Jump to content
Sign in to follow this  
bhk

Trouble with a redirecting virus (logs)

Recommended Posts

Here are the logs requested. I may have received some malware or rootkits from my siblings downloading their games and what-not so if there is something needing clarified, I will try to explain known programs to the best of my abilities.

 

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Database version: v2013.07.21.02
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 10.0.9200.16635
user :: USER-PC [administrator]
7/21/2013 1:04:29 PM
mbam-log-2013-07-21 (13-04-29).txt
Scan type: Full scan (C:|D:|F:|G:|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 394470
Time elapsed: 1 hour(s), 43 minute(s), 13 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: DeviceHarddiskVolume1
Install Date: 8/28/2011 5:05:46 AM
System Uptime: 7/21/2013 1:49:26 PM (3 hours ago)
.
Motherboard: eMachines | | WMCP78M
Processor: AMD Athlon Processor LE-1640 | Socket AM2 | 2700/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 298 GiB total, 241.696 GiB free.
D: is CDROM (UDF)
F: is Removable
G: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP260: 7/6/2013 7:17:09 PM - Windows Update
RP261: 7/9/2013 3:04:04 PM - Windows Update
RP262: 7/13/2013 3:21:57 PM - Windows Update
RP263: 7/16/2013 4:48:47 PM - Windows Update
RP264: 7/20/2013 2:29:49 PM - Windows Update
.
==== Installed Programs ======================
.
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.1)
Adobe Shockwave Player 12.0
ANIWZCS2 Service
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ASIO4ALL
Bandicam
Bandisoft MPEG-1 Decoder
Bonjour
CCleaner
Compatibility Pack for the 2007 Office system
D-Link RangeBooster N DWA-140
Facebook Video Calling 1.2.0.287
Façade
GIMP 2.8.2
Google Chrome
Google Update Helper
Java 7 Update 25
Java Auto Updater
Java 6 Update 31
JavaFX 2.1.1
K-Lite Codec Pack 7.6.0 (Full)
LSI PCI-SV92EX Soft Modem
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft Office File Validation Add-In
Microsoft Office Professional Edition 2003
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Mozilla Firefox 22.0 (x86 en-US)
Mozilla Maintenance Service
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nero 7 Essentials
neroxml
NVIDIA 3D Vision Driver 311.06
NVIDIA Control Panel 311.06
NVIDIA Drivers
NVIDIA ForceWare Network Access Manager
NVIDIA Graphics Driver 311.06
NVIDIA Install Application
NVIDIA Stereoscopic 3D Driver
NVIDIA Update 1.11.3
NVIDIA Update Components
OGPlanet Game Launcher
Project64 1.6
QuickTime
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
RealUpgrade 1.1
Rumble Fighter
swMSM
Synthesia (remove only)
VLC media player 1.1.11
Web Games Player Plugin
Windows Media Player Firefox Plugin
WinRAR 4.01 (32-bit)
.
==== Event Viewer Messages From Past Week ========
.
7/21/2013 3:58:51 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
7/21/2013 12:43:19 PM, Error: Service Control Manager [7038] - The nvUpdatusService service was unable to log on as .UpdatusUser with the currently configured password due to the following error: Logon failure: the specified account password has expired. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
7/21/2013 12:43:19 PM, Error: Service Control Manager [7000] - The NVIDIA Update Service Daemon service failed to start due to the following error: The service did not start due to a logon failure.
.
==== End Of File ===========================

 

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 10.0.9200.16635 BrowserJavaVersion: 10.25.2
Run by user at 16:16:06 on 2013-07-21
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.2815.1552 [GMT -7:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}
.
============== Running Processes ================
.
C:Windowssystem32wininit.exe
C:Windowssystem32lsm.exe
C:Windowssystem32nvvsvc.exe
C:Program FilesNVIDIA Corporation3D VisionnvSCPAPISvr.exe
c:Program FilesMicrosoft Security ClientMsMpEng.exe
C:Program FilesNVIDIA CorporationDisplaynvxdsync.exe
C:Windowssystem32nvvsvc.exe
C:WindowsSystem32spoolsv.exe
C:Program FilesCommon FilesAdobeARM1.0armsvc.exe
C:Program FilesLSI SoftModemagrsmsvc.exe
C:Windowssystem32taskhost.exe
C:Windowssystem32Dwm.exe
C:WindowsExplorer.EXE
C:Windowssystem32ANIWConnService.exe
C:Program FilesCommon FilesAppleMobile Device SupportAppleMobileDeviceService.exe
C:Program FilesBonjourmDNSResponder.exe
C:Program FilesNVIDIA CorporationNetworkAccessManagerbin32nSvcAppFlt.exe
C:Program FilesCommon FilesMotiveMcciCMService.exe
C:Program FilesNVIDIA CorporationNetworkAccessManagerbin32nSvcIp.exe
C:Program FilesCommon FilesAdobeARM1.0AdobeARM.exe
C:Program FilesRealRealPlayerUpdaterealsched.exe
C:Program FilesMicrosoft Security Clientmsseces.exe
C:Program FilesANIANIWZCS2 ServiceWZCSLDR2.exe
c:Program FilesMicrosoft Security ClientNisSrv.exe
C:Windowssystem32WUDFHost.exe
C:Program FilesD-LinkDWA-140 revBAirNCFG.exe
C:Program FilesCommon FilesJavaJava Updatejusched.exe
C:Program FilesWindows Sidebarsidebar.exe
C:Program FilesNVIDIA CorporationDisplaynvtray.exe
C:Windowssystem32SearchIndexer.exe
C:Program FilesWindows Media Playerwmpnetwk.exe
C:Program FilesMalwarebytes' Anti-Malwarembam.exe
C:Program FilesGoogleChromeApplicationchrome.exe
C:Program FilesGoogleChromeApplicationchrome.exe
C:Program FilesGoogleChromeApplicationchrome.exe
C:Program FilesGoogleChromeApplicationchrome.exe
C:WindowsservicingTrustedInstaller.exe
C:Windowssystem32NOTEPAD.EXE
C:Program FilesGoogleChromeApplicationchrome.exe
C:Program FilesGoogleChromeApplicationchrome.exe
C:Program FilesGoogleChromeApplicationchrome.exe
C:Windowssystem32SearchProtocolHost.exe
C:Windowssystem32SearchFilterHost.exe
C:Windowssystem32conhost.exe
C:Windowssystem32wbemwmiprvse.exe
C:Windowssystem32svchost.exe -k DcomLaunch
C:Windowssystem32svchost.exe -k RPCSS
C:WindowsSystem32svchost.exe -k LocalServiceNetworkRestricted
C:WindowsSystem32svchost.exe -k LocalSystemNetworkRestricted
C:Windowssystem32svchost.exe -k LocalService
C:Windowssystem32svchost.exe -k netsvcs
C:Windowssystem32svchost.exe -k NetworkService
C:Windowssystem32svchost.exe -k LocalServiceNoNetwork
C:Windowssystem32svchost.exe -k LocalServiceAndNoImpersonation
C:Windowssystem32svchost.exe -k imgsvc
C:WindowsSystem32svchost.exe -k LocalServicePeerNet
.
============== Pseudo HJT Report ===============
.
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:program filescommon filesadobeacrobatactivexAcroIEHelperShim.dll
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:program filesjavajre7binssv.dll
BHO: Gaming support for ArcadeWeb: {9F531FB1-7C1F-4E1A-8C0C-E8D6177130E2} - c:userskevinappdatalocalarcadewebarcadeweb32.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:program filesjavajre7binjp2ssv.dll
uRun: [sidebar] c:program fileswindows sidebarsidebar.exe /autoRun
uRun: [Facebook Update] "c:usersuserappdatalocalfacebookupdateFacebookUpdate.exe" /c /nocrashserver
mRun: [Adobe ARM] "c:program filescommon filesadobearm1.0AdobeARM.exe"
mRun: [QuickTime Task] "c:program filesquicktimeQTTask.exe" -atboottime
mRun: [NeroFilterCheck] c:program filescommon filesaheadlibNeroCheck.exe
mRun: [TkBellExe] "c:program filesrealrealplayerupdaterealsched.exe" -osboot
mRun: [MSC] "c:program filesmicrosoft security clientmsseces.exe" -hide -runkey
mRun: [ANIWZCS2Service] c:program filesanianiwzcs2 serviceWZCSLDR2.exe
mRun: [D-Link D-Link RangeBooster N DWA-140] c:program filesd-linkdwa-140 revbAirNCFG.exe
mRun: [sunJavaUpdateSched] "c:program filescommon filesjavajava updatejusched.exe"
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - c:progra~1micros~4office11EXCEL.EXE/3000
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
LSP: c:program filesnvidia corporationnetworkaccessmanagerbin32nvLsp.dll
TCP: NameServer = 192.168.1.254
TCP: Interfaces{02D5FD71-0423-4456-A10A-E06C98F3C7A9} : DHCPNameServer = 192.168.1.254
TCP: Interfaces{7BEB80D1-A2F0-4548-BE65-7AFF0EFCEE7B} : DHCPNameServer = 192.168.1.254
TCP: Interfaces{7BEB80D1-A2F0-4548-BE65-7AFF0EFCEE7B}2375942554831393 : DHCPNameServer = 192.168.1.254
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:program filesgooglechromeapplication28.0.1500.72installerchrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
================= FIREFOX ===================
.
FF - ProfilePath - c:usersuserappdataroamingmozillafirefoxprofilespn4snfid.default-1339735604840
FF - plugin: c:program filesadobereader 10.0readerairnppdf32.dll
FF - plugin: c:program filescommon filesmotivenpMotive.dll
FF - plugin: c:program filesgoogleupdate1.3.21.153npGoogleUpdate3.dll
FF - plugin: c:program filesjavajre7binplugin2npjp2.dll
FF - plugin: c:program filesmicrosoft silverlight5.1.20513.0npctrlui.dll
FF - plugin: c:program filesnvidia corporation3d visionnpnv3dv.dll
FF - plugin: c:program filesnvidia corporation3d visionnpnv3dvstreaming.dll
FF - plugin: c:programdatarealrealplayerbrowserrecordpluginmozillapluginsnprpchromebrowserrecordext.dll
FF - plugin: c:programdatarealrealplayerbrowserrecordpluginmozillapluginsnprphtml5videoshim.dll
FF - plugin: c:programdatazylomzylomgamesplayernpzylomgamesplayer.dll
FF - plugin: c:usersuserappdatalocalfacebookvideoskypenpFacebookVideoCalling.dll
FF - plugin: c:windowssystem32adobedirectornp32dsw_1200112.dll
FF - plugin: c:windowssystem32macromedflashNPSWF32_11_7_700_224.dll
FF - plugin: c:windowssystem32npDeployJava1.dll
FF - plugin: c:windowssystem32npmproxy.dll
FF - plugin: c:windowssystem32npOGPPlugin.dll
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;c:windowssystem32driversMpFilter.sys [2013-1-20 195296]
R1 anodlwf;ANOD Network Security Filter driver;c:windowssystem32driversanodlwf.sys [2012-8-21 12800]
R2 ANIWConnService;ANIWConn Service;c:windowssystem32ANIWConnService.exe [2012-8-21 151552]
R2 NisDrv;Microsoft Network Inspection System;c:windowssystem32driversNisDrvWFP.sys [2011-4-27 100328]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:program filesnvidia corporation3d visionnvSCPAPISvr.exe [2013-1-18 383264]
R3 MBAMSwissArmy;MBAMSwissArmy;c:windowssystem32driversmbamswissarmy.sys [2013-7-21 40776]
R3 NisSrv;Microsoft Network Inspection;c:program filesmicrosoft security clientNisSrv.exe [2013-1-27 295232]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:windowssystem32driversb57nd60x.sys [2009-7-13 229888]
S3 netr28u;D-Link dnetr28u USB Extensible Wireless LAN Card Driver;c:windowssystem32driversDnetr28u.sys [2012-8-21 750592]
S3 TsUsbFlt;TsUsbFlt;c:windowssystem32driversTsUsbFlt.sys [2011-8-28 52224]
S3 WatAdminSvc;Windows Activation Technologies Service;c:windowssystem32watWatAdminSvc.exe [2011-8-28 1343400]
.
=============== Created Last 30 ================
.
2013-07-21 23:11:37 7143960 ----a-w- c:programdatamicrosoftmicrosoft antimalwaredefinition updates{d00a0f17-9635-42c6-95b1-175411bd2345}mpengine.dll
2013-07-21 20:04:21 40776 ----a-w- c:windowssystem32driversmbamswissarmy.sys
2013-07-20 21:30:40 7143960 ------w- c:programdatamicrosoftmicrosoft antimalwaredefinition updatesbackupmpengine.dll
2013-07-16 23:52:33 698504 ------w- c:programdatamicrosoftmicrosoft antimalwaredefinition updates{ed6e8730-ee75-4150-9b4f-87bbd5e9f401}gapaengine.dll
2013-07-09 22:03:05 509440 ----a-w- c:windowssystem32qedit.dll
2013-07-09 22:03:04 1620480 ----a-w- c:windowssystem32WMVDECOD.DLL
2013-07-09 22:03:04 1247744 ----a-w- c:windowssystem32DWrite.dll
2013-07-09 22:03:01 2347520 ----a-w- c:windowssystem32win32k.sys
2013-07-09 22:02:59 680960 ----a-w- c:program fileswindows defenderMpSvc.dll
2013-07-09 22:02:59 392704 ----a-w- c:program fileswindows defenderMpClient.dll
2013-07-09 22:02:59 224768 ----a-w- c:program fileswindows defenderMpCommu.dll
2013-07-09 22:02:50 988672 ----a-w- c:program fileswindows journalJNTFiltr.dll
2013-07-09 22:02:50 969216 ----a-w- c:program fileswindows journalJNWDRV.dll
2013-07-09 22:02:50 936448 ----a-w- c:program filescommon filesmicrosoft sharedinkjournal.dll
2013-07-09 22:02:49 1221632 ----a-w- c:program fileswindows journalNBDoc.DLL
2013-07-02 22:59:28 745472 ----a-w- c:windowssystem32MsSpellCheckingFacility.exe
2013-07-02 22:57:43 9728 ---ha-w- c:windowssystem32api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-07-02 09:11:11 74072 ----a-w- c:windowssystem32XAPOFX1_5.dll
2013-07-02 09:10:59 235856 ----a-w- c:windowssystem32xactengine3_3.dll
2013-07-02 09:07:31 -------- d--h--w- c:windowsmsdownld.tmp
2013-07-02 09:06:36 -------- d-----w- c:windowssystem32directx
2013-06-30 22:28:53 -------- d-----w- c:usersuserappdataroamingMalwarebytes
2013-06-30 22:28:31 -------- d-----w- c:programdataMalwarebytes
2013-06-30 22:28:29 22856 ----a-w- c:windowssystem32driversmbam.sys
2013-06-30 22:28:29 -------- d-----w- c:program filesMalwarebytes' Anti-Malware
2013-06-30 22:27:14 -------- d-----w- c:usersuserappdatalocalPrograms
.
==================== Find3M ====================
.
2013-07-21 19:43:26 71048 ----a-w- c:windowssystem32FlashPlayerCPLApp.cpl
2013-07-21 19:43:26 692104 ----a-w- c:windowssystem32FlashPlayerApp.exe
2013-07-02 22:57:43 4096 ---ha-w- c:windowssystem32api-ms-win-downlevel-user32-l1-1-0.dll
2013-06-18 21:45:24 94632 ----a-w- c:windowssystem32WindowsAccessBridge.dll
2013-06-18 21:45:14 867240 ----a-w- c:windowssystem32npDeployJava1.dll
2013-06-18 21:45:14 789416 ----a-w- c:windowssystem32deployJava1.dll
2013-06-11 23:43:37 1767936 ----a-w- c:windowssystem32wininet.dll
2013-06-11 23:43:00 2877440 ----a-w- c:windowssystem32jscript9.dll
2013-06-11 23:42:58 61440 ----a-w- c:windowssystem32iesetup.dll
2013-06-11 23:42:58 109056 ----a-w- c:windowssystem32iesysprep.dll
2013-06-11 22:51:45 71680 ----a-w- c:windowssystem32RegisterIEPKEYs.exe
2013-06-07 02:37:52 2706432 ----a-w- c:windowssystem32mshtml.tlb
2013-05-13 04:45:55 140288 ----a-w- c:windowssystem32cryptsvc.dll
2013-05-13 04:45:55 1160192 ----a-w- c:windowssystem32crypt32.dll
2013-05-13 04:45:55 103936 ----a-w- c:windowssystem32cryptnet.dll
2013-05-13 03:08:10 903168 ----a-w- c:windowssystem32certutil.exe
2013-05-13 03:08:06 43008 ----a-w- c:windowssystem32certenc.dll
2013-05-08 05:38:00 1293672 ----a-w- c:windowssystem32driverstcpip.sys
2013-05-06 05:06:47 3968872 ----a-w- c:windowssystem32ntkrnlpa.exe
2013-05-06 05:06:47 3913576 ----a-w- c:windowssystem32ntoskrnl.exe
2013-05-02 15:28:50 238872 ------w- c:windowssystem32MpSigStub.exe
2013-04-26 04:55:21 492544 ----a-w- c:windowssystem32win32spl.dll
.
============= FINISH: 16:16:46.51 ===============

