers\ndis.sys
13:09:27.0884 3396 NDIS - ok
13:09:27.0933 3396 [ 81659CDCBD0F9A9E07E6878AD8C78D3F ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
13:09:27.0934 3396 NdisTapi - ok
13:09:27.0956 3396 [ 5DE5EE546BF40838EBE0E01CB629DF64 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
13:09:27.0957 3396 Ndisuio - ok
13:09:27.0982 3396 [ 397402ADCBB8946223A1950101F6CD94 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
13:09:27.0984 3396 NdisWan - ok
13:09:28.0036 3396 [ 1B24FA907AF283199A81B3BB37E5E526 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
13:09:28.0038 3396 NDProxy - ok
13:09:28.0053 3396 [ 356DBB9F98E8DC1028DD3092FCEEB877 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
13:09:28.0054 3396 NetBIOS - ok
13:09:28.0075 3396 [ E3A168912E7EEFC3BD3B814720D68B41 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
13:09:28.0077 3396 netbt - ok
13:09:28.0092 3396 [ C731B1FE449D4E9CEA358C9D55B69BE9 ] Netlogon C:\Windows\system32\lsass.exe
13:09:28.0094 3396 Netlogon - ok
13:09:28.0143 3396 [ 90A4DAE28B94497F83BEA0F2A3B77092 ] Netman C:\Windows\System32\netman.dll
13:09:28.0147 3396 Netman - ok
13:09:28.0166 3396 [ 7C5C3D9CEEE838856B828AB6F98A2857 ] netprofm C:\Windows\System32\netprofm.dll
13:09:28.0172 3396 netprofm - ok
13:09:28.0250 3396 [ F6EC945ABD884B285E3E7BCAF899EADB ] netr28u C:\Windows\system32\DRIVERS\netr28u.sys
13:09:28.0273 3396 netr28u - ok
13:09:28.0314 3396 [ 0AD5876EF4E9EB77C8F93EB5B2FFF386 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:09:28.0318 3396 NetTcpPortSharing - ok
13:09:28.0359 3396 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
13:09:28.0361 3396 nfrd960 - ok
13:09:28.0378 3396 [ C424117A562F2DE37A42266894C79AEB ] NlaSvc C:\Windows\System32\nlasvc.dll
13:09:28.0381 3396 NlaSvc - ok
13:09:28.0394 3396 [ 4F9832BEB9FAFD8CEB0E541F1323B26E ] Npfs C:\Windows\system32\drivers\Npfs.sys
13:09:28.0395 3396 Npfs - ok
13:09:28.0443 3396 [ 23B8201A363DE0E649FC75EE9874DEE2 ] nsi C:\Windows\system32\nsisvc.dll
13:09:28.0445 3396 nsi - ok
13:09:28.0460 3396 [ B488DFEC274DE1FC9D653870EF2587BE ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
13:09:28.0462 3396 nsiproxy - ok
13:09:28.0551 3396 [ 37430AA7A66D7A63407ADC2C0D05E9F6 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
13:09:28.0560 3396 Ntfs - ok
13:09:28.0583 3396 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
13:09:28.0585 3396 ntrigdigi - ok
13:09:28.0604 3396 [ EC5EFB3C60F1B624648344A328BCE596 ] Null C:\Windows\system32\drivers\Null.sys
13:09:28.0605 3396 Null - ok
13:09:28.0635 3396 [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid C:\Windows\system32\drivers\nvraid.sys
13:09:28.0638 3396 nvraid - ok
13:09:28.0669 3396 [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor C:\Windows\system32\drivers\nvstor.sys
13:09:28.0671 3396 nvstor - ok
13:09:28.0700 3396 [ 07C186427EB8FCC3D8D7927187F260F7 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
13:09:28.0703 3396 nv_agp - ok
13:09:28.0711 3396 NwlnkFlt - ok
13:09:28.0721 3396 NwlnkFwd - ok
13:09:28.0790 3396 [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
13:09:28.0796 3396 ohci1394 - ok
13:09:28.0851 3396 [ 016D01D3B8FB976A193C7434BED8DCCF ] p2pimsvc C:\Windows\system32\p2psvc.dll
13:09:28.0862 3396 p2pimsvc - ok
13:09:28.0894 3396 [ 016D01D3B8FB976A193C7434BED8DCCF ] p2psvc C:\Windows\system32\p2psvc.dll
13:09:28.0901 3396 p2psvc - ok
13:09:28.0930 3396 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
13:09:28.0933 3396 Parport - ok
13:09:28.0942 3396 [ 555A5B2C8022983BC7467BC925B222EE ] partmgr C:\Windows\system32\drivers\partmgr.sys
13:09:28.0945 3396 partmgr - ok
13:09:28.0970 3396 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
13:09:28.0971 3396 Parvdm - ok
13:09:28.0988 3396 [ D8C5C215C932233A4F1D7F368F4E4E65 ] PcaSvc C:\Windows\System32\pcasvc.dll
13:09:28.0996 3396 PcaSvc - ok
13:09:29.0004 3396 [ 1085D75657807E0E8B32F9E19A1647C3 ] pci C:\Windows\system32\drivers\pci.sys
13:09:29.0018 3396 pci - ok
13:09:29.0033 3396 [ 3B1901E401473E03EB8C874271E50C26 ] pciide C:\Windows\system32\drivers\pciide.sys
13:09:29.0035 3396 pciide - ok
13:09:29.0070 3396 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
13:09:29.0074 3396 pcmcia - ok
13:09:29.0141 3396 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
13:09:29.0175 3396 PEAUTH - ok
13:09:29.0241 3396 [ CD05A38D166BEADE18030BAFC0C0A939 ] pla C:\Windows\system32\pla.dll
13:09:29.0253 3396 pla - ok
13:09:29.0304 3396 [ 747BB4C31F3B6E8D1B5ED0AD61518CB5 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
13:09:29.0308 3396 PlugPlay - ok
13:09:29.0338 3396 [ 016D01D3B8FB976A193C7434BED8DCCF ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
13:09:29.0345 3396 PNRPAutoReg - ok
13:09:29.0416 3396 [ 016D01D3B8FB976A193C7434BED8DCCF ] PNRPsvc C:\Windows\system32\p2psvc.dll
13:09:29.0423 3396 PNRPsvc - ok
13:09:29.0478 3396 [ 5EBDEC613BD377CE9A85382BE5C6B83B ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
13:09:29.0483 3396 PolicyAgent - ok
13:09:29.0523 3396 [ 6C359AC71D7B550A0D41F9DB4563CE05 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
13:09:29.0525 3396 PptpMiniport - ok
13:09:29.0550 3396 [ 0E3CEF5D28B40CF273281D620C50700A ] Processor C:\Windows\system32\drivers\processr.sys
13:09:29.0552 3396 Processor - ok
13:09:29.0578 3396 [ 213112E152E68F0E4705E36F052A2880 ] ProfSvc C:\Windows\system32\profsvc.dll
13:09:29.0581 3396 ProfSvc - ok
13:09:29.0591 3396 [ C731B1FE449D4E9CEA358C9D55B69BE9 ] ProtectedStorage C:\Windows\system32\lsass.exe
13:09:29.0593 3396 ProtectedStorage - ok
13:09:29.0651 3396 [ 2C8BAE55247C4E09352E870292E4D1AB ] PSched C:\Windows\system32\DRIVERS\pacer.sys
13:09:29.0652 3396 PSched - ok
13:09:29.0738 3396 [ CCDAC889326317792480C0A67156A1EC ] ql2300 C:\Windows\system32\drivers\ql2300.sys
13:09:29.0772 3396 ql2300 - ok
13:09:29.0791 3396 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
13:09:29.0794 3396 ql40xx - ok
13:09:29.0827 3396 [ CA61BDFD3713A7CE75F2812AFC431594 ] QWAVE C:\Windows\system32\qwave.dll
13:09:29.0831 3396 QWAVE - ok
13:09:29.0853 3396 [ D2B3E2B7426DC23E185FBC73C8936C12 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
13:09:29.0854 3396 QWAVEdrv - ok
13:09:29.0928 3396 [ D319343661F7FEBFB6F43C453C26E779 ] RalinkRegistryWriter C:\Program Files\Ralink\Common\RaRegistry.exe
13:09:29.0933 3396 RalinkRegistryWriter - ok
13:09:30.0087 3396 [ 3AF684252780CF87DC2809F85B8F7591 ] RapportCerberus_43926 C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\43926\RapportCerberus32_43926.sys
13:09:30.0093 3396 RapportCerberus_43926 - ok
13:09:30.0192 3396 [ E59302E32009F38A24AB573B039D8F21 ] RapportEI C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys
13:09:30.0195 3396 RapportEI - ok
13:09:30.0247 3396 [ 35199EC35EDC7DCBA71FDA711DFB05C0 ] RapportIaso c:\programdata\trusteer\rapport\store\exts\rapportms\39624\rapportiaso.sys
13:09:30.0248 3396 RapportIaso - ok
13:09:30.0262 3396 [ 25BFCB71DE17B2DE56800219F8E80959 ] RapportKELL C:\Windows\system32\Drivers\RapportKELL.sys
13:09:30.0265 3396 RapportKELL - ok
13:09:30.0340 3396 [ 4D7B30001787A7E36B899BE4693C8769 ] RapportMgmtService C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
13:09:30.0376 3396 RapportMgmtService - ok
13:09:30.0440 3396 [ 0DE51300C256DE1206EE892521764C76 ] RapportPG C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys
13:09:30.0445 3396 RapportPG - ok
13:09:30.0476 3396 [ BD7B30F55B3649506DD8B3D38F571D2A ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
13:09:30.0477 3396 RasAcd - ok
13:09:30.0525 3396 [ F14F4AAB9F54D099FE99192BDB100AC9 ] RasAuto C:\Windows\System32\rasauto.dll
13:09:30.0529 3396 RasAuto - ok
13:09:30.0547 3396 [ 88587DD843E2059848995B407B67F6CF ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
13:09:30.0548 3396 Rasl2tp - ok
13:09:30.0577 3396 [ 11D65E29BC9D1E4114D18FE68194394C ] RasMan C:\Windows\System32\rasmans.dll
13:09:30.0581 3396 RasMan - ok
13:09:30.0619 3396 [ CCF4E9C6CBBAC81437F88CB2AE0B6C96 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
13:09:30.0623 3396 RasPppoe - ok
13:09:30.0681 3396 [ 54129C5D9581BBEC8BD1EBD3BA813F47 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
13:09:30.0692 3396 rdbss - ok
13:09:30.0708 3396 [ 794585276B5D7FCA9F3FC15543F9F0B9 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
13:09:30.0709 3396 RDPCDD - ok
13:09:30.0741 3396 [ E8BD98D46F2ED77132BA927FCCB47D8B ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
13:09:30.0744 3396 rdpdr - ok
13:09:30.0752 3396 [ 980B56E2E273E19D3A9D72D5C420F008 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
13:09:30.0754 3396 RDPENCDD - ok
13:09:30.0791 3396 [ 8830E790A74A96605FABA74F9665BB3C ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
13:09:30.0794 3396 RDPWD - ok
13:09:30.0861 3396 [ 6C1A43C589EE8011A1EBFD51C01B77CE ] RemoteAccess C:\Windows\System32\mprdim.dll
13:09:30.0864 3396 RemoteAccess - ok
13:09:30.0889 3396 [ 9A043808667C8C1893DA7275AF373F0E ] RemoteRegistry C:\Windows\system32\regsvc.dll
13:09:30.0893 3396 RemoteRegistry - ok
13:09:30.0938 3396 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
13:09:30.0941 3396 RpcLocator - ok
13:09:30.0970 3396 [ 7B981222A257D076885BFFB66F19B7CE ] RpcSs C:\Windows\system32\rpcss.dll
13:09:30.0977 3396 RpcSs - ok
13:09:31.0012 3396 [ 97E939D2128FEC5D5A3E6E79B290A2F4 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
13:09:31.0014 3396 rspndr - ok
13:09:31.0047 3396 [ C731B1FE449D4E9CEA358C9D55B69BE9 ] SamSs C:\Windows\system32\lsass.exe
13:09:31.0049 3396 SamSs - ok
13:09:31.0070 3396 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
13:09:31.0073 3396 sbp2port - ok
13:09:31.0132 3396 [ 565B4B9E5AD2F2F18A4F8AAFA6C06BBB ] SCardSvr C:\Windows\System32\SCardSvr.dll
13:09:31.0136 3396 SCardSvr - ok
13:09:31.0206 3396 [ 886CEC884B5BE29AB9828B8AB46B11F7 ] Schedule C:\Windows\system32\schedsvc.dll
13:09:31.0229 3396 Schedule - ok
13:09:31.0252 3396 [ 0600E04315FE543802A379D5D23C8BE0 ] SCPolicySvc C:\Windows\System32\certprop.dll
13:09:31.0253 3396 SCPolicySvc - ok
13:09:31.0274 3396 [ F7B6BF02240D0A764ADF8C8966735552 ] SDRSVC C:\Windows\System32\SDRSVC.dll
13:09:31.0278 3396 SDRSVC - ok
13:09:31.0290 3396 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
13:09:31.0292 3396 secdrv - ok
13:09:31.0307 3396 [ 8388C4133DDBE62AD7BC3EC9F14271ED ] seclogon C:\Windows\system32\seclogon.dll
13:09:31.0314 3396 seclogon - ok
13:09:31.0323 3396 [ 34350AE2C1D33D21C7305F861BD8DAD8 ] SENS C:\Windows\system32\sens.dll
13:09:31.0326 3396 SENS - ok
13:09:31.0346 3396 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
13:09:31.0347 3396 Serenum - ok
13:09:31.0363 3396 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
13:09:31.0365 3396 Serial - ok
13:09:31.0385 3396 [ 450ACCD77EC5CEA720C1CDB9E26B953B ] sermouse C:\Windows\system32\drivers\sermouse.sys
13:09:31.0386 3396 sermouse - ok
13:09:31.0453 3396 [ 78878235DA4DF0D116E86837A0A21DF8 ] SessionEnv C:\Windows\system32\sessenv.dll
13:09:31.0456 3396 SessionEnv - ok
13:09:31.0471 3396 [ 103B79418DA647736EE95645F305F68A ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
13:09:31.0473 3396 sffdisk - ok
13:09:31.0486 3396 [ 8FD08A310645FE872EEEC6E08C6BF3EE ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
13:09:31.0488 3396 sffp_mmc - ok
13:09:31.0513 3396 [ 9CFA05FCFCB7124E69CFC812B72F9614 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
13:09:31.0514 3396 sffp_sd - ok
13:09:31.0527 3396 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
13:09:31.0529 3396 sfloppy - ok
13:09:31.0601 3396 [ 9A82BF4C90B00A63150A606A1E2FD82B ] SharedAccess C:\Windows\System32\ipnathlp.dll
13:09:31.0609 3396 SharedAccess - ok
13:09:31.0627 3396 [ B264DFA21677728613267FE63802B332 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:09:31.0632 3396 ShellHWDetection - ok
13:09:31.0653 3396 [ D2A595D6EEBEEAF4334F8E50EFBC9931 ] sisagp C:\Windows\system32\drivers\sisagp.sys
13:09:31.0655 3396 sisagp - ok
13:09:31.0690 3396 [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
13:09:31.0692 3396 SiSRaid2 - ok
13:09:31.0716 3396 [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
13:09:31.0719 3396 SiSRaid4 - ok
13:09:31.0833 3396 [ A1DCD30534835CB67733AD00175125A6 ] slsvc C:\Windows\system32\SLsvc.exe
13:09:31.0856 3396 slsvc - ok
13:09:31.0936 3396 [ 56DA296E7B376A727E7BDC5AC7FBEE02 ] SLUINotify C:\Windows\system32\SLUINotify.dll
13:09:31.0939 3396 SLUINotify - ok
13:09:31.0950 3396 [ AC0D90738ADB51A6FD12FF00874A2162 ] Smb C:\Windows\system32\DRIVERS\smb.sys
13:09:31.0952 3396 Smb - ok
13:09:31.0997 3396 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
13:09:32.0001 3396 SNMPTRAP - ok
13:09:32.0043 3396 [ 426F9B029AA9162CECCF65369457D046 ] spldr C:\Windows\system32\drivers\spldr.sys
13:09:32.0045 3396 spldr - ok
13:09:32.0066 3396 [ DA612EF2556776DF2630B68BF2D48935 ] Spooler C:\Windows\System32\spoolsv.exe
13:09:32.0070 3396 Spooler - ok
13:09:32.0117 3396 [ 038579C35F7CAD4A4BBF735DBF83277D ] srv C:\Windows\system32\DRIVERS\srv.sys
