Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Strong Vault is taking over my computer


  • Please log in to reply
9 replies to this topic

#1 jaguiar45

jaguiar45

  • Members
  • 60 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California, USA
  • Local time:11:07 PM

Posted 01 February 2013 - 05:09 PM

I tried to find a picture resizer and downloaded an image resizer and (I have WinPatrol) WinPatrol kept coming up saying all kinds of things are wanting to run at startup and so I went into safe mode and MBAM found 8 things PUP.software... (couldn't read all of it) and restarted and the home page is now Bing and Strong Vault is still there and don't know what to do, could someone please help. Thanks, John

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:07 AM

Posted 01 February 2013 - 05:33 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 jaguiar45

jaguiar45
  • Topic Starter

  • Members
  • 60 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California, USA
  • Local time:11:07 PM

Posted 01 February 2013 - 06:35 PM

Thanks for responding so fast!
Here is the TDSS Log:

14:56:06.0778 6052 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
14:56:07.0788 6052 ============================================================
14:56:07.0789 6052 Current date / time: 2013/02/01 14:56:07.0788
14:56:07.0789 6052 SystemInfo:
14:56:07.0789 6052
14:56:07.0791 6052 OS Version: 6.1.7601 ServicePack: 1.0
14:56:07.0791 6052 Product type: Workstation
14:56:07.0791 6052 ComputerName: JOHN-PC
14:56:07.0813 6052 UserName: John
14:56:07.0813 6052 Windows directory: C:\Windows
14:56:07.0813 6052 System windows directory: C:\Windows
14:56:07.0813 6052 Processor architecture: Intel x86
14:56:07.0813 6052 Number of processors: 2
14:56:07.0813 6052 Page size: 0x1000
14:56:07.0813 6052 Boot type: Normal boot
14:56:07.0813 6052 ============================================================
14:56:10.0699 6052 Drive \Device\Harddisk0\DR0 - Size: 0x2E93E36000 (186.31 Gb), SectorSize: 0x200, Cylinders: 0x64F1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000050
14:56:11.0248 6052 ============================================================
14:56:11.0248 6052 \Device\Harddisk0\DR0:
14:56:11.0286 6052 MBR partitions:
14:56:11.0286 6052 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x17499EC1
14:56:11.0286 6052 ============================================================
14:56:11.0525 6052 C: <-> \Device\Harddisk0\DR0\Partition1
14:56:11.0525 6052 ============================================================
14:56:11.0525 6052 Initialize success
14:56:11.0525 6052 ============================================================
14:57:53.0041 5872 ============================================================
14:57:53.0041 5872 Scan started
14:57:53.0041 5872 Mode: Manual; TDLFS;
14:57:53.0041 5872 ============================================================
14:57:54.0120 5872 ================ Scan system memory ========================
14:57:54.0124 5872 System memory - ok
14:57:54.0125 5872 ================ Scan services =============================
14:57:54.0249 5872 [ 01E81C84AD1D0ACC61CF3CFD06632210 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
14:57:54.0252 5872 !SASCORE - ok
14:57:54.0409 5872 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
14:57:54.0413 5872 1394ohci - ok
14:57:54.0437 5872 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
14:57:54.0441 5872 ACPI - ok
14:57:54.0466 5872 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
14:57:54.0469 5872 AcpiPmi - ok
14:57:54.0498 5872 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
14:57:54.0504 5872 adp94xx - ok
14:57:54.0539 5872 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\drivers\adpahci.sys
14:57:54.0543 5872 adpahci - ok
14:57:54.0574 5872 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
14:57:54.0577 5872 adpu320 - ok
14:57:54.0617 5872 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
14:57:54.0623 5872 AeLookupSvc - ok
14:57:54.0659 5872 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
14:57:54.0664 5872 AFD - ok
14:57:54.0684 5872 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
14:57:54.0693 5872 agp440 - ok
14:57:54.0722 5872 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
14:57:54.0725 5872 aic78xx - ok
14:57:54.0749 5872 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
14:57:54.0753 5872 ALG - ok
14:57:54.0770 5872 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
14:57:54.0772 5872 aliide - ok
14:57:54.0790 5872 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
14:57:54.0792 5872 amdagp - ok
14:57:54.0806 5872 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
14:57:54.0808 5872 amdide - ok
14:57:54.0828 5872 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
14:57:54.0831 5872 AmdK8 - ok
14:57:54.0843 5872 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
14:57:54.0846 5872 AmdPPM - ok
14:57:54.0881 5872 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
14:57:54.0888 5872 amdsata - ok
14:57:54.0908 5872 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
14:57:54.0912 5872 amdsbs - ok
14:57:54.0935 5872 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
14:57:54.0938 5872 amdxata - ok
14:57:54.0958 5872 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
14:57:54.0960 5872 AppID - ok
14:57:54.0987 5872 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
14:57:54.0990 5872 AppIDSvc - ok
14:57:55.0003 5872 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
14:57:55.0006 5872 Appinfo - ok
14:57:55.0025 5872 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
14:57:55.0029 5872 AppMgmt - ok
14:57:55.0054 5872 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\drivers\arc.sys
14:57:55.0056 5872 arc - ok
14:57:55.0082 5872 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\drivers\arcsas.sys
14:57:55.0087 5872 arcsas - ok
14:57:55.0121 5872 [ DE6ED95AEF259979B2830450072A627B ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
14:57:55.0123 5872 aswFsBlk - ok
14:57:55.0141 5872 [ 62F9DCEC95F91B8E0203E85D344A7E65 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
14:57:55.0144 5872 aswMonFlt - ok
14:57:55.0171 5872 [ 81F638A2DD94ABBF0B43880AB38D8DBD ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
14:57:55.0173 5872 aswRdr - ok
14:57:55.0226 5872 [ B32E9AD44A1DBB3E8095E80F8DF32B03 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
14:57:55.0238 5872 aswSnx - ok
14:57:55.0266 5872 [ 67B558895695545FB0568B7541F3BCA7 ] aswSP C:\Windows\system32\drivers\aswSP.sys
14:57:55.0272 5872 aswSP - ok
14:57:55.0293 5872 [ E3E73B2B73A4DFADFDDF557192C4B08A ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
14:57:55.0295 5872 aswTdi - ok
14:57:55.0325 5872 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
14:57:55.0330 5872 AsyncMac - ok
14:57:55.0353 5872 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
14:57:55.0356 5872 atapi - ok
14:57:55.0400 5872 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:57:55.0407 5872 AudioEndpointBuilder - ok
14:57:55.0426 5872 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
14:57:55.0433 5872 Audiosrv - ok
14:57:55.0495 5872 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
14:57:55.0498 5872 avast! Antivirus - ok
14:57:55.0523 5872 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
14:57:55.0526 5872 AxInstSV - ok
14:57:55.0572 5872 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\drivers\bxvbdx.sys
14:57:55.0578 5872 b06bdrv - ok
14:57:55.0606 5872 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
14:57:55.0610 5872 b57nd60x - ok
14:57:55.0632 5872 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
14:57:55.0636 5872 BDESVC - ok
14:57:55.0656 5872 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
14:57:55.0659 5872 Beep - ok
14:57:55.0693 5872 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
14:57:55.0700 5872 BFE - ok
14:57:55.0750 5872 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
14:57:55.0772 5872 BITS - ok
14:57:55.0788 5872 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
14:57:55.0790 5872 blbdrive - ok
14:57:55.0822 5872 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
14:57:55.0825 5872 bowser - ok
14:57:55.0847 5872 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
14:57:55.0849 5872 BrFiltLo - ok
14:57:55.0873 5872 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
14:57:55.0875 5872 BrFiltUp - ok
14:57:55.0916 5872 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
14:57:55.0920 5872 Browser - ok
14:57:55.0946 5872 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
14:57:55.0950 5872 Brserid - ok
14:57:55.0973 5872 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
14:57:55.0976 5872 BrSerWdm - ok
14:57:55.0995 5872 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
14:57:55.0997 5872 BrUsbMdm - ok
14:57:56.0014 5872 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
14:57:56.0016 5872 BrUsbSer - ok
14:57:56.0037 5872 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
14:57:56.0040 5872 BTHMODEM - ok
14:57:56.0076 5872 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
14:57:56.0080 5872 bthserv - ok
14:57:56.0098 5872 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
14:57:56.0101 5872 cdfs - ok
14:57:56.0119 5872 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
14:57:56.0122 5872 cdrom - ok
14:57:56.0143 5872 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
14:57:56.0155 5872 CertPropSvc - ok
14:57:56.0165 5872 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\drivers\circlass.sys
14:57:56.0168 5872 circlass - ok
14:57:56.0205 5872 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
14:57:56.0210 5872 CLFS - ok
14:57:56.0273 5872 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:57:56.0277 5872 clr_optimization_v2.0.50727_32 - ok
14:57:56.0336 5872 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:57:56.0339 5872 clr_optimization_v4.0.30319_32 - ok
14:57:56.0363 5872 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
14:57:56.0365 5872 CmBatt - ok
14:57:56.0383 5872 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
14:57:56.0385 5872 cmdide - ok
14:57:56.0427 5872 [ 42F158036BD4C2FF3122BF142E60E6FD ] CNG C:\Windows\system32\Drivers\cng.sys
14:57:56.0432 5872 CNG - ok
14:57:56.0449 5872 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\drivers\compbatt.sys
14:57:56.0458 5872 Compbatt - ok
14:57:56.0477 5872 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
14:57:56.0480 5872 CompositeBus - ok
14:57:56.0492 5872 COMSysApp - ok
14:57:56.0513 5872 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
14:57:56.0515 5872 crcdisk - ok
14:57:56.0555 5872 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\Windows\system32\cryptsvc.dll
14:57:56.0559 5872 CryptSvc - ok
14:57:56.0593 5872 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys
14:57:56.0599 5872 CSC - ok
14:57:56.0644 5872 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll
14:57:56.0653 5872 CscService - ok
14:57:56.0695 5872 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
14:57:56.0714 5872 DcomLaunch - ok
14:57:56.0751 5872 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
14:57:56.0757 5872 defragsvc - ok
14:57:56.0780 5872 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
14:57:56.0783 5872 DfsC - ok
14:57:56.0814 5872 dgderdrv - ok
14:57:56.0841 5872 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
14:57:56.0848 5872 Dhcp - ok
14:57:56.0867 5872 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
14:57:56.0870 5872 discache - ok
14:57:56.0896 5872 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\drivers\disk.sys
14:57:56.0898 5872 Disk - ok
14:57:56.0916 5872 [ 2A958EF85DB1B61FFCA65044FA4BCE9E ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
14:57:56.0917 5872 dmvsc - ok
14:57:56.0943 5872 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
14:57:56.0949 5872 Dnscache - ok
14:57:56.0966 5872 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
14:57:56.0976 5872 dot3svc - ok
14:57:57.0015 5872 [ B5E479EB83707DD698F66953E922042C ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
14:57:57.0021 5872 Dot4 - ok
14:57:57.0046 5872 [ CAEFD09B6A6249C53A67D55A9A9FCABF ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
14:57:57.0048 5872 Dot4Print - ok
14:57:57.0075 5872 [ CF491FF38D62143203C065260567E2F7 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
14:57:57.0078 5872 dot4usb - ok
14:57:57.0115 5872 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
14:57:57.0121 5872 DPS - ok
14:57:57.0147 5872 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
14:57:57.0150 5872 drmkaud - ok
14:57:57.0208 5872 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
14:57:57.0218 5872 DXGKrnl - ok
14:57:57.0237 5872 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
14:57:57.0243 5872 EapHost - ok
14:57:57.0374 5872 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\drivers\evbdx.sys
14:57:57.0407 5872 ebdrv - ok
14:57:57.0441 5872 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
14:57:57.0451 5872 EFS - ok
14:57:57.0522 5872 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
14:57:57.0529 5872 ehRecvr - ok
14:57:57.0548 5872 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
14:57:57.0552 5872 ehSched - ok
14:57:57.0587 5872 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\drivers\elxstor.sys
14:57:57.0594 5872 elxstor - ok
14:57:57.0620 5872 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
14:57:57.0623 5872 ErrDev - ok
14:57:57.0686 5872 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
14:57:57.0694 5872 EventSystem - ok
14:57:57.0722 5872 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
14:57:57.0726 5872 exfat - ok
14:57:57.0743 5872 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
14:57:57.0747 5872 fastfat - ok
14:57:57.0784 5872 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
14:57:57.0795 5872 Fax - ok
14:57:57.0820 5872 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\drivers\fdc.sys
14:57:57.0822 5872 fdc - ok
14:57:57.0839 5872 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
14:57:57.0845 5872 fdPHost - ok
14:57:57.0862 5872 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
14:57:57.0872 5872 FDResPub - ok
14:57:57.0887 5872 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
14:57:57.0890 5872 FileInfo - ok
14:57:57.0910 5872 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
14:57:57.0912 5872 Filetrace - ok
14:57:57.0936 5872 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
14:57:57.0938 5872 flpydisk - ok
14:57:57.0963 5872 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
14:57:57.0972 5872 FltMgr - ok
14:57:58.0028 5872 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
14:57:58.0041 5872 FontCache - ok
14:57:58.0095 5872 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
14:57:58.0098 5872 FontCache3.0.0.0 - ok
14:57:58.0120 5872 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
14:57:58.0123 5872 FsDepends - ok
14:57:58.0153 5872 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
14:57:58.0156 5872 Fs_Rec - ok
14:57:58.0171 5872 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
14:57:58.0175 5872 fvevol - ok
14:57:58.0203 5872 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
14:57:58.0206 5872 gagp30kx - ok
14:57:58.0252 5872 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
14:57:58.0263 5872 gpsvc - ok
14:57:58.0289 5872 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
14:57:58.0292 5872 hcw85cir - ok
14:57:58.0357 5872 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:57:58.0366 5872 HdAudAddService - ok
14:57:58.0383 5872 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
14:57:58.0388 5872 HDAudBus - ok
14:57:58.0412 5872 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
14:57:58.0416 5872 HidBatt - ok
14:57:58.0437 5872 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\drivers\hidbth.sys
14:57:58.0442 5872 HidBth - ok
14:57:58.0461 5872 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\drivers\hidir.sys
14:57:58.0465 5872 HidIr - ok
14:57:58.0490 5872 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
14:57:58.0498 5872 hidserv - ok
14:57:58.0533 5872 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
14:57:58.0537 5872 HidUsb - ok
14:57:58.0559 5872 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
14:57:58.0568 5872 hkmsvc - ok
14:57:58.0588 5872 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:57:58.0600 5872 HomeGroupListener - ok
14:57:58.0631 5872 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:57:58.0646 5872 HomeGroupProvider - ok
14:57:58.0721 5872 [ 13BB1114451C63BFB41BA7DAA4D70A29 ] HP Support Assistant Service C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe
14:57:58.0724 5872 HP Support Assistant Service - ok
14:57:58.0740 5872 [ BCC4A8B2E2E902F52E7F2E7D8E125765 ] HPDrvMntSvc.exe C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
14:57:58.0744 5872 HPDrvMntSvc.exe - ok