Share this post


Link to post
Share on other sites

 

**In any case where you happen to be busy or unable to give us a reply, we would be grateful if you keep us informed in advance and we will be more than happy to wait. Failure to do so we will have your thread closed in THREE(3) days.

:)

 

Hello there, bhk

 

:wp:

 

I'm Conspire, I'll be glad to help you with your computer problems.

 

Please observe these rules while we work:

[*]Read the entire procedure

[*]It is important to perform ALL actions in sequence.

[*]If you don't know, stop and ask! Don't keep going on.

[*]Please reply to this thread. Do not start a new topic.

[*]Stick with me till you're given the all clear.

[*]Remember, absence of symptoms does not mean the infection is all gone.

[*]Don't attempt to clean your computer with any tools other than the ones I ask you to use during the cleanup process.

IMPORTANT NOTE : Please do not delete anything unless instructed to. Remember to backup all your important data(if possible) before moving on.

 

---------------------------------------------------------------------------------------------------

 

Sorry for the delayed response. Do you still need help on this?

 

---------------------------------------------------------------------------------------------------

Share this post


Link to post
Share on other sites

I ran into this issue again recently and would like some assistance to see if my computer is riddled with any kind of malicious program possibly installed from my siblings mistreating my computer. I tend to run into suspicious programs throughout the remnants of downloads and am not familiar with how to purge these programs. I can do another DDS run and MBAM scan to provide more updated logs if you'd like! I'd like to be informed about how to prevent this from happening again as well as I don't believe Microsoft SE and MBAM are enough to keep those pesky infections away. I read a bit into root-kits and what-not but would prefer to have experienced guidance in choosing which programs to use. Thanks for the future help!

Share this post


Link to post
Share on other sites

Sure. Here goes

 

Please download aswMBR.exe and save it to your desktop.

[*]Double click aswMBR.exe to start the tool. (Vista/Windows 7 users - right click to run as administrator)

[*]Allow it to update where necessary

[*]Click Scan

[*]Upon completion of the scan, click Save log and save it to your desktop, and post that log in your next reply for review. Note - do NOT attempt any Fix yet.

[*]You will also notice another file created on the desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) file. Attach that zipped file in your next reply as well.

===================================================

 

Download TDSSKiller.exe and save it to your desktop

 

Execute TDSSKiller.exe by doubleclicking on it.

Press Start Scan

If Malicious objects are found, do NOT select Cure. Change the action to Skip, and save the log.

Once complete, a log will be produced at the root drive which is typically C: ,for example, C:TDSSKiller.<version_date_time>log.txt

 

===================================================

 

On your next reply please post :

aswMBR log

MBR.dat (attachment)

TDSS Killer log

 

 

Please STOP and let me know if you have any problems in performing with the steps above or any questions you may have.

 

Good Day!

Share this post


Link to post
Share on other sites

Hi! Sorry for the long wait. I had other things to attend to and it skipped my mind for a sec.

aswMBR version 0.9.9.1771 Copyright© 2011 AVAST SoftwareRun date: 2013-07-26 16:12:29-----------------------------16:12:29.179 OS Version: Windows 6.1.7601 Service Pack 116:12:29.180 Number of processors: 1 586 0x7F0216:12:29.181 ComputerName: USER-PC UserName: user16:12:31.029 Initialize success16:13:15.092 Disk 0 (boot) DeviceHarddisk0DR0 -> Device0000005e16:13:15.095 Disk 0 Vendor: ST332081 SD23 Size: 305245MB BusType: 316:13:15.188 Disk 0 MBR read successfully16:13:15.191 Disk 0 MBR scan16:13:15.195 Disk 0 Windows 7 default MBR code16:13:15.205 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 204816:13:15.210 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 305143 MB offset 20684816:13:15.218 Disk 0 scanning sectors +62513971216:13:15.349 Disk 0 scanning C:Windowssystem32drivers16:13:21.559 Service scanning16:13:29.063 Service MpKsl93d78d3e c:ProgramDataMicrosoftMicrosoft AntimalwareDefinition Updates{3557D91F-FD7F-4102-9F93-319619FA9D41}MpKsl93d78d3e.sys **LOCKED** 3216:13:40.232 Modules scanning16:13:52.508 Disk 0 trace - called modules:16:13:52.552 ntkrnlpa.exe CLASSPNP.SYS disk.sys storport.sys halmacpi.dll nvstor32.sys 16:13:52.558 1 nt!IofCallDriver -> DeviceHarddisk0DR0[0x85cd1030]16:13:52.802 3 CLASSPNP.SYS[8a97259e] -> nt!IofCallDriver -> Device0000005e[0x85781c68]16:13:52.828 Scan finished successfully16:14:24.328 Disk 0 MBR has been saved successfully to "C:UsersuserDesktopMBR.dat"16:14:24.343 The log file has been saved successfully to "C:UsersuserDesktopaswMBR.txt"

 

 