13:09:32.0124 3396 srv - ok
13:09:32.0152 3396 [ 6971A757AF8CB5E2CBCBB76CC530DB6C ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
13:09:32.0155 3396 srv2 - ok
13:09:32.0162 3396 [ 9E1A4603B874EEBCE0298113951ABEFB ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
13:09:32.0165 3396 srvnet - ok
13:09:32.0196 3396 [ 8D3E4BAFF8B3997138C38EB1B600519A ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
13:09:32.0200 3396 SSDPSRV - ok
13:09:32.0265 3396 Steam Client Service - ok
13:09:32.0319 3396 [ A941E099EF46E3CC12F898CBE1C39910 ] stisvc C:\Windows\System32\wiaservc.dll
13:09:32.0325 3396 stisvc - ok
13:09:32.0336 3396 [ 1379BDB336F8158C176A465E30759F57 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
13:09:32.0338 3396 swenum - ok
13:09:32.0387 3396 [ 749ADA8D6C18A08ADFEDE69CBF5DB2E0 ] swprv C:\Windows\System32\swprv.dll
13:09:32.0396 3396 swprv - ok
13:09:32.0426 3396 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
13:09:32.0428 3396 Symc8xx - ok
13:09:32.0456 3396 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
13:09:32.0457 3396 Sym_hi - ok
13:09:32.0477 3396 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
13:09:32.0479 3396 Sym_u3 - ok
13:09:32.0546 3396 [ 8F2B5FEDE18BD3C4C926CBF88E6F1264 ] SysMain C:\Windows\system32\sysmain.dll
13:09:32.0553 3396 SysMain - ok
13:09:32.0567 3396 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:09:32.0572 3396 TabletInputService - ok
13:09:32.0590 3396 [ EF3DD33C740FC2F82E7E4622F1C49289 ] TapiSrv C:\Windows\System32\tapisrv.dll
13:09:32.0595 3396 TapiSrv - ok
13:09:32.0636 3396 [ 68FA52794AE9ACC61BDE16FE0956B414 ] TBS C:\Windows\System32\tbssvc.dll
13:09:32.0639 3396 TBS - ok
13:09:32.0691 3396 [ 4A82FA8F0DF67AA354580C3FAAF8BDE3 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
13:09:32.0711 3396 Tcpip - ok
13:09:32.0731 3396 [ 4A82FA8F0DF67AA354580C3FAAF8BDE3 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
13:09:32.0742 3396 Tcpip6 - ok
13:09:32.0772 3396 [ 5CE0C4A7B12D0067DAD527D72B68C726 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
13:09:32.0774 3396 tcpipreg - ok
13:09:32.0795 3396 [ 964248AEF49C31FA6A93201A73FFAF50 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
13:09:32.0796 3396 TDPIPE - ok
13:09:32.0824 3396 [ 7D2C1AE1648A60FCE4AA0F7982E419D3 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
13:09:32.0826 3396 TDTCP - ok
13:09:32.0836 3396 [ AB4FDE8AF4A0270A46A001C08CBCE1C2 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
13:09:32.0839 3396 tdx - ok
13:09:32.0858 3396 [ 2C549BD9DD091FBFAA0A2A48E82EC2FB ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
13:09:32.0861 3396 TermDD - ok
13:09:32.0894 3396 [ FAD71C1E8E4047B154E899AE31EB8CAA ] TermService C:\Windows\System32\termsrv.dll
13:09:32.0900 3396 TermService - ok
13:09:32.0917 3396 [ B264DFA21677728613267FE63802B332 ] Themes C:\Windows\system32\shsvcs.dll
13:09:32.0924 3396 Themes - ok
13:09:32.0945 3396 [ 9DFA3A459AF0954AA85B4F7622AD87BB ] THREADORDER C:\Windows\system32\mmcss.dll
13:09:32.0947 3396 THREADORDER - ok
13:09:32.0973 3396 [ 6BBA0582C0025D43729A1112D3B57897 ] TrkWks C:\Windows\System32\trkwks.dll
13:09:32.0977 3396 TrkWks - ok
13:09:33.0058 3396 [ 34E388A395FEDBA1D0511ED39BBF4074 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:09:33.0059 3396 TrustedInstaller - ok
13:09:33.0085 3396 [ 29F0ECA726F0D51F7E048BDB0B372F29 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
13:09:33.0087 3396 tssecsrv - ok
13:09:33.0118 3396 [ 65E953BC0084D44498B51F59784D2A82 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
13:09:33.0119 3396 tunmp - ok
13:09:33.0134 3396 [ 4A39BDA5E0FD30BDF4884F9D33AE6105 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
13:09:33.0136 3396 tunnel - ok
13:09:33.0168 3396 [ C3ADE15414120033A36C0F293D4A4121 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
13:09:33.0170 3396 uagp35 - ok
13:09:33.0200 3396 [ 6348DA98707CEDA8A0DFB05820E17732 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
13:09:33.0204 3396 udfs - ok
13:09:33.0260 3396 [ 24A333F4F14DCFB6FF6D5A1B9E5D79DD ] UI0Detect C:\Windows\system32\UI0Detect.exe
13:09:33.0264 3396 UI0Detect - ok
13:09:33.0280 3396 [ 75E6890EBFCE0841D3291B02E7A8BDB0 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
13:09:33.0282 3396 uliagpkx - ok
13:09:33.0314 3396 [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci C:\Windows\system32\drivers\uliahci.sys
13:09:33.0316 3396 uliahci - ok
13:09:33.0336 3396 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
13:09:33.0340 3396 UlSata - ok
13:09:33.0365 3396 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
13:09:33.0368 3396 ulsata2 - ok
13:09:33.0399 3396 [ 3FB78F1D1DD86D87BECECD9DFFA24DD9 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
13:09:33.0401 3396 umbus - ok
13:09:33.0420 3396 [ 8EB871A3DEB6B3D5A85EB6DDFC390B59 ] upnphost C:\Windows\System32\upnphost.dll
13:09:33.0425 3396 upnphost - ok
13:09:33.0463 3396 [ B0BA9CAFFE9B0555EC0317F30CB79CD2 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
13:09:33.0465 3396 usbccgp - ok
13:09:33.0501 3396 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
13:09:33.0503 3396 usbcir - ok
13:09:33.0565 3396 [ C9FCD05B0A80EA08C2768E5A279B14DE ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
13:09:33.0567 3396 usbehci - ok
13:09:33.0585 3396 [ 5E44F7D957F7560DA06BFE6B84B58A35 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
13:09:33.0589 3396 usbhub - ok
13:09:33.0626 3396 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
13:09:33.0628 3396 usbohci - ok
13:09:33.0662 3396 [ B51E52ACF758BE00EF3A58EA452FE360 ] usbprint C:\Windows\system32\drivers\usbprint.sys
13:09:33.0664 3396 usbprint - ok
13:09:33.0714 3396 [ 7887CE56934E7F104E98C975F47353C5 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:09:33.0715 3396 USBSTOR - ok
13:09:33.0764 3396 [ D864735B0BFCB65440960A0B7CC1A38D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
13:09:33.0766 3396 usbuhci - ok
13:09:33.0809 3396 [ F79D0D7C9004474CB42746D9B2C30A2B ] UxSms C:\Windows\System32\uxsms.dll
13:09:33.0812 3396 UxSms - ok
13:09:33.0834 3396 [ C9D0BAFEE0D0A2681F048CA61BC0DA96 ] vds C:\Windows\System32\vds.exe
13:09:33.0841 3396 vds - ok
13:09:33.0857 3396 [ 7D92BE0028ECDEDEC74617009084B5EF ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
13:09:33.0859 3396 vga - ok
13:09:33.0870 3396 [ 17A8F877314E4067F8C8172CC6D9101C ] VgaSave C:\Windows\System32\drivers\vga.sys
13:09:33.0871 3396 VgaSave - ok
13:09:33.0923 3396 [ 045D9961E591CF0674A920B6BA3BA5CB ] viaagp C:\Windows\system32\drivers\viaagp.sys
13:09:33.0925 3396 viaagp - ok
13:09:33.0968 3396 [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
13:09:33.0970 3396 ViaC7 - ok
13:09:33.0996 3396 [ FD2E3175FCADA350C7AB4521DCA187EC ] viaide C:\Windows\system32\drivers\viaide.sys
13:09:33.0998 3396 viaide - ok
13:09:34.0099 3396 [ 60C4B117ED03861379B2EE54EBFC8581 ] VMCService C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
13:09:34.0101 3396 VMCService - ok
13:09:34.0118 3396 [ 103E84C95832D0ED93507997CC7B54E8 ] volmgr C:\Windows\system32\drivers\volmgr.sys
13:09:34.0120 3396 volmgr - ok
13:09:34.0148 3396 [ 294DA8D3F965F6A8DB934A83C7B461FF ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
13:09:34.0155 3396 volmgrx - ok
13:09:34.0217 3396 [ 80DC0C9BCB579ED9815001A4D37CBFD5 ] volsnap C:\Windows\system32\drivers\volsnap.sys
13:09:34.0222 3396 volsnap - ok
13:09:34.0268 3396 [ D984439746D42B30FC65A4C3546C6829 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
13:09:34.0271 3396 vsmraid - ok
13:09:34.0339 3396 [ E0E29D9EF2524ABD11749C7C2FD7F607 ] VSS C:\Windows\system32\vssvc.exe
13:09:34.0349 3396 VSS - ok
13:09:34.0409 3396 [ 62B0D0F6F5580D9D0DFA5E0B466FF2ED ] W32Time C:\Windows\system32\w32time.dll
13:09:34.0414 3396 W32Time - ok
13:09:34.0440 3396 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
13:09:34.0442 3396 WacomPen - ok
13:09:34.0496 3396 [ 6798C1209A53B5A0DED8D437C45145FF ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
13:09:34.0498 3396 Wanarp - ok
13:09:34.0503 3396 [ 6798C1209A53B5A0DED8D437C45145FF ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
13:09:34.0504 3396 Wanarpv6 - ok
13:09:34.0572 3396 [ C1B19162E0509CEAB4CDF664E139D956 ] wcncsvc C:\Windows\System32\wcncsvc.dll
13:09:34.0577 3396 wcncsvc - ok
13:09:34.0597 3396 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:09:34.0601 3396 WcsPlugInService - ok
13:09:34.0621 3396 [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd C:\Windows\system32\drivers\wd.sys
13:09:34.0623 3396 Wd - ok
13:09:34.0679 3396 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
13:09:34.0689 3396 Wdf01000 - ok
13:09:34.0701 3396 [ 2A424B89B14EF17A3D06BCB5A8F79601 ] WdiServiceHost C:\Windows\system32\wdi.dll
13:09:34.0706 3396 WdiServiceHost - ok
13:09:34.0717 3396 [ 2A424B89B14EF17A3D06BCB5A8F79601 ] WdiSystemHost C:\Windows\system32\wdi.dll
13:09:34.0720 3396 WdiSystemHost - ok
13:09:34.0751 3396 [ 01E41C264EEDCB827820A1909162579F ] WebClient C:\Windows\System32\webclnt.dll
13:09:34.0756 3396 WebClient - ok
13:09:34.0769 3396 [ 9CF67FF7F8D34CBF115D0C278B9F74AA ] Wecsvc C:\Windows\system32\wecsvc.dll
13:09:34.0774 3396 Wecsvc - ok
13:09:34.0801 3396 [ B68CAB45DB1DAB59D92ACADFAD6364A8 ] wercplsupport C:\Windows\System32\wercplsupport.dll
13:09:34.0806 3396 wercplsupport - ok
13:09:34.0827 3396 [ 36BA0707680EF4236FD752BEE982CC25 ] WerSvc C:\Windows\System32\WerSvc.dll
13:09:34.0830 3396 WerSvc - ok
13:09:34.0912 3396 [ 0D5AD0E71FF5DDAC5DD2F443B499ABD0 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
13:09:34.0917 3396 WinDefend - ok
13:09:34.0925 3396 WinHttpAutoProxySvc - ok
13:09:35.0025 3396 [ 38A7B89DE4E3417C122317949667FDD8 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
13:09:35.0031 3396 Winmgmt - ok
13:09:35.0093 3396 [ 3F6823040030C3E4DA1CF11CD40B7534 ] WinRM C:\Windows\system32\WsmSvc.dll
13:09:35.0099 3396 WinRM - ok
13:09:35.0161 3396 [ 7640ACEA41348BFEF34B76E245501261 ] Wlansvc C:\Windows\System32\wlansvc.dll
13:09:35.0167 3396 Wlansvc - ok
13:09:35.0173 3396 wltrysvc - ok
13:09:35.0240 3396 [ 17EAC0D023A65FA9B02114CC2BAACAD5 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
13:09:35.0242 3396 WmiAcpi - ok
13:09:35.0317 3396 [ A279323BEE5FFFAFDA222910BCE92132 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
13:09:35.0318 3396 wmiApSrv - ok
13:09:35.0403 3396 [ ACB2E63D50157E3EA7140F29D9E76A48 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
13:09:35.0436 3396 WMPNetworkSvc - ok
13:09:35.0519 3396 [ 3D3B3B80C12ABE506F56930C46422C28 ] WPCSvc C:\Windows\System32\wpcsvc.dll
13:09:35.0523 3396 WPCSvc - ok
13:09:35.0569 3396 [ C24844A1D0D9528B19D5BC266B8CD572 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
13:09:35.0573 3396 WPDBusEnum - ok
13:09:35.0608 3396 [ 84620AECDCFD2A7A14E6263927D8C0ED ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
13:09:35.0609 3396 ws2ifsl - ok
13:09:35.0629 3396 [ F97CBB919AF6D0A6643D1A59C15014D1 ] wscsvc C:\Windows\system32\wscsvc.dll
13:09:35.0633 3396 wscsvc - ok
13:09:35.0643 3396 WSearch - ok
13:09:35.0761 3396 [ 6298277B73C77FA99106B271A7525163 ] wuauserv C:\Windows\system32\wuaueng.dll
13:09:35.0818 3396 wuauserv - ok
13:09:35.0871 3396 [ A2AAFCC8A204736296D937C7C545B53F ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
13:09:35.0874 3396 WUDFRd - ok
13:09:35.0919 3396 [ DB5BF5AAB72B1B99B5331231D09EBB26 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
13:09:35.0923 3396 wudfsvc - ok
13:09:35.0930 3396 yksvc - ok
13:09:35.0974 3396 [ 1A51DF1A5C658D534ED980D18F7982DE ] yukonwlh C:\Windows\system32\DRIVERS\yk60x86.sys
13:09:35.0981 3396 yukonwlh - ok
13:09:36.0010 3396 ================ Scan global ===============================
13:09:36.0058 3396 [ 8CD98A8EC9CADAF4E051CDCAC15C96C4 ] C:\Windows\system32\basesrv.dll
13:09:36.0115 3396 [ E3F137ADC0A9D7F3A2E4F557272FE6B3 ] C:\Windows\system32\winsrv.dll
13:09:36.0135 3396 [ E3F137ADC0A9D7F3A2E4F557272FE6B3 ] C:\Windows\system32\winsrv.dll
13:09:36.0193 3396 [ 329CF3C97CE4C19375C8ABCABAE258B0 ] C:\Windows\system32\services.exe
13:09:36.0197 3396 [Global] - ok
13:09:36.0197 3396 ================ Scan MBR ==================================
13:09:36.0215 3396 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
13:09:36.0723 3396 \Device\Harddisk0\DR0 - ok
13:09:36.0726 3396 ================ Scan VBR ==================================
13:09:36.0761 3396 [ D8C1403D8B6F06FB23F715C97BD92F8A ] \Device\Harddisk0\DR0\Partition1
13:09:36.0764 3396 \Device\Harddisk0\DR0\Partition1 - ok
13:09:36.0771 3396 [ 21F41B2C6E59A413E3E7887FCFC02499 ] \Device\Harddisk0\DR0\Partition2
13:09:36.0773 3396 \Device\Harddisk0\DR0\Partition2 - ok
13:09:36.0776 3396 ============================================================
13:09:36.0777 3396 Scan finished
13:09:36.0777 3396 ============================================================
13:09:36.0799 6024 Detected object count: 0
13:09:36.0799 6024 Actual detected object count: 0
13:18:43.0954 5284 Deinitialize success