14:57:58.0819 5872 [ 1DAE5C46D42B02A6D5862E1482EFB390 ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
14:57:58.0825 5872 hpqcxs08 - ok
14:57:58.0856 5872 [ 99E8EEF42FE2F4AF29B08C3355DD7685 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
14:57:58.0859 5872 hpqddsvc - ok
14:57:58.0908 5872 [ EC9739A46F1F83C6E52A7A4697F44A65 ] hpqwmiex C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
14:57:58.0919 5872 hpqwmiex - ok
14:57:58.0948 5872 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
14:57:58.0956 5872 HpSAMD - ok
14:57:58.0996 5872 HPSLPSVC - ok
14:57:59.0037 5872 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
14:57:59.0049 5872 HTTP - ok
14:57:59.0063 5872 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
14:57:59.0071 5872 hwpolicy - ok
14:57:59.0097 5872 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
14:57:59.0102 5872 i8042prt - ok
14:57:59.0141 5872 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
14:57:59.0153 5872 iaStorV - ok
14:57:59.0243 5872 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
14:57:59.0278 5872 idsvc - ok
14:57:59.0306 5872 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\drivers\iirsp.sys
14:57:59.0310 5872 iirsp - ok
14:57:59.0397 5872 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
14:57:59.0429 5872 IKEEXT - ok
14:57:59.0461 5872 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
14:57:59.0466 5872 intelide - ok
14:57:59.0483 5872 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
14:57:59.0486 5872 intelppm - ok
14:57:59.0514 5872 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
14:57:59.0530 5872 IPBusEnum - ok
14:57:59.0553 5872 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:57:59.0557 5872 IpFilterDriver - ok
14:57:59.0616 5872 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
14:57:59.0627 5872 iphlpsvc - ok
14:57:59.0657 5872 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
14:57:59.0662 5872 IPMIDRV - ok
14:57:59.0683 5872 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
14:57:59.0688 5872 IPNAT - ok
14:57:59.0720 5872 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
14:57:59.0724 5872 IRENUM - ok
14:57:59.0748 5872 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
14:57:59.0751 5872 isapnp - ok
14:57:59.0806 5872 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
14:57:59.0814 5872 iScsiPrt - ok
14:57:59.0835 5872 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
14:57:59.0839 5872 kbdclass - ok
14:57:59.0869 5872 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
14:57:59.0873 5872 kbdhid - ok
14:57:59.0890 5872 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
14:57:59.0898 5872 KeyIso - ok
14:57:59.0929 5872 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
14:57:59.0939 5872 KSecDD - ok
14:57:59.0965 5872 [ 5FE1ABF1AF591A3458C9CF24ED9A4D35 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
14:57:59.0972 5872 KSecPkg - ok
14:58:00.0013 5872 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
14:58:00.0027 5872 KtmRm - ok
14:58:00.0059 5872 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
14:58:00.0077 5872 LanmanServer - ok
14:58:00.0110 5872 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:58:00.0133 5872 LanmanWorkstation - ok
14:58:00.0194 5872 [ B1E1C8BB1392537E4D415FCDCB93B1D3 ] LightScribeService c:\Program Files\Common Files\LightScribe\LSSrvc.exe
14:58:00.0197 5872 LightScribeService - ok
14:58:00.0212 5872 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
14:58:00.0219 5872 lltdio - ok
14:58:00.0249 5872 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
14:58:00.0263 5872 lltdsvc - ok
14:58:00.0278 5872 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
14:58:00.0287 5872 lmhosts - ok
14:58:00.0340 5872 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
14:58:00.0369 5872 LSI_FC - ok
14:58:00.0386 5872 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
14:58:00.0391 5872 LSI_SAS - ok
14:58:00.0419 5872 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
14:58:00.0423 5872 LSI_SAS2 - ok
14:58:00.0454 5872 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
14:58:00.0458 5872 LSI_SCSI - ok
14:58:00.0488 5872 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
14:58:00.0493 5872 luafv - ok
14:58:00.0537 5872 [ D6767D36902E4B9F9EBB2DDD3BBF1A35 ] mbamchameleon C:\Windows\system32\drivers\mbamchameleon.sys
14:58:00.0540 5872 mbamchameleon - ok
14:58:00.0579 5872 [ E2C05F90946234B77499CC056591EDB7 ] mbamswissarmy C:\Windows\system32\drivers\mbamswissarmy.sys
14:58:00.0585 5872 mbamswissarmy - ok
14:58:00.0631 5872 [ E6CB119EF2E148EAA1A247343550756E ] McciCMService C:\Program Files\Common Files\Motive\McciCMService.exe
14:58:00.0638 5872 McciCMService - ok
14:58:00.0671 5872 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
14:58:00.0680 5872 Mcx2Svc - ok
14:58:00.0702 5872 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\drivers\megasas.sys
14:58:00.0706 5872 megasas - ok
14:58:00.0736 5872 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
14:58:00.0743 5872 MegaSR - ok
14:58:00.0774 5872 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
14:58:00.0786 5872 MMCSS - ok
14:58:00.0805 5872 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
14:58:00.0808 5872 Modem - ok
14:58:00.0836 5872 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
14:58:00.0839 5872 monitor - ok
14:58:00.0859 5872 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
14:58:00.0863 5872 mouclass - ok
14:58:00.0879 5872 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
14:58:00.0885 5872 mouhid - ok
14:58:00.0908 5872 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
14:58:00.0912 5872 mountmgr - ok
14:58:00.0947 5872 [ 0E984C9D23342F33B7B855BE79FBA358 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
14:58:00.0953 5872 MozillaMaintenance - ok
14:58:00.0977 5872 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
14:58:00.0983 5872 mpio - ok
14:58:01.0003 5872 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
14:58:01.0008 5872 mpsdrv - ok
14:58:01.0047 5872 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
14:58:01.0074 5872 MpsSvc - ok
14:58:01.0112 5872 [ 9BD4DCB5412921864A7AACDEDFBD1923 ] MREMP50 C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
14:58:01.0114 5872 MREMP50 - ok
14:58:01.0126 5872 MREMPR5 - ok
14:58:01.0141 5872 MRENDIS5 - ok
14:58:01.0162 5872 [ 07C02C892E8E1A72D6BF35004F0E9C5E ] MRESP50 C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
14:58:01.0165 5872 MRESP50 - ok
14:58:01.0191 5872 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
14:58:01.0197 5872 MRxDAV - ok
14:58:01.0233 5872 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
14:58:01.0239 5872 mrxsmb - ok
14:58:01.0276 5872 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:58:01.0287 5872 mrxsmb10 - ok
14:58:01.0307 5872 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:58:01.0338 5872 mrxsmb20 - ok
14:58:01.0360 5872 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
14:58:01.0364 5872 msahci - ok
14:58:01.0387 5872 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
14:58:01.0392 5872 msdsm - ok
14:58:01.0413 5872 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\system32\msdtc.exe
14:58:01.0427 5872 MSDTC - ok
14:58:01.0473 5872 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
14:58:01.0477 5872 Msfs - ok
14:58:01.0495 5872 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
14:58:01.0498 5872 mshidkmdf - ok
14:58:01.0530 5872 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
14:58:01.0536 5872 msisadrv - ok
14:58:01.0567 5872 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
14:58:01.0577 5872 MSiSCSI - ok
14:58:01.0588 5872 msiserver - ok
14:58:01.0613 5872 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
14:58:01.0620 5872 MSKSSRV - ok
14:58:01.0634 5872 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
14:58:01.0638 5872 MSPCLOCK - ok
14:58:01.0654 5872 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
14:58:01.0658 5872 MSPQM - ok
14:58:01.0706 5872 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
14:58:01.0713 5872 MsRPC - ok
14:58:01.0772 5872 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
14:58:01.0775 5872 mssmbios - ok
14:58:01.0803 5872 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
14:58:01.0846 5872 MSTEE - ok
14:58:01.0941 5872 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
14:58:01.0968 5872 MTConfig - ok
14:58:02.0025 5872 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
14:58:02.0092 5872 Mup - ok
14:58:02.0167 5872 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
14:58:02.0185 5872 napagent - ok
14:58:02.0220 5872 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
14:58:02.0229 5872 NativeWifiP - ok
14:58:02.0310 5872 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
14:58:02.0357 5872 NDIS - ok
14:58:02.0380 5872 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
14:58:02.0389 5872 NdisCap - ok
14:58:02.0407 5872 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
14:58:02.0411 5872 NdisTapi - ok
14:58:02.0434 5872 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
14:58:02.0438 5872 Ndisuio - ok
14:58:02.0457 5872 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
14:58:02.0462 5872 NdisWan - ok
14:58:02.0479 5872 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
14:58:02.0488 5872 NDProxy - ok
14:58:02.0520 5872 [ A081CB6FB9A12668F233EB5414BE3A0E ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
14:58:02.0529 5872 Net Driver HPZ12 - ok
14:58:02.0554 5872 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
14:58:02.0560 5872 NetBIOS - ok
14:58:02.0588 5872 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
14:58:02.0599 5872 NetBT - ok
14:58:02.0617 5872 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
14:58:02.0625 5872 Netlogon - ok
14:58:02.0666 5872 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
14:58:02.0687 5872 Netman - ok
14:58:02.0713 5872 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
14:58:02.0731 5872 netprofm - ok
14:58:02.0754 5872 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:58:02.0757 5872 NetTcpPortSharing - ok
14:58:02.0781 5872 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
14:58:02.0786 5872 nfrd960 - ok
14:58:02.0821 5872 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\Windows\System32\nlasvc.dll
14:58:02.0834 5872 NlaSvc - ok
14:58:02.0851 5872 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
14:58:02.0856 5872 Npfs - ok
14:58:02.0875 5872 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
14:58:02.0888 5872 nsi - ok
14:58:02.0906 5872 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
14:58:02.0910 5872 nsiproxy - ok
14:58:02.0984 5872 [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
14:58:03.0020 5872 Ntfs - ok
14:58:03.0043 5872 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
14:58:03.0047 5872 Null - ok
14:58:03.0436 5872 [ AFB33A823AABC112FC7BD62AFBCDB0CD ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
14:58:03.0547 5872 nvlddmkm - ok
14:58:03.0584 5872 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
14:58:03.0590 5872 nvraid - ok
14:58:03.0619 5872 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
14:58:03.0625 5872 nvstor - ok
14:58:03.0688 5872 [ 782945716AD010AC3D41758E8E52C735 ] nvsvc C:\Windows\system32\nvvsvc.exe
14:58:03.0718 5872 nvsvc - ok
14:58:03.0812 5872 [ A974E5C310B9B00894070CEB055D467F ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
14:58:03.0826 5872 nvUpdatusService - ok
14:58:03.0850 5872 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
14:58:03.0855 5872 nv_agp - ok
14:58:03.0884 5872 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
14:58:03.0889 5872 ohci1394 - ok
14:58:03.0930 5872 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
14:58:03.0943 5872 p2pimsvc - ok
14:58:03.0983 5872 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
14:58:03.0998 5872 p2psvc - ok
14:58:04.0012 5872 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
14:58:04.0018 5872 Parport - ok
14:58:04.0046 5872 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
14:58:04.0052 5872 partmgr - ok
14:58:04.0072 5872 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
14:58:04.0080 5872 Parvdm - ok
14:58:04.0124 5872 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
14:58:04.0137 5872 PcaSvc - ok
14:58:04.0161 5872 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
14:58:04.0168 5872 pci - ok
14:58:04.0184 5872 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
14:58:04.0188 5872 pciide - ok
14:58:04.0228 5872 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
14:58:04.0235 5872 pcmcia - ok
14:58:04.0256 5872 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
14:58:04.0260 5872 pcw - ok
14:58:04.0305 5872 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
14:58:04.0318 5872 PEAUTH - ok
14:58:04.0385 5872 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
14:58:04.0422 5872 PeerDistSvc - ok
14:58:04.0508 5872 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
14:58:04.0538 5872 pla - ok
14:58:04.0591 5872 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
14:58:04.0610 5872 PlugPlay - ok
14:58:04.0637 5872 [ 65BC271F337637731D3C71455AE1F476 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
14:58:04.0645 5872 Pml Driver HPZ12 - ok
14:58:04.0661 5872 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
14:58:04.0674 5872 PNRPAutoReg - ok
14:58:04.0697 5872 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
14:58:04.0709 5872 PNRPsvc - ok
14:58:04.0756 5872 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:58:04.0769 5872 PolicyAgent - ok
14:58:04.0823 5872 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
14:58:04.0838 5872 Power - ok
14:58:04.0871 5872 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:58:04.0875 5872 PptpMiniport - ok
14:58:04.0903 5872 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\drivers\processr.sys
14:58:04.0909 5872 Processor - ok
14:58:04.0943 5872 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
14:58:04.0957 5872 ProfSvc - ok
14:58:04.0972 5872 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:58:04.0983 5872 ProtectedStorage - ok
14:58:05.0004 5872 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
14:58:05.0009 5872 Psched - ok
14:58:05.0072 5872 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
14:58:05.0117 5872 ql2300 - ok
14:58:05.0142 5872 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
14:58:05.0148 5872 ql40xx - ok
14:58:05.0184 5872 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
14:58:05.0199 5872 QWAVE - ok
14:58:05.0218 5872 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:58:05.0223 5872 QWAVEdrv - ok
14:58:05.0242 5872 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:58:05.0246 5872 RasAcd - ok
14:58:05.0276 5872 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
14:58:05.0279 5872 RasAgileVpn - ok
14:58:05.0294 5872 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
14:58:05.0307 5872 RasAuto - ok
14:58:05.0353 5872 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:58:05.0358 5872 Rasl2tp - ok
14:58:05.0385 5872 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
14:58:05.0403 5872 RasMan - ok
14:58:05.0422 5872 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:58:05.0427 5872 RasPppoe - ok
14:58:05.0440 5872 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
14:58:05.0445 5872 RasSstp - ok
14:58:05.0467 5872 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:58:05.0475 5872 rdbss - ok
14:58:05.0489 5872 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
14:58:05.0493 5872 rdpbus - ok
14:58:05.0513 5872 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
14:58:05.0521 5872 RDPCDD - ok
14:58:05.0550 5872 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
14:58:05.0556 5872 RDPDR - ok
14:58:05.0576 5872 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
14:58:05.0580 5872 RDPENCDD - ok
14:58:05.0597 5872 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
14:58:05.0601 5872 RDPREFMP - ok
14:58:05.0639 5872 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
14:58:05.0646 5872 RDPWD - ok
14:58:05.0670 5872 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
14:58:05.0677 5872 rdyboost - ok
14:58:05.0722 5872 [ 1B89CF5B5C12F5DA383DFFFD4F3D6667 ] RealNetworks Downloader Resolver Service C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
14:58:05.0724 5872 RealNetworks Downloader Resolver Service - ok
14:58:05.0756 5872 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
14:58:05.0766 5872 RemoteAccess - ok
14:58:05.0798 5872 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:58:05.0813 5872 RemoteRegistry - ok
14:58:05.0836 5872 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
14:58:05.0851 5872 RpcEptMapper - ok
14:58:05.0894 5872 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
14:58:05.0903 5872 RpcLocator - ok
14:58:05.0925 5872 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
14:58:05.0939 5872 RpcSs - ok