16:21:43.0966 3184 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
16:21:44.0507 3184 ============================================================
16:21:44.0507 3184 Current date / time: 2013/07/26 16:21:44.0507
16:21:44.0507 3184 SystemInfo:
16:21:44.0507 3184
16:21:44.0507 3184 OS Version: 6.1.7601 ServicePack: 1.0
16:21:44.0507 3184 Product type: Workstation
16:21:44.0507 3184 ComputerName: USER-PC
16:21:44.0508 3184 UserName: user
16:21:44.0508 3184 Windows directory: C:Windows
16:21:44.0508 3184 System windows directory: C:Windows
16:21:44.0508 3184 Processor architecture: Intel x86
16:21:44.0508 3184 Number of processors: 1
16:21:44.0508 3184 Page size: 0x1000
16:21:44.0508 3184 Boot type: Normal boot
16:21:44.0508 3184 ============================================================
16:21:46.0848 3184 Drive DeviceHarddisk0DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
16:21:46.0858 3184 ============================================================
16:21:46.0858 3184 DeviceHarddisk0DR0:
16:21:46.0859 3184 MBR partitions:
16:21:46.0859 3184 DeviceHarddisk0DR0Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
16:21:46.0859 3184 DeviceHarddisk0DR0Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x253FB800
16:21:46.0859 3184 ============================================================
16:21:46.0891 3184 C: <-> DeviceHarddisk0DR0Partition2
16:21:46.0891 3184 ============================================================
16:21:46.0892 3184 Initialize success
16:21:46.0892 3184 ============================================================
16:23:24.0402 0100 ============================================================
16:23:24.0402 0100 Scan started
16:23:24.0403 0100 Mode: Manual;
16:23:24.0403 0100 ============================================================
16:23:24.0601 0100 ================ Scan system memory ========================
16:23:24.0601 0100 System memory - ok
16:23:24.0604 0100 ================ Scan services =============================
16:23:24.0742 0100 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:Windowssystem32drivers1394ohci.sys
16:23:24.0746 0100 1394ohci - ok
16:23:24.0774 0100 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:Windowssystem32driversACPI.sys
16:23:24.0778 0100 ACPI - ok
16:23:24.0813 0100 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:Windowssystem32driversacpipmi.sys
16:23:24.0816 0100 AcpiPmi - ok
16:23:24.0885 0100 [ 11A52CF7B265631DEEB24C6149309EFF ] AdobeARMservice C:Program FilesCommon FilesAdobeARM1.0armsvc.exe
16:23:24.0889 0100 AdobeARMservice - ok
16:23:24.0979 0100 [ 476BB014F3F68C0C15EDDD5B444DA8FF ] AdobeFlashPlayerUpdateSvc C:Windowssystem32MacromedFlashFlashPlayerUpdateService.exe
16:23:24.0987 0100 AdobeFlashPlayerUpdateSvc - ok
16:23:25.0052 0100 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:Windowssystem32DRIVERSadp94xx.sys
16:23:25.0060 0100 adp94xx - ok
16:23:25.0082 0100 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:Windowssystem32DRIVERSadpahci.sys
16:23:25.0108 0100 adpahci - ok
16:23:25.0127 0100 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:Windowssystem32DRIVERSadpu320.sys
16:23:25.0132 0100 adpu320 - ok
16:23:25.0181 0100 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:WindowsSystem32aelupsvc.dll
16:23:25.0184 0100 AeLookupSvc - ok
16:23:25.0242 0100 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:Windowssystem32driversafd.sys
16:23:25.0247 0100 AFD - ok
16:23:25.0294 0100 [ 48091A2374A69F473273C44951195452 ] AgereModemAudio C:Program FilesLSI SoftModemagrsmsvc.exe
16:23:25.0297 0100 AgereModemAudio - ok
16:23:25.0333 0100 [ C6FA08A8CCA9001F3197525B07331715 ] AGERESoftModem C:Windowssystem32DRIVERSAGRSM.sys
16:23:25.0358 0100 AGERESoftModem - ok
16:23:25.0386 0100 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:Windowssystem32driversagp440.sys
16:23:25.0388 0100 agp440 - ok
16:23:25.0442 0100 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:Windowssystem32DRIVERSdjsvs.sys
16:23:25.0445 0100 aic78xx - ok
16:23:25.0495 0100 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:WindowsSystem32alg.exe
16:23:25.0499 0100 ALG - ok
16:23:25.0534 0100 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:Windowssystem32driversaliide.sys
16:23:25.0535 0100 aliide - ok
16:23:25.0558 0100 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:Windowssystem32driversamdagp.sys
16:23:25.0560 0100 amdagp - ok
16:23:25.0586 0100 [ CD5914170297126B6266860198D1D4F0 ] amdide C:Windowssystem32driversamdide.sys
16:23:25.0588 0100 amdide - ok
16:23:25.0631 0100 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:Windowssystem32DRIVERSamdk8.sys
16:23:25.0633 0100 AmdK8 - ok
16:23:25.0657 0100 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:Windowssystem32DRIVERSamdppm.sys
16:23:25.0659 0100 AmdPPM - ok
16:23:25.0703 0100 [ E7F4D42D8076EC60E21715CD11743A0D ] amdsata C:Windowssystem32driversamdsata.sys
16:23:25.0705 0100 amdsata - ok
16:23:25.0741 0100 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:Windowssystem32DRIVERSamdsbs.sys
16:23:25.0745 0100 amdsbs - ok
16:23:25.0766 0100 [ 146459D2B08BFDCBFA856D9947043C81 ] amdxata C:Windowssystem32driversamdxata.sys
16:23:25.0767 0100 amdxata - ok
16:23:25.0827 0100 [ 3C417A392EC51E601AC55B5E196549E7 ] ANIWConnService C:Windowssystem32ANIWConnService.exe
16:23:37.0012 0100 ANIWConnService - ok
16:23:37.0084 0100 [ 48E008CF2EDCF8FC91A9D3507865A51D ] anodlwf C:Windowssystem32DRIVERSanodlwf.sys
16:23:37.0088 0100 anodlwf - ok
16:23:37.0156 0100 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:Windowssystem32driversappid.sys
16:23:37.0158 0100 AppID - ok
16:23:37.0192 0100 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:WindowsSystem32appidsvc.dll
16:23:37.0194 0100 AppIDSvc - ok
16:23:37.0252 0100 [ EACFDF31921F51C097629F1F3C9129B4 ] Appinfo C:WindowsSystem32appinfo.dll
16:23:37.0254 0100 Appinfo - ok
16:23:37.0309 0100 [ 20F6F19FE9E753F2780DC2FA083AD597 ] Apple Mobile Device C:Program FilesCommon FilesAppleMobile Device SupportAppleMobileDeviceService.exe
16:23:37.0315 0100 Apple Mobile Device - ok
16:23:37.0356 0100 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:Windowssystem32DRIVERSarc.sys
16:23:37.0359 0100 arc - ok
16:23:37.0375 0100 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:Windowssystem32DRIVERSarcsas.sys
16:23:37.0377 0100 arcsas - ok
16:23:37.0409 0100 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:Windowssystem32DRIVERSasyncmac.sys
16:23:37.0411 0100 AsyncMac - ok
16:23:37.0444 0100 [ 338C86357871C167A96AB976519BF59E ] atapi C:Windowssystem32driversatapi.sys
16:23:37.0445 0100 atapi - ok
16:23:37.0499 0100 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:WindowsSystem32Audiosrv.dll
16:23:37.0506 0100 AudioEndpointBuilder - ok
16:23:37.0522 0100 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:WindowsSystem32Audiosrv.dll
16:23:37.0525 0100 Audiosrv - ok
16:23:37.0582 0100 [ 35C86DEE8492D04AD9918329C4ECAF8A ] AX88772 C:Windowssystem32DRIVERSax88772.sys
16:23:37.0583 0100 AX88772 - ok
16:23:37.0644 0100 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:WindowsSystem32AxInstSV.dll
16:23:37.0647 0100 AxInstSV - ok
16:23:37.0695 0100 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:Windowssystem32DRIVERSbxvbdx.sys
16:23:37.0703 0100 b06bdrv - ok
16:23:37.0750 0100 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:Windowssystem32DRIVERSb57nd60x.sys
16:23:37.0754 0100 b57nd60x - ok
16:23:37.0803 0100 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:WindowsSystem32bdesvc.dll
16:23:37.0805 0100 BDESVC - ok
16:23:37.0841 0100 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:Windowssystem32driversBeep.sys
16:23:37.0843 0100 Beep - ok
16:23:37.0898 0100 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:WindowsSystem32bfe.dll
16:23:37.0917 0100 BFE - ok
16:23:37.0947 0100 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:WindowsSystem32qmgr.dll
16:23:37.0964 0100 BITS - ok
16:23:37.0997 0100 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:Windowssystem32DRIVERSblbdrive.sys
16:23:37.0999 0100 blbdrive - ok
16:23:38.0050 0100 [ 1C87705CCB2F60172B0FC86B5D82F00D ] Bonjour Service C:Program FilesBonjourmDNSResponder.exe
16:23:38.0055 0100 Bonjour Service - ok
16:23:38.0087 0100 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:Windowssystem32DRIVERSbowser.sys
16:23:38.0089 0100 bowser - ok
16:23:38.0121 0100 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:Windowssystem32DRIVERSBrFiltLo.sys
16:23:38.0122 0100 BrFiltLo - ok
16:23:38.0147 0100 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:Windowssystem32DRIVERSBrFiltUp.sys
16:23:38.0150 0100 BrFiltUp - ok
16:23:38.0185 0100 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:WindowsSystem32browser.dll
16:23:38.0188 0100 Browser - ok
16:23:38.0219 0100 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:WindowsSystem32DriversBrserid.sys
16:23:38.0225 0100 Brserid - ok
16:23:38.0257 0100 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:WindowsSystem32DriversBrSerWdm.sys
16:23:38.0265 0100 BrSerWdm - ok
16:23:38.0294 0100 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:WindowsSystem32DriversBrUsbMdm.sys
16:23:38.0297 0100 BrUsbMdm - ok
16:23:38.0315 0100 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:WindowsSystem32DriversBrUsbSer.sys
16:23:38.0316 0100 BrUsbSer - ok
16:23:38.0333 0100 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:Windowssystem32DRIVERSbthmodem.sys
16:23:38.0335 0100 BTHMODEM - ok
16:23:38.0373 0100 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:Windowssystem32bthserv.dll
16:23:38.0375 0100 bthserv - ok
16:23:38.0405 0100 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:Windowssystem32DRIVERScdfs.sys
16:23:38.0407 0100 cdfs - ok
16:23:38.0450 0100 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:Windowssystem32driverscdrom.sys
16:23:38.0452 0100 cdrom - ok
16:23:38.0486 0100 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:WindowsSystem32certprop.dll
16:23:38.0489 0100 CertPropSvc - ok
16:23:38.0522 0100 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:Windowssystem32DRIVERScirclass.sys
16:23:38.0524 0100 circlass - ok
16:23:38.0566 0100 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:Windowssystem32CLFS.sys
16:23:38.0570 0100 CLFS - ok
16:23:38.0656 0100 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:WindowsMicrosoft.NETFrameworkv2.0.50727mscorsvw.exe
16:23:38.0661 0100 clr_optimization_v2.0.50727_32 - ok
16:23:38.0707 0100 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:Windowssystem32DRIVERSCmBatt.sys
16:23:38.0708 0100 CmBatt - ok
16:23:38.0736 0100 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:Windowssystem32driverscmdide.sys
16:23:38.0738 0100 cmdide - ok
16:23:38.0783 0100 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:Windowssystem32Driverscng.sys
16:23:38.0799 0100 CNG - ok
16:23:38.0825 0100 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:Windowssystem32DRIVERScompbatt.sys
16:23:38.0827 0100 Compbatt - ok
16:23:38.0866 0100 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:Windowssystem32driversCompositeBus.sys
16:23:38.0867 0100 CompositeBus - ok
16:23:38.0891 0100 COMSysApp - ok
16:23:38.0917 0100 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:Windowssystem32DRIVERScrcdisk.sys
16:23:38.0918 0100 crcdisk - ok
16:23:38.0969 0100 [ 3897DFF247D9ED0006190349DE264E14 ] CryptSvc C:Windowssystem32cryptsvc.dll
16:23:39.0011 0100 CryptSvc - ok
16:23:39.0050 0100 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:Windowssystem32rpcss.dll
16:23:39.0057 0100 DcomLaunch - ok
16:23:39.0090 0100 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:WindowsSystem32defragsvc.dll
16:23:39.0094 0100 defragsvc - ok
16:23:39.0137 0100 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:Windowssystem32Driversdfsc.sys
16:23:39.0139 0100 DfsC - ok
16:23:39.0183 0100 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:Windowssystem32dhcpcore.dll
16:23:39.0188 0100 Dhcp - ok
16:23:39.0210 0100 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:Windowssystem32driversdiscache.sys
16:23:39.0211 0100 discache - ok
16:23:39.0253 0100 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:Windowssystem32DRIVERSdisk.sys
16:23:39.0254 0100 Disk - ok
16:23:39.0288 0100 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:WindowsSystem32dnsrslvr.dll
16:23:39.0292 0100 Dnscache - ok
16:23:39.0333 0100 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:WindowsSystem32dot3svc.dll
16:23:39.0350 0100 dot3svc - ok
16:23:39.0382 0100 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:Windowssystem32dps.dll
16:23:39.0386 0100 DPS - ok
16:23:39.0423 0100 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:Windowssystem32driversdrmkaud.sys
16:23:39.0424 0100 drmkaud - ok
16:23:39.0470 0100 [ 16498EBC04AE9DD07049A8884B205C05 ] DXGKrnl C:WindowsSystem32driversdxgkrnl.sys
16:23:39.0490 0100 DXGKrnl - ok
16:23:39.0523 0100 EagleXNt - ok
16:23:39.0559 0100 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:WindowsSystem32eapsvc.dll
16:23:39.0561 0100 EapHost - ok
16:23:39.0702 0100 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:Windowssystem32DRIVERSevbdx.sys
16:23:39.0754 0100 ebdrv - ok
16:23:39.0792 0100 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:WindowsSystem32lsass.exe
16:23:39.0794 0100 EFS - ok
16:23:39.0852 0100 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:WindowsehomeehRecvr.exe
16:23:39.0870 0100 ehRecvr - ok
16:23:39.0897 0100 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:Windowsehomeehsched.exe
16:23:39.0900 0100 ehSched - ok
16:23:39.0944 0100 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:Windowssystem32DRIVERSelxstor.sys
16:23:39.0962 0100 elxstor - ok
16:23:39.0983 0100 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:Windowssystem32driverserrdev.sys
16:23:39.0984 0100 ErrDev - ok
16:23:40.0049 0100 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:Windowssystem32es.dll
16:23:40.0054 0100 EventSystem - ok
16:23:40.0082 0100 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:Windowssystem32driversexfat.sys
16:23:40.0085 0100 exfat - ok
16:23:40.0111 0100 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:Windowssystem32driversfastfat.sys
16:23:40.0115 0100 fastfat - ok
16:23:40.0166 0100 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:Windowssystem32fxssvc.exe
16:23:40.0184 0100 Fax - ok
16:23:40.0216 0100 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:Windowssystem32DRIVERSfdc.sys
16:23:40.0217 0100 fdc - ok
16:23:40.0257 0100 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:Windowssystem32fdPHost.dll
16:23:40.0291 0100 fdPHost - ok