aswMBR Log:

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2012-12-02 13:18:58
-----------------------------
13:18:58.075 OS Version: Windows 6.0.6000
13:18:58.075 Number of processors: 2 586 0xF0D
13:18:58.075 ComputerName: YOURNAME-PC UserName: Your Name
13:19:01.669 Initialize success
13:26:22.077 AVAST engine defs: 12120101
13:26:52.358 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
13:26:52.360 Disk 0 Vendor: WDC_WD2500BEVT-75ZCT2 11.01A11 Size: 238475MB BusType: 3
13:26:52.389 Disk 0 MBR read successfully
13:26:52.392 Disk 0 MBR scan
13:26:52.411 Disk 0 Windows VISTA default MBR code
13:26:52.415 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
13:26:52.434 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 10000 MB offset 81920
13:26:52.451 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 228434 MB offset 20561920
13:26:52.459 Disk 0 scanning sectors +488395120
13:26:52.547 Disk 0 scanning C:\Windows\system32\drivers
13:27:04.853 Service scanning
13:27:31.122 Modules scanning
13:27:38.257 Disk 0 trace - called modules:
13:27:38.279 ntkrnlpa.exe CLASSPNP.SYS disk.sys ataport.SYS hal.dll PCIIDEX.SYS msahci.sys NETIO.SYS ndis.sys netr28u.sys
13:27:38.285 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x857a8588]
13:27:38.291 3 ntkrnlpa.exe[820b07e2] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x84f49bb0]
13:27:40.176 AVAST engine scan C:\Windows
13:27:46.269 AVAST engine scan C:\Windows\system32
13:31:27.434 AVAST engine scan C:\Windows\system32\drivers
13:31:47.910 AVAST engine scan C:\Users\Your Name
13:39:08.148 AVAST engine scan C:\ProgramData
13:42:44.092 Scan finished successfully
13:43:24.764 Disk 0 MBR has been saved successfully to "C:\Users\Your Name\Desktop\MBR.dat"
13:43:24.770 The log file has been saved successfully to "C:\Users\Your Name\Desktop\aswMBR.txt"