14:58:05.0958 5872 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:58:05.0963 5872 rspndr - ok
14:58:05.0994 5872 [ 166911EADA13CD34DD8F8C667707BE94 ] RTL8023xp C:\Windows\system32\DRIVERS\Rtnicxp.sys
14:58:05.0999 5872 RTL8023xp - ok
14:58:06.0024 5872 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
14:58:06.0027 5872 s3cap - ok
14:58:06.0049 5872 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
14:58:06.0057 5872 SamSs - ok
14:58:06.0115 5872 [ 39763504067962108505BFF25F024345 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
14:58:06.0118 5872 SASDIFSV - ok
14:58:06.0129 5872 [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
14:58:06.0135 5872 SASKUTIL - ok
14:58:06.0156 5872 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
14:58:06.0161 5872 sbp2port - ok
14:58:06.0182 5872 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
14:58:06.0198 5872 SCardSvr - ok
14:58:06.0218 5872 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
14:58:06.0223 5872 scfilter - ok
14:58:06.0280 5872 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
14:58:06.0305 5872 Schedule - ok
14:58:06.0379 5872 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
14:58:06.0385 5872 SCPolicySvc - ok
14:58:06.0406 5872 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
14:58:06.0423 5872 SDRSVC - ok
14:58:06.0455 5872 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
14:58:06.0458 5872 secdrv - ok
14:58:06.0477 5872 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
14:58:06.0490 5872 seclogon - ok
14:58:06.0507 5872 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
14:58:06.0525 5872 SENS - ok
14:58:06.0540 5872 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
14:58:06.0552 5872 SensrSvc - ok
14:58:06.0568 5872 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\drivers\serenum.sys
14:58:06.0572 5872 Serenum - ok
14:58:06.0600 5872 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\drivers\serial.sys
14:58:06.0605 5872 Serial - ok
14:58:06.0630 5872 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\drivers\sermouse.sys
14:58:06.0635 5872 sermouse - ok
14:58:06.0680 5872 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
14:58:06.0694 5872 SessionEnv - ok
14:58:06.0726 5872 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
14:58:06.0730 5872 sffdisk - ok
14:58:06.0750 5872 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
14:58:06.0753 5872 sffp_mmc - ok
14:58:06.0767 5872 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
14:58:06.0771 5872 sffp_sd - ok
14:58:06.0790 5872 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
14:58:06.0793 5872 sfloppy - ok
14:58:06.0846 5872 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
14:58:06.0863 5872 SharedAccess - ok
14:58:06.0887 5872 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:58:06.0906 5872 ShellHWDetection - ok
14:58:06.0931 5872 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
14:58:06.0936 5872 sisagp - ok
14:58:06.0958 5872 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
14:58:06.0961 5872 SiSRaid2 - ok
14:58:06.0982 5872 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
14:58:06.0988 5872 SiSRaid4 - ok
14:58:07.0016 5872 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
14:58:07.0021 5872 Smb - ok
14:58:07.0057 5872 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
14:58:07.0070 5872 SNMPTRAP - ok
14:58:07.0090 5872 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
14:58:07.0094 5872 spldr - ok
14:58:07.0133 5872 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
14:58:07.0159 5872 Spooler - ok
14:58:07.0541 5872 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
14:58:07.0654 5872 sppsvc - ok
14:58:07.0692 5872 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
14:58:07.0706 5872 sppuinotify - ok
14:58:07.0744 5872 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
14:58:07.0753 5872 srv - ok
14:58:07.0785 5872 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:58:07.0794 5872 srv2 - ok
14:58:07.0811 5872 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:58:07.0819 5872 srvnet - ok
14:58:07.0841 5872 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:58:07.0859 5872 SSDPSRV - ok
14:58:07.0885 5872 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
14:58:07.0903 5872 SstpSvc - ok
14:58:07.0957 5872 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\drivers\stexstor.sys
14:58:07.0960 5872 stexstor - ok
14:58:08.0016 5872 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
14:58:08.0035 5872 StiSvc - ok
14:58:08.0060 5872 [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
14:58:08.0069 5872 storflt - ok
14:58:08.0091 5872 [ 0BF669F0A910BEDA4A32258D363AF2A5 ] StorSvc C:\Windows\system32\storsvc.dll
14:58:08.0108 5872 StorSvc - ok
14:58:08.0125 5872 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys
14:58:08.0128 5872 storvsc - ok
14:58:08.0162 5872 [ 2AA2D356CB735CD3CCA9F671BD75C9B5 ] SWDUMon C:\Windows\system32\DRIVERS\SWDUMon.sys
14:58:08.0166 5872 SWDUMon - ok
14:58:08.0192 5872 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
14:58:08.0199 5872 swenum - ok
14:58:08.0234 5872 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
14:58:08.0252 5872 swprv - ok
14:58:08.0334 5872 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
14:58:08.0359 5872 SysMain - ok
14:58:08.0385 5872 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:58:08.0400 5872 TabletInputService - ok
14:58:08.0458 5872 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
14:58:08.0484 5872 TapiSrv - ok
14:58:08.0500 5872 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
14:58:08.0519 5872 TBS - ok
14:58:08.0586 5872 [ E23A56F843E2AEBBB209D0ACCA73C640 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
14:58:08.0631 5872 Tcpip - ok
14:58:08.0677 5872 [ E23A56F843E2AEBBB209D0ACCA73C640 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
14:58:08.0691 5872 TCPIP6 - ok
14:58:08.0723 5872 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:58:08.0727 5872 tcpipreg - ok
14:58:08.0767 5872 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
14:58:08.0771 5872 TDPIPE - ok
14:58:08.0802 5872 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
14:58:08.0806 5872 TDTCP - ok
14:58:08.0835 5872 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
14:58:08.0840 5872 tdx - ok
14:58:08.0875 5872 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
14:58:08.0880 5872 TermDD - ok
14:58:08.0918 5872 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
14:58:08.0941 5872 TermService - ok
14:58:08.0975 5872 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
14:58:08.0990 5872 Themes - ok
14:58:09.0015 5872 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
14:58:09.0025 5872 THREADORDER - ok
14:58:09.0049 5872 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
14:58:09.0067 5872 TrkWks - ok
14:58:09.0126 5872 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:58:09.0132 5872 TrustedInstaller - ok
14:58:09.0179 5872 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
14:58:09.0183 5872 tssecsrv - ok
14:58:09.0200 5872 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
14:58:09.0205 5872 TsUsbFlt - ok
14:58:09.0225 5872 [ 01246F0BAAD7B68EC0F472AA41E33282 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
14:58:09.0233 5872 TsUsbGD - ok
14:58:09.0253 5872 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:58:09.0260 5872 tunnel - ok
14:58:09.0283 5872 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\drivers\uagp35.sys
14:58:09.0287 5872 uagp35 - ok
14:58:09.0311 5872 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
14:58:09.0323 5872 udfs - ok
14:58:09.0361 5872 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
14:58:09.0412 5872 UI0Detect - ok
14:58:09.0440 5872 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
14:58:09.0445 5872 uliagpkx - ok
14:58:09.0467 5872 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\DRIVERS\umbus.sys
14:58:09.0472 5872 umbus - ok
14:58:09.0493 5872 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\drivers\umpass.sys
14:58:09.0500 5872 UmPass - ok
14:58:09.0533 5872 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll
14:58:09.0549 5872 UmRdpService - ok
14:58:09.0590 5872 [ BB879DCFD22926EFBEB3298129898CBB ] UnlockerDriver5 C:\Program Files\Unlocker\UnlockerDriver5.sys
14:58:09.0592 5872 UnlockerDriver5 - ok
14:58:09.0620 5872 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
14:58:09.0636 5872 upnphost - ok
14:58:09.0662 5872 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
14:58:09.0668 5872 usbccgp - ok
14:58:09.0688 5872 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
14:58:09.0694 5872 usbcir - ok
14:58:09.0727 5872 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
14:58:09.0734 5872 usbehci - ok
14:58:09.0772 5872 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
14:58:09.0780 5872 usbhub - ok
14:58:09.0802 5872 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\drivers\usbohci.sys
14:58:09.0806 5872 usbohci - ok
14:58:09.0826 5872 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
14:58:09.0833 5872 usbprint - ok
14:58:09.0850 5872 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
14:58:09.0854 5872 usbscan - ok
14:58:09.0881 5872 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:58:09.0885 5872 USBSTOR - ok
14:58:09.0905 5872 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
14:58:09.0908 5872 usbuhci - ok
14:58:09.0933 5872 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
14:58:09.0949 5872 UxSms - ok
14:58:09.0962 5872 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
14:58:09.0970 5872 VaultSvc - ok
14:58:09.0987 5872 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
14:58:09.0992 5872 vdrvroot - ok
14:58:10.0042 5872 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
14:58:10.0065 5872 vds - ok
14:58:10.0083 5872 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
14:58:10.0087 5872 vga - ok
14:58:10.0115 5872 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
14:58:10.0118 5872 VgaSave - ok
14:58:10.0143 5872 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
14:58:10.0152 5872 vhdmp - ok
14:58:10.0176 5872 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
14:58:10.0183 5872 viaagp - ok
14:58:10.0200 5872 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
14:58:10.0203 5872 ViaC7 - ok
14:58:10.0232 5872 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
14:58:10.0236 5872 viaide - ok
14:58:10.0266 5872 [ C2F2911156FDC7817C52829C86DA494E ] vmbus C:\Windows\system32\drivers\vmbus.sys
14:58:10.0270 5872 vmbus - ok
14:58:10.0294 5872 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
14:58:10.0297 5872 VMBusHID - ok
14:58:10.0336 5872 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
14:58:10.0376 5872 volmgr - ok
14:58:10.0402 5872 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
14:58:10.0412 5872 volmgrx - ok
14:58:10.0448 5872 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
14:58:10.0453 5872 volsnap - ok
14:58:10.0483 5872 [ B26536ADD1D748CDA104D856C979AE79 ] vpcbus C:\Windows\system32\DRIVERS\vpchbus.sys
14:58:10.0488 5872 vpcbus - ok
14:58:10.0525 5872 [ A0F7E923A6261760130F22B85DF9040E ] vpcnfltr C:\Windows\system32\DRIVERS\vpcnfltr.sys
14:58:10.0529 5872 vpcnfltr - ok
14:58:10.0556 5872 [ 5F4B55E91CE7E2523C9E1E0ECE858869 ] vpcusb C:\Windows\system32\DRIVERS\vpcusb.sys
14:58:10.0560 5872 vpcusb - ok
14:58:10.0592 5872 [ B487191FE18D6863381A1AC55482469A ] vpcvmm C:\Windows\system32\drivers\vpcvmm.sys
14:58:10.0601 5872 vpcvmm - ok
14:58:10.0633 5872 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
14:58:10.0637 5872 vsmraid - ok
14:58:10.0703 5872 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
14:58:10.0746 5872 VSS - ok
14:58:10.0764 5872 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
14:58:10.0768 5872 vwifibus - ok
14:58:10.0800 5872 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
14:58:10.0820 5872 W32Time - ok
14:58:10.0850 5872 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
14:58:10.0854 5872 WacomPen - ok
14:58:10.0878 5872 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
14:58:10.0882 5872 WANARP - ok
14:58:10.0891 5872 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
14:58:10.0897 5872 Wanarpv6 - ok
14:58:10.0985 5872 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
14:58:10.0999 5872 WatAdminSvc - ok
14:58:11.0059 5872 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
14:58:11.0102 5872 wbengine - ok
14:58:11.0134 5872 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
14:58:11.0155 5872 WbioSrvc - ok
14:58:11.0178 5872 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
14:58:11.0194 5872 wcncsvc - ok
14:58:11.0208 5872 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:58:11.0226 5872 WcsPlugInService - ok
14:58:11.0245 5872 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\drivers\wd.sys
14:58:11.0249 5872 Wd - ok
14:58:11.0299 5872 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
14:58:11.0313 5872 Wdf01000 - ok
14:58:11.0348 5872 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
14:58:11.0367 5872 WdiServiceHost - ok
14:58:11.0375 5872 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
14:58:11.0396 5872 WdiSystemHost - ok
14:58:11.0423 5872 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
14:58:11.0445 5872 WebClient - ok
14:58:11.0465 5872 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
14:58:11.0483 5872 Wecsvc - ok
14:58:11.0501 5872 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
14:58:11.0515 5872 wercplsupport - ok
14:58:11.0547 5872 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
14:58:11.0564 5872 WerSvc - ok
14:58:11.0583 5872 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
14:58:11.0587 5872 WfpLwf - ok
14:58:11.0614 5872 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
14:58:11.0618 5872 WIMMount - ok
14:58:11.0685 5872 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
14:58:11.0693 5872 WinDefend - ok
14:58:11.0708 5872 WinHttpAutoProxySvc - ok
14:58:11.0784 5872 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
14:58:11.0794 5872 Winmgmt - ok
14:58:11.0879 5872 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
14:58:11.0920 5872 WinRM - ok
14:58:11.0977 5872 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
14:58:11.0980 5872 WinUsb - ok
14:58:12.0038 5872 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
14:58:12.0072 5872 Wlansvc - ok
14:58:12.0126 5872 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
14:58:12.0130 5872 WmiAcpi - ok
14:58:12.0179 5872 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
14:58:12.0185 5872 wmiApSrv - ok
14:58:12.0271 5872 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
14:58:12.0316 5872 WMPNetworkSvc - ok
14:58:12.0343 5872 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
14:58:12.0383 5872 WPCSvc - ok
14:58:12.0418 5872 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
14:58:12.0438 5872 WPDBusEnum - ok
14:58:12.0463 5872 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
14:58:12.0467 5872 ws2ifsl - ok
14:58:12.0491 5872 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll
14:58:12.0518 5872 wscsvc - ok
14:58:12.0581 5872 WSearch - ok
14:58:12.0720 5872 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
14:58:12.0782 5872 wuauserv - ok
14:58:12.0810 5872 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
14:58:12.0816 5872 WudfPf - ok
14:58:12.0841 5872 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
14:58:12.0848 5872 WUDFRd - ok
14:58:12.0880 5872 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
14:58:12.0904 5872 wudfsvc - ok
14:58:12.0944 5872 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
14:58:12.0961 5872 WwanSvc - ok
14:58:12.0974 5872 ================ Scan global ===============================
14:58:13.0031 5872 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
14:58:13.0083 5872 [ D70FE45855CAD4C0C6B1C1426ABDEBA9 ] C:\Windows\system32\winsrv.dll
14:58:13.0115 5872 [ D70FE45855CAD4C0C6B1C1426ABDEBA9 ] C:\Windows\system32\winsrv.dll
14:58:13.0190 5872 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
14:58:13.0276 5872 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
14:58:13.0291 5872 [Global] - ok
14:58:13.0291 5872 ================ Scan MBR ==================================
14:58:13.0302 5872 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
14:58:14.0987 5872 \Device\Harddisk0\DR0 - ok
14:58:14.0987 5872 ================ Scan VBR ==================================
14:58:15.0013 5872 [ 1BA7011D90C621731E6470DCB695BBA4 ] \Device\Harddisk0\DR0\Partition1
14:58:15.0053 5872 \Device\Harddisk0\DR0\Partition1 - ok
14:58:15.0054 5872 ============================================================
14:58:15.0054 5872 Scan finished
14:58:15.0054 5872 ============================================================
14:58:15.0080 4960 Detected object count: 0
14:58:15.0080 4960 Actual detected object count: 0
15:00:27.0005 2188 Deinitialize success