16:23:40.0309 0100 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:Windowssystem32fdrespub.dll
16:23:40.0311 0100 FDResPub - ok
16:23:40.0334 0100 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:Windowssystem32driversfileinfo.sys
16:23:40.0336 0100 FileInfo - ok
16:23:40.0354 0100 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:Windowssystem32driversfiletrace.sys
16:23:40.0356 0100 Filetrace - ok
16:23:40.0380 0100 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:Windowssystem32DRIVERSflpydisk.sys
16:23:40.0383 0100 flpydisk - ok
16:23:40.0417 0100 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:Windowssystem32driversfltmgr.sys
16:23:40.0429 0100 FltMgr - ok
16:23:40.0506 0100 [ E12C4928B32ACE04610259647F072635 ] FontCache C:Windowssystem32FntCache.dll
16:23:40.0543 0100 FontCache - ok
16:23:40.0604 0100 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:WindowsMicrosoft.NetFrameworkv3.0WPFPresentationFontCache.exe
16:23:40.0607 0100 FontCache3.0.0.0 - ok
16:23:40.0677 0100 [ B53D64A7BA4BC661B0BAF6453F6FC743 ] ForceWare Intelligent Application Manager (IAM) C:Program FilesNVIDIA CorporationNetworkAccessManagerbin32nSvcAppFlt.exe
16:23:40.0691 0100 ForceWare Intelligent Application Manager (IAM) - ok
16:23:40.0727 0100 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:Windowssystem32driversFsDepends.sys
16:23:40.0731 0100 FsDepends - ok
16:23:40.0759 0100 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:Windowssystem32driversFs_Rec.sys
16:23:40.0760 0100 Fs_Rec - ok
16:23:40.0805 0100 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:Windowssystem32DRIVERSfvevol.sys
16:23:40.0808 0100 fvevol - ok
16:23:40.0836 0100 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:Windowssystem32DRIVERSgagp30kx.sys
16:23:40.0838 0100 gagp30kx - ok
16:23:40.0870 0100 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:Windowssystem32DRIVERSGEARAspiWDM.sys
16:23:40.0872 0100 GEARAspiWDM - ok
16:23:40.0914 0100 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:WindowsSystem32gpsvc.dll
16:23:40.0932 0100 gpsvc - ok
16:23:40.0989 0100 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:Program FilesGoogleUpdateGoogleUpdate.exe
16:23:40.0993 0100 gupdate - ok
16:23:41.0005 0100 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:Program FilesGoogleUpdateGoogleUpdate.exe
16:23:41.0006 0100 gupdatem - ok
16:23:41.0049 0100 [ 833051C6C6C42117191935F734CFBD97 ] hamachi C:Windowssystem32DRIVERShamachi.sys
16:23:41.0051 0100 hamachi - ok
16:23:41.0080 0100 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:Windowssystem32drivershcw85cir.sys
16:23:41.0082 0100 hcw85cir - ok
16:23:41.0125 0100 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:Windowssystem32driversHdAudio.sys
16:23:41.0132 0100 HdAudAddService - ok
16:23:41.0167 0100 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:Windowssystem32driversHDAudBus.sys
16:23:41.0172 0100 HDAudBus - ok
16:23:41.0215 0100 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:Windowssystem32DRIVERSHidBatt.sys
16:23:41.0217 0100 HidBatt - ok
16:23:41.0241 0100 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:Windowssystem32DRIVERShidbth.sys
16:23:41.0243 0100 HidBth - ok
16:23:41.0268 0100 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:Windowssystem32DRIVERShidir.sys
16:23:41.0270 0100 HidIr - ok
16:23:41.0318 0100 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:Windowssystem32hidserv.dll
16:23:41.0321 0100 hidserv - ok
16:23:41.0371 0100 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:Windowssystem32DRIVERShidusb.sys
16:23:41.0373 0100 HidUsb - ok
16:23:41.0404 0100 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:Windowssystem32kmsvc.dll
16:23:41.0407 0100 hkmsvc - ok
16:23:41.0433 0100 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:Windowssystem32ListSvc.dll
16:23:41.0438 0100 HomeGroupListener - ok
16:23:41.0471 0100 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:Windowssystem32provsvc.dll
16:23:41.0476 0100 HomeGroupProvider - ok
16:23:41.0508 0100 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:Windowssystem32driversHpSAMD.sys
16:23:41.0510 0100 HpSAMD - ok
16:23:41.0550 0100 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:Windowssystem32driversHTTP.sys
16:23:41.0566 0100 HTTP - ok
16:23:41.0597 0100 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:Windowssystem32drivershwpolicy.sys
16:23:41.0599 0100 hwpolicy - ok
16:23:41.0636 0100 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:Windowssystem32driversi8042prt.sys
16:23:41.0638 0100 i8042prt - ok
16:23:41.0666 0100 [ A3CAE5D281DB4CFF7CFF8233507EE5AD ] iaStorV C:Windowssystem32driversiaStorV.sys
16:23:41.0672 0100 iaStorV - ok
16:23:41.0723 0100 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:WindowsMicrosoft.NETFrameworkv3.0Windows Communication Foundationinfocard.exe
16:23:41.0741 0100 idsvc - ok
16:23:41.0773 0100 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:Windowssystem32DRIVERSiirsp.sys
16:23:41.0774 0100 iirsp - ok
16:23:41.0820 0100 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:WindowsSystem32ikeext.dll
16:23:41.0838 0100 IKEEXT - ok
16:23:41.0860 0100 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:Windowssystem32driversintelide.sys
16:23:41.0861 0100 intelide - ok
16:23:41.0891 0100 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:Windowssystem32DRIVERSintelppm.sys
16:23:41.0892 0100 intelppm - ok
16:23:41.0928 0100 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:Windowssystem32ipbusenum.dll
16:23:41.0933 0100 IPBusEnum - ok
16:23:41.0953 0100 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:Windowssystem32DRIVERSipfltdrv.sys
16:23:41.0955 0100 IpFilterDriver - ok
16:23:42.0009 0100 [ 4D65A07B795D6674312F879D09AA7663 ] iphlpsvc C:WindowsSystem32iphlpsvc.dll
16:23:42.0018 0100 iphlpsvc - ok
16:23:42.0056 0100 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:Windowssystem32driversIPMIDrv.sys
16:23:42.0058 0100 IPMIDRV - ok
16:23:42.0085 0100 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:Windowssystem32driversipnat.sys
16:23:42.0087 0100 IPNAT - ok
16:23:42.0110 0100 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:Windowssystem32driversirenum.sys
16:23:42.0111 0100 IRENUM - ok
16:23:42.0135 0100 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:Windowssystem32driversisapnp.sys
16:23:42.0137 0100 isapnp - ok
16:23:42.0161 0100 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:Windowssystem32driversmsiscsi.sys
16:23:42.0166 0100 iScsiPrt - ok
16:23:42.0200 0100 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:Windowssystem32driverskbdclass.sys
16:23:42.0202 0100 kbdclass - ok
16:23:42.0235 0100 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:Windowssystem32driverskbdhid.sys
16:23:42.0294 0100 kbdhid - ok
16:23:42.0333 0100 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:Windowssystem32lsass.exe
16:23:42.0337 0100 KeyIso - ok
16:23:42.0376 0100 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:Windowssystem32Driversksecdd.sys
16:23:42.0378 0100 KSecDD - ok
16:23:42.0402 0100 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:Windowssystem32Driversksecpkg.sys
16:23:42.0405 0100 KSecPkg - ok
16:23:42.0443 0100 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:Windowssystem32msdtckrm.dll
16:23:42.0450 0100 KtmRm - ok
16:23:42.0485 0100 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:Windowssystem32srvsvc.dll
16:23:42.0491 0100 LanmanServer - ok
16:23:42.0525 0100 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:WindowsSystem32wkssvc.dll
16:23:42.0531 0100 LanmanWorkstation - ok
16:23:42.0576 0100 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:Windowssystem32DRIVERSlltdio.sys
16:23:42.0578 0100 lltdio - ok
16:23:42.0611 0100 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:WindowsSystem32lltdsvc.dll
16:23:42.0618 0100 lltdsvc - ok
16:23:42.0647 0100 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:WindowsSystem32lmhsvc.dll
16:23:42.0650 0100 lmhosts - ok
16:23:42.0681 0100 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:Windowssystem32DRIVERSlsi_fc.sys
16:23:42.0684 0100 LSI_FC - ok
16:23:42.0697 0100 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:Windowssystem32DRIVERSlsi_sas.sys
16:23:42.0700 0100 LSI_SAS - ok
16:23:42.0724 0100 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:Windowssystem32DRIVERSlsi_sas2.sys
16:23:42.0726 0100 LSI_SAS2 - ok
16:23:42.0751 0100 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:Windowssystem32DRIVERSlsi_scsi.sys
16:23:42.0754 0100 LSI_SCSI - ok
16:23:42.0782 0100 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:Windowssystem32driversluafv.sys
16:23:42.0785 0100 luafv - ok
16:23:42.0834 0100 [ E6CB119EF2E148EAA1A247343550756E ] McciCMService C:Program FilesCommon FilesMotiveMcciCMService.exe
16:23:42.0840 0100 McciCMService - ok
16:23:42.0864 0100 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:Windowssystem32Mcx2Svc.dll
16:23:42.0868 0100 Mcx2Svc - ok
16:23:42.0885 0100 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:Windowssystem32DRIVERSmegasas.sys
16:23:42.0887 0100 megasas - ok
16:23:42.0916 0100 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:Windowssystem32DRIVERSMegaSR.sys
16:23:42.0920 0100 MegaSR - ok
16:23:42.0949 0100 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:Windowssystem32mmcss.dll
16:23:42.0951 0100 MMCSS - ok
16:23:42.0970 0100 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:Windowssystem32driversmodem.sys
16:23:42.0971 0100 Modem - ok
16:23:42.0998 0100 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:Windowssystem32DRIVERSmonitor.sys
16:23:43.0000 0100 monitor - ok
16:23:43.0036 0100 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:Windowssystem32driversmouclass.sys
16:23:43.0038 0100 mouclass - ok
16:23:43.0064 0100 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:Windowssystem32DRIVERSmouhid.sys
16:23:43.0066 0100 mouhid - ok
16:23:43.0097 0100 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:Windowssystem32driversmountmgr.sys
16:23:43.0099 0100 mountmgr - ok
16:23:43.0165 0100 [ 528A5C2570F468155A1B3CF0A2FF5EBD ] MozillaMaintenance C:Program FilesMozilla Maintenance Servicemaintenanceservice.exe
16:23:43.0168 0100 MozillaMaintenance - ok
16:23:43.0225 0100 [ CF105EE42E3F71E648CEBB3F666E1CF0 ] MpFilter C:Windowssystem32DRIVERSMpFilter.sys
16:23:43.0230 0100 MpFilter - ok
16:23:43.0265 0100 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:Windowssystem32driversmpio.sys
16:23:43.0268 0100 mpio - ok
16:23:43.0381 0100 [ A69630D039C38018689190234F866D77 ] MpKsl93d78d3e c:ProgramDataMicrosoftMicrosoft AntimalwareDefinition Updates{3557D91F-FD7F-4102-9F93-319619FA9D41}MpKsl93d78d3e.sys
16:23:43.0383 0100 MpKsl93d78d3e - ok
16:23:43.0435 0100 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:Windowssystem32driversmpsdrv.sys
16:23:43.0438 0100 mpsdrv - ok
16:23:43.0491 0100 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:Windowssystem32mpssvc.dll
16:23:43.0513 0100 MpsSvc - ok
16:23:43.0560 0100 [ 9BD4DCB5412921864A7AACDEDFBD1923 ] MREMP50 C:PROGRA~1COMMON~1MotiveMREMP50.SYS
16:23:43.0564 0100 MREMP50 - ok
16:23:43.0574 0100 MREMPR5 - ok
16:23:43.0585 0100 MRENDIS5 - ok
16:23:43.0618 0100 [ 07C02C892E8E1A72D6BF35004F0E9C5E ] MRESP50 C:PROGRA~1COMMON~1MotiveMRESP50.SYS
16:23:43.0621 0100 MRESP50 - ok
16:23:43.0655 0100 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:Windowssystem32driversmrxdav.sys
16:23:43.0659 0100 MRxDAV - ok
16:23:43.0693 0100 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:Windowssystem32DRIVERSmrxsmb.sys
16:23:43.0697 0100 mrxsmb - ok
16:23:43.0721 0100 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:Windowssystem32DRIVERSmrxsmb10.sys
16:23:43.0732 0100 mrxsmb10 - ok
16:23:43.0748 0100 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:Windowssystem32DRIVERSmrxsmb20.sys
16:23:43.0751 0100 mrxsmb20 - ok
16:23:43.0773 0100 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:Windowssystem32driversmsahci.sys
16:23:43.0775 0100 msahci - ok
16:23:43.0800 0100 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:Windowssystem32driversmsdsm.sys
16:23:43.0804 0100 msdsm - ok
16:23:43.0832 0100 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:WindowsSystem32msdtc.exe
16:23:43.0863 0100 MSDTC - ok
16:23:43.0891 0100 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:Windowssystem32driversMsfs.sys
16:23:43.0893 0100 Msfs - ok
16:23:43.0917 0100 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:WindowsSystem32driversmshidkmdf.sys
16:23:43.0918 0100 mshidkmdf - ok
16:23:43.0945 0100 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:Windowssystem32driversmsisadrv.sys
16:23:43.0947 0100 msisadrv - ok
16:23:43.0980 0100 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:Windowssystem32iscsiexe.dll
16:23:43.0985 0100 MSiSCSI - ok
16:23:43.0997 0100 msiserver - ok
16:23:44.0032 0100 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:Windowssystem32driversMSKSSRV.sys
16:23:44.0041 0100 MSKSSRV - ok
16:23:44.0129 0100 [ C1F19D2BACBEE9AB64D9AE69E9859AC0 ] MsMpSvc c:Program FilesMicrosoft Security ClientMsMpEng.exe
16:23:44.0131 0100 MsMpSvc - ok
16:23:44.0193 0100 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:Windowssystem32driversMSPCLOCK.sys
16:23:44.0201 0100 MSPCLOCK - ok
16:23:44.0242 0100 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:Windowssystem32driversMSPQM.sys
16:23:44.0284 0100 MSPQM - ok
16:23:44.0314 0100 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:Windowssystem32driversMsRPC.sys
16:23:44.0318 0100 MsRPC - ok
16:23:44.0363 0100 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:Windowssystem32driversmssmbios.sys
16:23:44.0365 0100 mssmbios - ok
16:23:44.0381 0100 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:Windowssystem32driversMSTEE.sys
16:23:44.0383 0100 MSTEE - ok
16:23:44.0406 0100 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:Windowssystem32DRIVERSMTConfig.sys
16:23:44.0407 0100 MTConfig - ok
16:23:44.0428 0100 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:Windowssystem32Driversmup.sys
16:23:44.0433 0100 Mup - ok
16:23:44.0460 0100 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:Windowssystem32qagentRT.dll
16:23:44.0469 0100 napagent - ok
16:23:44.0516 0100 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:Windowssystem32DRIVERSnwifi.sys
16:23:44.0521 0100 NativeWifiP - ok
16:23:44.0554 0100 [ E7C54812A2AAF43316EB6930C1FFA108 ] NDIS C:Windowssystem32driversndis.sys
16:23:44.0570 0100 NDIS - ok
16:23:44.0597 0100 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:Windowssystem32DRIVERSndiscap.sys
16:23:44.0600 0100 NdisCap - ok