ESET Log:


C:\Program Files\VideoConverter\VideoConverter.exe a variant of Win32/InstallCore.A application cleaned by deleting - quarantined
C:\Program Files\Vuze\.install4j\i4j_extf_31_5p83tu.dll a variant of Win32/Bunndle application cleaned by deleting - quarantined
C:\Users\Your Name\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21\2ea12255-74e57e29 a variant of Java/Exploit.CVE-2011-3544.BR trojan deleted - quarantined
C:\Users\Your Name\Downloads\cbsidlm-tr1_7-Auto_Clicker_by_Shocker-75742161.exe Win32/DownloadAdmin.D application cleaned by deleting - quarantined
C:\Users\Your Name\Downloads\siinst.exe Win32/OpenCandy application cleaned by deleting - quarantined


Sorry reply took so long, had trouble getting back to this site.

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:57 AM

Posted 05 December 2012 - 08:38 PM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

#5 knigtbird

knigtbird
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:57 AM

Posted 06 December 2012 - 05:27 PM

Malewarebytes Log:

Malwarebytes Anti-Malware (Trial) 1.65.1.1000
www.malwarebytes.org

Database version: v2012.12.06.03

Windows Vista x86 NTFS
Internet Explorer 7.0.6000.16982
Your Name :: YOURNAME-PC [administrator]

Protection: Enabled

06/12/2012 07:37:14
mbam-log-2012-12-06 (07-37-14).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 314035
Time elapsed: 54 minute(s), 24 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


mini toolbox Log:

MiniToolBox by Farbar Version: 25-11-2012
Ran by Your Name (administrator) on 06-12-2012 at 21:28:23
Running from "C:\Users\Your Name\Downloads"
Windows Vista ™ Home Premium (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Dell Wireless 1397 WLAN Mini-Card = Wireless Network Connection (Media disconnected)
802.11n USB Wireless LAN Card = Wireless Network Connection 2 (Media disconnected)
Marvell Yukon 88E8040 PCI-E Fast Ethernet Controller = Local Area Connection (Media disconnected)
HUAWEI Mobile Connect - 3G Network Card = Local Area Connection 3 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set interface luid=loopback_0 forwarding=disabled advertise=disabled mtu=0 metric=0 metric=0 nud=disabled basereachabletime=0 retransmittime=0 routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled
set interface luid=ethernet_1 forwarding=disabled advertise=disabled mtu=0 metric=0 metric=0 nud=disabled basereachabletime=0 retransmittime=0 routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled
set interface luid=ethernet_2 forwarding=disabled advertise=disabled mtu=0 metric=0 metric=0 nud=disabled basereachabletime=0 retransmittime=0 routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled
set interface luid=wireless_0 forwarding=disabled advertise=disabled mtu=0 metric=0 metric=0 nud=disabled basereachabletime=0 retransmittime=0 routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled
set interface luid=ethernet_4 forwarding=disabled advertise=disabled mtu=0 metric=0 metric=0 nud=disabled basereachabletime=0 retransmittime=0 routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled
set interface luid=ppp_2 forwarding=disabled advertise=disabled mtu=0 metric=0 metric=0 nud=disabled basereachabletime=0 retransmittime=0 routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled
set interface luid=wireless_4 forwarding=disabled advertise=disabled mtu=0 metric=0 metric=0 nud=disabled basereachabletime=0 retransmittime=0 routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled
set interface luid=wireless_3 forwarding=disabled advertise=disabled mtu=0 metric=0 metric=0 nud=disabled basereachabletime=0 retransmittime=0 routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled
set interface luid=ethernet_6 forwarding=disabled advertise=disabled mtu=0 metric=0 metric=0 nud=disabled basereachabletime=0 retransmittime=0 routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled
set interface luid=ethernet_7 forwarding=disabled advertise=disabled mtu=0 metric=0 metric=0 nud=disabled basereachabletime=0 retransmittime=0 routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : YourName-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

PPP adapter 3Connect:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 3Connect
Physical Address. . . . . . . . . :
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 188.31.122.197(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . : 0.0.0.0
DNS Servers . . . . . . . . . . . : 217.171.132.1
217.171.132.1
NetBIOS over Tcpip. . . . . . . . : Disabled

Ethernet adapter Local Area Connection 3:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : HUAWEI Mobile Connect - 3G Network Card #2
Physical Address. . . . . . . . . : 00-1E-10-1F-4C-10
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Marvell Yukon 88E8040 PCI-E Fast Ethernet Controller
Physical Address. . . . . . . . . : 00-23-AE-06-27-10
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Dell Wireless 1397 WLAN Mini-Card
Physical Address. . . . . . . . . : 00-22-5F-3A-E7-59
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : 802.11n USB Wireless LAN Card
Physical Address. . . . . . . . . : 00-E0-08-27-91-85
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 6:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.home
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 7:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{5CFFF3AA-F869-4AB2-AF46-C4F1728762CF}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 10:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{B09AEED4-5831-4CFC-AAA3-6EF1A41EF398}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 15:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{FF328D10-17C7-443E-BA81-FFA3F9BED3F7}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 18:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{FF328D10-17C7-443E-BA81-FFA3F9BED3F7}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 19:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{FF328D10-17C7-443E-BA81-FFA3F9BED3F7}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 20:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{FF328D10-17C7-443E-BA81-FFA3F9BED3F7}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 21:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #9
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::200:5efe:188.31.122.197%49(Preferred)
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 217.171.132.1
217.171.132.1
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Local Area Connection* 24:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 6TO4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Temporary IPv6 Address. . . . . . : 2002:bc1f:7ac5::bc1f:7ac5(Preferred)
Default Gateway . . . . . . . . . : 2002:c058:6301::c058:6301
DNS Servers . . . . . . . . . . . : 217.171.132.1
217.171.132.1
NetBIOS over Tcpip. . . . . . . . : Disabled
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 217.171.132.1:53

Name: google.com
Addresses: 173.194.34.168, 173.194.34.169, 173.194.34.174, 173.194.34.160
173.194.34.161, 173.194.34.162, 173.194.34.163, 173.194.34.164, 173.194.34.165
173.194.34.166, 173.194.34.167



Pinging google.com [173.194.41.101] with 32 bytes of data:



Reply from 173.194.41.101: bytes=32 time=97ms TTL=59

Reply from 173.194.41.101: bytes=32 time=106ms TTL=59



Ping statistics for 173.194.41.101:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 97ms, Maximum = 106ms, Average = 101ms

Server: mr0mbcvip.threembb.net
Address: 217.171.132.1:53

Name: yahoo.com
Addresses: 72.30.38.140, 98.138.253.109, 98.139.183.24



Pinging yahoo.com [72.30.38.140] with 32 bytes of data:



Reply from 72.30.38.140: bytes=32 time=314ms TTL=49

Reply from 72.30.38.140: bytes=32 time=293ms TTL=49



Ping statistics for 72.30.38.140:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 293ms, Maximum = 314ms, Average = 303ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time=9ms TTL=128

Reply from 127.0.0.1: bytes=32 time=2ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 2ms, Maximum = 9ms, Average = 5ms

===========================================================================
Interface List
45 ........................... 3Connect
32 ...00 1e 10 1f 4c 10 ...... HUAWEI Mobile Connect - 3G Network Card #2
10 ...00 23 ae 06 27 10 ...... Marvell Yukon 88E8040 PCI-E Fast Ethernet Controller
8 ...00 22 5f 3a e7 59 ...... Dell Wireless 1397 WLAN Mini-Card
11 ...00 e0 08 27 91 85 ...... 802.11n USB Wireless LAN Card
1 ........................... Software Loopback Interface 1
34 ...00 00 00 00 00 00 00 e0 isatap.home
9 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
30 ...00 00 00 00 00 00 00 e0 isatap.{5CFFF3AA-F869-4AB2-AF46-C4F1728762CF}
20 ...00 00 00 00 00 00 00 e0 isatap.{B09AEED4-5831-4CFC-AAA3-6EF1A41EF398}
39 ...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
35 ...00 00 00 00 00 00 00 e0 isatap.{FF328D10-17C7-443E-BA81-FFA3F9BED3F7}
33 ...00 00 00 00 00 00 00 e0 isatap.{FF328D10-17C7-443E-BA81-FFA3F9BED3F7}
37 ...00 00 00 00 00 00 00 e0 isatap.{FF328D10-17C7-443E-BA81-FFA3F9BED3F7}
38 ...00 00 00 00 00 00 00 e0 isatap.{FF328D10-17C7-443E-BA81-FFA3F9BED3F7}
49 ...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #9
40 ...00 00 00 00 00 00 00 e0 6TO4 Adapter
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 On-link 188.31.122.197 26
0.0.0.0 255.255.255.255 On-link 188.31.122.197 26
127.0.0.0 255.0.0.0 On-link 127.0.0.1 4531
127.0.0.1 255.255.255.255 On-link 127.0.0.1 4531
127.255.255.255 255.255.255.255 On-link 127.0.0.1 4531
188.31.122.197 255.255.255.255 On-link 188.31.122.197 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 4531
224.0.0.0 240.0.0.0 On-link 188.31.122.197 26
255.255.255.255 255.255.255.255 On-link 127.0.0.1 4531
255.255.255.255 255.255.255.255 On-link 188.31.122.197 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
40 1130 ::/0 2002:c058:6301::c058:6301
1 306 ::1/128 On-link
40 1030 2002::/16 On-link
40 286 2002:bc1f:7ac5::bc1f:7ac5/128
On-link
49 286 fe80::200:5efe:188.31.122.197/128
On-link
1 306 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\mswsock.dll [227328] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\winrnr.dll [19968] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 30 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (12/06/2012 05:19:31 PM) (Source: RasClient) (User: )
Description: CoID={7140CFAF-8803-4ED9-AB37-DCF196D7ACAC}: The user YourName-PC\Your Name dialed a connection named 3Connect which has failed. The error code returned on failure is 692.

Error: (12/06/2012 05:17:39 PM) (Source: RasClient) (User: )
Description: CoID={2BF6A152-E909-47B2-BF93-E91F3C89486B}: The user YourName-PC\Your Name dialed a connection named 3Connect which has failed. The error code returned on failure is 692.

Error: (12/06/2012 05:17:21 PM) (Source: RasClient) (User: )
Description: CoID={5E9785CD-1ABF-440C-8004-F4BDD511CB60}: The user YourName-PC\Your Name dialed a connection named 3Connect which has failed. The error code returned on failure is 692.

Error: (12/06/2012 06:59:35 AM) (Source: VMCService) (User: )
Description: conflictManagerTypeValue

Error: (12/05/2012 02:01:04 PM) (Source: VMCService) (User: )
Description: conflictManagerTypeValue

Error: (12/05/2012 11:30:50 AM) (Source: VMCService) (User: )
Description: GetProcessOwner

Error: (12/05/2012 02:28:03 AM) (Source: VMCService) (User: )
Description: conflictManagerTypeValue

Error: (12/05/2012 01:34:36 AM) (Source: EventSystem) (User: )
Description: 80070005{AA44355E-6911-4447-BA5D-6720480579AF}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}

Error: (12/03/2012 08:55:09 PM) (Source: VMCService) (User: )
Description: conflictManagerTypeValue

Error: (12/03/2012 05:42:08 PM) (Source: EventSystem) (User: )
Description: 80070005EventSystem.EventSubscription{AA44355E-6911-4447-BA5D-6720480579AF}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}


System errors:
=============
Error: (12/06/2012 07:00:16 AM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (12/06/2012 07:00:16 AM) (Source: Service Control Manager) (User: )
Description: Intel® PRO/1000 NDIS 6 Adapter Driver%%1058

Error: (12/06/2012 06:59:26 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 06:57:25 on 06/12/2012 was unexpected.

Error: (12/05/2012 02:29:04 AM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (12/05/2012 02:29:04 AM) (Source: Service Control Manager) (User: )
Description: Intel® PRO/1000 NDIS 6 Adapter Driver%%1058

Error: (12/03/2012 08:55:59 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (12/03/2012 08:55:59 PM) (Source: Service Control Manager) (User: )
Description: Intel® PRO/1000 NDIS 6 Adapter Driver%%1058

Error: (12/03/2012 02:09:36 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (12/03/2012 02:09:36 PM) (Source: Service Control Manager) (User: )
Description: Intel® PRO/1000 NDIS 6 Adapter Driver%%1058

Error: (12/03/2012 04:01:39 AM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058


Microsoft Office Sessions:
=========================
Error: (12/06/2012 05:19:31 PM) (Source: RasClient)(User: )
Description: {7140CFAF-8803-4ED9-AB37-DCF196D7ACAC}YourName-PC\Your Name3Connect692

Error: (12/06/2012 05:17:39 PM) (Source: RasClient)(User: )
Description: {2BF6A152-E909-47B2-BF93-E91F3C89486B}YourName-PC\Your Name3Connect692

Error: (12/06/2012 05:17:21 PM) (Source: RasClient)(User: )
Description: {5E9785CD-1ABF-440C-8004-F4BDD511CB60}YourName-PC\Your Name3Connect692

Error: (12/06/2012 06:59:35 AM) (Source: VMCService)(User: )
Description: conflictManagerTypeValue

Error: (12/05/2012 02:01:04 PM) (Source: VMCService)(User: )
Description: conflictManagerTypeValue

Error: (12/05/2012 11:30:50 AM) (Source: VMCService)(User: )
Description: GetProcessOwner

Error: (12/05/2012 02:28:03 AM) (Source: VMCService)(User: )
Description: conflictManagerTypeValue

Error: (12/05/2012 01:34:36 AM) (Source: EventSystem)(User: )
Description: 80070005{AA44355E-6911-4447-BA5D-6720480579AF}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}

Error: (12/03/2012 08:55:09 PM) (Source: VMCService)(User: )
Description: conflictManagerTypeValue

Error: (12/03/2012 05:42:08 PM) (Source: EventSystem)(User: )
Description: 80070005EventSystem.EventSubscription{AA44355E-6911-4447-BA5D-6720480579AF}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}


CodeIntegrity Errors:
===================================
Date: 2012-12-06 17:59:51.863
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\avgidsdriverx.sys because the set of per-page image hashes could not be found on the system.

Date: 2012-12-06 17:59:51.764
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\avgidsdriverx.sys because the set of per-page image hashes could not be found on the system.

Date: 2012-12-06 17:59:51.640
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\avgidsdriverx.sys because the set of per-page image hashes could not be found on the system.

Date: 2012-12-06 17:59:51.586
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\avgidsdriverx.sys because the set of per-page image hashes could not be found on the system.

Date: 2012-12-06 17:59:51.534
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\avgidsdriverx.sys because the set of per-page image hashes could not be found on the system.

Date: 2012-12-06 17:59:51.472
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\avgidsdriverx.sys because the set of per-page image hashes could not be found on the system.

Date: 2012-12-06 08:28:04.588
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2012-12-06 08:28:04.556
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2012-12-06 08:28:04.494
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2012-12-06 08:28:04.463
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys because the set of per-page image hashes could not be found on the system.