Here is aswMBR:

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-02-01 15:05:30
-----------------------------
15:05:30.404 OS Version: Windows 6.1.7601 Service Pack 1
15:05:30.404 Number of processors: 2 586 0x403
15:05:30.409 ComputerName: JOHN-PC UserName: John
15:05:53.677 Initialize success
15:05:54.805 AVAST engine defs: 13020101
15:06:17.895 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-2
15:06:17.902 Disk 0 Vendor: WDC_WD2000JD-22HBB0 08.02D08 Size: 190782MB BusType: 3
15:06:17.936 Disk 0 MBR read successfully
15:06:17.944 Disk 0 MBR scan
15:06:17.954 Disk 0 Windows 7 default MBR code
15:06:17.963 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 190771 MB offset 63
15:06:17.991 Disk 0 scanning sectors +390700800
15:06:18.053 Disk 0 scanning C:\Windows\system32\drivers
15:06:30.787 Service scanning
15:07:01.846 Modules scanning
15:07:14.192 Disk 0 trace - called modules:
15:07:14.224 ntkrnlpa.exe CLASSPNP.SYS disk.sys ataport.SYS halmacpi.dll intelide.sys PCIIDEX.SYS atapi.sys
15:07:14.237 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x84c8f810]
15:07:14.249 3 CLASSPNP.SYS[899b359e] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-2[0x84ba9908]
15:07:15.924 AVAST engine scan C:\Windows
15:07:19.235 AVAST engine scan C:\Windows\system32
15:10:32.256 AVAST engine scan C:\Windows\system32\drivers
15:10:53.147 AVAST engine scan C:\Users\John
15:14:22.577 AVAST engine scan C:\ProgramData
15:15:18.066 Scan finished successfully
15:16:17.201 Disk 0 MBR has been saved successfully to "C:\Users\John\Desktop\MBR.dat"
15:16:17.218 The log file has been saved successfully to "C:\Users\John\Desktop\aswMBR.txt"