16:23:44.0633 0100 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:Windowssystem32DRIVERSndistapi.sys
16:23:44.0634 0100 NdisTapi - ok
16:23:44.0683 0100 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:Windowssystem32DRIVERSndisuio.sys
16:23:44.0685 0100 Ndisuio - ok
16:23:44.0710 0100 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:Windowssystem32DRIVERSndiswan.sys
16:23:44.0714 0100 NdisWan - ok
16:23:44.0736 0100 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:Windowssystem32driversNDProxy.sys
16:23:44.0748 0100 NDProxy - ok
16:23:44.0778 0100 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:Windowssystem32DRIVERSnetbios.sys
16:23:44.0781 0100 NetBIOS - ok
16:23:44.0819 0100 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:Windowssystem32DRIVERSnetbt.sys
16:23:44.0822 0100 NetBT - ok
16:23:44.0847 0100 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:Windowssystem32lsass.exe
16:23:44.0849 0100 Netlogon - ok
16:23:44.0900 0100 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:WindowsSystem32netman.dll
16:23:44.0906 0100 Netman - ok
16:23:44.0926 0100 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:WindowsSystem32netprofm.dll
16:23:44.0934 0100 netprofm - ok
16:23:44.0991 0100 [ A503A03EBD988483ACD723166470BCA2 ] netr28u C:Windowssystem32DRIVERSDnetr28u.sys
16:23:45.0009 0100 netr28u - ok
16:23:45.0037 0100 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:WindowsMicrosoft.NETFrameworkv3.0Windows Communication FoundationSMSvcHost.exe
16:23:45.0040 0100 NetTcpPortSharing - ok
16:23:45.0086 0100 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:Windowssystem32DRIVERSnfrd960.sys
16:23:45.0087 0100 nfrd960 - ok
16:23:45.0140 0100 [ 832E098BCA8235436FE2D8AE50AC3718 ] NisDrv C:Windowssystem32DRIVERSNisDrvWFP.sys
16:23:45.0142 0100 NisDrv - ok
16:23:45.0168 0100 [ E570ECA850F30EB740C2E9699DF3D2BD ] NisSrv c:Program FilesMicrosoft Security ClientNisSrv.exe
16:23:45.0183 0100 NisSrv - ok
16:23:45.0215 0100 [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc C:WindowsSystem32nlasvc.dll
16:23:45.0221 0100 NlaSvc - ok
16:23:45.0284 0100 [ 193FA51DDDD0BFFDED1C340F0434999A ] NMIndexingService C:Program FilesCommon FilesAheadLibNMIndexingService.exe
16:23:45.0294 0100 NMIndexingService - ok
16:23:45.0339 0100 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:Windowssystem32driversNpfs.sys
16:23:45.0342 0100 Npfs - ok
16:23:45.0394 0100 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:Windowssystem32nsisvc.dll
16:23:45.0398 0100 nsi - ok
16:23:45.0424 0100 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:Windowssystem32driversnsiproxy.sys
16:23:45.0426 0100 nsiproxy - ok
16:23:45.0477 0100 [ 168437A522D178DF6A372F09782B084F ] nSvcIp C:Program FilesNVIDIA CorporationNetworkAccessManagerbin32nSvcIp.exe
16:23:45.0482 0100 nSvcIp - ok
16:23:45.0537 0100 [ 5E43D2B0EE64123D4880DFA6626DEFDE ] Ntfs C:Windowssystem32driversNtfs.sys
16:23:45.0561 0100 Ntfs - ok
16:23:45.0594 0100 [ F9756A98D69098DCA8945D62858A812C ] Null C:Windowssystem32driversNull.sys
16:23:45.0597 0100 Null - ok
16:23:45.0650 0100 [ B5E37E31C053BC9950455A257526514B ] NVENETFD C:Windowssystem32DRIVERSnvm62x32.sys
16:23:45.0656 0100 NVENETFD - ok
16:23:45.0823 0100 [ B69E6F70CE1151C8D62ABC9DEF64DFBE ] nvlddmkm C:Windowssystem32DRIVERSnvlddmkm.sys
16:23:46.0008 0100 nvlddmkm - ok
16:23:46.0043 0100 [ C9C82E1A08955FDBDF92AAC55BC3A4E4 ] NVNET C:Windowssystem32DRIVERSnvmf6232.sys
16:23:46.0049 0100 NVNET - ok
16:23:46.0100 0100 [ AF2EEC9580C1D32FB7EAF105D9784061 ] nvraid C:Windowssystem32driversnvraid.sys
16:23:46.0103 0100 nvraid - ok
16:23:46.0125 0100 [ F13618F0CB1E95232F4C2401592A59E9 ] nvsmu C:Windowssystem32DRIVERSnvsmu.sys
16:23:46.0126 0100 nvsmu - ok
16:23:46.0158 0100 [ 9283C58EBAA2618F93482EB5DABCEC82 ] nvstor C:Windowssystem32driversnvstor.sys
16:23:46.0161 0100 nvstor - ok
16:23:46.0191 0100 [ 032EF66DD96692AD3A9D36160F467F67 ] nvstor32 C:Windowssystem32DRIVERSnvstor32.sys
16:23:46.0193 0100 nvstor32 - ok
16:23:46.0237 0100 [ E4284FCF99FEA13A7E1836F87AE356F6 ] nvsvc C:Windowssystem32nvvsvc.exe
16:23:46.0261 0100 nvsvc - ok
16:23:46.0334 0100 [ 03E60E0BFA53ED15DC984FA34B44BB0F ] nvUpdatusService C:Program FilesNVIDIA CorporationNVIDIA Update Coredaemonu.exe
16:23:46.0360 0100 nvUpdatusService - ok
16:23:46.0385 0100 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:Windowssystem32driversnv_agp.sys
16:23:46.0387 0100 nv_agp - ok
16:23:46.0411 0100 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:Windowssystem32driversohci1394.sys
16:23:46.0416 0100 ohci1394 - ok
16:23:46.0458 0100 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE
16:23:46.0460 0100 ose - ok
16:23:46.0494 0100 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:Windowssystem32pnrpsvc.dll
16:23:46.0502 0100 p2pimsvc - ok
16:23:46.0534 0100 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:Windowssystem32p2psvc.dll
16:23:46.0542 0100 p2psvc - ok
16:23:46.0576 0100 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:Windowssystem32DRIVERSparport.sys
16:23:46.0578 0100 Parport - ok
16:23:46.0613 0100 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:Windowssystem32driverspartmgr.sys
16:23:46.0616 0100 partmgr - ok
16:23:46.0637 0100 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:Windowssystem32DRIVERSparvdm.sys
16:23:46.0639 0100 Parvdm - ok
16:23:46.0668 0100 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:WindowsSystem32pcasvc.dll
16:23:46.0672 0100 PcaSvc - ok
16:23:46.0712 0100 [ 673E55C3498EB970088E812EA820AA8F ] pci C:Windowssystem32driverspci.sys
16:23:46.0717 0100 pci - ok
16:23:46.0736 0100 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:Windowssystem32driverspciide.sys
16:23:46.0738 0100 pciide - ok
16:23:46.0767 0100 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:Windowssystem32DRIVERSpcmcia.sys
16:23:46.0809 0100 pcmcia - ok
16:23:46.0850 0100 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:Windowssystem32driverspcw.sys
16:23:46.0854 0100 pcw - ok
16:23:46.0909 0100 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:Windowssystem32driverspeauth.sys
16:23:46.0926 0100 PEAUTH - ok
16:23:47.0004 0100 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:Windowssystem32pla.dll
16:23:47.0034 0100 pla - ok
16:23:47.0076 0100 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:Windowssystem32umpnpmgr.dll
16:23:47.0092 0100 PlugPlay - ok
16:23:47.0123 0100 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:Windowssystem32pnrpauto.dll
16:23:47.0127 0100 PNRPAutoReg - ok
16:23:47.0152 0100 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:Windowssystem32pnrpsvc.dll
16:23:47.0156 0100 PNRPsvc - ok
16:23:47.0194 0100 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:WindowsSystem32ipsecsvc.dll
16:23:47.0204 0100 PolicyAgent - ok
16:23:47.0237 0100 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:Windowssystem32umpo.dll
16:23:47.0270 0100 Power - ok
16:23:47.0312 0100 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:Windowssystem32DRIVERSraspptp.sys
16:23:47.0315 0100 PptpMiniport - ok
16:23:47.0341 0100 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:Windowssystem32DRIVERSprocessr.sys
16:23:47.0343 0100 Processor - ok
16:23:47.0378 0100 [ 43CA4CCC22D52FB58E8988F0198851D0 ] ProfSvc C:Windowssystem32profsvc.dll
16:23:47.0386 0100 ProfSvc - ok
16:23:47.0404 0100 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:Windowssystem32lsass.exe
16:23:47.0406 0100 ProtectedStorage - ok
16:23:47.0435 0100 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:Windowssystem32DRIVERSpacer.sys
16:23:47.0437 0100 Psched - ok
16:23:47.0477 0100 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:Windowssystem32DRIVERSql2300.sys
16:23:47.0503 0100 ql2300 - ok
16:23:47.0538 0100 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:Windowssystem32DRIVERSql40xx.sys
16:23:47.0540 0100 ql40xx - ok
16:23:47.0572 0100 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:Windowssystem32qwave.dll
16:23:47.0578 0100 QWAVE - ok
16:23:47.0597 0100 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:Windowssystem32driversqwavedrv.sys
16:23:47.0600 0100 QWAVEdrv - ok
16:23:47.0618 0100 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:Windowssystem32DRIVERSrasacd.sys
16:23:47.0619 0100 RasAcd - ok
16:23:47.0668 0100 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:Windowssystem32DRIVERSAgileVpn.sys
16:23:47.0670 0100 RasAgileVpn - ok
16:23:47.0690 0100 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:WindowsSystem32rasauto.dll
16:23:47.0694 0100 RasAuto - ok
16:23:47.0719 0100 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:Windowssystem32DRIVERSrasl2tp.sys
16:23:47.0721 0100 Rasl2tp - ok
16:23:47.0759 0100 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:WindowsSystem32rasmans.dll
16:23:47.0766 0100 RasMan - ok
16:23:47.0784 0100 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:Windowssystem32DRIVERSraspppoe.sys
16:23:47.0786 0100 RasPppoe - ok
16:23:47.0810 0100 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:Windowssystem32DRIVERSrassstp.sys
16:23:47.0812 0100 RasSstp - ok
16:23:47.0839 0100 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:Windowssystem32DRIVERSrdbss.sys
16:23:47.0843 0100 rdbss - ok
16:23:47.0875 0100 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:Windowssystem32DRIVERSrdpbus.sys
16:23:47.0877 0100 rdpbus - ok
16:23:47.0918 0100 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:Windowssystem32DRIVERSRDPCDD.sys
16:23:47.0920 0100 RDPCDD - ok
16:23:47.0958 0100 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:Windowssystem32driversrdpencdd.sys
16:23:47.0959 0100 RDPENCDD - ok
16:23:47.0977 0100 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:Windowssystem32driversrdprefmp.sys
16:23:47.0978 0100 RDPREFMP - ok
16:23:48.0010 0100 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:Windowssystem32driversRDPWD.sys
16:23:48.0015 0100 RDPWD - ok
16:23:48.0054 0100 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:Windowssystem32driversrdyboost.sys
16:23:48.0057 0100 rdyboost - ok
16:23:48.0093 0100 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:WindowsSystem32mprdim.dll
16:23:48.0098 0100 RemoteAccess - ok
16:23:48.0130 0100 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:Windowssystem32regsvc.dll
16:23:48.0135 0100 RemoteRegistry - ok
16:23:48.0166 0100 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:WindowsSystem32RpcEpMap.dll
16:23:48.0169 0100 RpcEptMapper - ok
16:23:48.0194 0100 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:Windowssystem32locator.exe
16:23:48.0199 0100 RpcLocator - ok
16:23:48.0220 0100 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:Windowssystem32rpcss.dll
16:23:48.0225 0100 RpcSs - ok
16:23:48.0267 0100 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:Windowssystem32DRIVERSrspndr.sys
16:23:48.0269 0100 rspndr - ok
16:23:48.0287 0100 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:Windowssystem32lsass.exe
16:23:48.0288 0100 SamSs - ok
16:23:48.0328 0100 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:Windowssystem32driverssbp2port.sys
16:23:48.0331 0100 sbp2port - ok
16:23:48.0364 0100 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:WindowsSystem32SCardSvr.dll
16:23:48.0369 0100 SCardSvr - ok
16:23:48.0392 0100 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:Windowssystem32DRIVERSscfilter.sys
16:23:48.0394 0100 scfilter - ok
16:23:48.0435 0100 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:Windowssystem32schedsvc.dll
16:23:48.0453 0100 Schedule - ok
16:23:48.0472 0100 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:WindowsSystem32certprop.dll
16:23:48.0473 0100 SCPolicySvc - ok
16:23:48.0510 0100 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:WindowsSystem32SDRSVC.dll
16:23:48.0515 0100 SDRSVC - ok
16:23:48.0548 0100 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:Windowssystem32driverssecdrv.sys
16:23:48.0550 0100 secdrv - ok
16:23:48.0580 0100 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:Windowssystem32seclogon.dll
16:23:48.0584 0100 seclogon - ok
16:23:48.0613 0100 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:WindowsSystem32sens.dll
16:23:48.0618 0100 SENS - ok
16:23:48.0654 0100 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:Windowssystem32sensrsvc.dll
16:23:48.0658 0100 SensrSvc - ok
16:23:48.0677 0100 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:Windowssystem32DRIVERSserenum.sys
16:23:48.0678 0100 Serenum - ok
16:23:48.0715 0100 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:Windowssystem32DRIVERSserial.sys
16:23:48.0717 0100 Serial - ok
16:23:48.0740 0100 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:Windowssystem32DRIVERSsermouse.sys
16:23:48.0742 0100 sermouse - ok
16:23:48.0794 0100 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:Windowssystem32sessenv.dll
16:23:48.0800 0100 SessionEnv - ok
16:23:48.0831 0100 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:Windowssystem32driverssffdisk.sys
16:23:48.0833 0100 sffdisk - ok
16:23:48.0852 0100 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:Windowssystem32driverssffp_mmc.sys
16:23:48.0854 0100 sffp_mmc - ok
16:23:48.0876 0100 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:Windowssystem32driverssffp_sd.sys
16:23:48.0878 0100 sffp_sd - ok
16:23:48.0907 0100 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:Windowssystem32DRIVERSsfloppy.sys
16:23:48.0908 0100 sfloppy - ok
16:23:48.0937 0100 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:WindowsSystem32ipnathlp.dll
16:23:48.0943 0100 SharedAccess - ok
16:23:48.0975 0100 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:WindowsSystem32shsvcs.dll
16:23:48.0983 0100 ShellHWDetection - ok
16:23:49.0002 0100 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:Windowssystem32driverssisagp.sys
16:23:49.0004 0100 sisagp - ok
16:23:49.0040 0100 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:Windowssystem32DRIVERSSiSRaid2.sys
16:23:49.0042 0100 SiSRaid2 - ok
16:23:49.0072 0100 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:Windowssystem32DRIVERSsisraid4.sys
16:23:49.0074 0100 SiSRaid4 - ok
16:23:49.0105 0100 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:Windowssystem32DRIVERSsmb.sys
16:23:49.0107 0100 Smb - ok
16:23:49.0160 0100 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:WindowsSystem32snmptrap.exe
16:23:49.0165 0100 SNMPTRAP - ok
16:23:49.0181 0100 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:Windowssystem32driversspldr.sys
16:23:49.0183 0100 spldr - ok
16:23:49.0219 0100 [ 866A43013535DC8587C258E43579C764 ] Spooler C:WindowsSystem32spoolsv.exe
16:23:49.0250 0100 Spooler - ok
16:23:49.0331 0100 [ CF87A1DE791347E7