=========================== Installed Programs ============================

3Connect (Version: 3.0.0)
Active@ KillDisk FREE Suite
Adobe AIR (Version: 2.6.0.19140)
Adobe Flash Player 11 ActiveX (Version: 11.4.402.287)
Adobe Flash Player 11 Plugin (Version: 11.5.502.110)
Adobe Reader 9.5.2 (Version: 9.5.2)
Adobe Shockwave Player 11.6 (Version: 11.6.5.635)
Aliens vs. Predator
AVG 2012 (Version: 12.0.2221)
AVG 2012 (Version: 12.0.2634)
AVG 2012 (Version: 2012.0.2221)
BBC iPlayer Desktop (Version: 3.2.7)
CarrierCommand Uninstall
Center V2 System (Version: 1.0)
Cisco EAP-FAST Module (Version: 2.2.14)
Cisco LEAP Module (Version: 1.0.19)
Cisco PEAP Module (Version: 1.1.6)
Command & Conquer™ 4 Tiberian Twilight (Version: 1.0.0.0)
Dell Driver Download Manager (Version: 2.1.0.0)
Dell Wireless WLAN Card Utility (Version: 5.10.38.30)
Doctor Who: The Adventure Games
Duke Nukem Forever
Eraser 6.0.8.2273 (Version: 6.0.2273)
ESET Online Scanner v3
Free Mouse Auto Clicker 3.0
Google Apps (Version: 1.2.279.2381)
Google Chrome (Version: 23.0.1271.95)
Google Desktop (Version: 5.9.1005.12335)
Google Earth (Version: 6.1.0.5001)
Google Quick Search Box (Version: 1.2.1151.245)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3230.2052)
Google Update Helper (Version: 1.3.21.123)
Google Updater (Version: 2.4.2432.1652)
Huawei modem
Java Auto Updater (Version: 2.0.7.2)
Java™ 6 Update 37 (Version: 6.0.370)
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
Marvell Miniport Driver (Version: 10.63.3.3)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB953297)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.0.19.0)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Mozilla Firefox 13.0.1 (x86 en-GB) (Version: 13.0.1)
Mozilla Maintenance Service (Version: 13.0.1)
NVIDIA PhysX (Version: 9.10.0224)
Opera 11.11 (Version: 11.11.2109)
Picasa 3 (Version: 3.6)
QuickSet32 (Version: 9.6.21)
Ralink RT2870 Wireless LAN Card (Version: 1.5.8.0)
Rapport (Version: 3.5.1205.17)
Star Wars Battlefront II (Version: 1.0)
Steam (Version: 1.0.0.0)
swMSM (Version: 12.0.0.1)
System Requirements Lab for Intel (Version: 4.5.5.0)
Unity Web Player (Version: )
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
VLC media player 1.0.1 (Version: 1.0.1)
Vodafone Mobile Connect Lite (Version: 9.4.4.17702)
Vuze (Version: 4.7)
WinRAR archiver
Xfire (remove only)
Xvid 1.2.2 final uninstall (Version: 1.2)

========================= Memory info: ===================================

Percentage of memory in use: 63%
Total physical RAM: 3031.75 MB
Available physical RAM: 1102.36 MB
Total Pagefile: 6265.71 MB
Available Pagefile: 3903.41 MB
Total Virtual: 2047.88 MB
Available Virtual: 1973.64 MB

========================= Partitions: =====================================

1 Drive c: (Hard Disk) (Fixed) (Total:223.08 GB) (Free:16.06 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:9.77 GB) (Free:9.63 GB) NTFS
5 Drive g: (3Connect) (CDROM) (Total:0.03 GB) (Free:0 GB) CDFS

========================= Users: ========================================

User accounts for \\YOURNAME-PC

Administrator ASPNET Guest
Your Name

========================= Restore Points ==================================

01-12-2012 12:08:40 Windows Update
04-12-2012 03:36:22 Scheduled Checkpoint
04-12-2012 23:21:23 Windows Update
06-12-2012 09:17:32 Scheduled Checkpoint

**** End of log ****


Farbar Service scanner Log:

Farbar Service Scanner Version: 04-12-2012
Ran by Your Name (administrator) on 06-12-2012 at 21:31:50
Running from "C:\Users\Your Name\Downloads"
Windows Vista ™ Home Premium (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
WAN connected
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll
[2010-07-18 20:58] - [2010-07-18 20:58] - 0265912 ____A (Microsoft Corporation) 0D5AD0E71FF5DDAC5DD2F443B499ABD0

C:\Windows\system32\ipnathlp.dll => MD5 is legit
C:\Windows\system32\iphlpsvc.dll
[2010-07-18 20:09] - [2010-07-18 20:09] - 0179712 ____A (Microsoft Corporation) ECC9AD72CFC4AB41CF6A9BCC11F9FEF6

C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****


Adware Cleaner Log:

# AdwCleaner v2.011 - Logfile created 12/06/2012 at 22:30:01
# Updated 02/12/2012 by Xplode
# Operating system : Windows Vista ™ Home Premium (32 bits)
# User : Your Name - YOURNAME-PC
# Boot Mode : Normal
# Running from : C:\Users\Your Name\Downloads\adwcleaner (1).exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\user.js
Folder Deleted : C:\Users\Your Name\AppData\Local\Babylon

***** [Registry] *****

Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2504091
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Deleted : HKLM\Software\IB Updater
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]

***** [Internet Browsers] *****

-\\ Internet Explorer v7.0.6000.16982

[OK] Registry is clean.

-\\ Mozilla Firefox v13.0.1 (en-GB)

Profile name : default
File : C:\Users\Your Name\AppData\Roaming\Mozilla\Firefox\Profiles\0fcrj0sz.default\prefs.js

C:\Users\Your Name\AppData\Roaming\Mozilla\Firefox\Profiles\0fcrj0sz.default\user.js ... Deleted !

Deleted : user_pref("browser.newtab.url", "hxxp://mystart.incredibar.com/mb196?a=6R8MozWk9F&i=26");
Deleted : user_pref("browser.search.defaultenginename", "MyStart Search");
Deleted : user_pref("browser.startup.homepage", "hxxp://mystart.incredibar.com/mb196?a=6R8MozWk9F&i=26");
Deleted : user_pref("extensions.BabylonToolbar.cntry", "GB");
Deleted : user_pref("extensions.BabylonToolbar.firstRun", false);
Deleted : user_pref("extensions.BabylonToolbar.hdrMd5", "A54C26F2163C525DDEAA2059A1D7D821");
Deleted : user_pref("extensions.BabylonToolbar.lastActv", "19");
Deleted : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
Deleted : user_pref("extensions.BabylonToolbar_i.babExt", "");
Deleted : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=100482");
Deleted : user_pref("extensions.BabylonToolbar_i.hardId", "6edb0b0a000000000000000000000000");
Deleted : user_pref("extensions.BabylonToolbar_i.id", "6edb0b0a000000000000000000000000");
Deleted : user_pref("extensions.BabylonToolbar_i.instlDay", "15372");
Deleted : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
Deleted : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
Deleted : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
Deleted : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Deleted : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Deleted : user_pref("extensions.BabylonToolbar_i.tlbrId", "tb9");
Deleted : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
Deleted : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.179:51:12");
Deleted : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
Deleted : user_pref("extensions.incredibar.admin", false);
Deleted : user_pref("extensions.incredibar.aflt", "orgnl");
Deleted : user_pref("extensions.incredibar.cntry", "GB");
Deleted : user_pref("extensions.incredibar.dfltLng", "");
Deleted : user_pref("extensions.incredibar.dfltSrch", false);
Deleted : user_pref("extensions.incredibar.did", "10687");
Deleted : user_pref("extensions.incredibar.envrmnt", "production");
Deleted : user_pref("extensions.incredibar.excTlbr", false);
Deleted : user_pref("extensions.incredibar.hdrMd5", "930EE1E979E979FCF2F166A983BA0242");
Deleted : user_pref("extensions.incredibar.hmpg", false);
Deleted : user_pref("extensions.incredibar.id", "6edb0b0a000000000000000000000000");
Deleted : user_pref("extensions.incredibar.installerproductid", "26");
Deleted : user_pref("extensions.incredibar.instlDay", "15670");
Deleted : user_pref("extensions.incredibar.instlRef", "");
Deleted : user_pref("extensions.incredibar.isDcmntCmplt", true);
Deleted : user_pref("extensions.incredibar.lastVrsnTs", "1.5.11.147:15:32");
Deleted : user_pref("extensions.incredibar.mntrvrsn", "1.2.0");
Deleted : user_pref("extensions.incredibar.newTab", false);
Deleted : user_pref("extensions.incredibar.noFFXTlbr", false);
Deleted : user_pref("extensions.incredibar.ppd", "");
Deleted : user_pref("extensions.incredibar.prdct", "incredibar");
Deleted : user_pref("extensions.incredibar.productid", "26");
Deleted : user_pref("extensions.incredibar.prtnrId", "Incredibar");
Deleted : user_pref("extensions.incredibar.sg", "none");
Deleted : user_pref("extensions.incredibar.smplGrp", "none");
Deleted : user_pref("extensions.incredibar.tlbrId", "base");
Deleted : user_pref("extensions.incredibar.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6R8MozWk9F&loc=IB_T[...]
Deleted : user_pref("extensions.incredibar.upn2", "6R8MozWk9F");
Deleted : user_pref("extensions.incredibar.upn2n", "92825466719998727");
Deleted : user_pref("extensions.incredibar.vrsn", "1.5.11.14");
Deleted : user_pref("extensions.incredibar.vrsnTs", "1.5.11.147:15:32");
Deleted : user_pref("extensions.incredibar.vrsni", "1.5.11.14");
Deleted : user_pref("extensions.incredibar_i.aflt", "orgnl");
Deleted : user_pref("extensions.incredibar_i.dfltLng", "");
Deleted : user_pref("extensions.incredibar_i.did", "10687");
Deleted : user_pref("extensions.incredibar_i.excTlbr", false);
Deleted : user_pref("extensions.incredibar_i.id", "6edb0b0a000000000000000000000000");
Deleted : user_pref("extensions.incredibar_i.installerproductid", "26");
Deleted : user_pref("extensions.incredibar_i.instlDay", "15670");
Deleted : user_pref("extensions.incredibar_i.instlRef", "");
Deleted : user_pref("extensions.incredibar_i.ms_url_id", "");
Deleted : user_pref("extensions.incredibar_i.newTab", false);
Deleted : user_pref("extensions.incredibar_i.ppd", "");
Deleted : user_pref("extensions.incredibar_i.prdct", "incredibar");
Deleted : user_pref("extensions.incredibar_i.productid", "26");
Deleted : user_pref("extensions.incredibar_i.prtnrId", "Incredibar");
Deleted : user_pref("extensions.incredibar_i.smplGrp", "none");
Deleted : user_pref("extensions.incredibar_i.tlbrId", "base");
Deleted : user_pref("extensions.incredibar_i.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6R8MozWk9F&loc=IB[...]
Deleted : user_pref("extensions.incredibar_i.upn2", "6R8MozWk9F");
Deleted : user_pref("extensions.incredibar_i.upn2n", "92825466719998727");
Deleted : user_pref("extensions.incredibar_i.vrsn", "1.5.11.14");
Deleted : user_pref("extensions.incredibar_i.vrsnTs", "1.5.11.147:15:32");
Deleted : user_pref("extensions.incredibar_i.vrsni", "1.5.11.14");
Deleted : user_pref("keyword.URL", "hxxp://mystart.incredibar.com/mb196/?loc=IB_DS&a=6R8MozWk9F&&i=26&search="[...]
Deleted : user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_blackList", "form=CONTLB|babsrc=too[...]
Deleted : user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_whiteList", "{\"search.babylon.com\[...]