ESET Online Scanner:

C:\Users\All Users\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll a variant of Win32/Adware.Yontoo.B application
C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll a variant of Win32/Adware.Yontoo.B application cleaned by deleting - quarantined
C:\Users\John\AppData\Local\Temp\nsw13EA.tmp\pp.exe Win32/Adware.Linkular.AD application cleaned by deleting - quarantined

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:07 AM

Posted 01 February 2013 - 06:37 PM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.



Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#5 jaguiar45

jaguiar45
  • Topic Starter

  • Members
  • 60 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California, USA
  • Local time:11:07 PM

Posted 01 February 2013 - 08:40 PM

MBAM:



Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.02.01.11

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
John :: JOHN-PC [administrator]

2/1/2013 4:05:47 PM
mbam-log-2013-02-01 (16-05-47).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 295640
Time elapsed: 40 minute(s), 57 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

MINI TOOLBOX:



MiniToolBox by Farbar Version:10-01-2013
Ran by John (administrator) on 01-02-2013 at 17:08:27
Running from "C:\Users\John\Downloads"
Windows 7 Professional Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com

There are 15298 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

Realtek RTL8139/810x Family Fast Ethernet NIC = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : John-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek RTL8139/810x Family Fast Ethernet NIC
Physical Address. . . . . . . . . : 00-11-D8-C8-A1-5F
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2602:304:b36e:e649:607d:7348:7b58:3eb0(Preferred)
Temporary IPv6 Address. . . . . . : 2602:304:b36e:e649:906e:a6eb:8a16:32b7(Preferred)
Link-local IPv6 Address . . . . . : fe80::607d:7348:7b58:3eb0%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.101(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Friday, February 01, 2013 5:00:12 PM
Lease Expires . . . . . . . . . . : Saturday, February 02, 2013 5:00:07 PM
Default Gateway . . . . . . . . . : fe80::4e60:deff:fec2:b1d9%11
192.168.1.254
DHCP Server . . . . . . . . . . . : 192.168.1.254
DHCPv6 IAID . . . . . . . . . . . : 234885592
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-86-3C-71-00-11-D8-C8-A1-5F
DNS Servers . . . . . . . . . . . : 192.168.1.254
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{D5A25110-A0AE-4485-9AF8-87632322360F}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:2811:9d6:b4c9:119b(Preferred)
Link-local IPv6 Address . . . . . : fe80::2811:9d6:b4c9:119b%13(Preferred)
Default Gateway . . . . . . . . . :
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: dslrouter
Address: 192.168.1.254

Name: google.com
Addresses: 74.125.224.165
74.125.224.166
74.125.224.167
74.125.224.168
74.125.224.169
74.125.224.174
74.125.224.160
74.125.224.161
74.125.224.162
74.125.224.163
74.125.224.164


Pinging google.com [74.125.224.164] with 32 bytes of data:
Reply from 74.125.224.164: bytes=32 time=41ms TTL=54
Reply from 74.125.224.164: bytes=32 time=40ms TTL=54

Ping statistics for 74.125.224.164:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 40ms, Maximum = 41ms, Average = 40ms
Server: dslrouter
Address: 192.168.1.254

Name: yahoo.com
Addresses: 98.139.183.24
98.138.253.109
206.190.36.45


Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=64ms TTL=50
Reply from 206.190.36.45: bytes=32 time=145ms TTL=50

Ping statistics for 206.190.36.45:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 64ms, Maximum = 145ms, Average = 104ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
11...00 11 d8 c8 a1 5f ......Realtek RTL8139/810x Family Fast Ethernet NIC
1...........................Software Loopback Interface 1
12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.101 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.101 276
192.168.1.101 255.255.255.255 On-link 192.168.1.101 276
192.168.1.255 255.255.255.255 On-link 192.168.1.101 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.101 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.101 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
11 276 ::/0 fe80::4e60:deff:fec2:b1d9
1 306 ::1/128 On-link
13 58 2001::/32 On-link
13 306 2001:0:9d38:6ab8:2811:9d6:b4c9:119b/128
On-link
11 28 2602:304:b36e:e649::/64 On-link
11 276 2602:304:b36e:e649:607d:7348:7b58:3eb0/128
On-link
11 276 2602:304:b36e:e649:906e:a6eb:8a16:32b7/128
On-link
11 276 fe80::/64 On-link
13 306 fe80::/64 On-link
13 306 fe80::2811:9d6:b4c9:119b/128
On-link
11 276 fe80::607d:7348:7b58:3eb0/128
On-link
1 306 ff00::/8 On-link
13 306 ff00::/8 On-link
11 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\System32\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\System32\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (02/01/2013 05:11:37 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".
Dependent Assembly rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (02/01/2013 05:00:58 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".
Dependent Assembly rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (02/01/2013 04:52:42 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".
Dependent Assembly rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (02/01/2013 04:41:26 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".
Dependent Assembly rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (02/01/2013 04:30:08 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".
Dependent Assembly rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (02/01/2013 04:25:47 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".
Dependent Assembly rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (02/01/2013 04:24:06 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".
Dependent Assembly rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (02/01/2013 04:04:16 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".
Dependent Assembly rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (02/01/2013 01:59:57 PM) (Source: MsiInstaller) (User: John-PC)
Description: Product: Strongvault Online Backup -- Error 1721. There is a problem with this Windows Installer package. A program required for this install to complete could not be run. Contact your support personnel or package vendor. Action: AI_UPDATER_UNINSTALL, location: C:\Program Files\Strongvault Online Backup\updater.exe, command: /clean silent

Error: (02/01/2013 01:56:00 PM) (Source: MsiInstaller) (User: John-PC)
Description: Product: Strongvault Online Backup -- Error 1721. There is a problem with this Windows Installer package. A program required for this install to complete could not be run. Contact your support personnel or package vendor. Action: AI_UPDATER_UNINSTALL, location: C:\Program Files\Strongvault Online Backup\updater.exe, command: /clean silent


System errors:
=============
Error: (02/01/2013 04:59:53 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (User: NT AUTHORITY)
Description: Performance power management features on processor 1 in group 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.