MBR.zip

Share this post


Link to post
Share on other sites

No worries.

 

Please read through these instructions to familiarize yourself with what to expect when this tool runs

 

Refer to the ComboFix User's Guide

 

 

Download ComboFix from one of these locations:

 

Link 1

Link 2

 

 

* IMPORTANT- Save ComboFix.exe to your Desktop

 

====================================================

 

 

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. Note: If you are having difficulty properly disabling your protective programs, or are unsure as to what programs need to be disabled, please refer to the information available through this link : How to Disable your Security Programs

 

 

====================================================

 

 

Double click on combofix.exe & follow the prompts.

 

 

When finished, it shall produce a log for you. Please include the C:ComboFix.txt in your next reply for further review.

Share this post


Link to post
Share on other sites

sorry i've been dealing with college things as of late. i'll be sure to post the log sometime today after i sort school stuff unless i ran past the deadline to comply with instructions. either way i understand.

Edited by bhk

Share this post


Link to post
Share on other sites

I'd like you to run DDS again for review after running the steps below.

 

-AdwCleaner-

 

Please download AdwCleaner by Xplode onto your desktop.

[*]Close all open programs and internet browsers.

[*]Double click on AdwCleaner.exe to run the tool.

[*]Click on Delete.

[*]Confirm each time with Ok.

[*]Your computer will be rebooted automatically. A text file will open after the restart.

[*]Please post the content of that logfile with your next answer.

[*]You can find the logfile at C:AdwCleaner[s1].txt as well.

===================================================

 

Please download Junkware Removal Tool to your desktop.

[*]Shutdown your antivirus to avoid any conflicts.

[*]Right-mouse click JRT.exe and select Run as administrator

[*]The tool will open and start scanning your system.

[*]Please be patient as this can take a while to complete.

[*]On completion, a log (JRT.txt) is saved to your desktop and will automatically open.

[*]Post the contents of JRT.txt into your next message

===================================================

 

On your next reply please post :

AdwCleaner log

JRT log

Fresh DDS log

 

 

Please STOP and let me know if you have any problems in performing with the steps above or any questions you may have.

 

Good Day!