-\\ Google Chrome v23.0.1271.95

File : C:\Users\Your Name\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

-\\ Opera v11.11.2109.0

File : C:\Users\Your Name\AppData\Roaming\Opera\Opera\operaprefs.ini

Deleted : Home URL=hxxp://mystart.incredibar.com/mb196?a=6R8MozWk9F&i=26

*************************

AdwCleaner[S1].txt - [4437 octets] - [26/11/2012 13:34:52]
AdwCleaner[S2].txt - [8946 octets] - [06/12/2012 22:30:01]

########## EOF - C:\AdwCleaner[S2].txt - [9006 octets] ##########


Junkware removal tool Log:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 3.9.4 (12.06.2012:5)
OS: Windows Vista ™ Home Premium x86
Ran by Your Name on 06/12/2012 at 22:42:31.31
Blog: http://thisisudax.blogspot.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files

Successfully deleted: [File] C:\eula.1028.txt
Successfully deleted: [File] C:\eula.1031.txt
Successfully deleted: [File] C:\eula.1033.txt
Successfully deleted: [File] C:\eula.1036.txt
Successfully deleted: [File] C:\eula.1040.txt
Successfully deleted: [File] C:\eula.1041.txt
Successfully deleted: [File] C:\eula.1042.txt
Successfully deleted: [File] C:\eula.2052.txt
Successfully deleted: [File] C:\install.res.1028.dll
Successfully deleted: [File] C:\install.res.1031.dll
Successfully deleted: [File] C:\install.res.1033.dll
Successfully deleted: [File] C:\install.res.1036.dll
Successfully deleted: [File] C:\install.res.1040.dll
Successfully deleted: [File] C:\install.res.1041.dll
Successfully deleted: [File] C:\install.res.1042.dll
Successfully deleted: [File] C:\install.res.2052.dll
Successfully deleted: [File] C:\install.res.3082.dll



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 06/12/2012 at 22:49:35.56
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Edited by knigtbird, 06 December 2012 - 05:53 PM.


#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:57 AM

Posted 06 December 2012 - 07:31 PM

Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#7 knigtbird

knigtbird
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:57 AM

Posted 06 December 2012 - 09:45 PM

RKILL Log:

Rkill 2.4.5 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 12/07/2012 02:15:51 AM in x86 mode.
Windows Version: Windows Vista ™ Home Premium

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Manual

* msiserver => %systemroot%\system32\msiexec.exe /V [Incorrect ImagePath]

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost

Program finished at: 12/07/2012 02:16:05 AM
Execution time: 0 hours(s), 0 minute(s), and 13 seconds(s)


Autoruns Log:

"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files\common files\adobe\arm\1.0\adobearm.exe"
+ "Adobe Reader Speed Launcher" "Adobe Acrobat SpeedLauncher" "Adobe Systems Incorporated" "c:\program files\adobe\reader 9.0\reader\reader_sl.exe"
+ "AVG_TRAY" "AVG Tray Monitor" "AVG Technologies CZ, s.r.o." "c:\program files\avg\avg2012\avgtray.exe"
+ "Broadcom Wireless Manager UI" "Dell Wireless WLAN Card Wireless Network Tray Applet" "Dell Inc." "c:\windows\system32\wltray.exe"
+ "Eraser" "Eraser" "The Eraser Project" "c:\program files\eraser\eraser.exe"
+ "Google Desktop Search" "Google Desktop" "Google" "c:\program files\google\google desktop search\googledesktop.exe"
+ "Google Quick Search Box" "Google Quick Search Box" "Google Inc." "c:\program files\google\quick search box\googlequicksearchbox.exe"
+ "HotKeysCmds" "hkcmd Module" "Intel Corporation" "c:\windows\system32\hkcmd.exe"
+ "IgfxTray" "igfxTray Module" "Intel Corporation" "c:\windows\system32\igfxtray.exe"
+ "MobileConnect" "MobileConnect" "Vodafone" "c:\program files\vodafone\vodafone mobile connect\bin\mobileconnect.exe"
+ "Persistence" "persistence Module" "Intel Corporation" "c:\windows\system32\igfxpers.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files\common files\java\java update\jusched.exe"
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "Ralink Wireless Utility.lnk" "Ralink Wireless LAN Card Utility" "Ralink Technology, Corp." "c:\program files\ralink\common\raui.exe"
+ "Wireless Utility.lnk" "RaUI MFC Application" "Edimax Technology Co." "c:\program files\edimax\common\raui.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows Mail 7" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Sidebar" "Windows Sidebar" "Microsoft Corporation" "c:\program files\windows sidebar\sidebar.exe"
+ "swg" "GoogleToolbarNotifier" "Google Inc." "c:\program files\google\googletoolbarnotifier\googletoolbarnotifier.exe"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "linkscanner" "Safe Search pluggable protocol" "AVG Technologies CZ, s.r.o." "c:\program files\avg\avg2012\avgpp.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "AVG Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:\program files\avg\avg2012\avgse.dll"
+ "Eraser" "Eraser Shell Extension" "The Eraser Project" "c:\program files\eraser\eraser.shell.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "Eraser" "Eraser Shell Extension" "The Eraser Project" "c:\program files\eraser\eraser.shell.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "Eraser" "Eraser Shell Extension" "The Eraser Project" "c:\program files\eraser\eraser.shell.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "AVG Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:\program files\avg\avg2012\avgse.dll"
+ "Eraser" "Eraser Shell Extension" "The Eraser Project" "c:\program files\eraser\eraser.shell.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "Eraser" "Eraser Shell Extension" "The Eraser Project" "c:\program files\eraser\eraser.shell.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "AVG Do Not Track" "TODO: <File description>" "AVG Technologies CZ, s.r.o." "c:\program files\avg\avg2012\avgdtiex.dll"
+ "AVG Safe Search" "Safe Search for Internet Explorer" "AVG Technologies CZ, s.r.o." "c:\program files\avg\avg2012\avgssie.dll"
+ "Google Toolbar Helper" "Google Toolbar" "Google Inc." "c:\program files\google\google toolbar\googletoolbar_32.dll"
+ "Google Toolbar Notifier BHO" "GoogleToolbarNotifier" "Google Inc." "c:\program files\google\googletoolbarnotifier\5.7.7725.1624\swg.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\ssv.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Google Toolbar" "Google Toolbar" "Google Inc." "c:\program files\google\google toolbar\googletoolbar_32.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "AVG Do Not Track" "TODO: <File description>" "AVG Technologies CZ, s.r.o." "c:\program files\avg\avg2012\avgdtiex.dll"
"Task Scheduler" "" "" ""
+ "\Adobe Flash Player Updater" "Adobe® Flash® Player Update Service 11.5 r502" "Adobe Systems Incorporated" "c:\windows\system32\macromed\flash\flashplayerupdateservice.exe"
+ "\Adobe online update program" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files\common files\adobe\arm\1.0\adobearm.exe"
+ "\Google Software Updater" "gusvc" "Google" "c:\program files\google\common\google updater\googleupdaterservice.exe"
+ "\GoogleUpdateTaskMachineCore" "Google Installer" "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskMachineUA" "Google Installer" "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "\Java Update Scheduler" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files\common files\java\java update\jusched.exe"
+ "\Microsoft\Windows Defender\MP Scheduled Scan" "Windows Defender Command Line Utility" "Microsoft Corporation" "c:\program files\windows defender\mpcmdrun.exe"
+ "\Microsoft\Windows Defender\MP Scheduled Signature Update" "Windows Defender Command Line Utility" "Microsoft Corporation" "c:\program files\windows defender\mpcmdrun.exe"
+ "\Microsoft\Windows\Wired\GatherWiredInfo" "" "" "c:\windows\system32\gatherwiredinfo.vbs"
+ "\Microsoft\Windows\Wireless\GatherWirelessInfo" "" "" "c:\windows\system32\gatherwirelessinfo.vbs"
+ "\VisualBeeRecovery" "" "" "File not found: C:\Users\Your"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\system32\macromed\flash\flashplayerupdateservice.exe"
+ "AVGIDSAgent" "Provides Identity Protection Against Cyber Crime." "AVG Technologies CZ, s.r.o." "c:\program files\avg\avg2012\avgidsagent.exe"
+ "avgwd" "AVG Watchdog Service" "AVG Technologies CZ, s.r.o." "c:\program files\avg\avg2012\avgwdsvc.exe"
+ "BecHelperService" "Enable Bec updates" "" "c:\program files\3 mobile broadband\3connect\bechelperservice.exe"
+ "GoogleDesktopManager-051210-111108" "Updates Google Desktop with the latest security fixes, enhancements and features. This service only runs occasionally and thus does not affect your computer's performance. If this service is stopped or disabled, Google Desktop may not function correctly." "Google" "c:\program files\google\google desktop search\googledesktop.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "gusvc" "Google Updater keeps your Google software up to date. If Google Updater Service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work." "Google" "c:\program files\google\common\google updater\googleupdaterservice.exe"
+ "MBAMScheduler" "Malwarebytes Anti-Malware scheduler" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamscheduler.exe"
+ "MBAMService" "Malwarebytes Anti-Malware service" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamservice.exe"
+ "MozillaMaintenance" "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled." "Mozilla Foundation" "c:\program files\mozilla maintenance service\maintenanceservice.exe"
+ "RalinkRegistryWriter" "RalinkRegistryWriter" "Ralink Technology, Corp." "c:\program files\ralink\common\raregistry.exe"
+ "RapportMgmtService" "Central Rapport Management and Monitoring Service" "Trusteer Ltd." "c:\program files\trusteer\rapport\bin\rapportmgmtservice.exe"
+ "Steam Client Service" "Steam Client Service monitors and updates Steam content" "Valve Corporation" "c:\program files\common files\steam\steamservice.exe"
+ "VMCService" "Detects mobile devices and manages applications that might otherwise conflict with Vodafone Mobile Connect (VMC). If this service is stopped, the VMC software will not work properly, as it will not be able to identify devices or manage conflicting applications." "Vodafone" "c:\program files\vodafone\vodafone mobile connect\bin\vmcservice.exe"
+ "WinDefend" "Scan your computer for unwanted software, schedule scans, and get the latest unwanted software definitions." "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "wltrysvc" "Provides automatic configuration for the 802.11 adapter using the Broadcom supplicant." "" "c:\windows\system32\wltrysvc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
+ "yksvc" "Service for Marvell® Yukon® Network Adapters" "Marvell" "c:\windows\system32\ykx32coinst.dll"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AVGIDSDriver" "AVG Technologies IDS Application Activity Monitor Driver" "AVG Technologies CZ, s.r.o. " "c:\windows\system32\drivers\avgidsdriverx.sys"
+ "AVGIDSFilter" "AVG Technologies IDS Application Activity Monitor Filter Driver" "AVG Technologies CZ, s.r.o. " "c:\windows\system32\drivers\avgidsfilterx.sys"
+ "AVGIDSHX" "AVG Technologies IDS Application Activity Monitor Helper Driver" "AVG Technologies CZ, s.r.o. " "c:\windows\system32\drivers\avgidshx.sys"
+ "AVGIDSShim" "AVG Technologies IDS Application Activity Monitor Shim Loader Driver" "AVG Technologies CZ, s.r.o. " "c:\windows\system32\drivers\avgidsshimx.sys"
+ "Avgldx86" "AVG AVI Loader Driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgldx86.sys"
+ "Avgmfx86" "AVG Resident Shield Minifilter Driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgmfx86.sys"
+ "Avgrkx86" "AVG Anti-Rootkit Driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgrkx86.sys"
+ "Avgtdix" "AVG Network connection watcher" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgtdix.sys"
+ "BCM42RLY" "Broadcom iLine10™ PCI Network Adapter Proxy Protocol Driver" "Broadcom Corporation" "c:\windows\system32\drivers\bcm42rly.sys"
+ "BCM43XX" "Broadcom 802.11 Network Adapter wireless driver" "Broadcom Corporation" "c:\windows\system32\drivers\bcmwl6.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "catchme" "" "" "File not found: C:\Users\YOURNA~1\AppData\Local\Temp\catchme.sys"
+ "E1G60" "Intel® PRO/1000 Adapter NDIS 6 deserialized driver" "Intel Corporation" "c:\windows\system32\drivers\e1g60i32.sys"
+ "ew_hwusbdev" "USB Modem/Serial Device Driver" "Huawei Technologies Co., Ltd." "c:\windows\system32\drivers\ew_hwusbdev.sys"
+ "ew_usbenumfilter" "Filter Driver" "Huawei Technologies Co., Ltd." "c:\windows\system32\drivers\ew_usbenumfilter.sys"
+ "ewusbnet" "USB NDIS Miniport Driver" "Huawei Technologies Co., Ltd." "c:\windows\system32\drivers\ewusbnet.sys"
+ "huawei_enumerator" "ew_jubusenum Driver" "Huawei Technologies Co., Ltd." "c:\windows\system32\drivers\ew_jubusenum.sys"
+ "hwdatacard" "USB Modem/Serial Device Driver" "Huawei Technologies Co., Ltd." "c:\windows\system32\drivers\ewusbmdm.sys"
+ "hwusbdev" "" "" "File not found: system32\DRIVERS\ewusbdev.sys"
+ "igfx" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdkmd32.sys"
+ "IpInIp" "IP in IP Tunnel Driver" "" "File not found: system32\DRIVERS\ipinip.sys"
+ "MBAMProtector" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\windows\system32\drivers\mbam.sys"
+ "netr28u" "Ralink 802.11n Wireless Adapter Driver" "Ralink Technology Corp." "c:\windows\system32\drivers\netr28u.sys"
+ "NwlnkFlt" "IPX Traffic Filter Driver" "" "File not found: system32\DRIVERS\nwlnkflt.sys"
+ "NwlnkFwd" "IPX Traffic Forwarder Driver" "" "File not found: system32\DRIVERS\nwlnkfwd.sys"
+ "RapportCerberus_43926" "" "" "c:\programdata\trusteer\rapport\store\exts\rapportcerberus\43926\rapportcerberus32_43926.sys"
+ "RapportEI" "RapportEI" "Trusteer Ltd." "c:\program files\trusteer\rapport\bin\rapportei.sys"
+ "RapportIaso" "RapportIaso" "Trusteer Ltd." "c:\programdata\trusteer\rapport\store\exts\rapportms\39624\rapportiaso.sys"
+ "RapportKELL" "RapportKE" "Trusteer Ltd." "c:\windows\system32\drivers\rapportkell.sys"
+ "RapportPG" "RapportPG" "Trusteer Ltd." "c:\program files\trusteer\rapport\bin\rapportpg.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "yukonwlh" "Miniport Driver for Marvell Yukon Ethernet Controller." "Marvell" "c:\windows\system32\drivers\yk60x86.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\system32\iccvid.dll"
+ "vidc.XVID" "" "" "c:\windows\system32\xvidvfw.dll"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "9x8Resize" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Allocator Fix" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Audio Destination" "WAVDest Filter (Sample)" "Microsoft Corporation" "c:\program files\google\google earth\client\wavdest.ax"
+ "Axis HTTP Multipart Source Filter" "AxisHTTPMPSrcFilter" "Axis Communications AB" "c:\windows\ipcamx\axis\axishttpmpsrcfilter.ax"
+ "AxisRTPSrcFilter" "AXIS RTP Source Filter" "Axis Communications" "c:\windows\ipcamx\axis\axisrtpsrcfilter.ax"
+ "Bitmap" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Bosch Overlay Filter" "Video SDK generic filters" "Bosch Security Systems B.V." "c:\windows\ipcamx\bosch\videosdk\directoverlay.ax"
+ "CameoMetaData Class" "Video SDK Cameo Control" "Bosch Security Systems B.V." "c:\windows\ipcamx\bosch\videosdk\cameo.dll"
+ "CameoOverlay Class" "Video SDK Cameo Control" "Bosch Security Systems B.V." "c:\windows\ipcamx\bosch\videosdk\cameo.dll"
+ "Camera Demultiplexor Filter" "Video SDK Divar filters" "Bosch Security Systems B.V." "c:\windows\ipcamx\bosch\videosdk\directdivar.ax"
+ "Camera Filter" "Video SDK Divar filters" "Bosch Security Systems B.V." "c:\windows\ipcamx\bosch\videosdk\directdivar.ax"
+ "Capture ASF Writer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Divar Decoder Filter" "Video SDK Divar filters" "Bosch Security Systems B.V." "c:\windows\ipcamx\bosch\videosdk\directdivar.ax"
+ "Divar Source Filter" "Video SDK Divar filters" "Bosch Security Systems B.V." "c:\windows\ipcamx\bosch\videosdk\directdivar.ax"
+ "Frame Eater" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "GCA Infinte Tee Filter" "Video SDK generic filters" "Bosch Security Systems B.V." "c:\windows\ipcamx\bosch\videosdk\directgca.ax"
+ "GCA Media Pipe Filter" "Video SDK generic filters" "Bosch Security Systems B.V." "c:\windows\ipcamx\bosch\videosdk\directgca.ax"
+ "GCA Media Reader Filter" "Video SDK generic filters" "Bosch Security Systems B.V." "c:\windows\ipcamx\bosch\videosdk\directgca.ax"
+ "GCA Media Writer Filter" "Video SDK generic filters" "Bosch Security Systems B.V." "c:\windows\ipcamx\bosch\videosdk\directgca.ax"
+ "Infinite Pin Tee" "Video SDK Divar filters" "Bosch Security Systems B.V." "c:\windows\ipcamx\bosch\videosdk\directdivar.ax"
+ "Multiple File Output" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Proxy Sink" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Proxy Source" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Record Queue" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "ShotDetect" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Stetch" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "VCS Trick Mode Filter" "Video SDK generic filters" "Bosch Security Systems B.V." "c:\windows\ipcamx\bosch\videosdk\trickmode.ax"
+ "Verint Video Solutions Audio Decoder Filter" "Verint Video Solutions Audio Decoder Filter" "Verint Video Solutions" "c:\windows\ipcamx\verint\vvsaudiodecoderfilter.ax"
+ "Verint Video Solutions Decoder Filter" "Verint Video Solutions Decoder Filter" "Verint Video Solutions" "c:\windows\ipcamx\verint\vvsdecoderfilter.ax"
+ "Verint Video Solutions Source" "Verint Video Solutions Source Filter" "Verint Video Solutions" "c:\windows\ipcamx\verint\vvssourcefilter.ax"
+ "Video over IP Network Sink" "Video SDK filters for VCS devices" "Bosch Security Systems B.V." "c:\windows\ipcamx\bosch\videosdk\directvip.ax"
+ "Video over IP Network Source" "Video SDK filters for VCS devices" "Bosch Security Systems B.V." "c:\windows\ipcamx\bosch\videosdk\directvip.ax"
+ "WM VIH2 Fix" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Audio Analyzer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Black Frame Generator" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DV Extract Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT FormatConversion" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Import Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Interlacer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Log Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT MuxDeMux Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Sample Info Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Switch Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Renderer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Source" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Volume" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Xvid MPEG-4 Video Decoder" "" "" "c:\windows\system32\xvid.ax"
"HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute" "" "" ""
+ "C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart" "AVG Resident Shield Service" "AVG Technologies CZ, s.r.o." "c:\program files\avg\avg2012\avgrsx.exe"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "igfxcui" "igfxdev Module" "Intel Corporation" "c:\windows\system32\igfxdev.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order" "" "" ""
+ "BCMLogon" "Dell Wireless WLAN Card Logon Provider" "Dell Inc." "c:\windows\system32\bcmlogon.dll"
"C:\Users\Your Name\AppData\Local\Microsoft\Windows Sidebar\Settings.ini" "" "" ""
+ "Clock" "Watch the clock in your own time zone or any city in the world." "Microsoft Corporation" "C:\Program Files\windows sidebar\gadgets\Clock.gadget\en-us\Gadget.xml"

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:57 AM

Posted 07 December 2012 - 01:35 AM

Any current issues?

#9 knigtbird

knigtbird
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:57 AM

Posted 07 December 2012 - 04:37 AM

When trying to 'Change startup programs' I still get this pop up message from windows defender 'Application failed to initialise: 0x800106ba. A problem caused this device to stop.'

Apart from that; 'Incredibar' seems to have been finally flushed out of the system. Thank you very much indeed for your help. I'm truly grateful :)

Edited by knigtbird, 07 December 2012 - 04:55 AM.


#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:57 AM

Posted 09 December 2012 - 12:30 PM

You can uncheck windows defender from startup.You have AVG which is disabling the windows defender

That looks good

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users