Error: (02/01/2013 04:59:53 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (User: NT AUTHORITY)
Description: Performance power management features on processor 0 in group 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.

Error: (02/01/2013 01:51:49 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (User: NT AUTHORITY)
Description: Performance power management features on processor 1 in group 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.

Error: (02/01/2013 01:51:49 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (User: NT AUTHORITY)
Description: Performance power management features on processor 0 in group 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.

Error: (02/01/2013 01:47:10 PM) (Source: DCOM) (User: )
Description: 1068stisvc{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (02/01/2013 01:32:14 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (02/01/2013 01:20:03 PM) (Source: DCOM) (User: )
Description: 1084MSIServer{000C101C-0000-0000-C000-000000000046}

Error: (02/01/2013 00:57:53 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (02/01/2013 00:57:53 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (02/01/2013 00:57:53 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068


Microsoft Office Sessions:
=========================
Error: (02/01/2013 05:11:37 PM) (Source: SideBySide)(User: )
Description: rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"C:\Windows\Installer\{A88E1685-1986-4A86-8E88-5FE1E727D026}\recordingmanager.exe

Error: (02/01/2013 05:00:58 PM) (Source: SideBySide)(User: )
Description: rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"C:\Windows\Installer\{A88E1685-1986-4A86-8E88-5FE1E727D026}\recordingmanager.exe

Error: (02/01/2013 04:52:42 PM) (Source: SideBySide)(User: )
Description: rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"C:\Windows\Installer\{A88E1685-1986-4A86-8E88-5FE1E727D026}\recordingmanager.exe

Error: (02/01/2013 04:41:26 PM) (Source: SideBySide)(User: )
Description: rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"C:\Windows\Installer\{A88E1685-1986-4A86-8E88-5FE1E727D026}\recordingmanager.exe

Error: (02/01/2013 04:30:08 PM) (Source: SideBySide)(User: )
Description: rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"C:\Windows\Installer\{A88E1685-1986-4A86-8E88-5FE1E727D026}\recordingmanager.exe

Error: (02/01/2013 04:25:47 PM) (Source: SideBySide)(User: )
Description: rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"C:\Windows\Installer\{A88E1685-1986-4A86-8E88-5FE1E727D026}\recordingmanager.exe

Error: (02/01/2013 04:24:06 PM) (Source: SideBySide)(User: )
Description: rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"C:\Windows\Installer\{A88E1685-1986-4A86-8E88-5FE1E727D026}\recordingmanager.exe

Error: (02/01/2013 04:04:16 PM) (Source: SideBySide)(User: )
Description: rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"C:\Windows\Installer\{A88E1685-1986-4A86-8E88-5FE1E727D026}\recordingmanager.exe

Error: (02/01/2013 01:59:57 PM) (Source: MsiInstaller)(User: John-PC)
Description: Product: Strongvault Online Backup -- Error 1721. There is a problem with this Windows Installer package. A program required for this install to complete could not be run. Contact your support personnel or package vendor. Action: AI_UPDATER_UNINSTALL, location: C:\Program Files\Strongvault Online Backup\updater.exe, command: /clean silent (NULL)(NULL)(NULL)(NULL)(NULL)

Error: (02/01/2013 01:56:00 PM) (Source: MsiInstaller)(User: John-PC)
Description: Product: Strongvault Online Backup -- Error 1721. There is a problem with this Windows Installer package. A program required for this install to complete could not be run. Contact your support personnel or package vendor. Action: AI_UPDATER_UNINSTALL, location: C:\Program Files\Strongvault Online Backup\updater.exe, command: /clean silent (NULL)(NULL)(NULL)(NULL)(NULL)


=========================== Installed Programs ============================

1600 (Version: 130.0.365.000)
1600_Help (Version: 82.0.242.000)
1600Trb (Version: 82.0.242.000)
32 Bit HP CIO Components Installer (Version: 7.1.8)
Adobe Flash Player 11 ActiveX (Version: 11.6.602.105)
Adobe Flash Player 11 Plugin (Version: 11.6.602.105)
Adobe Shockwave Player 11.6 (Version: 11.6.8.638)
AGEIA PhysX v7.07.09 (Version: 7.07.09)
AIO_CDB_ProductContext (Version: 130.0.365.000)
AIO_CDB_Software (Version: 130.0.365.000)
AIO_Scan (Version: 130.0.421.000)
Audacity 2.0
Auslogics Disk Defrag (Version: 3.6)
Auslogics Task Manager (Version: version 2.2)
avast! Free Antivirus (Version: 7.0.1474.0)
Belarc Advisor 8.2 (Version: 8.2.7.15)
BufferChm (Version: 130.0.331.000)
CCleaner (Version: 3.27)
Cookienator (Version: 2.6.41)
Copy (Version: 130.0.428.000)
CrystalDiskInfo 5.0.0 (Version: 5.0.0)
Data Lifeguard Diagnostic for Windows 1.24
Destinations (Version: 130.0.0.0)
DeviceDiscovery (Version: 130.0.465.000)
DIRECTV Player (Version: 6.1)
DocProc (Version: 13.0.0.0)
EMET (Version: 3.0.0)
ESET Online Scanner v3
Event Log Explorer 4.1 beta (Version: 4.0)
EVEREST Home Edition v2.20 (Version: 2.20)
Fax (Version: 130.0.418.000)
FileHippo.com Update Checker
Freemake Video Converter version 3.0.2 (Version: 3.0.2)
Glary Utilities 2.52.0.1698 (Version: 2.52.0.1698)
Google Chrome (Version: 24.0.1312.56)
Google Earth (Version: 7.0.2.8415)
GPBaseService2 (Version: 130.0.371.000)
Hewlett-Packard ACLM.NET v1.1.2.0 (Version: 1.00.0000)
HiJackThis (Version: 1.0.0)
Hoyle Board Games 3
Hoyle Card Games 3
HP Customer Experience Enhancements (Version: 6.0.1.7)
HP Customer Participation Program 13.0 (Version: 13.0)
HP Imaging Device Functions 13.0 (Version: 13.0)
HP Photosmart Essential 3.5 (Version: 3.5)
HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B (Version: 13.0)
HP Smart Web Printing 4.51 (Version: 4.51)
HP Solution Center 13.0 (Version: 13.0)
HP Update (Version: 5.003.001.001)
HPPhotoGadget (Version: 130.0.282.000)
HPPhotoSmartDiscLabelContent1 (Version: 2.04.0000)
HPPhotosmartEssential (Version: 2.04.0000)
HPProductAssistant (Version: 130.0.371.000)
LightScribe System Software (Version: 1.18.17.1)
Madden NFL 2005
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
MarketResearch (Version: 130.0.374.000)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Mozilla Firefox 19.0 (x86 en-US) (Version: 19.0)
Mozilla Maintenance Service (Version: 19.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP3 Parser (KB2758694) (Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)
Network (Version: 130.0.572.000)
NVIDIA Control Panel 301.42 (Version: 301.42)
NVIDIA Display Control Panel (Version: 6.14.12.5896)
NVIDIA Graphics Driver 301.42 (Version: 301.42)
NVIDIA Install Application (Version: 2.1002.75.420)
NVIDIA Update 1.8.15 (Version: 1.8.15)
NVIDIA Update Components (Version: 1.8.15)
OCR Software by I.R.I.S. 13.0 (Version: 13.0)
PVSonyDll (Version: 1.00.0001)
RealDownloader (Version: 1.2.0)
Realtek Ethernet Controller All-In-One Windows Driver (Version: 1.12.0016)
Revo Uninstaller 1.94 (Version: 1.94)
Scan (Version: 13.0.0.0)
SIW version 2011.10.29 (Version: 2011.10.29)
SmartWebPrinting (Version: 130.0.457.000)
SolutionCenter (Version: 130.0.373.000)
SpywareBlaster 4.6 (Version: 4.6.0)
Status (Version: 130.0.469.000)
SUPERAntiSpyware (Version: 5.6.1014)
swMSM (Version: 12.0.0.1)
System Requirements Lab CYRI (Version: 4.5.1.0)
Task Catcher (Version: 1.4)
Toolbox (Version: 130.0.648.000)
TrayApp (Version: 130.0.422.000)
UnloadSupport (Version: 11.0.0)
Unlocker 1.9.1 (Version: 1.9.1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
VLC media player 2.0.5 (Version: 2.0.5)
WebReg (Version: 130.0.132.017)
Windows 7 Upgrade Advisor (Version: 2.0.5000.0)
WinPatrol (Version: 26.1.2013.0)
WOT for Internet Explorer (Version: 11.11.7.0)
WOT for Internet Explorer (Version: 12.8.2.0)

========================= Memory info: ===================================

Percentage of memory in use: 41%
Total physical RAM: 2679.37 MB
Available physical RAM: 1575.39 MB
Total Pagefile: 5357.02 MB
Available Pagefile: 3917.2 MB
Total Virtual: 2047.88 MB
Available Virtual: 1926.43 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:186.3 GB) (Free:127.68 GB) NTFS
2 Drive d: (MADDEN05) (CDROM) (Total:0.68 GB) (Free:0 GB) CDFS

========================= Users: ========================================

User accounts for \\JOHN-PC

Administrator Guest John
UpdatusUser

========================= Restore Points ==================================

22-01-2013 16:59:08 Windows Update
22-01-2013 17:04:41 Revo Uninstaller's restore point - 7-Zip 9.20
25-01-2013 15:01:21 HPSF Restore Point
26-01-2013 18:28:10 Revo Uninstaller's restore point - Spybot - Search & Destroy
29-01-2013 13:13:07 Windows Update
01-02-2013 21:54:16 Revo Uninstaller's restore point - Strongvault Online Backup
01-02-2013 21:57:22 Revo Uninstaller's restore point - Strongvault Online Backup
01-02-2013 21:59:58 Restore Point before Strongvault Online Backup was removed using Program Install and Uninstall troubleshooter
01-02-2013 22:00:53 Strongvault Online Backup
01-02-2013 22:44:57 Installed Microsoft Fix it 50906

**** End of log ****




FARBAR SERVICE SCANNER:




Farbar Service Scanner Version: 30-01-2013
Ran by John (administrator) on 01-02-2013 at 17:06:15
Running from "C:\Users\John\Downloads"
Windows 7 Professional Service Pack 1 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is offline
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcore.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll => MD5 is legit
C:\Windows\system32\iphlpsvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****



ADWARE CLEANER:



# AdwCleaner v2.109 - Logfile created 02/01/2013 at 16:58:04
# Updated 26/01/2013 by Xplode
# Operating system : Windows 7 Professional Service Pack 1 (32 bits)
# User : John - JOHN-PC
# Boot Mode : Normal
# Running from : C:\Users\John\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\END
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml
File Deleted : C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage
File Deleted : C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage-journal
File Deleted : C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\7twm7xr7.default\searchplugins\Conduit.xml
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Users\John\AppData\Local\Conduit
Folder Deleted : C:\Users\John\AppData\Local\Temp\CT3279141
Folder Deleted : C:\Users\John\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\John\AppData\Roaming\DefaultTab
Folder Deleted : C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\7twm7xr7.default\extensions\{f0e59437-6148-4a98-b0a6-60d557ef57f4}
Folder Deleted : C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\7twm7xr7.default\extensions\staged

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\IGearSettings
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3279141
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\\ Mozilla Firefox v19.0 (en-US)

File : C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\7twm7xr7.default\prefs.js

C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\7twm7xr7.default\user.js ... Deleted !

Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search");
Deleted : user_pref("CT3279141.autoDisableScopes", -1);
Deleted : user_pref("CT3279141.UserID", "UN35081578722892627");
Deleted : user_pref("ct3279141.UserID", "UN35081578722892627");
Deleted : user_pref("CT3279141.installDate", "1/2/2013 12:46:47");
Deleted : user_pref("smartbar.originalHomepage", "hxxp://www.google.com/");
Deleted : user_pref("CT3279141.smartbar.homepage", "true");
Deleted : user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT3279141&SearchSource=13&ssp[...]
Deleted : user_pref("CT3279141.startPageXPETakeover", "true");
Deleted : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3279141&SearchSource=13[...]
Deleted : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3279141&Sea[...]
Deleted : user_pref("browser.search.defaultthis.engineName", "WhiteSmoke B Customized Web Search");
Deleted : user_pref("browser.search.selectedEngine", "WhiteSmoke B Customized Web Search");
Deleted : user_pref("CT3279141.browser.search.defaultthis.engineName", "true");
Deleted : user_pref("CT3279141.defaultSearchXPETakeover", "true");
Deleted : user_pref("smartbar.originalSearchEngine", "");
Deleted : user_pref("smartbar.originalSearchAddressUrl", "");
Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "");
Deleted : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3279141&SearchSource=2&CU[...]
Deleted : user_pref("CT3279141.keyword", "true");
Deleted : user_pref("CT3279141.addressUrlXPETakeover", "true");
Deleted : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT[...]

-\\ Google Chrome v24.0.1312.56

File : C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted [l.65] : icon_url = "hxxp://search.conduit.com/fav.ico",
Deleted [l.68] : keyword = "search.conduit.com",
Deleted [l.71] : search_url = "hxxp://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&cui=UN26[...]

*************************

AdwCleaner[S1].txt - [5420 octets] - [01/02/2013 16:58:04]

########## EOF - C:\AdwCleaner[S1].txt - [5480 octets] ##########

#6 jaguiar45

jaguiar45
  • Topic Starter

  • Members
  • 60 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California, USA
  • Local time:11:07 PM

Posted 01 February 2013 - 08:44 PM

JUNKWARE REMOVAL TOOL:



~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.5.8 (01.31.2013:1)
OS: Windows 7 Professional x86
Ran by John on Fri 02/01/2013 at 17:20:01.81
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_current_user\software\billp studios\detected\startup
Successfully deleted: [Registry Key] hkey_local_machine\software\systweak