Share this post


Link to post
Share on other sites
# AdwCleaner v2.306 - Logfile created 08/02/2013 at 16:17:00
# Updated 19/07/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (32 bits)
# User : user - USER-PC
# Boot Mode : Normal
# Running from : C:UsersuserDesktopadwcleaner.exe
# Option [Delete]
***** [services] *****
***** [Files / Folders] *****
File Deleted : C:END
File Deleted : C:Program FilesMozilla Firefoxsearchpluginsbabylon.xml
File Deleted : C:user.js
Folder Deleted : C:ProgramDataBabylon
Folder Deleted : C:ProgramDataPremium
Folder Deleted : C:ProgramDataTarma Installer
Folder Deleted : C:ProgramDataTrymedia
Folder Deleted : C:ProgramDataWeCareReminder
***** [Registry] *****
Key Deleted : HKCUSoftwareAppDataLowSoftwarePriceGong
Key Deleted : HKLMSoftwareBabylon
Key Deleted : HKLMSoftwarebflixtoolbar
Key Deleted : HKLMSoftwarebProtector
Key Deleted : HKLMSOFTWAREClassesAppID{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLMSOFTWAREClassesAppID{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Deleted : HKLMSOFTWAREClassesAppIDYontooIEClient.DLL
Key Deleted : HKLMSOFTWAREClassesCLSID{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLMSOFTWAREClassesCLSID{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Deleted : HKLMSOFTWAREClassesInterface{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLMSOFTWAREClassesInterface{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLMSOFTWAREClassesProd.cap
Key Deleted : HKLMSOFTWAREClassesTypeLib{D372567D-67C1-4B29-B3F0-159B52B3E967}
Key Deleted : HKLMSOFTWAREClassesYontooIEClient.Api
Key Deleted : HKLMSOFTWAREClassesYontooIEClient.Api.1
Key Deleted : HKLMSOFTWAREClassesYontooIEClient.Layers
Key Deleted : HKLMSOFTWAREClassesYontooIEClient.Layers.1
Key Deleted : HKLMSoftwareFreeze.com
Key Deleted : HKLMSOFTWAREGoogleChromeExtensionsdhdepfaagokllfmhfbcfmocaeigmoebo
Key Deleted : HKLMSOFTWAREMicrosoftTracingMyBabylontb_RASAPI32
Key Deleted : HKLMSOFTWAREMicrosoftTracingMyBabylontb_RASMANCS
Key Deleted : HKLMSOFTWAREMicrosoftTracingSavings Sidekick_RASAPI32
Key Deleted : HKLMSOFTWAREMicrosoftTracingSavings Sidekick_RASMANCS
Key Deleted : HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components063A857434EDED11A893800002C0A966
***** [internet Browsers] *****
- Internet Explorer v10.0.9200.16635
[OK] Registry is clean.
- Mozilla Firefox v22.0 (en-US)
- Google Chrome v28.0.1500.95
*************************
AdwCleaner[s1].txt - [2578 octets] - [02/08/2013 16:17:00]
########## EOF - C:AdwCleaner[s1].txt - [2638 octets] ##########
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.3.0 (08.02.2013:1)
OS: Windows 7 Home Premium x86
Ran by user on Fri 08/02/2013 at 16:22:18.17
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
Successfully deleted: [File] "C:UsersuserappdatalocalGoogleChromeUser DataDefaultbprotectorpreferences"
~~~ Folders
Successfully deleted: [Folder] "C:Windowssystem32ai_recyclebin"
~~~ FireFox
Failed to delete: [File] "C:Program FilesMozilla Firefoxsearchpluginsbing.xml.old"
Successfully deleted: [File] C:UsersuserAppDataRoamingmozillafirefoxprofilesnm09g2f0.defaultsearchpluginsbing-zugo.xml
Successfully deleted: [Folder] C:UsersuserAppDataRoamingmozillafirefoxprofilesnm09g2f0.defaultextensionscrossriderapp5060@crossrider.com
Successfully deleted the following from C:UsersuserAppDataRoamingmozillafirefoxprofilesnm09g2f0.defaultprefs.js
user_pref("extensions.crossriderapp5060.adsOldValue", -1);
Successfully deleted the following from C:UsersuserAppDataRoamingmozillafirefoxprofilespn4snfid.default-1339735604840prefs.js
user_pref("extensions.crossriderapp5060.adsOldValue", -1);
Emptied folder: C:UsersuserAppDataRoamingmozillafirefoxprofilesnm09g2f0.defaultminidumps [5 files]
Emptied folder: C:UsersuserAppDataRoamingmozillafirefoxprofilespn4snfid.default-1339735604840minidumps [12 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 08/02/2013 at 16:24:05.53
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.3.0 (08.02.2013:1)
OS: Windows 7 Home Premium x86
Ran by user on Fri 08/02/2013 at 16:22:18.17
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
Successfully deleted: [File] "C:UsersuserappdatalocalGoogleChromeUser DataDefaultbprotectorpreferences"
~~~ Folders
Successfully deleted: [Folder] "C:Windowssystem32ai_recyclebin"
~~~ FireFox
Failed to delete: [File] "C:Program FilesMozilla Firefoxsearchpluginsbing.xml.old"
Successfully deleted: [File] C:UsersuserAppDataRoamingmozillafirefoxprofilesnm09g2f0.defaultsearchpluginsbing-zugo.xml
Successfully deleted: [Folder] C:UsersuserAppDataRoamingmozillafirefoxprofilesnm09g2f0.defaultextensionscrossriderapp5060@crossrider.com
Successfully deleted the following from C:UsersuserAppDataRoamingmozillafirefoxprofilesnm09g2f0.defaultprefs.js
user_pref("extensions.crossriderapp5060.adsOldValue", -1);
Successfully deleted the following from C:UsersuserAppDataRoamingmozillafirefoxprofilespn4snfid.default-1339735604840prefs.js
user_pref("extensions.crossriderapp5060.adsOldValue", -1);
Emptied folder: C:UsersuserAppDataRoamingmozillafirefoxprofilesnm09g2f0.defaultminidumps [5 files]
Emptied folder: C:UsersuserAppDataRoamingmozillafirefoxprofilespn4snfid.default-1339735604840minidumps [12 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 08/02/2013 at 16:24:05.53
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 10.0.9200.16635 BrowserJavaVersion: 10.25.2
Run by user at 16:27:49 on 2013-08-02
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.2815.1704 [GMT -7:00]
.
AV: Microsoft Security Essentials *Disabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Disabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}
.
============== Running Processes ================
.
C:Windowssystem32wininit.exe
C:Windowssystem32lsm.exe
C:Windowssystem32nvvsvc.exe
C:Program FilesNVIDIA Corporation3D VisionnvSCPAPISvr.exe
c:Program FilesMicrosoft Security ClientMsMpEng.exe
C:Program FilesNVIDIA CorporationDisplaynvxdsync.exe
C:Windowssystem32nvvsvc.exe
C:WindowsSystem32spoolsv.exe
C:Program FilesCommon FilesAdobeARM1.0armsvc.exe
C:Program FilesLSI SoftModemagrsmsvc.exe
C:Windowssystem32ANIWConnService.exe
C:Program FilesCommon FilesAppleMobile Device SupportAppleMobileDeviceService.exe
C:Program FilesBonjourmDNSResponder.exe
C:Program FilesNVIDIA CorporationNetworkAccessManagerbin32nSvcAppFlt.exe
C:Program FilesCommon FilesMotiveMcciCMService.exe
C:Program FilesNVIDIA CorporationNetworkAccessManagerbin32nSvcIp.exe
C:Windowssystem32WUDFHost.exe
C:Windowssystem32taskhost.exe
C:Windowssystem32Dwm.exe
C:Program FilesCommon FilesAdobeARM1.0AdobeARM.exe
C:Program FilesRealRealPlayerUpdaterealsched.exe
C:Program FilesMicrosoft Security Clientmsseces.exe
C:Program FilesANIANIWZCS2 ServiceWZCSLDR2.exe
C:Program FilesD-LinkDWA-140 revBAirNCFG.exe
C:Program FilesWindows Sidebarsidebar.exe
C:Windowssystem32NOTEPAD.EXE
C:Program FilesNVIDIA CorporationDisplaynvtray.exe
C:Windowssystem32SearchIndexer.exe
C:Program FilesWindows Media Playerwmpnetwk.exe
C:Windowsexplorer.exe
C:Windowssystem32notepad.exe
c:Program FilesMicrosoft Security ClientMpCmdRun.exe
C:Program FilesGoogleChromeApplicationchrome.exe
C:Program FilesGoogleChromeApplicationchrome.exe
C:Program FilesGoogleChromeApplicationchrome.exe
C:Program FilesGoogleChromeApplicationchrome.exe
C:Windowssystem32SearchProtocolHost.exe
C:Windowssystem32SearchFilterHost.exe
C:Program FilesGoogleChromeApplicationchrome.exe
C:Windowssystem32conhost.exe
C:Windowssystem32wbemwmiprvse.exe
C:Windowssystem32svchost.exe -k DcomLaunch
C:Windowssystem32svchost.exe -k RPCSS
C:WindowsSystem32svchost.exe -k LocalServiceNetworkRestricted
C:WindowsSystem32svchost.exe -k LocalSystemNetworkRestricted
C:Windowssystem32svchost.exe -k LocalService
C:Windowssystem32svchost.exe -k netsvcs
C:Windowssystem32svchost.exe -k NetworkService
C:Windowssystem32svchost.exe -k LocalServiceNoNetwork
C:Windowssystem32svchost.exe -k LocalServiceAndNoImpersonation
C:Windowssystem32svchost.exe -k imgsvc
C:WindowsSystem32svchost.exe -k LocalServicePeerNet
.
============== Pseudo HJT Report ===============
.
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:program filescommon filesadobeacrobatactivexAcroIEHelperShim.dll
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:program filesjavajre7binssv.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:program filesjavajre7binjp2ssv.dll
uRun: [sidebar] c:program fileswindows sidebarsidebar.exe /autoRun
uRun: [Facebook Update] "c:usersuserappdatalocalfacebookupdateFacebookUpdate.exe" /c /nocrashserver
mRun: [Adobe ARM] "c:program filescommon filesadobearm1.0AdobeARM.exe"
mRun: [QuickTime Task] "c:program filesquicktimeQTTask.exe" -atboottime
mRun: [NeroFilterCheck] c:program filescommon filesaheadlibNeroCheck.exe
mRun: [TkBellExe] "c:program filesrealrealplayerupdaterealsched.exe" -osboot
mRun: [MSC] "c:program filesmicrosoft security clientmsseces.exe" -hide -runkey
mRun: [ANIWZCS2Service] c:program filesanianiwzcs2 serviceWZCSLDR2.exe
mRun: [D-Link D-Link RangeBooster N DWA-140] c:program filesd-linkdwa-140 revbAirNCFG.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - c:progra~1micros~4office11EXCEL.EXE/3000
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
LSP: c:program filesnvidia corporationnetworkaccessmanagerbin32nvLsp.dll
TCP: NameServer = 192.168.1.254
TCP: Interfaces{02D5FD71-0423-4456-A10A-E06C98F3C7A9} : DHCPNameServer = 192.168.1.254
TCP: Interfaces{7BEB80D1-A2F0-4548-BE65-7AFF0EFCEE7B} : DHCPNameServer = 192.168.1.254
TCP: Interfaces{7BEB80D1-A2F0-4548-BE65-7AFF0EFCEE7B}2375942554831393 : DHCPNameServer = 192.168.1.254
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:program filesgooglechromeapplication28.0.1500.95installerchrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
================= FIREFOX ===================
.
FF - ProfilePath - c:usersuserappdataroamingmozillafirefoxprofilespn4snfid.default-1339735604840
FF - plugin: c:program filesadobereader 10.0readerairnppdf32.dll
FF - plugin: c:program filescommon filesmotivenpMotive.dll
FF - plugin: c:program filesgoogleupdate1.3.21.153npGoogleUpdate3.dll
FF - plugin: c:program filesjavajre7binplugin2npjp2.dll
FF - plugin: c:program filesmicrosoft silverlight5.1.20513.0npctrlui.dll
FF - plugin: c:program filesnvidia corporation3d visionnpnv3dv.dll
FF - plugin: c:program filesnvidia corporation3d visionnpnv3dvstreaming.dll
FF - plugin: c:programdatarealrealplayerbrowserrecordpluginmozillapluginsnprpchromebrowserrecordext.dll
FF - plugin: c:programdatarealrealplayerbrowserrecordpluginmozillapluginsnprphtml5videoshim.dll
FF - plugin: c:programdatazylomzylomgamesplayernpzylomgamesplayer.dll
FF - plugin: c:usersuserappdatalocalfacebookvideoskypenpFacebookVideoCalling.dll
FF - plugin: c:windowssystem32adobedirectornp32dsw_1200112.dll
FF - plugin: c:windowssystem32macromedflashNPSWF32_11_7_700_224.dll
FF - plugin: c:windowssystem32npDeployJava1.dll
FF - plugin: c:windowssystem32npmproxy.dll
FF - plugin: c:windowssystem32npOGPPlugin.dll
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;c:windowssystem32driversMpFilter.sys [2013-1-20 195296]
R1 anodlwf;ANOD Network Security Filter driver;c:windowssystem32driversanodlwf.sys [2012-8-21 12800]
R2 ANIWConnService;ANIWConn Service;c:windowssystem32ANIWConnService.exe [2012-8-21 151552]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:program filesnvidia corporation3d visionnvSCPAPISvr.exe [2013-1-18 383264]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:windowssystem32driversb57nd60x.sys [2009-7-13 229888]
S3 netr28u;D-Link dnetr28u USB Extensible Wireless LAN Card Driver;c:windowssystem32driversDnetr28u.sys [2012-8-21 750592]
S3 NisDrv;Microsoft Network Inspection System;c:windowssystem32driversNisDrvWFP.sys [2011-4-27 100328]
S3 NisSrv;Microsoft Network Inspection;c:program filesmicrosoft security clientNisSrv.exe [2013-1-27 295232]
S3 TsUsbFlt;TsUsbFlt;c:windowssystem32driversTsUsbFlt.sys [2011-8-28 52224]
S3 WatAdminSvc;Windows Activation Technologies Service;c:windowssystem32watWatAdminSvc.exe [2011-8-28 1343400]
.
=============== Created Last 30 ================
.
2013-08-02 23:22:13 -------- d-----w- c:windowsERUNT
2013-08-02 21:01:33 7143960 ----a-w- c:programdatamicrosoftmicrosoft antimalwaredefinition updates{baee8d34-9b5f-449c-ada3-c465e8744198}mpengine.dll
2013-07-31 21:43:24 7143960 ------w- c:programdatamicrosoftmicrosoft antimalwaredefinition updatesbackupmpengine.dll
2013-07-31 04:12:16 -------- d-sh--w- C:$RECYCLE.BIN
2013-07-31 03:58:35 98816 ----a-w- c:windowssed.exe
2013-07-31 03:58:35 256000 ----a-w- c:windowsPEV.exe
2013-07-31 03:58:35 208896 ----a-w- c:windowsMBR.exe
2013-07-16 23:52:33 698504 ------w- c:programdatamicrosoftmicrosoft antimalwaredefinition updates{ed6e8730-ee75-4150-9b4f-87bbd5e9f401}gapaengine.dll
2013-07-09 22:03:05 509440 ----a-w- c:windowssystem32qedit.dll
2013-07-09 22:03:04 1620480 ----a-w- c:windowssystem32WMVDECOD.DLL
2013-07-09 22:03:04 1247744 ----a-w- c:windowssystem32DWrite.dll
2013-07-09 22:03:01 2347520 ----a-w- c:windowssystem32win32k.sys
2013-07-09 22:02:59 680960 ----a-w- c:program fileswindows defenderMpSvc.dll
2013-07-09 22:02:59 392704 ----a-w- c:program fileswindows defenderMpClient.dll
2013-07-09 22:02:59 224768 ----a-w- c:program fileswindows defenderMpCommu.dll
2013-07-09 22:02:50 988672 ----a-w- c:program fileswindows journalJNTFiltr.dll
2013-07-09 22:02:50 969216 ----a-w- c:program fileswindows journalJNWDRV.dll
2013-07-09 22:02:50 936448 ----a-w- c:program filescommon filesmicrosoft sharedinkjournal.dll
2013-07-09 22:02:49 1221632 ----a-w- c:program fileswindows journalNBDoc.DLL
.
==================== Find3M ====================
.
2013-07-21 19:43:26 71048 ----a-w- c:windowssystem32FlashPlayerCPLApp.cpl
2013-07-21 19:43:26 692104 ----a-w- c:windowssystem32FlashPlayerApp.exe
2013-07-02 22:57:43 9728 ---ha-w- c:windowssystem32api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-06-18 21:45:24 94632 ----a-w- c:windowssystem32WindowsAccessBridge.dll
2013-06-18 21:45:14 867240 ----a-w- c:windowssystem32npDeployJava1.dll
2013-06-18 21:45:14 789416 ----a-w- c:windowssystem32deployJava1.dll
2013-06-11 23:43:37 1767936 ----a-w- c:windowssystem32wininet.dll
2013-06-11 23:43:00 2877440 ----a-w- c:windowssystem32jscript9.dll
2013-06-11 23:42:58 61440 ----a-w- c:windowssystem32iesetup.dll
2013-06-11 23:42:58 109056 ----a-w- c:windowssystem32iesysprep.dll
2013-06-11 22:51:45 71680 ----a-w- c:windowssystem32RegisterIEPKEYs.exe
2013-06-07 02:37:52 2706432 ----a-w- c:windowssystem32mshtml.tlb
2013-05-13 04:45:55 140288 ----a-w- c:windowssystem32cryptsvc.dll
2013-05-13 04:45:55 1160192 ----a-w- c:windowssystem32crypt32.dll
2013-05-13 04:45:55 103936 ----a-w- c:windowssystem32cryptnet.dll
2013-05-13 03:08:10 903168 ----a-w- c:windowssystem32certutil.exe
2013-05-13 03:08:06 43008 ----a-w- c:windowssystem32certenc.dll
2013-05-08 05:38:00 1293672 ----a-w- c:windowssystem32driverstcpip.sys
2013-05-06 05:06:47 3968872 ----a-w- c:windowssystem32ntkrnlpa.exe
2013-05-06 05:06:47 3913576 ----a-w- c:windowssystem32ntoskrnl.exe
.
============= FINISH: 16:28:35.47 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: DeviceHarddiskVolume1
Install Date: 8/28/2011 5:05:46 AM
System Uptime: 8/2/2013 4:18:31 PM (0 hours ago)
.
Motherboard: eMachines | | WMCP78M
Processor: AMD Athlon Processor LE-1640 | Socket AM2 | 2700/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 298 GiB total, 240.57 GiB free.
D: is CDROM (UDF)
F: is Removable
G: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP264: 7/20/2013 2:29:49 PM - Windows Update
RP265: 7/23/2013 2:47:37 PM - Windows Update
RP266: 7/26/2013 3:53:57 PM - Windows Update
RP267: 7/30/2013 12:53:02 PM - Windows Update
RP268: 8/2/2013 2:00:37 PM - Windows Update
.
==== Installed Programs ======================
.
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.1)
Adobe Shockwave Player 12.0
ANIWZCS2 Service
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ASIO4ALL
Bandicam
Bandisoft MPEG-1 Decoder
Bonjour
CCleaner
Compatibility Pack for the 2007 Office system
D-Link RangeBooster N DWA-140
Facebook Video Calling 1.2.0.287
Façade
GIMP 2.8.2
Google Chrome
Google Update Helper
Java 7 Update 25
Java Auto Updater
JavaFX 2.1.1
K-Lite Codec Pack 7.6.0 (Full)
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft Office File Validation Add-In
Microsoft Office Professional Edition 2003
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Mozilla Firefox 22.0 (x86 en-US)
Mozilla Maintenance Service
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nero 7 Essentials
neroxml
NVIDIA 3D Vision Driver 311.06
NVIDIA Control Panel 311.06
NVIDIA Drivers
NVIDIA ForceWare Network Access Manager
NVIDIA Graphics Driver 311.06
NVIDIA Install Application
NVIDIA Stereoscopic 3D Driver
NVIDIA Update 1.11.3
NVIDIA Update Components
OGPlanet Game Launcher
Project64 1.6
QuickTime
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
RealUpgrade 1.1
Rumble Fighter
swMSM
Synthesia (remove only)
VLC media player 1.1.11
Web Games Player Plugin
Windows Media Player Firefox Plugin
WinRAR 4.01 (32-bit)
.
==== End Of File ===========================
i wasn't sure whether to include the attach.txt so i just posted it anyways

Share this post


Link to post
Share on other sites

Working fine other than the usual browser freeze up for a few secs. I think it's due to the fact that my CPU is pretty outdated. It's still single-core. Well anyways after skimming through the logs I did identify some unwanted files that I thought I got rid of through scans I ran a long time ago. I haven't run into any suspicious programs though which is good.

Share this post


Link to post
Share on other sites

Some of the files and registry keys that the adwcleaner got rid of like pricegong and yontoo. Either way I feel as though my computer is cleaner and more secure after everything. I haven't run into that redirecting virus either.

Share this post


Link to post
Share on other sites

Very well. You're good to go. :)

 

Follow these steps to uninstall Combofix

[*]Click START then RUN

[*]Now copy/paste the code into the runbox and click OK. Note the space between the ..X and the /U, it needs to be there.

Combofix /Uninstall
Posted Image

 

===================================================

 

Thank you for your patience, and performing all of the procedures requested. I would also like to take this opportunity to apologize for any delay that may have occurred.

 

--------------------------------------------------------------------------------------------------------------

 

MICROSOFT UPDATES

It is very important that you get all of the critical updates for your Operating System and Internet Explorer. Keeping your OS and browser up to date will help make you less susceptible to attacks by Trojans and viruses. Please go to Microsoft and download all the critical updates to help prevent possible re-infection.

 

 

Passwords

It is good security practice to change your passwords to all your online accounts on a fairly regular basis, this is especially true after an infection. Refer to this Microsoft article

Strong passwords: How to create and use them and consider a password keeper, to keep all your passwords safe.

 

 

SPYWARE PREVENTION

This is a good time to set up protection against further attacks. In light of your recent problem, I'm sure you'd like to avoid any future infections. Please read these well written articles:

[*]

[*]How Did I Get Infected In The First Place? by TonyKlein

[*]How to Prevent Malware by miekiemoes

[*]PC Safety and Security--What Do I Need?

To help protect your computer in the future I recommend that you get the following free programs if you do not already have them:

[*]WOT, Web of Trust, warns you about risky websites that try to scam visitors, deliver malware or send spam. Protect your computer against online threats by using WOT as your front-line layer of protection when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous sites:

[*]Green to go

[*]Yellow for caution

[*]Red to stop

WOT has an add-on available for both Firefox and IE.

[*]SpywareBlaster prevents the installation of ActiveX-based malware, blocks cookies, and restricts the actions of "bad" sites. See tutorial here

[*]MVPS HOSTS FILE replaces your current HOSTS file with one that will restrict known ad sites from serving you unsolicited advertisements. It basically prevents your computer from connecting to those sites by redirecting the attempted connections to 127.0.0.1, which is the IP of your local computer. See guide here and for Windows Vista here

[*]Download Host.zip and Save it to your Desktop.

[*]Right-click hosts.zip and select 'Extract all files' or 'Extract files...'.

[*]Follow the prompts and click 'Finish'.

[*]This will open the newly created hosts folder on your Desktop.

[*]Double-click on the included mvps.bat file, this will rename the existing HOSTS file to HOSTS.MVP, then it will copy the included updated HOSTS file to the correct location on your machine.

[*]Once updated you should see another prompt that the task was completed.

Follow this list and keep your antivirus program and antispyware programs updated and scan with them on a regular basis. By doing so, your potential for being infected again will reduce dramatically.

 

Hopefully this should take care of your problems! Good luck.

 

Do you have any questions or problems to ask? Please do not hesitate to do so.

 

**Please respond this one more time to ensure it is resolved and close this topic.

Share this post


Link to post
Share on other sites

Thank you for all your help and I apologize on my behalf for the long response times. Is it fine to get rid of the other downloaded programs as well?

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this  

×
×
  • Create New...