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\John\AppData\Roaming\strongvault"
Successfully deleted: [Folder] "C:\Windows\system32\ai_recyclebin"



~~~ FireFox

Successfully deleted the following from C:\Users\John\AppData\Roaming\mozilla\firefox\profiles\7twm7xr7.default\prefs.js

user_pref("extensions.wrc.SearchRules.ask.com.style", ".WRCN {display:none} #yui-main .tsrc_vnru .title + .WRCN, #yui-main #teoma-results .title + .WRCN {display:inline !impor
user_pref("extensions.wrc.SearchRules.ask.com.url", "^hxxp(s)?\\:\\/\\/(.+\\.)?ask\\.com\\/.*");
user_pref("extensions.wrc.SearchRules.baidu.com.style", ".WRCN {display:none} .result .f .WRCN {display:inline !important; background: url(\"IMAGE\") right no-repeat}");
user_pref("extensions.wrc.SearchRules.baidu.com.url", "^hxxp\\:\\/\\/www\\.baidu\\.com\\/.*");
user_pref("extensions.wrc.SearchRules.excite.com.style", ".WRCN {display:none} .searchResult .resultTitlePane .WRCN {display:inline !important; background: url(\"IMAGE\") righ
user_pref("extensions.wrc.SearchRules.excite.com.url", "^hxxp\\\\:\\\\/\\\\/msxml\\\\.excite\\\\.com\\\\/search\\\\/.*");
Emptied folder: C:\Users\John\AppData\Roaming\mozilla\firefox\profiles\7twm7xr7.default\minidumps [2 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 02/01/2013 at 17:33:07.16
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



RKILL:



Rkill 2.4.6 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 02/01/2013 05:36:02 PM in x86 mode.
Windows Version: Windows 7 Professional Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* Cannot edit the HOSTS file.
* Permissions Fixed. Administrators can now edit the HOSTS file.

* HOSTS file entries found:

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com

20 out of 15318 HOSTS entries shown.
Please review HOSTS file for further entries.

Program finished at: 02/01/2013 05:36:16 PM
Execution time: 0 hours(s), 0 minute(s), and 14 seconds(s)



AUTORUNS (NOT SURE IF I DID AUTORUNS RIGHT, I CLICKED FILE>SAVE>SAVE AS Autoruns.txt>FILE TYPE .txt AND IT LOOKS PRETTY SCRAMMBLED SO I AM NOT SURE IF THIS IS RIGHT COULD YOU PLEAS EXPLAIN HOW):


"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "avast" "avast! Antivirus" "AVAST Software" "c:\program files\avast software\avast\avastui.exe"
X "hpqSRMon" "HpqSRmon" "Hewlett-Packard" "c:\program files\hp\digital imaging\bin\hpqsrmon.exe"
X "SunJavaUpdateSched" "" "" "File not found: C:\Program Files\Common Files\Java\Java Update\jusched.exe"
+ "Task Catcher" "Task Catcher System Monitor" "BillP Studios" "c:\program files\billp studios\task catcher\tasktrap.exe"
X "UnlockerAssistant" "" "" "c:\program files\unlocker\unlockerassistant.exe"
+ "WinPatrol" "WinPatrol System Monitor" "BillP Studios" "c:\program files\billp studios\winpatrol\winpatrol.exe"
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
X "HP Digital Imaging Monitor.lnk" "HP Digital Imaging Monitor" "Hewlett-Packard Co." "c:\program files\hp\digital imaging\bin\hpqtra08.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
X "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
X "PCShowServer" "PC Show power management wrapper" "NDS Technologies" "c:\users\john\appdata\local\directv player\pcshowserverpmwrapper.exe"
X "SUPERAntiSpyware" "SUPERAntiSpyware Application" "SUPERAntiSpyware.com" "c:\program files\superantispyware\superantispyware.exe"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
X "belarc" "Belarc VoilaX Control" "Belarc, Inc." "c:\program files\belarc\advisor\system\bavoilax.dll"
+ "wot" "" "" "c:\program files\wot\wot.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" "" "" ""
+ "SABShellExecuteHook Class" "ShellExecuteHook" "SuperAdBlocker.com" "c:\program files\superantispyware\sasseh.dll"
X "SABShellExecuteHook Class" "ShellExecuteHook" "SuperAdBlocker.com" "c:\program files\superantispyware\sasseh.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "avast" "avast! Shell Extension" "AVAST Software" "c:\program files\avast software\avast\ashshell.dll"
X "Glary Utilities" "Context Menu Handler" "Glarysoft Ltd" "c:\program files\glary utilities\contexthandler.dll"
X "OnlineProtectMenu" "" "" "File not found: C:\Users\John\AppData\Local\Strongvault Online Backup\CtxMenu.dll"
+ "SASContextMenu Class" "SUPERAntiSpyware Context Menu Extension" "SUPERAntiSpyware.com" "c:\program files\superantispyware\sasctxmn.dll"
X "SASContextMenu Class" "SUPERAntiSpyware Context Menu Extension" "SUPERAntiSpyware.com" "c:\program files\superantispyware\sasctxmn.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "00avast" "avast! Shell Extension" "AVAST Software" "c:\program files\avast software\avast\ashshell.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
X "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "SASContextMenu Class" "SUPERAntiSpyware Context Menu Extension" "SUPERAntiSpyware.com" "c:\program files\superantispyware\sasctxmn.dll"
X "SASContextMenu Class" "SUPERAntiSpyware Context Menu Extension" "SUPERAntiSpyware.com" "c:\program files\superantispyware\sasctxmn.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "NvCplDesktopContext" "" "NVIDIA Corporation" "c:\windows\system32\nvshext.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "avast" "avast! Shell Extension" "AVAST Software" "c:\program files\avast software\avast\ashshell.dll"
X "Glary Utilities" "Context Menu Handler" "Glarysoft Ltd" "c:\program files\glary utilities\contexthandler.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
X "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
X "OnlineProtectMenu" "" "" "File not found: C:\Users\John\AppData\Local\Strongvault Online Backup\CtxMenu.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "00avast" "avast! Shell Extension" "AVAST Software" "c:\program files\avast software\avast\ashshell.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "avast! WebRep" "avast! WebRep Plugin" "AVAST Software" "c:\program files\avast software\avast\aswwebrepie.dll"
X "HP Print Enhancer" "HP Smart Web Printing add-on for Internet Explorer" "Hewlett-Packard Co." "c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll"
X "HP Smart BHO Class" "HP Smart Web Printing add-on for Internet Explorer" "Hewlett-Packard Co." "c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll"
+ "RealNetworks Download and Record Plugin for Internet Explorer" "RealPlayer Download and Record Plugin" "RealDownloader" "c:\programdata\realnetworks\realdownloader\browserplugins\ie\rndlbrowserrecordplugin.dll"
+ "WOT Helper" "" "" "c:\program files\wot\wot.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "avast! WebRep" "avast! WebRep Plugin" "AVAST Software" "c:\program files\avast software\avast\aswwebrepie.dll"
+ "WOT" "" "" "c:\program files\wot\wot.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "Show or hide HP Smart Web Printing" "HP Smart Web Printing add-on for Internet Explorer" "Hewlett-Packard Co." "c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll"
"Task Scheduler" "" "" ""
+ "\AmiUpdXp" "" "" "File not found: C:\Users\John\AppData\Local\SwvUpdater\Updater.exe"
+ "\avast! Emergency Update" "avast! Emergency Update" "AVAST Software" "c:\program files\avast software\avast\avastemupdate.exe"
X "\CCleanerSkipUAC" "CCleaner" "Piriform Ltd" "c:\program files\ccleaner\ccleaner.exe"
X "\GlaryInitialize" "Glary Utilities Initialize" "Glarysoft Ltd" "c:\program files\glary utilities\initialize.exe"
X "\GoogleUpdateTaskUserS-1-5-21-513826240-3793976892-1876046988-1000Core" "Google Installer" "Google Inc." "c:\users\john\appdata\local\google\update\googleupdate.exe"
X "\GoogleUpdateTaskUserS-1-5-21-513826240-3793976892-1876046988-1000UA" "Google Installer" "Google Inc." "c:\users\john\appdata\local\google\update\googleupdate.exe"
+ "\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" "HP Support Assistant" "Hewlett-Packard Company" "c:\program files\hewlett-packard\hp support framework\resources\hpsfmessenger\hpsfmsgr.exe"
+ "\Hewlett-Packard\HP Support Assistant\HP Total Care Tune-Up" "HPTuneUp" "Hewlett-Packard Company" "c:\program files\hewlett-packard\hp support framework\hptuneup.exe"
+ "\Hewlett-Packard\HP Support Assistant\PC Health Analysis" "HP Support Assistant" "Hewlett-Packard Company" "c:\program files\hewlett-packard\hp support framework\hpsf.exe"
+ "\Hewlett-Packard\HP Support Assistant\PC Tuneup" "HP Support Assistant" "Hewlett-Packard Company" "c:\program files\hewlett-packard\hp support framework\hpsf.exe"
+ "\Hewlett-Packard\HP Support Assistant\Update Check" "HP Support Assistant Updater" "Hewlett-Packard" "c:\programdata\hewlett-packard\hp support framework\resources\updater\hpsfupdater.exe"
+ "\HPCeeScheduleForJohn" "HP Ceement" "Hewlett-Packard" "c:\program files\hewlett-packard\hp ceement\hpcee.exe"
+ "\Microsoft\Windows Defender\MP Scheduled Scan" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\windows defender\mpcmdrun.exe"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\RealDownloaderDownloaderScheduledTaskS-1-5-21-513826240-3793976892-1876046988-1000" "RealDownloader" "RealNetworks, Inc." "c:\program files\realnetworks\realdownloader\recordingmanager.exe"
+ "\RealDownloaderRealUpgradeLogonTaskS-1-5-21-513826240-3793976892-1876046988-1000" "RealUpgrade" "RealNetworks, Inc." "c:\program files\realnetworks\realdownloader\realupgrade.exe"
+ "\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-513826240-3793976892-1876046988-1000" "RealUpgrade" "RealNetworks, Inc." "c:\program files\realnetworks\realdownloader\realupgrade.exe"
+ "\{58A5539D-D4A1-4A6A-812C-DEEC51C2DA0D}" "WinPatrol System Monitor" "BillP Studios" "c:\program files\billp studios\winpatrol\winpatrol.exe"
X "\{8148AB0F-B22E-4BAC-ACD4-85EB26B304EC}" "" "" "c:\program files\ea sports\madden nfl 2005\madden05.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
X "!SASCORE" "SUPERAntiSpyware Core Service" "SUPERAntiSpyware.com" "c:\program files\superantispyware\sascore.exe"
+ "avast! Antivirus" "Manages and implements avast! antivirus services for this computer. This includes the resident protection, the virus chest and the scheduler." "AVAST Software" "c:\program files\avast software\avast\avastsvc.exe"
+ "HP Support Assistant Service" "HP Support Assistant Service" "Hewlett-Packard Company" "c:\program files\hewlett-packard\hp support framework\hpsa_service.exe"
+ "HPDrvMntSvc.exe" "HP Quick Synchronization Service" "Hewlett-Packard Company" "c:\program files\hewlett-packard\shared\hpdrvmntsvc.exe"
+ "hpqcxs08" "HP CUE Context Manager Objects" "Hewlett-Packard Co." "c:\program files\hp\digital imaging\bin\hpqcxs08.dll"
+ "hpqddsvc" "This service detects and monitors CUE devices on the system." "Hewlett-Packard Co." "c:\program files\hp\digital imaging\bin\hpqddsvc.dll"
+ "hpqwmiex" "hpqwmiex Module" "Hewlett-Packard Company" "c:\program files\hewlett-packard\shared\hpqwmiex.exe"
X "HPSLPSVC" "Discovers and monitors the state and the configuration of the HP devices attached to your network. If the service is stopped, and your network devices change IP addresses, they might become unavailable" "" "File not found: C:\Users\John\AppData\Local\Temp\7zS70EC\hpslpsvc32.dll"
+ "LightScribeService" "Used by the LightScribe software components to support 3rd party disc labeling applications using the LightScribe COM Application Programming Interface (LSCAPI). This service needs to run for LightScribe direct disc labeling to work." "Hewlett-Packard Company" "c:\program files\common files\lightscribe\lssrvc.exe"
+ "McciCMService" "mcci+McciCMService" "Alcatel-Lucent" "c:\program files\common files\motive\mccicmservice.exe"
X "MozillaMaintenance" "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled." "Mozilla Foundation" "c:\program files\mozilla maintenance service\maintenanceservice.exe"
+ "Net Driver HPZ12" "Dot4Net Module" "Hewlett-Packard" "c:\windows\system32\hpzinw12.dll"
+ "nvsvc" "Provides system and desktop level support to the NVIDIA display driver" "NVIDIA Corporation" "c:\windows\system32\nvvsvc.exe"
+ "nvUpdatusService" "NVIDIA Settings Update Manager service, used to check new updates from NVIDIA server." "NVIDIA Corporation" "c:\program files\nvidia corporation\nvidia update core\daemonu.exe"
+ "Pml Driver HPZ12" "PmlDrv Module" "Hewlett-Packard" "c:\windows\system32\hpzipm12.dll"
+ "RealNetworks Downloader Resolver Service" "Manage different Downloader versions in RealNetworks' products." "" "c:\program files\realnetworks\realdownloader\rndlresolversvc.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aic78xx" "Adaptec Ultra SCSI miniport" "Adaptec, Inc." "c:\windows\system32\drivers\djsvs.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows family" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "aswFsBlk" "avast! mini-filter driver (aswFsBlk)" "AVAST Software" "c:\windows\system32\drivers\aswfsblk.sys"
+ "aswMBR" "" "" "File not found: C:\Users\John\AppData\Local\Temp\aswMBR.sys"
+ "aswMonFlt" "avast! mini-filter driver (aswMonFlt)" "AVAST Software" "c:\windows\system32\drivers\aswmonflt.sys"
+ "aswRdr" "avast! WFP Redirect driver" "AVAST Software" "c:\windows\system32\drivers\aswrdr2.sys"
+ "aswSnx" "avast! virtualization driver (aswSnx)" "AVAST Software" "c:\windows\system32\drivers\aswsnx.sys"
+ "aswSP" "avast! Self Protection" "AVAST Software" "c:\windows\system32\drivers\aswsp.sys"
+ "aswTdi" "avast! Network Shield TDI driver" "AVAST Software" "c:\windows\system32\drivers\aswtdi.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbdx.sys"
+ "b57nd60x" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60x.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
X "dgderdrv" "" "" "File not found: System32\drivers\dgderdrv.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbdx.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - ia32" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "MBAMSwissArmy" "Malwarebytes' Anti-Malware" "Malwarebytes Corporation" "c:\windows\system32\drivers\mbamswissarmy.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7 for x86" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "MREMP50" "PCAUSA NDIS 5.0 MPR Protocol Driver" "Printing Communications Assoc., Inc. (PCAUSA)" "c:\program files\common files\motive\mremp50.sys"
X "MREMPR5" "" "" "File not found: C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS"
X "MRENDIS5" "" "" "File not found: C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS"
+ "MRESP50" "PCAUSA NDIS 5.0 SPR Protocol Driver" "Printing Communications Assoc., Inc. (PCAUSA)" "c:\program files\common files\motive\mresp50.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "nvlddmkm" "NVIDIA Windows Kernel Mode Driver, Version 301.42 " "NVIDIA Corporation" "c:\windows\system32\drivers\nvlddmkm.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "RTL8023xp" "Realtek 10/100 NDIS 5.1 Driver " "Realtek Semiconductor Corporation " "c:\windows\system32\drivers\rtnicxp.sys"
+ "SASDIFSV" "SASDIFSV.SYS" "SUPERAdBlocker.com and SUPERAntiSpyware.com" "c:\program files\superantispyware\sasdifsv.sys"
+ "SASKUTIL" "SASKUTIL.SYS" "SUPERAdBlocker.com and SUPERAntiSpyware.com" "c:\program files\superantispyware\saskutil.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "Serial" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\serial.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "SWDUMon" "Driver Update Installer Monitor" "" "c:\windows\system32\drivers\swdumon.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\system32\iccvid.dll"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "Audio Destination" "WAVDest Filter (Sample)" "Microsoft Corporation" "c:\program files\google\google earth\client\wavdest.ax"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "PCL hpz3llhn" "LanguageMonitor" "Hewlett-Packard Company" "c:\windows\system32\hpz3llhn.dll"

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:07 AM

Posted 01 February 2013 - 09:57 PM

Go to

C:\Program Files\Strongvault Online Backup

Delete this folder.Current issues?

#8 jaguiar45

jaguiar45
  • Topic Starter

  • Members
  • 60 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California, USA
  • Local time:11:07 PM

Posted 01 February 2013 - 10:19 PM

There are no issues now. What would some of the characteristics be of something like this? It did change my homepage in Google Chrome to Bing (I was able to change it back) but what other things should I look out for? And by the way thanks you guys really know what you are doing, once again. I wanted to ask you guys, why doesn't Bleeping Computer start up their own OS? You guys could kill Windows. -John

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:07 AM

Posted 01 February 2013 - 10:23 PM

:lmao: Appreciate your feedback.

It also has startup entry to load at startup.Other than that we do not have enough information on it.We have just started noticing it on many systems.

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)

#10 bmullenix

bmullenix

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:12:07 AM

Posted 02 February 2013 - 12:42 PM

I downloaded a free battery info program yesterday from CNET.com and picked up this piece of malware. It keeps giving me popups trying to get me to take a survey and seems to have slowed down my laptop. This is the second time I have downloaded a program from
CNET and had malware loaded on my computer. I used to trust CNET but never again.

I think I have gotten rid of Strong Vault and what I did was run system restore back to the time I installed Battery Info. The first restore failed so I booted into safe mode and ran it again. This time it seems to be gone. Keeping my fingers crossed. When I get a piece of malware or virus the first thing I try to do is run system restore. It usually works.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users